[RESOLVED] Can't reestablish internet connection.

[jmtjet]

My sons emachine W6409 lost internet connectivity about a week ago. So far I have ran: Malwarebytes and vundofix. I've also tried the commands to reestablish the connection: ipconfig/release, ipconfig/renew without success. On ipconfig/renew I get the error: "The RPC server is unavailable". It's difficult to work on this machine without a internet connection. The Malwarebytes scan ID'ed and removed the following: Trojan.BHO (5), Trojan.vundo (2), Trojan.agent (2) and 1 trojan.dropper. Also an rogue AV program: A360, (8). Any help will appreciated. Thanks.

PS: The operating system is Windows XP SP3.

[Broni]

If some infection is still there you won't have much luck with fixing internet connection.

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   
   NOTE1. If Combofix asks you to install Recovery Console, please allow it.
   NOTE 2. If Combofix asks you to update the program, always do so.
   
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

[jmtjet]

Thanks for the reply Broni. It might be tomorrow before I can run combo fix. Right now I'm backing up all of the data on the machine. Earlier this evening I ran the system file checker, but I'm not sure how successful that was. I'm not sure if it finished or not. I have the emachine systems recovery disk with XP on it, but SFC didn't seem to like it. I'll post back tomorrow(got a busy day ahead)and let you know how I make out.

[Broni]

No problem

[jmtjet]

Combofix log:
ComboFix 10-03-17.07 - Owner 03/18/2010 12:58:49.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.30 [GMT -4:00]
Running from: c:\documents and settings\Owner.thornton\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning enabled* (Outdated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\System\Uninstall
c:\recycler\S-1-5-21-2483262321-1994992089-3978154719-500
c:\windows\system32\Thumbs.db
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-02-18 to 2010-03-18 )))))))))))))))))))))))))))))))
.

