Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bsod running gmer


  • Please log in to reply
1 reply to this topic

#1 Kev35

Kev35

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 19 December 2017 - 09:15 PM

 Hi,

 was running gmer and it gave me a Bsod not sure if I'm infected or just something is happening  with gmer



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:19 AM

Posted 20 December 2017 - 07:00 PM

GMER is an older advanced stand-alone tool that compares the output from system function calls directly into the operating system to output from calls generated by their own functions. Any differences between it's own implementation and that of the operating system is reported as a hidden file, service, registry key, or device. GMER also looks for hidden code modifications and API Kernel hooks as well as many other checks which are not discussed in public to safeguard the program from malware writers who would use that information for nefarious purposes.

GMER will not actually tell you if you are infected or not unless you know what you're looking for. Most of the log listings are dumps of raw memory data structures from the Windows Kernel which handles access to files, registry keys, hardware and from the system processor tables. Even with advanced training, trying to interpret GMER results can be confusing at best as there could be many legitimate entries in its log. We do not use it much any more and when we do, it's log is typically asked for in the Virus, Trojan, Spyware, and Malware Removal Logs Forum.

GMER is known for being extremely good at rootkit investigation and detection, but it is also known for occasionally being unstable on some computers. There are varying reasons GMER will not run properly or result in a BSOD. In some cases, a BSOD may be attributed to one of the scanning options available when running GMER and you may need to uncheck one or more of those options to get it to run properly.

Open GMER and on the right side, deselect (uncheck) the following:
  • IAT/EAT
  • Drives/Partition other than System drive (typically C:\)
  • Show All <- don't miss this one
Gmer_tdl4.png

If that does not work you may also need to deselect uncheck the following (along with the items noted above) from the options on the right, then try running it again or perform the scan in safe mode:
  • Devices
  • Sections
  • Files
If you still cannot get GMER to run and you believe your system is infected, then follow the instructions in the Malware Removal and Log Section Preparation Guide. When you have done that, start a new topic and post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team. If HelpBot replies to your topic, please follow Step One and CLICK the link so it will report your topic to the team members.

If you choose to follow the above instructions and post a FRST log, please reply back in this thread with a link to the new topic. If not, at least you know doing that is an option available to you.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users