I had virus Win32:Warezov-MV. The antivirus deletes it, but in 5 minutes it again appears.
I have found file spupdsvc.log in the latent folders on C:\WINDOWS\
How can I delete it?
I had virus Win32:Warezov-MV. The antivirus deletes it, but in 5 minutes it again appears.
I have found file spupdsvc.log in the latent folders on C:\WINDOWS\
How can I delete it?
Thats log of a virus:
[spupdsvc.log]
0.265: ================================================================================
0.344: 2006/02/16 12:39:47.796 (local)
0.640: SpUpdServiceStart: entered.
0.953: SpUpdServiceStart: starting…
2.953: [IsRebootedAfterServiceInstall] InstallTime: 0x1c632b9 e99699dc, BootTime: 0x1c632dc dc1d75f0
2.969: [PerformInfInstructions] SetupOpenInfFile could not read inf file C:\WINDOWS\system32\spupdsvc.inf. Err: 0x2 at line 0
3.125: [ProcessPostBootInf] PerformInfInstructions returned error: 2
3.172: [PerformInfInstructions] SetupOpenInfFile could not read inf file C:\WINDOWS\system32\spupdsvc.inf. Err: 0x2 at line 0
3.250: [ProcessPostBootInf] PerformInfInstructions returned error: 2 for section
3.578: [SpUpdServiceStart] ProcessPostBootInf returned 2
3.859: [SpUpdServiceStart] Deleted Service, job done. Returning the Main Thread
4.015: [SpUpdServiceStart] setting service to stopped
0.063: ================================================================================
0.203: 2006/04/19 15:03:51.265 (local)
0.219: SpUpdServiceStart: entered.
0.313: SpUpdServiceStart: starting…
0.375: [IsRebootedAfterServiceInstall] InstallTime: 0x1c66365 59c567ab, BootTime: 0x1c663a0 e16074f0
0.500: [PerformInfInstructions] SetupOpenInfFile could not read inf file C:\WINDOWS\system32\spupdsvc.inf. Err: 0x2 at line 0
0.625: [ProcessPostBootInf] PerformInfInstructions returned error: 2
0.703: [PerformInfInstructions] SetupOpenInfFile could not read inf file C:\WINDOWS\system32\spupdsvc.inf. Err: 0x2 at line 0
0.781: [ProcessPostBootInf] PerformInfInstructions returned error: 2 for section
0.828: [SpUpdServiceStart] ProcessPostBootInf returned 2
0.969: [SpUpdServiceStart] Deleted Service, job done. Returning the Main Thread
1.016: [SpUpdServiceStart] setting service to stopped
0.032: ================================================================================
0.172: 2006/06/17 11:49:50.140 (local)
0.204: SpUpdServiceStart: entered.
0.235: SpUpdServiceStart: starting…
0.266: [IsRebootedAfterServiceInstall] InstallTime: 0x1c691bd ba985b12, BootTime: 0x1c691e2 8bfae570
0.313: [PerformInfInstructions] SetupOpenInfFile could not read inf file C:\WINDOWS\system32\spupdsvc.inf. Err: 0x2 at line 0
0.422: [ProcessPostBootInf] PerformInfInstructions returned error: 2
0.469: [PerformInfInstructions] SetupOpenInfFile could not read inf file C:\WINDOWS\system32\spupdsvc.inf. Err: 0x2 at line 0
0.516: [ProcessPostBootInf] PerformInfInstructions returned error: 2 for section
0.641: [SpUpdServiceStart] ProcessPostBootInf returned 2
0.704: [SpUpdServiceStart] Deleted Service, job done. Returning the Main Thread
0.969: [SpUpdServiceStart] setting service to stopped
0.015: ================================================================================
0.062: 2006/12/22 17:36:24.937 (local)
0.172: SpUpdServiceStart: entered.
