TechSpot

Ad-aware : removing a certain spyware messes up the internet connection...

By Didou
Feb 26, 2003
Topic Status:
Not open for further replies.
  1. OK, here goes.

    After installing ad-aware 6 & updating the reference file, I launched a standard scan & it found about 40 spywares objects.

    I simply selected all of them & quarantined/deleted them. After rebooting, the PC was completely unable to connect to the net.

    The PC has WinXP ( no Service Pack installed ) & the connection is via a cable modem, connected to the network card. I looked in the Event Logs & it seems the DHCP client is unable to start.

    I simply went back to Ad-aware, restored the last quarantined files & rebooted. The connection worked fine.:confused:

    Any suggedtions ?
  2. Phantasm66

    Phantasm66 TS Rookie Posts: 6,504   +6

    Oh, that's nasty! I don't like that one bit!

    I especially don't like you finding 40 spywares on your machine. That really is a lot. Usually I only find 1 or 2.

    This may sound a bit mental, but you might be well quaranting each spyware one at a time, and then testing. That would isolate the problem.

    The DHCP client service seems to have no dependencies, so maybe it itself is being replaced with a spyware infected version. I've never heard of this, and its nasty if its true.

    I have, however, found something that may shed a little light on the situation....

    The Winsock 2 file can be found here.

    I found this information from here - http://sitebilder.com/hosting/privacy/webscum.php

    ANYONE USING AD-AWARE TO REMOVE SPYWARE SHOULD READ THIS PAGE. IT CONTAINS SOME IMPORTANT INFO. RUNNING AD-AWARE CAN CRIPPLE YOUR SYSTEM.

    As always, I recommend that people make regular backups of their system partitions with software such as Norton Ghost or Powerquest Drive Image.
  3. Didou

    Didou Bowtie extraordinair! Topic Starter Posts: 5,899

    Oh Lord no !!!!!

    Me with 40 spyware on my machine ??? Heck no.;)

    It's on a friend's PC ( I don't use XP & if I did, I'd prolly install the SP1 :) ).

    Plus I don't have a net connection so I'd prolly be a masochist freak to have that much spyware installed.:D

    Thanks for the tip, I'm gonna try to quarantine the spyware files & immedialty reinstall the Winsock.

    I thought it might be such a problem because UD is installed on this machine & at every boot it kept giving a message that it couldn't use the network services & that it was prolly due to a winsock error.

    I'll post my findings as soon as I can.

    Thx again man.
  4. StormBringer

    StormBringer TS Rookie Posts: 2,871

  5. poertner_1274

    poertner_1274 secroF laicepS topShceT Posts: 4,745

    Man that is some crazy stuff. I didn't think AAW uninstalled some important informatoin such as WinSock.....even though it was infected with spyware. You figure if it found something that was important or system related it would red flag it for further looking into.
  6. Nodsu

    Nodsu TS Rookie Posts: 9,431

    You should only remove the stuff adaware marks as red, everything else is pretty paranoid.

    I broke my internet connection when adaware was kind enough to offer removing .net framework..
  7. poertner_1274

    poertner_1274 secroF laicepS topShceT Posts: 4,745

    Wow I just htought of this, but that might be why my IE donsn't work anymore while opening new windows that use javascript.........and I don't have the quarantined files anymore. CRAP!!!!
  8. iss

    iss TechSpot Chancellor Posts: 2,896

    Hehe I can see the next version of adaware now.

    "Adaware has detected the following spyware on your system"

    C:/Windows

    Would you like to remove this file?

    :eek:
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.