Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: REDACTED on February 14, 2017, 01:50:22 AM

Title: Avast is blocking gmer.sys
Post by: REDACTED on February 14, 2017, 01:50:22 AM: Popup: Blocked by Avast self-defense: gmer.sys (PID 4).

How do I exclude gmer?
Title: Re: Avast is blocking gmer.sys
Post by: mike_coreit on September 11, 2018, 10:21:40 PM: Hi I am also having the same issue.

I have disabled all the anti-virus components but still get the warning.
Title: Re: Avast is blocking gmer.sys
Post by: Pondus on September 11, 2018, 10:42:35 PM: Quote from: mike_coreit on September 11, 2018, 10:21:40 PM
Hi I am also having the same issue.

I have disabled all the anti-virus components but still get the warning.
Why are you running gmer ? Are you infected?

Gmer is part of Avast scan engine, and Avast run a rootkit scan 8 min after evry computer start
Title: Re: Avast is blocking gmer.sys
Post by: mike_coreit on November 08, 2018, 02:57:47 PM: Hi I have found that GMER has found a malware (service registry key) which Avast did not
Title: Re: Avast is blocking gmer.sys
Post by: Pondus on November 08, 2018, 06:49:58 PM: Quote from: mike_coreit on November 08, 2018, 02:57:47 PM
Hi I have found that GMER has found a malware (service registry key) which Avast did not
Gmer is a tool to be used by malware experts, most likely you are not reading the log correct

If you want somone that know how, to assist you then follow instructions here and attach requested logs

also attach your gmer log

Instructions >> https://forum.avast.com/index.php?topic=194892.0
Title: Re: Avast is blocking gmer.sys
Post by: jenaa on July 01, 2020, 05:34:20 AM: Hi, several days ago I used GMER to scan my computer with no rootkit activity, today I scanning GMER again with avast premium protection disable. I found another red detection in scvhost. please help

Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] AarSvc_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] BcastDVRUserService_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] BluetoothUserService_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] CaptureService_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] cbdhsvc_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] CDPUserSvc_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] ConsentUxUserSvc_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\CredentialEnrollmentManager.exe (*** hidden *** ) [MANUAL] CredentialEnrollmentManagerUserSvc_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DeviceAssociationBrokerSvc_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DevicePickerUserSvc_4bf18 <-- ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DevicesFlowUserSvc_4bf18 <-- ROOTKIT !!!