• Registrarse
  • Iniciar sesión


  • Resultados 1 al 4 de 4

    mi siguiente archivo esta infectado C:\HP\BIN\EndProcess.exe que debo de hacerle?

    Resumen del tema: mi siguiente archivo esta infectado C:\HP\BIN\EndProcess.exe que debo de hacerle? - MI SIGUIENTE ARCHIVO ESTA INFECTADO QUE ES LO QUE DEBO DE REALIZAR? C:\HP\BIN\EndProcess.exe LO BORRO? PORQUE CREO QUE ES UN DRIVER DEL TECLADO O SOLAMENTE LOS PONGO EN CUARENTENA?...

      
    1. #1
      Usuario Avatar de Guslipknot
      Registrado
      ago 2009
      Ubicación
      Durango
      Mensajes
      2

      Triste mi siguiente archivo esta infectado C:\HP\BIN\EndProcess.exe que debo de hacerle?

      MI SIGUIENTE ARCHIVO ESTA INFECTADO QUE ES LO QUE DEBO DE REALIZAR?
      C:\HP\BIN\EndProcess.exe
      LO BORRO?
      PORQUE CREO QUE ES UN DRIVER DEL TECLADO
      O SOLAMENTE LOS PONGO EN CUARENTENA?

    2. #2
      Usuario Avatar de Guslipknot
      Registrado
      ago 2009
      Ubicación
      Durango
      Mensajes
      2

      Re: mi siguiente archivo esta infectado C:\HP\BIN\EndProcess.exe que debo de hacerle?

      ESTE ES MI REPORTE EN EL AVIRA


      Avira AntiVir Personal
      Report file date: domingo, 09 de agosto de 2009 09:21

      Scanning for 1618860 virus strains and unwanted programs.

      Licensee : Avira AntiVir Personal - FREE Antivirus
      Serial number : 0000149996-ADJIE-0000001
      Platform : Windows Vista
      Windows version : (Service Pack 1) [6.0.6001]
      Boot mode : Normally booted
      Username : SYSTEM
      Computer name : GUSTAVO-PC

      Version information:
      BUILD.DAT : 9.0.0.407 17961 Bytes 29/07/2009 10:34:00
      AVSCAN.EXE : 9.0.3.7 466689 Bytes 09/08/2009 09:06:14
      AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 18:58:24
      LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 19:35:49
      LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 18:58:52
      ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 20:30:36
      ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 09:06:13
      ANTIVIR2.VDF : 7.1.5.60 2235904 Bytes 03/08/2009 09:06:13
      ANTIVIR3.VDF : 7.1.5.85 445952 Bytes 07/08/2009 09:06:13
      Engineversion : 8.2.0.248
      AEVDF.DLL : 8.1.1.1 106868 Bytes 09/08/2009 09:06:13
      AESCRIPT.DLL : 8.1.2.23 455033 Bytes 09/08/2009 09:06:13
      AESCN.DLL : 8.1.2.4 127348 Bytes 09/08/2009 09:06:13
      AERDL.DLL : 8.1.2.4 430452 Bytes 09/08/2009 09:06:13
      AEPACK.DLL : 8.1.3.18 401783 Bytes 09/08/2009 09:06:13
      AEOFFICE.DLL : 8.1.0.38 196987 Bytes 09/08/2009 09:06:13
      AEHEUR.DLL : 8.1.0.154 1917302 Bytes 09/08/2009 09:06:13
      AEHELP.DLL : 8.1.5.3 233846 Bytes 09/08/2009 09:06:13
      AEGEN.DLL : 8.1.1.55 356723 Bytes 09/08/2009 09:06:13
      AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 22:32:40
      AECORE.DLL : 8.1.7.6 184694 Bytes 09/08/2009 09:06:13
      AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 22:32:40
      AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 16:47:59
      AVPREF.DLL : 9.0.0.1 43777 Bytes 05/12/2008 18:32:15
      AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 22:34:28
      AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 18:32:09
      AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 23:05:41
      AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 18:37:08
      SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 23:03:49
      SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 16:21:33
      NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 18:32:10
      RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 09/08/2009 09:06:12
      RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 18:19:48