0.234: SpUpdServiceStart: starting…
0.234: [IsRebootedAfterServiceInstall] InstallTime: 0x1c725d6 23edf598, BootTime: 0x1c725d6 78d43270
0.453: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\Audiodev.dll …
0.453: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\Audiodev.dll
0.484: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\Audiodev.dll
0.515: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
0.515: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
0.578: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\Audiodev.dll
0.875: [RunProcess] CreateProcess Succeeded
1.578: [PerformInfInstructions] Done. Return code: 0
1.640: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmadmod.dll …
1.656: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmadmod.dll
1.672: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmadmod.dll
1.672: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
1.687: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
1.687: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmadmod.dll
1.718: [RunProcess] CreateProcess Succeeded
1.968: [PerformInfInstructions] Done. Return code: 0
1.984: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmspdmod.dll …
1.984: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmspdmod.dll
1.984: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmspdmod.dll
1.984: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
1.984: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
2.015: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmspdmod.dll
2.547: [RunProcess] CreateProcess Succeeded
3.187: [PerformInfInstructions] Done. Return code: 0
3.203: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmsdmod.dll …
3.203: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmsdmod.dll
3.203: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmsdmod.dll
3.218: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
3.218: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
3.218: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmsdmod.dll
3.218: [RunProcess] CreateProcess Succeeded
3.265: [PerformInfInstructions] Done. Return code: 0
3.265: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmvdmod.dll …
3.265: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmvdmod.dll
3.265: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmvdmod.dll
3.265: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
3.265: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
3.265: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmvdmod.dll
3.265: [RunProcess] CreateProcess Succeeded
3.375: [PerformInfInstructions] Done. Return code: 0
3.406: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\msnetobj.dll …
3.422: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\msnetobj.dll
3.422: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\msnetobj.dll
3.437: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
3.453: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
3.453: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\msnetobj.dll
3.453: [RunProcess] CreateProcess Succeeded
3.828: [PerformInfInstructions] Done. Return code: 0
3.859: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\drmv2clt.dll …
3.890: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\drmv2clt.dll
3.890: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\drmv2clt.dll
3.906: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
3.937: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
3.968: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\drmv2clt.dll
4.000: [RunProcess] CreateProcess Succeeded
4.468: [PerformInfInstructions] Done. Return code: 0
4.562: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\blackbox.dll …
4.656: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\blackbox.dll
4.687: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\blackbox.dll
4.734: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
4.781: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
4.797: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\blackbox.dll
4.843: [RunProcess] CreateProcess Succeeded
5.578: [PerformInfInstructions] Done. Return code: 0
5.656: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmdrmsdk.dll …
5.687: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmdrmsdk.dll
5.703: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmdrmsdk.dll
5.718: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
5.797: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
5.843: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmdrmsdk.dll
5.890: [RunProcess] CreateProcess Succeeded
6.453: [PerformInfInstructions] Done. Return code: 0
6.531: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVDECOD.dll …
6.562: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVDECOD.dll
6.578: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVDECOD.dll
6.609: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
6.625: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
6.656: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVDECOD.dll
6.672: [RunProcess] CreateProcess Succeeded
7.640: [PerformInfInstructions] Done. Return code: 0
7.703: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVENCOD.dll …
7.797: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVENCOD.dll
7.937: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVENCOD.dll
7.968: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
7.968: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
7.968: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVENCOD.dll
8.718: [RunProcess] CreateProcess Succeeded
9.765: [PerformInfInstructions] Done. Return code: 0
9.781: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVSENCD.dll …
9.859: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVSENCD.dll
9.968: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVSENCD.dll
9.984: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
9.984: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
10.000: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVSENCD.dll
10.015: [RunProcess] CreateProcess Succeeded
10.500: [PerformInfInstructions] Done. Return code: 0
10.562: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVSDECD.dll …
10.562: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVSDECD.dll
10.562: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVSDECD.dll
10.578: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
10.578: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
10.578: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVSDECD.dll
10.578: [RunProcess] CreateProcess Succeeded
12.250: [PerformInfInstructions] Done. Return code: 0
12.265: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVXENCD.dll …
12.281: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVXENCD.dll
12.281: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVXENCD.dll
12.281: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
12.297: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
12.297: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMVXENCD.dll
12.297: [RunProcess] CreateProcess Succeeded
13.093: [PerformInfInstructions] Done. Return code: 0
13.172: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MP4SDECD.dll …
13.234: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MP4SDECD.dll
13.265: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MP4SDECD.dll
13.312: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
13.343: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
13.343: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MP4SDECD.dll
13.359: [RunProcess] CreateProcess Succeeded
13.812: [PerformInfInstructions] Done. Return code: 0
13.890: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MP43DECD.dll …
13.906: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MP43DECD.dll
13.906: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MP43DECD.dll
13.922: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
13.922: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
13.922: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MP43DECD.dll
13.922: [RunProcess] CreateProcess Succeeded
14.109: [PerformInfInstructions] Done. Return code: 0
14.109: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MPG4DECD.dll …
14.109: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MPG4DECD.dll
14.125: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MPG4DECD.dll
14.125: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
14.125: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
14.125: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MPG4DECD.dll
14.140: [RunProcess] CreateProcess Succeeded
14.312: [PerformInfInstructions] Done. Return code: 0
14.328: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MSWMDM.dll …
14.328: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MSWMDM.dll
14.343: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MSWMDM.dll
14.343: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
14.343: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
14.359: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MSWMDM.dll
14.359: [RunProcess] CreateProcess Succeeded
14.687: [PerformInfInstructions] Done. Return code: 0
14.718: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MsPMSP.dll …
14.718: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MsPMSP.dll
14.765: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MsPMSP.dll
14.781: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
14.781: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
14.781: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MsPMSP.dll
14.781: [RunProcess] CreateProcess Succeeded
14.968: [PerformInfInstructions] Done. Return code: 0
15.000: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDMPS.dll …
15.000: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDMPS.dll
15.015: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDMPS.dll
15.015: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
15.015: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
15.015: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDMPS.dll
15.015: [RunProcess] CreateProcess Succeeded
15.125: [PerformInfInstructions] Done. Return code: 0
15.125: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDMLOG.dll …
15.125: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDMLOG.dll
15.125: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDMLOG.dll
15.125: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
15.140: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
15.156: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDMLOG.dll
15.218: [RunProcess] CreateProcess Succeeded
15.281: [PerformInfInstructions] Done. Return code: 0
15.281: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\cewmdm.dll …
15.281: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\cewmdm.dll
15.297: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\cewmdm.dll
15.297: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
15.297: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
15.297: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\cewmdm.dll
15.297: [RunProcess] CreateProcess Succeeded
15.453: [PerformInfInstructions] Done. Return code: 0
15.468: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MsPMSNSv.dll …
15.468: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MsPMSNSv.dll
15.468: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MsPMSNSv.dll
15.468: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
15.468: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
15.468: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MsPMSNSv.dll
15.484: [RunProcess] CreateProcess Succeeded
