OK, here goes.

After installing ad-aware 6 & updating the reference file, I launched a standard scan & it found about 40 spywares objects.

I simply selected all of them & quarantined/deleted them. After rebooting, the PC was completely unable to connect to the net.

The PC has WinXP ( no Service Pack installed ) & the connection is via a cable modem, connected to the network card. I looked in the Event Logs & it seems the DHCP client is unable to start.

I simply went back to Ad-aware, restored the last quarantined files & rebooted. The connection worked fine.

Any suggedtions ?

Oh, that's nasty! I don't like that one bit!

I especially don't like you finding 40 spywares on your machine. That really is a lot. Usually I only find 1 or 2.

This may sound a bit mental, but you might be well quaranting each spyware one at a time, and then testing. That would isolate the problem.

The DHCP client service seems to have no dependencies, so maybe it itself is being replaced with a spyware infected version. I've never heard of this, and its nasty if its true.

I have, however, found something that may shed a little light on the situation....

The Winsock 2 file can be found here.

I found this information from here - http://sitebilder.com/hosting/privacy/webscum.php

ANYONE USING AD-AWARE TO REMOVE SPYWARE SHOULD READ THIS PAGE. IT CONTAINS SOME IMPORTANT INFO. RUNNING AD-AWARE CAN CRIPPLE YOUR SYSTEM.

As always, I recommend that people make regular backups of their system partitions with software such as Norton Ghost or Powerquest Drive Image.

Oh Lord no !!!!!

Me with 40 spyware on my machine ??? Heck no.

It's on a friend's PC ( I don't use XP & if I did, I'd prolly install the SP1 ).

Plus I don't have a net connection so I'd prolly be a masochist freak to have that much spyware installed.

Thanks for the tip, I'm gonna try to quarantine the spyware files & immedialty reinstall the Winsock.

I thought it might be such a problem because UD is installed on this machine & at every boot it kept giving a message that it couldn't use the network services & that it was prolly due to a winsock error.

I'll post my findings as soon as I can.

Thx again man.

Check this thread http://www.techspot.com/vb/showthread.php?s=&threadid=4393

You should only remove the stuff adaware marks as red, everything else is pretty paranoid.

I broke my internet connection when adaware was kind enough to offer removing .net framework..

Hehe I can see the next version of adaware now.

"Adaware has detected the following spyware on your system"

C:/Windows

Would you like to remove this file?