GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-07-30 19:22:35
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000027 ST1000DM003-1CH162 rev.CC47 931,51GB
Running: 203uo6m6.exe; Driver: C:\Users\Mateusz\AppData\Local\Temp\fwndyfow.sys


---- User code sections - GMER 2.2 ----

?        C:\Windows\system32\apphelp.dll [2868] entry point in ".rdata" section               0000000074230380

---- Threads - GMER 2.2 ----

Thread   C:\Program Files\Windows Defender\MsMpEng.exe [2240:4672]                            00007ffb14492420
Thread   C:\Program Files\Windows Defender\MsMpEng.exe [2240:4908]                            00007ffb14492420
Thread   C:\Windows\system32\csrss.exe [1040:3212]                                            fffff960a3de4030

---- Services - GMER 2.2 ----

Service  C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 (*** hidden *** )        [MANUAL] AIDA64Driver     <-- ROOTKIT !!!
Service  C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys (*** hidden *** )          [MANUAL] NTIOLib_MB       <-- ROOTKIT !!!

---- Registry - GMER 2.2 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed    -1387411249
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                     396
Reg      HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated  0xB3 0x91 0x7C 0x90 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh       0xB3 0xF9 0x40 0xF2 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow        0xB3 0x29 0xB8 0x2E ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeTickCount  0x39 0xE0 0xFB 0x00 ...

---- EOF - GMER 2.2 ----