15.609: [PerformInfInstructions] Done. Return code: 0
15.625: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\laprxy.dll …
15.625: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\laprxy.dll
15.625: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\laprxy.dll
15.640: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
15.703: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
15.703: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\laprxy.dll
15.718: [RunProcess] CreateProcess Succeeded
15.797: [PerformInfInstructions] Done. Return code: 0
15.797: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmadmoe.dll …
15.812: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmadmoe.dll
15.812: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmadmoe.dll
15.812: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
15.968: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
16.140: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmadmoe.dll
16.250: [RunProcess] CreateProcess Succeeded
16.500: [PerformInfInstructions] Done. Return code: 0
16.578: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmspdmoe.dll …
16.593: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmspdmoe.dll
16.593: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmspdmoe.dll
16.593: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
16.609: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
16.609: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmspdmoe.dll
16.609: [RunProcess] CreateProcess Succeeded
17.172: [PerformInfInstructions] Done. Return code: 0
17.187: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\qasf.dll …
17.187: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\qasf.dll
17.187: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\qasf.dll
17.218: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
17.234: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
17.250: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\qasf.dll
17.250: [RunProcess] CreateProcess Succeeded
18.062: [PerformInfInstructions] Done. Return code: 0
18.203: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmnetmgr.dll …
18.250: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmnetmgr.dll
18.265: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmnetmgr.dll
18.297: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
18.297: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
18.343: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmnetmgr.dll
18.343: [RunProcess] CreateProcess Succeeded
18.640: [PerformInfInstructions] Done. Return code: 0
18.656: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmvcore.dll …
18.656: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmvcore.dll
18.656: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmvcore.dll
18.656: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
18.672: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
18.672: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmvcore.dll
18.672: [RunProcess] CreateProcess Succeeded
18.734: [PerformInfInstructions] Done. Return code: 0
18.734: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDRMNet.dll …
18.734: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDRMNet.dll
18.734: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDRMNet.dll
18.734: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
18.734: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
18.734: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDRMNet.dll
18.734: [RunProcess] CreateProcess Succeeded
18.797: [PerformInfInstructions] Done. Return code: 0
18.797: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDRMDev.dll …
18.797: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDRMDev.dll
18.812: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDRMDev.dll
18.812: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
18.812: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
18.812: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WMDRMDev.dll
18.812: [RunProcess] CreateProcess Succeeded
18.890: [PerformInfInstructions] Done. Return code: 0
18.890: [PerformInfInstructions] Running - C:\WINDOWS\system32\logagent.exe /RegServer …
18.890: [RunProcess] called with C:\WINDOWS\system32\logagent.exe /RegServer
18.890: [IsPointsToExecutable] called with C:\WINDOWS\system32\logagent.exe /RegServer
18.890: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\logagent.exe
18.890: [IsPointsToExecutable] C:\WINDOWS\system32\logagent.exe exists in C:\WINDOWS\system32
18.890: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\logagent.exe /RegServer
18.906: [RunProcess] CreateProcess Succeeded
19.031: [PerformInfInstructions] Done. Return code: 0
19.031: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdconns.dll …
19.031: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdconns.dll
19.031: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdconns.dll
19.031: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
19.031: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
19.031: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdconns.dll
19.047: [RunProcess] CreateProcess Succeeded
19.093: [PerformInfInstructions] Done. Return code: 0
19.125: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdsp.dll …
19.125: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdsp.dll
19.125: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdsp.dll
19.125: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
19.125: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
19.125: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdsp.dll
19.125: [RunProcess] CreateProcess Succeeded
19.234: [PerformInfInstructions] Done. Return code: 0
19.234: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WpdMtp.dll …
19.234: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WpdMtp.dll
