start
CreateRestorePoint:
CloseProcesses:
C:\Users\Ed\AppData\Local\NowUSeeItPlayer\NowUSeeItPlayerBrowser.exe
HKU\S-1-5-21-3659970256-991337627-2867597209-1001\...\Run: [NowUSeeIt Player] => "C:\Program Files\NowUSeeItPlayer\NowUSeeItPlayer.exe" /autostart=1
S3 eapihdrv; \??\C:\Users\Ed\AppData\Local\Temp\ehdrv.sys [X]
2016-03-10 06:51 - 2016-03-10 06:52 - 00000000 ____D C:\Users\Ed\AppData\Local\NowUSeeItPlayer
C:\Users\Ed\AppData\Local\Temp\avguirn_082078590991.exe
C:\Users\Ed\AppData\Local\Temp\avguirn_08802052559.exe
C:\Users\Ed\AppData\Local\Temp\avguirn_0883239166.exe
C:\Users\Ed\AppData\Local\NowUSeeItPlayer\NowUSeeItPlayerBrowser.exe
C:\Users\Ed\AppData\Local\NowUSeeItPlayer\libcef.dll
EmptyTemp:
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
End