Good Day to you all , I recently restored the XP OS on this 64X2 machine of my Mammy . It was a destructive restore . After restoring the internet service I downloaded a free anti virus . installed it , ran a boot-time scan . It reported finding two items and categorized them as Potentially Unwanted Programs . They are c:\\\KillIt.exe and c:\\restore"lon-gal-phan-ume-ric"\\"hexaddy?".exe , both reported as infected by KillApp-W [PUP] . Im hoping that they are no real concern , before I turn this computer back over to my Mother :) but , just wondering . Thank You JimMe not wnt be troble jus try an lern1 person needs an answerI do too

You can send the suspicious files to Virus Total for identification.Virus Total - http://www.virustotal.com/ MS-MVP - Elephant Boy Computers - Don't Panic!

Yes dittos on VirusTotal with this .... I have a good list I have been running this through herehttp://www.bluecollarpc.org/Spyware_Removal_Center.php and there is next to zero information at malware and process searches. This is two mentions (and one at a Microsoft IT forum I think) that it is possibly a kill process for apparently a hung application scenario although I do not see it listed as part of Windows atwww.Microsoft.comOf course when there is virtually zero information and suspected threat - this many times can indicate an 'in the wild threat' and again dittos on VirusTotal which in the very least if it is an in the wild threat there may be a very, very small handful of antimalware products detecting it.There is one malware reference here... (perhaps the only detection to date if in the wild) Troj/Bdoor-ND Trojan - Sophos security analysis http://www.sophos.com/search/search-results/?search=KillIt.exe&x=5&y=10Analysis of the Troj/Bdoor-ND Trojan, with information on its behaviour and recovery instructions.PrevX Reports.... http://www.prevx.com/filenames/764538377451594578-X962315352/KILLIT.EXE.html Sourceshttp://www.suggestafix.com/index.php?showtopic=25845&mode=threadedhttp://forums11.itrc.hp.com/service/forums/questionanswer.do?admit=109447626+1276648015311+28353475&threadId=1032608http://forum.avira.com/wbb/index.php?page=Thread&threadID=92403 PS.... on the "boot scan" Avast is good quality with a great detection rating but there are many much better. This option is manual and I was unaware they had that feature. Your higher quality products do that automatically on boot up scanning memory and registry very quickly as the product is loading and programs. The heurisitics (real time protection) is actuated and is monitoring as the product loads itself as well (not free versions without this activated - pay). This is scanning for threats in memory ready to execute and will quarntine them immediately on start up. Actually Microsoft Essentials (formerly Windows OneCare antivirus and more) is really good with a priority start up. You might add that.Gerald60606 Windows Live Spaces http://gerald60606.spaces.live.com/default.aspx

F-Secure Virus Descriptions : KillApphttp://www.f-secure.com/v-descs/killapp.shtmlKillapp.Thttp://www.pandasecurity.com/homeusers/security-info/about-malware/encyclopedia/overview.aspx?idvirus=206941CloseWindowWindows management function.http://www.wintask.com/onlinehelp/Language/CloseWindow.htmhttp://www.wintask.com/onlinehelp/Language/KillApp.htmAll in all we are talking "same name threats" and location and interaction (system32, others) needs specifying.TIP: seeing doubles there, though you said you were running Avast..... When these say PUP, it is indicating they are not detecting a known direct threat. This is an additional agressive dectection some programs added like McAfee. generally, PUP is indicating some adware bundled in a download and is oferring the user the knowledge of it but that they may recklessly disregard that and keep the software allowing adware to pay for it as their privacy is comprimised. Not recommended. Here with these, it is indicating they have in the least detected a possible software or utility the user added that may be dangerous in various manners - to the system or actual hijacking of things in an unexpected unwanted manner. PUP detection has been new for just the past couple years and not all antimalware products employ that. More a sales feature wording as a fancy name for "false positive possible - user take action".Gerald60606 Windows Live Spaces http://gerald60606.spaces.live.com/default.aspx

Malkelea and gerald60606 ,Thank you both for your attention to this .I mis-informed you just a little . The 2 programs , KillIt.exe and A0002681.exe , are infected by win32:KillApp-W Thank You . I only would like to be sure that there is or is not any concern and whether or not to delete the programs and or files if they are a problem and if I can . I tried 3 available options at the time they were reported - 1) repair 2)move to chest 3)take no action . 1 and 2 were unsuccessful so take no action was last choice .I am a beginner level-intermediate level user so please do not waste too much info on me however much it is appreciated . Thank You JimI think I decipher no acion , at this point or , is that just what I want to hear? :)I have also been advised to use windows malicious stuff remover and I am considering the oneCare scan any comment appreciated . Me not wnt be troble jus try an lern