2010-03-18 01:21 . 2008-04-14 00:12 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-03-18 01:21 . 2001-08-18 02:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-03-18 01:21 . 2008-04-14 00:12 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-03-18 01:21 . 2001-08-18 02:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-03-18 01:21 . 2001-08-18 02:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-03-18 01:21 . 2001-08-18 02:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-03-18 01:21 . 2001-08-17 16:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-03-18 01:21 . 2004-08-04 03:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-03-18 01:21 . 2004-08-04 03:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-03-18 01:21 . 2008-04-14 00:12 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-03-18 01:21 . 2008-04-14 12:00 221184 -c--a-w- c:\windows\system32\dllcache\wmpns.dll
2010-03-18 01:19 . 2001-08-17 17:28 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys
2010-03-18 01:18 . 2001-08-18 02:36 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2010-03-18 01:17 . 2001-08-18 02:36 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2010-03-18 01:16 . 2001-08-18 02:36 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2010-03-18 01:15 . 2001-08-17 17:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2010-03-18 01:14 . 2001-08-17 16:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2010-03-18 01:13 . 2001-08-17 17:51 16640 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2010-03-18 01:12 . 2001-08-17 16:12 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys
2010-03-18 01:11 . 2001-08-18 02:36 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2010-03-18 01:10 . 2001-08-17 16:12 30495 -c--a-w- c:\windows\system32\dllcache\pc100nds.sys
2010-03-18 01:09 . 2001-08-18 02:36 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-03-18 01:08 . 2001-08-17 16:11 128000 -c--a-w- c:\windows\system32\dllcache\n100325.sys
2010-03-18 01:07 . 2001-08-17 17:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2010-03-18 01:06 . 2001-08-17 16:11 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2010-03-18 01:05 . 2001-08-17 17:50 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys
2010-03-18 01:04 . 2004-08-10 19:00 10129408 -c--a-w- c:\windows\system32\dllcache\hwxkor.dll
2010-03-18 01:03 . 2001-08-18 02:36 48128 -c--a-w- c:\windows\system32\dllcache\hpgt33tk.dll
2010-03-18 01:02 . 2001-08-17 16:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2010-03-18 01:01 . 2001-08-17 16:10 19996 -c--a-w- c:\windows\system32\dllcache\em556n4.sys
2010-03-18 01:00 . 2001-08-18 02:36 102484 -c--a-w- c:\windows\system32\dllcache\digiinf.dll
2010-03-18 00:59 . 2001-08-18 02:36 44032 -c--a-w- c:\windows\system32\dllcache\cnusd.dll
2010-03-18 00:58 . 2001-08-18 02:36 32256 -c--a-w- c:\windows\system32\dllcache\brmfrsmg.exe
2010-03-18 00:57 . 2008-04-14 12:00 10240 -c--a-w- c:\windows\system32\dllcache\npwmsdrm.dll
2010-03-18 00:57 . 2008-04-14 12:00 364544 -c--a-w- c:\windows\system32\dllcache\npdsplay.dll
2010-03-18 00:57 . 2008-04-14 12:00 4639 -c--a-w- c:\windows\system32\dllcache\mplayer2.exe
2010-03-18 00:38 . 2010-03-18 00:42 -------- d-----w- C:\I386
2010-03-18 00:24 . 2004-08-10 19:00 7168 -c--a-w- c:\windows\system32\dllcache\wamregps.dll
2010-03-18 00:23 . 2001-08-17 18:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-03-18 00:23 . 2004-08-10 19:00 7680 -c--a-w- c:\windows\system32\dllcache\inetmgr.exe
2010-03-18 00:23 . 2004-08-10 19:00 19968 -c--a-w- c:\windows\system32\dllcache\inetsloc.dll
2010-03-18 00:23 . 2004-08-10 19:00 169984 -c--a-w- c:\windows\system32\dllcache\iisui.dll
2010-03-18 00:23 . 2004-08-10 19:00 5632 -c--a-w- c:\windows\system32\dllcache\iisrstap.dll
2010-03-18 00:23 . 2004-08-10 19:00 14336 -c--a-w- c:\windows\system32\dllcache\iisreset.exe
2010-03-18 00:23 . 2004-08-10 19:00 6144 -c--a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2010-03-18 00:05 . 2010-03-18 01:32 -------- d-----w- c:\documents and settings\Owner.thornton\Application Data\U3
2010-03-17 01:14 . 2010-03-17 01:14 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-03-17 00:39 . 2010-03-17 00:39 -------- d-----w- C:\VundoFix Backups
2010-03-16 21:08 . 2010-03-16 21:08 -------- d-----w- c:\documents and settings\Owner.thornton\Application Data\Malwarebytes
2010-03-16 21:08 . 2010-01-07 20:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-16 21:08 . 2010-03-16 21:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-16 21:08 . 2010-03-16 21:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-03-16 21:08 . 2010-01-07 20:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-13 16:29 . 2002-04-12 01:21 13335 ----a-w- c:\windows\system32\drivers\usbcm.sys
2010-03-13 00:57 . 2010-03-13 00:57 -------- d-----w- C:\$AVG8.VAULT$
2010-02-27 23:53 . 2010-03-10 23:51 -------- d-----w- c:\documents and settings\Owner.thornton\Application Data\DriverFinder
2010-02-25 11:53 . 2010-02-25 11:53 -------- d-----w- c:\program files\CONEXANT
2010-02-24 18:51 . 2001-08-18 03:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-24 18:51 . 2008-04-14 01:12 159232 ----a-w- c:\windows\system32\ptpusd.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-17 00:01 . 2009-07-04 18:01 -------- d-----w- c:\documents and settings\Owner.thornton\Application Data\Save
2010-03-13 16:29 . 2008-10-26 01:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-13 12:08 . 2008-10-26 01:08 -------- d-----w- c:\program files\Google
2010-03-10 23:37 . 2008-10-26 02:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-07 21:39 . 2010-02-06 20:05 0 ----a-w- c:\documents and settings\Owner.thornton\Local Settings\Application Data\prvlcl.dat
2010-02-24 13:48 . 2009-12-30 15:55 -------- d-----w- c:\program files\LeapFrog
2010-02-04 13:44 . 2008-10-26 14:26 -------- d-----w- c:\program files\AVG
2010-02-04 13:34 . 2008-11-18 21:54 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-04 13:13 . 2010-01-03 14:34 -------- d-----w- c:\documents and settings\Owner.thornton\Application Data\Paltalk
2010-02-03 00:29 . 2010-02-03 00:29 4096 ----a-w- c:\windows\d3dx.dat
2010-02-03 00:28 . 2010-02-03 00:28 1245321 ----a-w- c:\documents and settings\All Users\Application Data\NeoEdge Networks\Yahoo_MahjongTalesAncientW\IAF.dll
2010-02-03 00:28 . 2010-02-03 00:28 -------- d-----w- c:\documents and settings\All Users\Application Data\NeoEdge Networks
2010-01-25 13:28 . 2010-02-04 13:35 3777816 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe
2010-01-05 10:00 . 2006-06-17 09:23 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2009-04-07 14:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2008-10-26 00:14 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2006-06-17 09:23 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 15:55 . 2009-12-30 15:55 28696928 ----a-w- c:\documents and settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Updates\UPCInstaller.exe
2009-12-30 15:55 . 2009-12-30 15:55 6969680 ----a-w- c:\documents and settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Updates\TagJuniorPlugin.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 16143872]
"CHotkey"="zHotkey.exe" [2004-12-09 550912]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-10-26 98304]
"lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2008-03-27 660136]
"EzPrint"="c:\program files\Lexmark 2600 Series\ezprint.exe" [2008-03-27 107176]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Install Pending Files.LNK - c:\program files\SIFXINST\SIFXINST.EXE [2008-10-25 729088]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Owner.thornton^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Owner.thornton\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
2009-07-09 20:07 49968 ----a-w- c:\program files\AIM6\aim6.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-03-18 22:50 4363504 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\lxdncoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdntime.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnmon.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnjswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnwbgw.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnlscn.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\Diagnostics\\LXDNdiag.exe"=
"c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service