19.234: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WpdMtp.dll
19.234: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
19.234: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
19.234: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WpdMtp.dll
19.234: [RunProcess] CreateProcess Succeeded
19.312: [PerformInfInstructions] Done. Return code: 0
19.312: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WpdMtpUS.dll …
19.312: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WpdMtpUS.dll
19.312: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WpdMtpUS.dll
19.312: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
19.312: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
19.312: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WpdMtpUS.dll
19.312: [RunProcess] CreateProcess Succeeded
19.375: [PerformInfInstructions] Done. Return code: 0
19.375: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceTypes.dll …
19.375: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceTypes.dll
19.375: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceTypes.dll
19.375: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
19.375: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
19.375: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceTypes.dll
19.375: [RunProcess] CreateProcess Succeeded
19.547: [PerformInfInstructions] Done. Return code: 0
19.547: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceClassExtension.dll …
19.547: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceClassExtension.dll
19.547: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceClassExtension.dll
19.547: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
19.547: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
19.547: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceClassExtension.dll
19.547: [RunProcess] CreateProcess Succeeded
19.625: [PerformInfInstructions] Done. Return code: 0
19.625: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceApi.dll …
19.625: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceApi.dll
19.625: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceApi.dll
19.625: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
19.625: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
19.672: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceApi.dll
19.750: [RunProcess] CreateProcess Succeeded
19.984: [PerformInfInstructions] Done. Return code: 0
19.984: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceWMDRM.dll …
19.984: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceWMDRM.dll
19.984: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceWMDRM.dll
19.984: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
19.984: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
19.984: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceWMDRM.dll
19.984: [RunProcess] CreateProcess Succeeded
20.078: [PerformInfInstructions] Done. Return code: 0
20.078: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceWiaCompat.dll …
20.078: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
20.078: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
20.078: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
20.078: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
20.078: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
20.078: [RunProcess] CreateProcess Succeeded
20.172: [PerformInfInstructions] Done. Return code: 0
20.187: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdshext.dll …
20.187: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdshext.dll
20.187: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdshext.dll
20.187: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
20.187: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
20.187: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wpdshext.dll
20.187: [RunProcess] CreateProcess Succeeded
20.312: [PerformInfInstructions] Done. Return code: 0
20.312: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WPDShServiceObj.dll …
20.312: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WPDShServiceObj.dll
20.312: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WPDShServiceObj.dll
20.312: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
20.312: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
20.312: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\WPDShServiceObj.dll
20.312: [RunProcess] CreateProcess Succeeded
20.375: [PerformInfInstructions] Done. Return code: 0
20.375: [PerformInfInstructions] Running - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wpd_ci.dll,DoCmd remove rescan …
20.375: [RunProcess] called with C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wpd_ci.dll,DoCmd remove rescan
20.375: [IsPointsToExecutable] called with C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wpd_ci.dll,DoCmd remove rescan
20.390: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\rundll32.exe
20.390: [IsPointsToExecutable] C:\WINDOWS\system32\rundll32.exe exists in C:\WINDOWS\system32
20.390: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wpd_ci.dll,DoCmd remove rescan
20.390: [RunProcess] CreateProcess Succeeded
20.531: [PerformInfInstructions] Done. Return code: 0
20.531: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MSSCP.dll …
20.531: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MSSCP.dll
20.531: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MSSCP.dll
20.531: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
20.531: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
20.531: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\MSSCP.dll
20.547: [RunProcess] CreateProcess Succeeded
20.656: [PerformInfInstructions] Done. Return code: 0
20.656: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpeffects.dll …
