Hi!
My computer got infected with Bagle virus and I think I managed to remove it but my antivirus (AVG) still keeps warning me about the virus every now and again so I thought I’d install a firewall. I downloaded CFP_Setup_English_2.4.18.184.exe and started installing it. Everything went as on the instructions until when the actual installation starts. The blue bars run quickly through and then the installation just stops and nothing is created in program files. I’ve even created a folder myself and tried to do it that way but it doesn’t help. Could this be the virus enabling me to install it or is this a common problem? How can I solve it?
Did you disable antivirus on-access protection whilst installing the firewall? It could be the antivirus that is causing a problem. Another option is to try installing the firewall in Safe Mode.
Incidentally, what version of windows are you using? If you are using XP or Vista you should be installing version 3.0.22.349 of the Firewall - this includes a HIPS system that is great protection against malware.
:SMLR
Oops… I thought it said I had to have the version 3 but I didn’t see the link to download it because I went straight to the bottom of the page… So I will try with the 3 32 bit version now… I’ve got windows xp sp2. Thanks!!
Hi!
I’ve now downloaded version 3.0.22.349 and I’ve got the same problem. For some reason I can’t start the computer in safe mode, it won’t let me, everytime I choose to start it on safe mode, it just restarts and asks me what mode I’d like to start my computer on and everytime I choose safe mode, it just restarts again. So I have had to choose normal mode. And I’ve disable on-access protection (I suppose that resident shield would be the equivalent to that in AVG). I’ve also turned off windows firewall and I don’t think I’ve got any other firewalls.
Try running this and see if anything shows up:
This one is also worth trying:
Perhaps one of the above tools might remove any remaining virus and you can then try installing the firewall again. Worth also checking in add/remove programs to see if there is any entry for the firewall before attempting another install.
:SMLR
Thanks! I tried both and they didn’t find the virus. I got an error while running fxbagle, just when I started the program. I’m attaching a picture of the error screen. Also I’ve added a picture of AVG warning me about bagle. And now the installation program for the firewall won’t even open…
I think the virus is still on my virus program because it won’t let me end the following processes:
avgrsx.exe
avgwdsvc.exe
I would delete them and then run all the scans and reinstall AVG but unfortunately I can¡t because they are running all the time…
[attachment deleted by admin]
Pretty tricky. You could try the Stinger from McAfee:
The only other thing I can think of is a boot time scan - I dont think AVG free will do this. Avast free edition has this feature but I dont know if you will be able to install it if something is preventing installation of CFP.
It might even be worth your while trying BOClean-this can deal with many nasties that other antimalware cannot:
http://www.comodo.com/boclean/boclean.html
You could always try the new free removal service from Comodo:
https://forums.comodo.com/free_virusspywaretrojanmalware_removal_by_comodo_experts/free_virusspywaretrojanmalware_removal_by_comodo_experts_247365-t22608.0.html;msg158212#msg158212
:SMLR
F Secure have instructions for manual removal:
Manual disinfection of Bagle consists of the following steps:
1, Delete the registry value and restart the computer:
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\d3dupdate.exe]
or
terminate the running ‘bbeagle.exe’ process with Task Manager
2, Delete the worm from the Windows System Directory:
%SysDir%\bbeagle.exe
Hi! Thanks for all the help, I’ve tried everything now and since I last restarted, I haven’t had any warnings. The computer still won’t let me install the firewall though, now it says that it’s not a valid win32 application. I also tried the live help and the person there told me that the only secure option would be to format the computer…
But I’ve just downloaded the firewall installer again and guess what, it finally works!! So something must have got rid of the virus then I hope! Thank you so much!!! I think it was probably JamesFrances instructions from F-Secure because I found wintems.exe and hldrrr.exe both on the registry value so I just deleted them, turned off the restore, restarted and ran error-checking before the computer started again and then ran all the antivirusmalware programs that I’ve got, must have at least 10 different ones now! Thank you very much JamesFrance and N.T.T.W. I’m sure one of those programs that N.T.T.W. recommended also helped a lot! Unfortunately I can’t say how it finally disappeared touching wood, if I could, then it might help others. But maybe you who know more about computer will know what helped in my case. Now I will have the firewall and antivirus on all the time to make sure the virus won’t come back… And won’t open any suspicious files, and no more e-mule for me!
Thank you again!
Great that you got it sorted katjaintenerife, I will mark this topic as resolved and close it. If you want it re-opened please PM a moderator and they will be happy to oblige.
:SMLR