I run a daily scan on my laptop and a few days ago it found 1 threat. I click on the veiw detections and it says Win32/Zmist healed. I ran another scan it t & this threat keeps comin up and saying it is healed. What does this mean & do i need to be worried about it? Also how do i remove this so when i do a scan it wont keep showing up,it does not give me any options to click on.
Ok they can take their time. I ran another scan last night & now that threat is no longer showing up in the results. The only thing i can think i did different in the past few days is i put my laptop to sleep at night instead of shutting it down like i normal do everynight. Last night i had to restart my computer due to some updates it needed & when my scudule scan ran at the schudle time (9pm) the threat did not show up on that scan.
Amy, Your info will be analysed ASAP.. Re AVG Community Support expert assistance.. They will attend to your posting @ their earliest convenience but please bear in mind it's now the weekend (http://forums.avg.com/ww-en/avg-forums?sec=thread&act=show&id=190509) in Brno, Czech Rep.. AVG Guru
Ok they can take their time. I ran another scan last night & now that threat is no longer showing up in the results. The only thing i can think i did different in the past few days is i put my laptop to sleep at night instead of shutting it down like i normal do everynight. Last night i had to restart my computer due to some updates it needed & when my scudule scan ran at the schudle time (9pm) the threat did not show up on that scan.
This was selected as the best answer
Alan Binch
Amy, It may well have been a false detection that was cleared by a vdb update. AVG Guru
Ok it has been a week and guess what my scan results are showing the Win32/Zmist virus again saying it was healed. For two days in a row my scan has caught this & both times i restarted my laptop and ran another scan and then it did not show it again. What is going on here with this Win32/Zmist virus showing up and then not showing up again when i run another scan after i do a restart on my laptop? Do i need to be worried about this and how do i stop it?
All Answers
AVG Guru
"Scheduled Scan"
"High severity";"1";"1";"0"
"Scanned folders:";"Scan Whole Computer"
"Started:";"8/14/2014, 9:00:00 PM"
"Finished:";"8/14/2014, 9:27:02 PM"
"Scanned items:";"151203"
"Launched by:";"SYSTEM"
"Name";"Description";"Status";"Status";"Priority"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (3416)";"Virus found Win32/Zmist";"Secured";"Healed";"High"
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-08-16 10:05:31
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002d ST750LM022_HN-M750MBB rev.2BA30001 698.64GB
Running: Tool.exe.exe; Driver: C:\Users\Amy\AppData\Local\Temp\uwldapow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[4552] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ffaa41c169a 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[4552] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ffaa41c16a2 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[4552] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ffaa41c181a 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[4552] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ffaa41c1832 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe[5612] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffaa41c169a 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe[5612] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffaa41c16a2 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe[5612] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffaa41c181a 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe[5612] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffaa41c1832 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe[8120] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffaa41c169a 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe[8120] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffaa41c16a2 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe[8120] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffaa41c181a 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe[8120] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffaa41c1832 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe[7936] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffaa41c169a 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe[7936] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffaa41c16a2 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe[7936] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffaa41c181a 4 bytes [1C, A4, FA, 7F]
.text C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe[7936] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffaa41c1832 4 bytes [1C, A4, FA, 7F]
.text C:\Windows\System32\igfxpers.exe[7752] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffaa41c169a 4 bytes [1C, A4, FA, 7F]
.text C:\Windows\System32\igfxpers.exe[7752] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffaa41c16a2 4 bytes [1C, A4, FA, 7F]
.text C:\Windows\System32\igfxpers.exe[7752] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffaa41c181a 4 bytes [1C, A4, FA, 7F]
.text C:\Windows\System32\igfxpers.exe[7752] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffaa41c1832 4 bytes [1C, A4, FA, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [5216:6896] fffff9600080db90
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
AVG Guru
AVG Guru
I am happy to see that your issue is resolved.
Thanks for posting back.