20.656: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpeffects.dll
20.656: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpeffects.dll
20.656: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
20.656: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
20.656: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpeffects.dll
20.656: [RunProcess] CreateProcess Succeeded
20.750: [PerformInfInstructions] Done. Return code: 0
20.750: [PerformInfInstructions] Running - C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPNetwk.exe”” install …
20.750: [RunProcess] called with C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPNetwk.exe”” install
20.750: [IsPointsToExecutable] called with C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPNetwk.exe”” install
20.750: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\cmd.exe
20.750: [IsPointsToExecutable] C:\WINDOWS\system32\cmd.exe exists in C:\WINDOWS\system32
20.750: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPNetwk.exe”” install
20.750: [RunProcess] CreateProcess Succeeded
21.156: [PerformInfInstructions] Done. Return code: 0
21.156: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\msdxm.ocx …
21.156: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\msdxm.ocx
21.156: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\msdxm.ocx
21.156: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
21.156: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
21.156: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\msdxm.ocx
21.172: [RunProcess] CreateProcess Succeeded
21.734: [PerformInfInstructions] Done. Return code: 0
21.734: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmp.dll …
21.734: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmp.dll
21.734: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmp.dll
21.734: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
21.734: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
21.734: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmp.dll
21.750: [RunProcess] CreateProcess Succeeded
22.765: [PerformInfInstructions] Done. Return code: 0
22.765: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpshell.dll …
22.765: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpshell.dll
22.765: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpshell.dll
22.765: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
22.765: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
22.765: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpshell.dll
22.765: [RunProcess] CreateProcess Succeeded
22.890: [PerformInfInstructions] Done. Return code: 0
22.890: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpdxm.dll …
22.890: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpdxm.dll
22.906: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpdxm.dll
22.906: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
22.906: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
22.906: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpdxm.dll
22.906: [RunProcess] CreateProcess Succeeded
23.031: [PerformInfInstructions] Done. Return code: 0
23.031: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpasf.dll …
23.031: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpasf.dll
23.031: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpasf.dll
23.031: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
23.031: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
23.031: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpasf.dll
23.047: [RunProcess] CreateProcess Succeeded
23.109: [PerformInfInstructions] Done. Return code: 0
23.109: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpencen.dll …
23.109: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpencen.dll
23.109: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpencen.dll
23.125: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
23.125: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
23.125: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpencen.dll
23.125: [RunProcess] CreateProcess Succeeded
23.375: [PerformInfInstructions] Done. Return code: 0
23.375: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpsrcwp.dll …
23.375: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpsrcwp.dll
23.390: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpsrcwp.dll
23.390: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
23.390: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
23.390: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpsrcwp.dll
23.390: [RunProcess] CreateProcess Succeeded
23.531: [PerformInfInstructions] Done. Return code: 0
23.531: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\mpvis.dll” …
23.531: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\mpvis.dll”
23.531: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\mpvis.dll”
23.531: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
23.531: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
23.531: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\mpvis.dll”
23.531: [RunProcess] CreateProcess Succeeded
23.625: [PerformInfInstructions] Done. Return code: 0
23.625: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\wmpband.dll” …
23.625: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\wmpband.dll”
23.625: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\wmpband.dll”
23.625: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
23.625: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
23.625: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\wmpband.dll”
23.625: [RunProcess] CreateProcess Succeeded
23.718: [PerformInfInstructions] Done. Return code: 0
23.718: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\l3codecp.acm …
23.718: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\l3codecp.acm
23.718: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\l3codecp.acm
