Not that I really learned anything, but I have spent the last week trying to fix my wife's computer cause she had gotten some nasty viruses at some point and I finally decided to clean it up. Being too lazy to clean up enough space on other computers to copy over all the pictures and stuff that are on there I decided not to reimage it. With the help of some great posts over at MajorGeeks.com I used my laptop to download about 10 or so different tools to scan, clean, and delete my way to an XP that I am not afraid to plug into my network and one that isn't spamming the world and having my ISP lock my connection down (it happened, no joke). Btw, Symantec, at least the version I had, never did a damn thing from what I could tell. Piece of bloated crap, IMO.
So the cleaning posts were easy enough to get through, system's clean, booting and running much faster but network doesn't look so hot. Device manager shows NIC driver corrupt or not installed properly and that's where my fun really began. After hours of searching and goofing with stuff I get the network card recognized and it seemed to have very little to do with the actually NIC drivers, thanks Device Manager messages. I can't even recall what actually got it satisfied cause I tried so many different things. But network still not working ... lovely.
AFD: You can find nearly anything you want on the internet. It's really amazing at how much information is out there, it might take a while to find it but there is normally someone, somewhere, that has posted about what you need or something similar. Not so much (that I could find) with freakin' AFD. AFD is a non-plug and play device that shows up on Device Manager when you tell it to show hidden. No wait, that's true, but it seems it's actually a XP Service. Oh wait, it is and starts that way but it's not actually on the Services list ... But pretty much every networking service has it as a dependency. DON'T uninstall the AFD device thinking there will be a way to re-install it. Also, make sure you have System Restore on :-).
So my AFD is failing to start cause something along the lines of "path not found." Google search it and find many many dead ends and a few very helpful posts. If I were a good blogger I'd have some links but guess what, I don't.
So I was stuck at a point with a machine that said the network was connected but didn't work. Ipconfig returned basically nothing. Connection details didn't really show any errors but everything was blank from the IP to the DNS. Device Manager was only complaining about AFD being corrupt or not properly installed. My System events were showing that the AFD service was failing to start and thus most network stuff was too.
Post is getting way too long so let me lessen my windedness. There is no way (once again that I could find) to reinstall AFD and basically no help or information on it from MS. I found several places that people were having similar issues but they most always ended in dead threads with no success posted. Here's what I'd recommend for anyone that might find this:
This got me to a point where I was getting an IP but no DNS or working connection:
For these commands, Start, Run, CMD to open a command prompt.
Make sure you have afd.sys in your C:\Windows\System32\Drivers folder and msafd.dll in System32. Copy them from a good XP machine (with a thumb drive) or they might work from \i386 or Windows\ServicePackFiles\i386.
Reset WINSOCK entries to installation defaults: netsh winsock reset catalog
Reset TCP/IP stack to installation defaults. netsh int ip reset reset.log
Reboot the machine.
Then I took my laptop with XP on it and searched through the registry for AFD and make the bad computer's registry match. The important keys are: HKLM\SYSTEM\CurrentControlSet\Enum\Root\Legacy_AFD
HKLM\SYSTEM\CurrentControlSet\Services\AFD
Mine was complaining about a registry path not being found. Something was pointing at a GUID\0000 instead of 0001. Another idea is to download Process Monitor. Run it, turn capture off, clear list. Open a Dos prompt and type in sc start afd but don't run it yet. Click start capture on Process Monitor, the switch over and hit enter in your dos prompt. Once AFD fails stop capture. Process Monitor will track an overwhelming amount of stuff but start sifting through there to see what is failing. That is how I finally saw AFD looking for something in the registry that wasn't there.
Wow, I suck at blogging so there is a wall of text to try to help someone that might come across what I did, but I hope no one else ever does. That last paragraph could seemingly work for troubleshooting other service start failures.
