Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: trojan downloader:win32/cutwail.ba HELP!

01 Jul 2010   #1
CorneliusM

windows 7 Home Premium 64 Bit
 
 
trojan downloader:win32/cutwail.ba HELP!

Microsoft Security Essentials discovered this trojan virus today and three times it said I needed to restart to clean computer yet, it never leaves and is caught again on returning to Desktop.
I've looked this up on Microsoft KB and that document says to keep MSSE up to date however, the problem is, I cannot update from MSSE nor the site itself.
In fact, any links to sites which show promise of removing it- I click on and I'm told I have no internet connection, though I do have a connection and Google Chrome just says there's an error going to the site, I've tried downloading a couple of antivruses and they fail to download or update to start their scans.

I really don't know what the hell I can do apart from reinstall windows though I'm worried about doing that now as my Windows Activation reset to the "30 days to activate" (my copy of Windows 7 Ultimate is genuine and activated at Christmas) so I'm concerned I might reinstall Windows 7 and my key becoming invalid.
I hope there is some way of removing this trojan downloader:win32/cutwail.ba so I can get my computer back, I removed the files it left in system32 folder and my user folder but as for the registry files the KB says it left, there's nothing there. The advice then says don't try to remove anything but, use Microsoft Security Essentials or any antivirus to do it.

If anyone knows how to deal with this problem, I would really appreciate the help!
Thank you!


My System SpecsSystem Spec
.
01 Jul 2010   #2
NoN

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
 
 

Did you used the full scan option in MSE?

I can try to put the MS Kb890830 removal tool in a zip files...But you might have the same probs downloading? Which OS have you, x32 or x64?
My System SpecsSystem Spec
01 Jul 2010   #3
CorneliusM

windows 7 Home Premium 64 Bit
 
 

Quote   Quote: Originally Posted by NoN View Post
Did you used the full scan option in MSE?

I can try to put the MS Kb890830 removal tool in a zip files...But you might have the same probs downloading?
Hi, yes i ran a full scan with MSE though nothing has been discovered this time.

I'll give it a try, I think the virus is simply blocking me from visiting well known sites that can help me. Cheers man!
My System SpecsSystem Spec
.

01 Jul 2010   #4
theog

Microsoft Community Contributor Award Recipient

ME/XP/Vista/Win7
 
 

Delete the pirated software that you downloaded, as the virus is in side the download.

Than run MSE full scan.
My System SpecsSystem Spec
01 Jul 2010   #5
NoN

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
 
 

Quote   Quote: Originally Posted by CorneliusM View Post
Quote   Quote: Originally Posted by NoN View Post
Did you used the full scan option in MSE?

I can try to put the MS Kb890830 removal tool in a zip files...But you might have the same probs downloading?
Hi, yes i ran a full scan with MSE though nothing has been discovered this time.

I'll give it a try, I think the virus is simply blocking me from visiting well known sites that can help me. Cheers man!
I'm not allowed to upload more than 8,0Mb...

so try those links:
x64:Download details: Windows Malicious Software Removal Tool x64
x32:Download details: Windows Malicious Software Removal Tool

Run the tool for a full scan, the trojan is listed in the tool (see screenshot):


Attached Thumbnails
trojan downloader:win32/cutwail.ba HELP!-capture.png  
My System SpecsSystem Spec
01 Jul 2010   #6
CorneliusM

windows 7 Home Premium 64 Bit
 
 

Quote   Quote: Originally Posted by theog View Post
Delete the pirated software that you downloaded, as the virus is in side the download.

Than run MSE full scan.
I don't have pirated software but, I did remove the .exe's for one for activating Office 2010 called Keygen.Microsoft.Office.2010.45057.exe which has been removed as MSE discovered the problem.
My System SpecsSystem Spec
01 Jul 2010   #7
CorneliusM

windows 7 Home Premium 64 Bit
 
 

Quote   Quote: Originally Posted by NoN View Post
Quote   Quote: Originally Posted by CorneliusM View Post
Quote   Quote: Originally Posted by NoN View Post
Did you used the full scan option in MSE?

I can try to put the MS Kb890830 removal tool in a zip files...But you might have the same probs downloading?
Hi, yes i ran a full scan with MSE though nothing has been discovered this time.

I'll give it a try, I think the virus is simply blocking me from visiting well known sites that can help me. Cheers man!
I'm not allowed to upload more than 8,0Mb...

so try those links:
x64:Download details: Windows Malicious Software Removal Tool x64
x32:Download details: Windows Malicious Software Removal Tool

Run the tool for a full scan, the trojan is listed in the tool (see screenshot):
Couldn't download but, my friend's got it on a memory stick so I'm running a full scan from that now
My System SpecsSystem Spec
01 Jul 2010   #8
Thorsen

Win7 Home Premium 64x
 
 

The keygen is an activation tool to use Office without paying for it thus pirating. If you used the keygen, then that could be where the virus came from. You should probably uninstall Office as well as the keygen could have infected files in Office.

If you want a free Office program, get OpenOffice it is a very good alternative to Microsoft Office: OpenOffice.org - The Free and Open Productivity Suite
My System SpecsSystem Spec
01 Jul 2010   #9
NoN

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
 
 

Quote   Quote: Originally Posted by CorneliusM View Post
Quote   Quote: Originally Posted by theog View Post
Delete the pirated software that you downloaded, as the virus is in side the download.

Than run MSE full scan.
I don't have pirated software but, I did remove the .exe's for one for activating Office 2010 called Keygen.Microsoft.Office.2010.45057.exe which has been removed as MSE discovered the problem.
Did you used that keygen to activate the Trial version? No big matter, but not really in the rules....that's why MSE listed to remove that KeyGen.
My System SpecsSystem Spec
01 Jul 2010   #10
CorneliusM

windows 7 Home Premium 64 Bit
 
 

Quote   Quote: Originally Posted by Thorsen View Post
The keygen is an activation tool to use Office without paying for it thus pirating. If you used the keygen, then that could be where the virus came from. You should probably uninstall Office as well as the keygen could have infected files in Office.

If you want a free Office program, get OpenOffice it is a very good alternative to Microsoft Office: OpenOffice.org - The Free and Open Productivity Suite
Okay I'll uninstall Office 2010 now and MRT is still scanning so I'll restart after the scan, thank you. Funny enough I came across OpenOffice after the problem!
My System SpecsSystem Spec
Reply

 trojan downloader:win32/cutwail.ba HELP!




Thread Tools




Similar help and support threads
Thread Forum
Trojan:Win32/FakeSysdef
This computer again: https://www.sevenforums.com/browsers-mail/214851-ie9-32bit-context-menu-fails-w7-pro-64bit.html Here is some of what I know about the box build. I was asked to cleanup the aftermath of this: Encyclopedia entry: Trojan:Win32/FakeSysdef - Learn more about malware -...
System Security
Trojan:Win32/Comroki!rts
Downloaded and ran the Microsoft Safety Scanner and it found this. Trojan:Win32/Comroki!rts Safety Scanner removed so it says. All I found with Google besides sales pitches to buy things is this at MS. Encyclopedia entry: Trojan:Win32/Comroki - Learn more about malware - Microsoft Malware...
System Security
Trojan-Downloader.Win32.VB.bbl
I found this awesome virus "Trojan-Downloader.Win32.VB.bbl" and analyzed its behaviour in a VirtualBox and quickly found a weaknes :p It is very hard to remove, it closes antivirus setups and then deletes them, closes all windows containg anything about antivirus tools (even if you google anything...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:10.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App