GMER 2.1.19155 - http://www.gmer.net
Rootkit scan 2013-03-19 10:25:40
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BPKT-75PK4T0 rev.01.01A01 465,76GB
Running: quy1nqph.exe; Driver: C:\Users\Colette\AppData\Local\Temp\kgldypog.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1916] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69             0000000076791465 2 bytes [79, 76]
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1916] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155            00000000767914bb 2 bytes [79, 76]
.text   ...                                                                                                                                      * 2
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3460] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69              0000000076791465 2 bytes [79, 76]
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3460] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155             00000000767914bb 2 bytes [79, 76]
.text   ...                                                                                                                                      * 2
.text   C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000076791465 2 bytes [79, 76]
.text   C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000767914bb 2 bytes [79, 76]
.text   ...                                                                                                                                      * 2

---- Threads - GMER 2.1 ----

Thread  C:\Windows\SysWOW64\ntdll.dll [3476:3480]                                                                                                0000000000aa49bf
Thread  C:\Windows\SysWOW64\ntdll.dll [3476:3556]                                                                                                000000006dda8cf7
Thread  C:\Windows\SysWOW64\ntdll.dll [3476:3560]                                                                                                000000006dda8fce
Thread  C:\Windows\SysWOW64\ntdll.dll [3476:3564]                                                                                                000000006dda88e0
Thread  C:\Windows\SysWOW64\ntdll.dll [3476:3568]                                                                                                000000007411786a

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\6036ddbf124b                                                              
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\6036ddbf124b (not active ControlSet)                                          

---- Files - GMER 2.1 ----

File    C:\Users\Colette\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SQFE6EZ5\clients[1].txt                            0 bytes

---- EOF - GMER 2.1 ----