      Configuration settings for the scan:
      Jobname.............................: Complete system scan
      Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
      Logging.............................: low
      Primary action......................: interactive
      Secondary action....................: ignore
      Scan master boot sector.............: on
      Scan boot sector....................: on
      Boot sectors........................: C:, D:,
      Process scan........................: on
      Scan registry.......................: on
      Search for rootkits.................: on
      Integrity checking of system files..: off
      Scan all files......................: All files
      Scan archives.......................: on
      Recursion depth.....................: 20
      Smart extensions....................: on
      Macro heuristic.....................: on
      File heuristic......................: medium
      Deviating risk categories...........: +APPL,+JOKE,+PCK,+SPR,

      Start of the scan: domingo, 09 de agosto de 2009 09:21

      Starting search for hidden objects.
      '74835' objects were checked, '0' hidden objects were found.

      The scan of running processes will be started
      Scan process 'avscan.exe' - '1' Module(s) have been scanned
      Scan process 'avscan.exe' - '1' Module(s) have been scanned
      Scan process 'avcenter.exe' - '1' Module(s) have been scanned
      Scan process 'firefox.exe' - '1' Module(s) have been scanned
      Scan process 'SynTPHelper.exe' - '1' Module(s) have been scanned
      Scan process 'IEMonitor.exe' - '1' Module(s) have been scanned
      Scan process 'HpqToaster.exe' - '1' Module(s) have been scanned
      Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
      Scan process 'Com4QLBEx.exe' - '1' Module(s) have been scanned
      Scan process 'WiFiMsg.exe' - '1' Module(s) have been scanned
      Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
      Scan process 'hpqwmiex.exe' - '1' Module(s) have been scanned
      Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
      Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
      Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
      Scan process 'QPService.exe' - '1' Module(s) have been scanned
      Scan process 'IDMan.exe' - '1' Module(s) have been scanned
      Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
      Scan process 'avgnt.exe' - '1' Module(s) have been scanned
      Scan process 'HPWAMain.exe' - '1' Module(s) have been scanned
      Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
      Scan process 'jusched.exe' - '1' Module(s) have been scanned
      Scan process 'QLBCTRL.exe' - '1' Module(s) have been scanned
      Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
      Scan process 'rundll32.exe' - '1' Module(s) have been scanned
      Scan process 'explorer.exe' - '1' Module(s) have been scanned
      Scan process 'dwm.exe' - '1' Module(s) have been scanned
      Scan process 'taskeng.exe' - '1' Module(s) have been scanned
      Scan process 'HPHC_Service.exe' - '1' Module(s) have been scanned
      Scan process 'XAudio.exe' - '1' Module(s) have been scanned
      Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
      Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
      Scan process 'BLService.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'avguard.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'sched.exe' - '1' Module(s) have been scanned
      Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'rundll32.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
      Scan process 'audiodg.exe' - '0' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
      Scan process 'svchost.exe' - '1' Module(s) have been scanned
      Scan process 'winlogon.exe' - '1' Module(s) have been scanned
      Scan process 'lsm.exe' - '1' Module(s) have been scanned
      Scan process 'lsass.exe' - '1' Module(s) have been scanned
      Scan process 'services.exe' - '1' Module(s) have been scanned
      Scan process 'csrss.exe' - '1' Module(s) have been scanned
      Scan process 'wininit.exe' - '1' Module(s) have been scanned
      Scan process 'csrss.exe' - '1' Module(s) have been scanned
      Scan process 'smss.exe' - '1' Module(s) have been scanned
      60 processes with 60 modules were scanned

      Starting master boot sector scan:
      Master boot sector HD0
      [INFO] No virus was found!

      Start scanning boot sectors:
      Boot sector 'C:\'
      [INFO] No virus was found!
      Boot sector 'D:\'
      [INFO] No virus was found!

      Starting to scan executable files (registry).
      The registry was scanned ( '44' files ).


