HKLM Group Policy restriction on software: %appdata%\pdf reader packages\uninstaller.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\pdf reader packages\uninstaller.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\pdf reader packages\uninstaller.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\pdf reader packages\uninstaller.exe <====== ATTENTION HKU\S-1-5-21-33795446-1446344522-1645180631-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKU\S-1-5-21-33795446-1446344522-1645180631-1004 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION HKU\S-1-5-21-33795446-1446344522-1645180631-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKU\S-1-5-21-33795446-1446344522-1645180631-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION GroupPolicyUsers\S-1-5-21-33795446-1446344522-1645180631-1004\User: Group Policy Restriction detected <======= ATTENTION CHR HKU\S-1-5-21-33795446-1446344522-1645180631-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKU\S-1-5-21-33795446-1446344522-1645180631-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKU\S-1-5-21-33795446-1446344522-1645180631-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-33795446-1446344522-1645180631-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.searc...p={searchTerms} SearchScopes: HKU\S-1-5-21-33795446-1446344522-1645180631-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-33795446-1446344522-1645180631-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-33795446-1446344522-1645180631-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-33795446-1446344522-1645180631-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-33795446-1446344522-1645180631-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKU\S-1-5-21-33795446-1446344522-1645180631-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No File Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll [2014-06-03] (AVG Secure Search) C:\%appdata%\pdf reader packages C:\%userprofile%\AppData\Roaming\pdf reader packages C:\Program Files (x86)\Common Files\AVG Secure Search FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File C:\Windows\system32\꘰ä C:\Users\Adam Rosenfeld\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpum2kfw.dll C:\Users\Adam Rosenfeld\AppData\Local\Temp\vlc-2.2.1-win32.exe C:\Users\Kids\AppData\Local\Temp\GUR9F70.exe LyriXeeker-1 (HKLM-x32\...\LyriXeeker-1) (Version: 1.28.153.3 - Lyrics) <==== ATTENTION CustomCLSID: HKU\S-1-5-21-33795446-1446344522-1645180631-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Adam Rosenfeld\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-33795446-1446344522-1645180631-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Adam Rosenfeld\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-33795446-1446344522-1645180631-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Adam Rosenfeld\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-33795446-1446344522-1645180631-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Adam Rosenfeld\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-33795446-1446344522-1645180631-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Adam Rosenfeld\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-33795446-1446344522-1645180631-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Adam Rosenfeld\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File Task: {0D878740-5D72-4B4A-B533-FFCA19BBF190} - System32\Tasks\LyriXeeker-1-chromeinstaller => C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-chromeinstaller.exe ask: {51C81DAE-CA32-4B6A-89E3-717B9F66F2C9} - System32\Tasks\LyriXeeker-1-codedownloader => C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-codedownloader.exe Task: {632DE900-7D21-467A-A8B8-4BD924642D50} - System32\Tasks\LyriXeeker-1-updater => C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-updater.exe Task: {6EF8A6FC-1A97-4A60-96DE-59F8FDF84363} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION C:\Program Files (x86)\Ask.com Task: {CE1EB12E-EF9C-4CB4-AE13-436B1A4FEC85} - \DealPlyUpdate No Task File <==== ATTENTION Task: {E84B5E8C-CBA5-4345-BB1C-036F87F673C4} - System32\Tasks\LyriXeeker-1-enabler => C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-enabler.exe CMD: ipconfig /flushdns EmptyTemp: