GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-04-28 21:31:36 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3 OCZ-AGILITY3 rev.2.15 55,90GB Running: 2dsm3r0l.exe; Driver: C:\Users\User\AppData\Local\Temp\aftcaaob.sys ---- User code sections - GMER 2.2 ---- .text C:\Program Files (x86)\BlueStacks\HD-Agent.exe[1316] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075301465 2 bytes [30, 75] .text C:\Program Files (x86)\BlueStacks\HD-Agent.exe[1316] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000753014bb 2 bytes [30, 75] .text ... * 2 .text C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075301465 2 bytes [30, 75] .text C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753014bb 2 bytes [30, 75] .text ... * 2 .text C:\Program Files (x86)\Skype\Updater\Updater.exe[2728] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075301465 2 bytes [30, 75] .text C:\Program Files (x86)\Skype\Updater\Updater.exe[2728] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753014bb 2 bytes [30, 75] .text ... * 2 ---- Threads - GMER 2.2 ---- Thread C:\Windows\AutoKMS\AutoKMS.exe [1852:3436] 000007fef2b48afc Thread C:\Windows\AutoKMS\AutoKMS.exe [1852:2172] 000007fef2a5e854 Thread C:\Windows\AutoKMS\AutoKMS.exe [1852:2316] 000007fef2a5e854 Thread C:\Windows\AutoKMS\AutoKMS.exe [1852:2052] 000007fefe620168 Thread C:\Windows\AutoKMS\AutoKMS.exe [1852:3504] 000007fefe620168 ---- Files - GMER 2.2 ---- File C:\Windows\System32\wbem\Performance\WmiApRpl_new.h 3444 bytes ---- EOF - GMER 2.2 ----