      Starting the file scan:

      Begin scan in 'C:\'
      C:\hiberfil.sys
      [WARNING] The file could not be opened!
      [NOTE] This file is a Windows system file.
      [NOTE] This file cannot be opened for scanning.
      C:\pagefile.sys
      [WARNING] The file could not be opened!
      [NOTE] This file is a Windows system file.
      [NOTE] This file cannot be opened for scanning.
      C:\HP\BIN\EndProcess.exe
      [DETECTION] Contains recognition pattern of the APPL/KillApp.A application
      C:\Program Files\Hewlett-Packard\HP TCS\SetACL.exe
      [DETECTION] Contains recognition pattern of the APPL/ACLSet application
      C:\Users\Gustavo\AppData\Local\Mozilla\Firefox\Profiles\ztpsgh7s.default\Cache\AEFDC12Fd01
      [0] Archive type: CAB (Microsoft)
      --> vplatprc.dll
      [WARNING] No further files can be extracted from this archive. The archive will be closed
      [WARNING] No further files can be extracted from this archive. The archive will be closed
      C:\Users\Gustavo\Downloads\WinRAR_3.71_Corporate_Edition.zip
      [0] Archive type: ZIP
      --> WinRAR_Corporate_Edition/I.D.M_5.14.4_Full/I.D.M 5.14.4 Full/Patch/patch.exe
      [DETECTION] Is the TR/Agent.180224.N Trojan
      C:\Windows\System32\drivers\sptd.sys
      [WARNING] The file could not be opened!
      C:\Windows\Temp\TMP6059.tmp
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
      Begin scan in 'D:\' <RECOVERY>

      Beginning disinfection:
      C:\HP\BIN\EndProcess.exe
      [DETECTION] Contains recognition pattern of the APPL/KillApp.A application
      [NOTE] The file was moved to '4ae3066d.qua'!
      C:\Program Files\Hewlett-Packard\HP TCS\SetACL.exe
      [DETECTION] Contains recognition pattern of the APPL/ACLSet application
      [NOTE] The file was moved to '4af30664.qua'!
      C:\Users\Gustavo\Downloads\WinRAR_3.71_Corporate_Edition.zip
      [NOTE] The file was moved to '4aed0668.qua'!
      C:\Windows\Temp\TMP6059.tmp
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
      [NOTE] The file was moved to '4acf064d.qua'!


      End of the scan: domingo, 09 de agosto de 2009 10:23
      Used time: 1:01:10 Hour(s)

      The scan has been done completely.

      19507 Scanned directories
      366423 Files were scanned
      4 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      4 Files were moved to quarantine
      0 Files were renamed
      3 Files cannot be scanned
      366416 Files not concerned
      2046 Archives were scanned
      5 Warnings
      6 Notes
      74835 Objects were scanned with rootkit scan
      0 Hidden objects were found

    3. #3
      Baneado Avatar de carlin-803
      Registrado
      mar 2009
      Ubicación
      venezuela
      Mensajes
      74

      Alegria Re: mi siguiente archivo esta infectado C:\HP\BIN\EndProcess.exe que debo de hacerle?

      Hola

      La verdad no creo que sea del teclado.

      Si es un driver no creo que sea de problemas

      Colocalo en cuarentena y si notas algo extraño en tu PC eliminalo

    4. #4
      Moderador Gral.
      Avatar de Firewall
      Registrado
      ene 2007
      Ubicación
      Boaventura, Mad
      Mensajes
      21.647

      Re: mi siguiente archivo esta infectado C:\HP\BIN\EndProcess.exe que debo de hacerle?

      Paso 1- Descarga estas herramientas pero no las ejecutes aun:
      Paso 2- Reinicia he inicia en "Modo a prueba de fallos" (modo seguro con funciones a red)

      Paso 3- Ejecuta estas herramientas, de a una:
      Paso 4- Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Paso 5- Realiza un analisis online con kaspersky online scanner como lo indica su manual y nos dejas su reporte.

      Si usas Firefox como navegador recuerda usar la extencion IE Tab para poder realizar algun scanner online.

      Reinicia y nos cuentas los resultados junto a los reportes generados por, MalwareByte's Antimalware, DelPsguard y Kaspersky online scanner.

      Nota: En la herramienta Malwarebytes recuerda darle al boton de quitar lo seleccionado para que el borrado de las infecciones tenga efecto.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.