Okay - my experience is never make changes to files or system (Windows) unless you know it is safe. If files and or software mistaken changes are made - this can cause "data corruption" as one of the worst threats to computers behind destructive viruses and worms. Trojans introduce instability into the system or softwares in an strong arm control of things in navigation and so on. The worst ones are back door threats comprimising privacy and may control the system and downloader trojans will install more malware according to protections in place.My experience has always been that it is 'pc suicide' to not use real time protection antivirus that has traditionally been shareware paid subscription yearly at about $30-40 USDollars - which is extremely inexpensive when considering spending up to 2,000 USDollars or more for the computer. So what is thirty bucks ? Some users have made no sense like that in spending that much for a computer system and extras and then suddenly get something in their mind that they cannot spend a simple 30 USD to protect it once a year.However, in just the past year and a little more there has been the offerings to the community of free real time protection antivirus and antispyware. Microsoft has lead the way with the free release of Windows Defender a couple years ago and is now part of the Operating System from Vista. A safe insured 'out of the box' safety for launching a new pc for the consumer to shop and add what they want afterwards engaging the internet for same. (At least already protected to do so).You no doubt have no clue to real time protection in antivirus and antispyware which is now imperative by the mainstream of all computer users. I strongly recommend that you immediately install Microsoft Essentials - both real time protection antivirus and antispyware. Your free home versions of antivirus and antispyware from top companies do not have this. You have to pay for it. There have been some upticks like the free version of AVG antivirus scanning each file opened and closed.The difference is reactive and proactive protection. "Reactive" protection means the free stuff without real time protection and the damage already occurs and the user sees that and then used these free stand alone scanners to try and fix it. If it is a virus that has damaged the Windows OS (operating sytem) it is too late then. These can not undo that and the computer is damaged beyond use. If it is the special viruses and worms specifically designed to destroy the system - obviously you do not have a computer left to use. These free products offer absolutely no defense and are now easily disabled by such as a 'security software disabling trojan'. Malware today blocks installations of security products as well per infection.I am certain you are using free Avast which does have the features used you mentioned. Are you ? This is not a highly rated product though fair only. There has been enough information here concerning a 'same name threat' scenario and unless you are able to manually inspect your files and the windows registry to search this out - then you will have to rely on professional expert antivirus and antispyware to do the job safely for you. Windows OneCare and Windows Defender are not known for false positives and will safely remove threats. You must use quality products for confidence in safe removals which begin with Quarantine.Since you are apparently seeking free defense, then undersatnd there is only a couple of these available in the world. A quality product that you buy is staffed by many, many experts and in their labs and a programmer starts at 300 USD an hour ! You get what you pay for and meaning what can you expect for free ?I strongly recommend you do what ALL mainstream users of the 800 million plus world computers do - and that is to immediately install real time protection antivirus and antispyware and personal firewall and completely fully update these and then perform full scans. Using the quality professional expert products that are known to produce virtually no false positives by their years reputation in the business gives the confidence in using the product to safely remove threats from the computer. I know of two you can trust that are fully real time protection products that are free. Microsft Essentials is one. For thirty days you may use one of the world's best Emsi Antimalware which will revert to the free version if you do not buy it. You can't use two real time products. However, in what is called "layers of defense" you pich real time product and install and THEN add the free home versions as 'stand alone scanners' as extra scanning ability from other companies with the idea in hourly emerging threats that one company may find what another company missed as far as some bundled hidden threat hiding ready to execute upon opening a softeware and so on.Again unless you can manually inspect location of the "reported" threat - no one can really help you do that and is when sometims a trip to the repair shop occurs for many users. That's okay and that is expensive to the 'working poor'. Some users are just very, very scared and at least there are PC Repair Shops that perform these actions for users. It certainly costs less to do this rather than buy a new computer everytime infected.This may help you explore what has been reported to you to locate the threat files and registry items ....http://pdamobilecafe.net/2010/03/31/how-to-find-files-and-windows-registry.aspxI am the Webmaster of http://pdamobilecafe.net/ hosted by GoDaddy so it is a safe download . PS... there was a falsh player update - get it !Gerald60606 Windows Live Spaces http://gerald60606.spaces.live.com/default.aspx

IN short ... best recommendation - install this and end of story... they have top scores at VirusTotal for in the wild threats period ! I have used them for several years on various computers. NEVER a problem. http://www.emsisoft.com/en/software/antimalware/Gerald60606 Windows Live Spaces http://gerald60606.spaces.live.com/default.aspx

IN short ... best recommendation - install this and end of story... they have top scores at VirusTotal for in the wild threats period ! I have used them for several years on various computers. NEVER a problem. http://www.emsisoft.com/en/software/antimalware/Gerald60606 Windows Live Spaces http://gerald60606.spaces.live.com/default.aspxPS.... the methods you are using are certainly not recommended unless an Advanced User generally.... as you can 'read between the lines' in this tip bookmark of similar procedure for actually IT ....Commandline Scanner For all administrators, security professionals and experienced commandline users. Scan single files or even complete systems with the Commandline, for example by using batch files. All functions of the full Anti-Malware scanner are included, so you use both scan engines.The Commandline Scanner contents unique functions for quick and repeating scans on servers. It is a part of the Anti-Malware setup, but may also be downloaded as standalone package. ....http://www.emsisoft.com/en/kb/articles/news100310/ Gerald60606 Windows Live Spaces http://gerald60606.spaces.live.com/default.aspx

Gerald , calm down youre gonna strain your fingers :) You are verk kind to offer so much advice Sir! I hope Ill one day be able use make sense of some of it :) Seriously , It all helps one to learn and its greatly appreciated Sir . I will look into all of it , thx . The two exes are these :1) c:\hp\bin\KillIt.exe2) c:\System Volume Information\_restore{106cf321-99A3-4E3A-9103-1BD02760-6A99}\RP6\A0002681.exeboth infected by Win32:KillApp-Wshould I bother sending these to virustotal.com as suggested ?and thank you for the advice on the security programs and your recommendations for good inexpensive solutions . TY Sir , Have a great day . JimMe not wnt be troble jus try an lern