Hello,
I installed version 3 the other day and now when I ran a complete virus scan on my pc it found the following:
11/26/2007 6:29:20 AM lmh 3060 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\HP\bin\KillIt.exe” file.
11/26/2007 7:22:43 AM lmh 3060 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\HP\bin\KillIt.exe” file.
11/26/2007 10:11:40 AM lmh 3196 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\System Volume Information_restore{F1F4F7E1-716C-4CDB-B293-0F421424B1F9}\RP231\A0034113.exe” file.
I ran the AdAware program this afternoon and it found the following:
Family Id: 799 Name: Win32.Backdoor.Agent Category: Virus TAI:10
Item Id: 14519 Value: File: C:\Documents and Settings\All Users\Application Data\Comodo\common\DB\DDB\DLL\339_d.sld
Item Id: 300028428 Value: Root: HKLM Path: software\microsoft\tracing\fwcfg
Both of these have appeared since updating to version 3. I have never had my antivirus program (Avast) or AdAware find anything until now. Any ideas as to why these have suddenly showed up? I haven’t downloaded or installed anything else recently.
I am also having a problem with the firewall not asking permission before allowing my web browser to connect to the internet. It is intermittently asking permission while connected (have digital internet but with the other version it always asked permission before allowing the web browser (firefox) to actually connect to the internet. How can I get it to do that again?
The AdAware reports are an acknowledged false positive and have been fixed with a subsequent definition update. Please update your AdAware to the latest definitions and retest.
The KillIt.Exe files, in the \HP\BIN folder and in a system restore file are nothing to do with CFP. If they were, don’t you think there would be hundreds of thousands of reports of this? Or is there the outside possibility it’s just you?
To restore the pop-ups for Firefox (?) click Defense+>Advanced>Computer Security Policy> (locate and select the Firefox entry on the list)>Edit>(check that “Use a Custom Policy” is selected)>Access Rights. On the Access Rights window, check “Ask” for “Loopback Networking” and “DNS Client Service” .
I just checked and I followed the directions for the firewall to ask before connecting my web browser to the internet. It was set for custom policy but the access rights was not checked to ask for loopback networking and DNS Client Service. So I changed those to ask. Thanks for the help.
I do have a HP computer so from what has been posted here the Killit.exe must be because of it being a HP machine (I could have sworn that I uninstalled the games on the pc since I don’t use them. – guess I’ll have to check on that). Thanks for the info - I greatly appreciate it. And I will check again to make sure the AdAware is up to date as well.
Just wanted to let you know that I restarted my pc and tried connecting to the internet and now the firewall is asking permission first. Thanks for the help!
I also checked for AdAware updates, completed them and ran that program. No problems with that now either. Still not sure why the KillIt.exe just now showed up (since it never showed up till now) when doing the complete virus scan but at least now I know what it is.