R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [9/17/2009 12:38 PM 24652]
S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdnserv.exe [2/27/2008 7:07 PM 98984]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [12/30/2009 11:58 AM 18560]
.
Contents of the 'Scheduled Tasks' folder

2010-03-08 c:\windows\Tasks\Disk Cleanup.job
- c:\windows\system32\cleanmgr.exe [2008-10-26 00:12]

2010-03-18 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 22:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://my.yahoo.com/linksys
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://my.yahoo.com/linksys
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Owner.thornton\Application Data\Mozilla\Firefox\Profiles\jpmfokis.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=VI3TDF&PC=VI3TDF&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p=
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-FBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{37287EF6-C37F-4D7E-A2F2-C767B3A78155} - c:\windows\system32\win2078.dll
WebBrowser-{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file)
WebBrowser-{37287EF6-C37F-4D7E-A2F2-C767B3A78155} - c:\windows\system32\win2078.dll
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Save - c:\program files\Save\SaveUninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-18 13:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(524)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-03-18 13:09:21
ComboFix-quarantined-files.txt 2010-03-18 17:09

Pre-Run: 131,258,118,144 bytes free
Post-Run: 131,479,597,056 bytes free

- - End Of File - - F2605E9578404D3EA885199705E4545B
Thanks again.

[Broni]

Still no internet?

[jmtjet]

Nope, no internet. I think I'll just go ahead and reinstall Windows XP from the emachine systems disk. Thanks.

[Broni]

Try these steps....

Turn off computer. Disconnect router, and modem from power source for 30 seconds. At the same time disconnect signal cable as well.
Power them back on.
Restart computer.

If that doesn't work, bypass router, and connect computer straight to the modem.

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew

Restart computer.

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.

Restart computer.


If that doesn't work...
Download, install, and run WinSockFix: http://www.softpedia.com/get/Tweak/N...nSockFix.shtml (doesn't work in Vista)
Restart computer, and check again.

If that doesn't work...
Download Dial-A-Fix (DAF) (doesn't work in Vista):
http://wiki.lunarsoft.net/wiki/Dial-...C_and_articles

Have XP CD available in case DAF needs a file. Likely not!

Check all boxes on the screen (clear any restrictions if it shows any)
Then click GO!

When the entire page is finished click the HammerHead at bottom to go to the second DAF page.

Here, one at a time, do the below:

Reinstall BITS
Reinstall Windows Firewall
Repair Permissions
Reset networking

Watch for any File not found or other errors and make note as this may lead to the fix!

Restart computer.

[jmtjet]

Thanks Broni, but I read your last post to late. I've already re-installed Windows XP. Now I'm looking for a way to get rid of the trial version of McAfee. Add/remove programs doesn't work, says it's running, but I can't find a way to shut it down. Any ideas on that?

[Train]

How to uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)
http://service.mcafee.com/FAQDocument.aspx?id=TS100507

[jmtjet]

Thanks Train, that worked like a charm.

[Train]

[jmtjet]

Update: I now know what caused the loss of the internet connection. It was a bad update from TimeWarner Roadrunner. My son discovered the problem by accident. A box came on his screen about an update to his TW roadrunner modem. He clicked the box and allow the update to run. After the update finished-no internet connection. He used system restore to roll back to yesterday and now all is well. I advised him to call Roadrunner support and report the problem. The update had to be corrupt, because when I had his computer here working on it I had it hooked up to my DSL and I had no internet connection.

[Broni]

Good news