Popup: Blocked by Avast self-defense: gmer.sys (PID 4).
How do I exclude gmer?
Popup: Blocked by Avast self-defense: gmer.sys (PID 4).
How do I exclude gmer?
Hi I am also having the same issue.
I have disabled all the anti-virus components but still get the warning.
Why are you running gmer ? Are you infected?
Gmer is part of Avast scan engine, and Avast run a rootkit scan 8 min after evry computer start
Hi I have found that GMER has found a malware (service registry key) which Avast did not
Gmer is a tool to be used by malware experts, most likely you are not reading the log correct
If you want somone that know how, to assist you then follow instructions here and attach requested logs
also attach your gmer log
Instructions >> https://forum.avast.com/index.php?topic=194892.0
Hi, several days ago I used GMER to scan my computer with no rootkit activity, today I scanning GMER again with avast premium protection disable. I found another red detection in scvhost. please help
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] AarSvc_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] BcastDVRUserService_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] BluetoothUserService_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] CaptureService_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] cbdhsvc_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] CDPUserSvc_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] ConsentUxUserSvc_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\CredentialEnrollmentManager.exe (*** hidden *** ) [MANUAL] CredentialEnrollmentManagerUserSvc_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DeviceAssociationBrokerSvc_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DevicePickerUserSvc_4bf18 ← ROOTKIT !!!
Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] DevicesFlowUserSvc_4bf18 ← ROOTKIT !!!