Serious virus ?

:-[

I got this message:

C:/HP/BIN/EndProcess.exe
Serious (low)
Status PuP:Win32:Kill App-W (PUP)

???

I have removed it to quarantine

??? What now ???

This is classified as PUP = Potentially Unwanted Program.
It is not a virus.

If you know this Exe and if it is needed, you can restore it to it’s original place.
I’ll look up some infos about it in a minute.

Don’t panic, all’s well. ;D

This is one of the tools that HP use if you happen to do a a restoration to factory settings.

Since the EndProcess.exe file can be used to end/kill processes, it is a tool which can be used for good or evil purposes, and naturally Avast can’t (as can’t any other AV) determine the intent. If someone else installed this without your knowledge (not HP) then it would be unwanted, but having been installed by HP it is a tool which you may require if you do an HP restore.

In the c:\HP\Bin location you might want to keep it, so you need to exclude either the file or the whole folder where it is stored from on-demand scans in the settings, or stop doing scans with include the search for PUPs.

You can safely restore the file from chest.

Greetz
Zyndstoff

@ tjunk
It is also an indication that you have changed the default scan settings or created a custom scan in which you opted to check for PUPs.

This can as you found return some results that you aren’t expecting (like that one) so you have to be knowledgeable about what is installed on your system and when you get a [PUP] detection you investigate, google the file name and location, etc. and that should give you an idea of what the file is for. From this information you should be able determine if this is in fact an possibly unwanted program or not.

Or you could change it back to the default of not checking for PUPs in on-demand scans, personally I feel this is the way to go.

On-demand scans by their nature are for the most part going to be scanning files that are otherwise dormant or inert. If they weren’t dormant or inert then the on-access scanner, the File System Shield would scan them before they are allowed to run and by default that does scan for PUPs.