23.718: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
23.718: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
23.718: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\l3codecp.acm
23.718: [RunProcess] CreateProcess Succeeded
23.797: [PerformInfInstructions] Done. Return code: 0
23.797: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpeffects.dll …
23.797: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpeffects.dll
23.797: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpeffects.dll
23.812: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
23.812: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
23.812: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpeffects.dll
23.812: [RunProcess] CreateProcess Succeeded
23.859: [PerformInfInstructions] Done. Return code: 0
23.859: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpps.dll …
23.859: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpps.dll
23.859: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpps.dll
23.859: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
23.859: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
23.859: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\wmpps.dll
23.859: [RunProcess] CreateProcess Succeeded
23.937: [PerformInfInstructions] Done. Return code: 0
23.937: [PerformInfInstructions] Running - C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPEnc.exe” /RegServer” …
23.937: [RunProcess] called with C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPEnc.exe” /RegServer”
23.937: [IsPointsToExecutable] called with C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPEnc.exe” /RegServer”
23.937: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\cmd.exe
23.937: [IsPointsToExecutable] C:\WINDOWS\system32\cmd.exe exists in C:\WINDOWS\system32
23.937: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPEnc.exe” /RegServer”
23.937: [RunProcess] CreateProcess Succeeded
24.062: [RunProcess] Process spawned returned error. Process: C:\WINDOWS\system32\cmd.exe /C ““C:\Program Files\Windows Media Player\WMPEnc.exe” /RegServer”, Exitcode: 0x80029c4a
24.062: [PerformInfInstructions] Done. Return code: 0
24.062: [PerformInfInstructions] Running - C:\WINDOWS\inf\unregmp2.exe /Shortcuts /RegExts /ObfuscateSyncPlaylists /MigrateWMC …
24.062: [RunProcess] called with C:\WINDOWS\inf\unregmp2.exe /Shortcuts /RegExts /ObfuscateSyncPlaylists /MigrateWMC
24.062: [IsPointsToExecutable] called with C:\WINDOWS\inf\unregmp2.exe /Shortcuts /RegExts /ObfuscateSyncPlaylists /MigrateWMC
24.062: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\inf\unregmp2.exe
24.062: [IsPointsToExecutable] C:\WINDOWS\inf\unregmp2.exe exists in C:\WINDOWS\inf
24.062: [RunProcess] calling CreateProcess for C:\WINDOWS\inf\unregmp2.exe /Shortcuts /RegExts /ObfuscateSyncPlaylists /MigrateWMC
24.062: [RunProcess] CreateProcess Succeeded
24.750: [PerformInfInstructions] Done. Return code: 0
24.750: [PerformInfInstructions] Running - C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\wmpnssci.dll” …
24.750: [RunProcess] called with C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\wmpnssci.dll”
24.750: [IsPointsToExecutable] called with C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\wmpnssci.dll”
24.750: [IsPointsToExecutable] checking for the presence of C:\WINDOWS\system32\regsvr32.exe
24.750: [IsPointsToExecutable] C:\WINDOWS\system32\regsvr32.exe exists in C:\WINDOWS\system32
24.750: [RunProcess] calling CreateProcess for C:\WINDOWS\system32\regsvr32.exe /s “C:\Program Files\Windows Media Player\wmpnssci.dll”
24.750: [RunProcess] CreateProcess Succeeded
24.843: [PerformInfInstructions] Done. Return code: 0
24.843: [PerformInfInstructions] Running - “C:\Program Files\Windows Media Player\WMPNetwk.exe” install …
24.843: [RunProcess] called with “C:\Program Files\Windows Media Player\WMPNetwk.exe” install
24.843: [IsPointsToExecutable] called with “C:\Program Files\Windows Media Player\WMPNetwk.exe” install
24.843: [IsPointsToExecutable] checking for the presence of “C:\Program Files\Windows Media Player\WMPNetwk.exe”
24.843: [IsPointsToExecutable] File Not found “C:\Program Files\Windows Media Player\WMPNetwk.exe”. GetfileAttributes returned 0xffffffff
24.843: [PerformInfInstructions] Done. Return code: 2
24.843: [PerformInfInstructions] SetupFindFirstLine returned error 0xe0000102 for section ProcessesToRunAfterReboot
24.843: [ProcessPostBootInf] Deleted C:\WINDOWS\system32\spupdsvc.inf at the end of ProcessPostBootInf
24.859: [SpUpdServiceStart] Deleted Service, job done. Returning the Main Thread
Hi
"Warezov" is usually in a "family" of "Worms", so would recommend you use
1 or more antiSPYWARE/antiTROJAN/antiWORM programs, such as the
"trial" version of "AVG Antispyware" at www.ewido.net and/or the FREE
version of "SUPERantispyware" at www.superantispyware.com .
spupdsvc.log is unrelated to Win32:Warezov-MV. It is a log created by the Windows Package Installer
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/deployment/winupdte.mspx#ELWAG
Spupdsvc.log It might be necessary for a software update to run certain processes after restarting the computer. This is handled by the file Spupdsvc.exe, and its actions are logged in %windir%\spupdsvc.log. It documents whether every process that it was required to run was properly executed. Problems are logged using standard Windows error codes.
I think the log you posted is related to the Windows Media Player 11 update.
In addition to what Spiritsongs posted I would run an avast boot scan.
Also, please post the exact file name and path detected as Warezov and let us know your operating system and whether or not you have a third party firewall.
I delete it.
It was a spam bot.
program CureIt from Dr.WEB
Thanks for the follow up. Its good to know its gone.
And welcome to the forum.