virus found since install of v3 & not asking for browser to connect to internet

I installed version 3 the other day and now when I ran a complete virus scan on my pc it found the following:
11/26/2007 6:29:20 AM lmh 3060 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\HP\bin\KillIt.exe” file.
11/26/2007 7:22:43 AM lmh 3060 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\HP\bin\KillIt.exe” file.
11/26/2007 10:11:40 AM lmh 3196 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\System Volume Information_restore{F1F4F7E1-716C-4CDB-B293-0F421424B1F9}\RP231\A0034113.exe” file.

I ran the AdAware program this afternoon and it found the following:
Family Id: 799 Name: Win32.Backdoor.Agent Category: Virus TAI:10
Item Id: 14519 Value: File: C:\Documents and Settings\All Users\Application Data\Comodo\common\DB\DDB\DLL\339_d.sld
Item Id: 300028428 Value: Root: HKLM Path: software\microsoft\tracing\fwcfg

Both of these have appeared since updating to version 3. I have never had my antivirus program (Avast) or AdAware find anything until now. Any ideas as to why these have suddenly showed up? I haven’t downloaded or installed anything else recently.

I am also having a problem with the firewall not asking permission before allowing my web browser to connect to the internet. It is intermittently asking permission while connected (have digital internet but with the other version it always asked permission before allowing the web browser (firefox) to actually connect to the internet. How can I get it to do that again?



Not sure about the virus but comodo is allowing the browser to connect because it is in the safe list.


The AdAware reports are an acknowledged false positive and have been fixed with a subsequent definition update. Please update your AdAware to the latest definitions and retest.

The KillIt.Exe files, in the \HP\BIN folder and in a system restore file are nothing to do with CFP. If they were, don’t you think there would be hundreds of thousands of reports of this? Or is there the outside possibility it’s just you? :wink:

Ewen :slight_smile:

I’m still wondering why people use ad-aware ???

killit.exe is common with Compaq and HP machines it has something to do with wildtangent that plays games on those pc’s :slight_smile:

the system volume infomation one is a system restore point :slight_smile:

if you google killit.exe you will find out about it :slight_smile:

To restore the pop-ups for Firefox (?) click Defense+>Advanced>Computer Security Policy> (locate and select the Firefox entry on the list)>Edit>(check that “Use a Custom Policy” is selected)>Access Rights. On the Access Rights window, check “Ask” for “Loopback Networking” and “DNS Client Service” .

My AV found the same virus in the same locations after installing Comodo V3 yesterday. ???

Hello and Thanks for the replies.

I just checked and I followed the directions for the firewall to ask before connecting my web browser to the internet. It was set for custom policy but the access rights was not checked to ask for loopback networking and DNS Client Service. So I changed those to ask. Thanks for the help.

I do have a HP computer so from what has been posted here the Killit.exe must be because of it being a HP machine (I could have sworn that I uninstalled the games on the pc since I don’t use them. – guess I’ll have to check on that). Thanks for the info - I greatly appreciate it. And I will check again to make sure the AdAware is up to date as well.

Thanks Again!

Just wanted to let you know that I restarted my pc and tried connecting to the internet and now the firewall is asking permission first. Thanks for the help!

I also checked for AdAware updates, completed them and ran that program. No problems with that now either. Still not sure why the KillIt.exe just now showed up (since it never showed up till now) when doing the complete virus scan but at least now I know what it is.

Thanks Again!