PDA

View Full Version : Daurso trojan: everything google affected



lizhol
2010-06-08, 03:57
Hi,

Several days ago AVG/Windows notified me that I had win32/Daurso.A trojan, and that the threat was "severe". Apparently this tries to go in and get ftp info and I don't entirely understand the effect that should/could have on my system.

I went into safe mode and ran Spybot, Malware Bytes, and AVG full scans, which took hours. A trojan was found by Spybot, but it had a different name. It was hiding in Adobe Illustrator. I quarantined and deleted it. Things seemed to be working fine in regular mode and I ran several subsequent scans with various software, coming up with no problems. I also cleaned my registry with Easy Cleaner.

Then I began having problems doing my online work. I could get online but every time I pulled up google or gmail things got weird. I work for Leapforce and sign into a google subpage (www.google.com/x/x/x) and have to be signed into my gmail account to work. I also am required to use firefox with a specific toolbar that keeps track of my hours and the projects I do. Well, the Leapforce people cannot tell anymore when I am signed in to my toolbar and when I get projects for work, I cannot submit them. I am helpless and cannot work, thus cannot make a living right now. This disconnect from my work is all related to google and happened in direct correlation with acquiring Daurso.

I reinstalled Firefox and my toolbar. I also have been getting the error box "The application failed to initialize properly (0xc0000022)." It asks me to click OK to terminate the application. I am running Windows XP. In accordance with my research on this error I went into safe mode and via command prompts, went in and allowed all users access to all .dll files. This has not helped. I still cannot work and am having to use bing or other search engines, as google use causes my computer to slow, act as if it is not online, etc., and I am avoiding it. I will either redo my machine, which would be a pain because of some hefty programs I don't want to lose, and a great deal of data I'd have to back up, but if it is possible to fix some basic problems and have a working computer again, I would be thrilled!

Thanks to anyone who has advice. It will be greatly appreciated.

Blade81
2010-06-13, 17:53
Hi,

Download DDS and save it to your desktop from here (http://download.bleepingcomputer.com/sUBs/dds.com) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.


---

Download GMER (http://www.gmer.net) here by clicking download exe -button and then saving it your desktop:
Double-click .exe that you downloaded
Click rootkit-tab, uncheck files option and then click scan.
Don't check
Show All
box while scanning in progress!
When scanning is ready, click Copy.
This copies log to clipboard
Post log (if the log is long, archive it into a zip file and attach instead of posting) in your reply.