Twaintec (super adware) wont die!!!

[pf1111]

hey guys, my comp has recentely become infested with sum adware called twaintec that was let in by a trojan. I have followed several suggestions that i have found on google with lil result. Ive used a couple of adware removals like ad-aware, which finds some of the files and deletes them, but they regenerate. Ive gone into the registry and deleted the folders and keys i know are accosiated with the program as well as rebooting in safe mode to remove the program's files twaintec.dll a set .cab files and the preinstall file, but after a while it regenerates, there are more files elswhere, ( i deleted the ones in the temp folder as well) Please tell me someone has beaten this thing!!! Dont wanna reformat the drive. thanks

 

[Fencer128]

Hi,

Can I just check that you've tried the latest version of Ad-aware SE v1.03 with the latest reference file (the program was majorly updated last week see).

Good luck,

Andy

 

[mechBgon]

Try your counterattacks again in Safe Mode. If you have a hardware firewall (a router), then start in Safe Mode With Networking and try the online Panda scanner here (the link is down the page a little), in addition to your anti-spyware scans and whatever antivirus software you already have. After the scan, reboot into Safe Mode or Safe Mode W/Networking again and scan again to see if it worked. Definitely disable System Restore.

On the Resources page I linked to above, there are some other security items you should look into, including

1) strong passwords on all your Admin-class user accounts

2) disabling System Restore so viruses and junk cannot be hidden there. Definitely do this since you're trying to get rid of .DLL files.

3) patching your system at Windows Update and enabling Automatic Updates so it stays up-to-date in the future

4) enabling Windows' firewall (assuming you have Windows XP) and/or installing another software firewall such as ZoneAlarm free version. ZoneAlarm asks questions about stuff trying to make a connection from "inside", so it could give useful clues about what's going on.

5) if you don't have one, get a hardware firewall (router), they're not expensive ($40-50).

6) get rid of P2P programs, they're a big-time vector for this junk

7) and of course, get some antivirus software and configure it to keep itself up-to-date and use all its options like heuristics and scanning within compressed files. Set it up to act autonomously (no asking you what to do before it takes action) if that's an option.


If it gives you too much of a fight, consider just dropping the Format C: bomb on it and reinstall Windows, and this time around, get your defenses up BEFORE you plug in your network cable to the computer, so you don't get nailed before you've got the holes plugged. If you have WinXP, and have the bandwidth to do it, I suggest downloading the full Service Pack 2 installer from here and burning it to CD so you can patch before connecting.

 

[dclive]

Originally posted by: mechBgon
2) disabling System Restore so viruses and junk cannot be hidden there. Definitely do this since you're trying to get rid of .DLL files.

I'd suggest only doing this if you experience a problem, and after you've fixed the problem, turn SR back on.