GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2016-03-07 14:45:18
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AR1 931,51GB
Running: jhnmqgsg.exe; Driver: C:\Users\Dorota\AppData\Local\Temp\awdiikoc.sys


---- User code sections - GMER 2.1 ----

?        C:\windows\system32\mssprxy.dll [6948] entry point in ".rdata" section                                                                                                        00000000709371e6
---- Processes - GMER 2.1 ----

Library  C:\Users\Dorota\AppData\Local\NonspecificFragmented\GlobalistsVandals.dll (*** suspicious ***) @ C:\windows\SysWOW64\rundll32.exe [1860](2016-01-26 21:45:40)                 0000000010000000
Process  C:\Users\Dorota\AppData\Local\Temp\Rar$EXa0.514\jhnmqgsg.exe (*** suspicious ***) @ C:\Users\Dorota\AppData\Local\Temp\Rar$EXa0.514\jhnmqgsg.exe [5596](2015-02-04 12:59:56)  0000000000400000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b803051c257c                                                                                                   
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b803051c257c@d0c1b144aa79                                                                                      0x89 0x2D 0x45 0x89 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\dca971076042                                                                                                   
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\dca9710777da                                                                                                   
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b803051c257c (not active ControlSet)                                                                               
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b803051c257c@d0c1b144aa79                                                                                          0x89 0x2D 0x45 0x89 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\dca971076042 (not active ControlSet)                                                                               
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\dca9710777da (not active ControlSet)                                                                               

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                         unknown MBR code

---- Files - GMER 2.1 ----

File     C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Cache\f_02425a                                                                                                  0 bytes
File     C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Cache\f_02425b                                                                                                  0 bytes
File     C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Cache\f_02425d                                                                                                  0 bytes
File     C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Cache\f_02425e                                                                                                  500482 bytes
File     C:\Users\Dorota\AppData\Local\Google\Chrome\User Data\Default\Cache\f_02425f                                                                                                  377235 bytes

---- EOF - GMER 2.1 ----