GMER 2.1.19081 - http://www.gmer.net
3rd party scan 2013-02-22 21:03:11
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000071 ST950032 rev.0011 465,76GB
Running: e8vmo9fm.exe; Driver: C:\Users\MONGO~1\AppData\Local\Temp\uwlyypod.sys


---- User IAT/EAT - GMER 2.1 ----

IAT     C:\windows\system32\mfevtps.exe[1516] @ C:\windows\system32\CRYPT32.dll[KERNEL32.dll!LoadLibraryA]  [13f19c0c0] C:\windows\system32\mfevtps.exe

---- Threads - GMER 2.1 ----

Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [1772:1796]           0000000077793e45
Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [1772:1800]           0000000076bb7587
Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [1772:1820]           0000000077792e25
Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2000:1048]          0000000072db102d
Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2000:1080]          0000000072a5f1dc
Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2000:1124]          0000000072a5f1dc
Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2000:480]           0000000072a555d3
Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2000:2460]          0000000072d5c159
Thread  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2000:2808]          0000000072a5f1dc
Thread  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2488:2504]  0000000076bb7587
Thread  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2488:2508]  0000000077792e25
Thread  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2488:2528]  0000000071fe473d
Thread  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2488:2536]  0000000071ff5ced
Thread  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2488:2544]  0000000071ff5ced
Thread  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2488:2552]  000000007529d864
Thread  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2488:4244]  0000000077793e45
Thread  C:\windows\SysWOW64\rundll32.exe [2244:3552]                                                        0000000077792e25
Thread  C:\windows\SysWOW64\rundll32.exe [2244:4512]                                                        0000000077793e45

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fc1a13                         
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fc1a13 (not active ControlSet)     

---- EOF - GMER 2.1 ----