Start::
CloseProcesses:
CreateRestorePoint:
C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-01-20] (Sun Microsystems, Inc.)
URLSearchHook: HKU\S-1-5-21-953755312-1047696154-580582300-1000 - (No Name) - {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (Mindspark)
SearchScopes: HKLM -> {01D06E48-6776-454C-96B2-1277242A0D81} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {A93180A4-8A75-40A7-9F44-A5FB67EEE80E} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {01D06E48-6776-454C-96B2-1277242A0D81} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = hxxp://search.tb.ask.com/search
/GGmain.jhtml?p2=^ZX^xdm520^S11230^us&si=CD14684&ptb=6C0E88AB-D151-41C7-B869-84DCEE34AD43&ind=2014102116&n=780cc264&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 -> {A93180A4-8A75-40A7-9F44-A5FB67EEE80E} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKU\.DEFAULT -> DefaultScope {01D06E48-6776-454C-96B2-1277242A0D81} URL =
SearchScopes: HKU\S-1-5-21-953755312-1047696154-580582300-1000 -> {01D06E48-6776-454C-96B2-1277242A0D81} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-953755312-1047696154-580582300-1000 -> {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZX^xdm520^S11230^us&si=CD14684&ptb=6C0E88AB-D151-41C7-B869-84DCEE34AD43&ind=2014102116&n=780cc264&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-953755312-1047696154-580582300-1000 -> {A93180A4-8A75-40A7-9F44-A5FB67EEE80E} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-20] (Sun Microsystems, Inc.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-03-15] (Yahoo! Inc.)
BHO-x32: Toolbar BHO -> {48909954-14fb-4971-a7b3-47e7af10b38a} -> C:\Program Files (x86)\RADIOR~2\bar\1.bin\4jbar.dll => No File
BHO-x32: Search Assistant BHO -> {5848763c-2668-44ca-adbe-2999a6ee2858} -> C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll [2014-10-21] (Mindspark)
BHO-x32: No Name -> {9D425283-D487-4337-BAB6-AB8354A81457} -> No File
BHO-x32: Ask.com Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09] (Sun Microsystems, Inc.)
BHO-x32: Webroot Browser Helper Object -> {e08861fe-8847-4b2a-8ec2-08edb20e4020} -> C:\Program Files (x86)\Webroot\Security\current\products\WISE\toolbar\LPBar.dll => No File
Toolbar: HKLM-x32 - Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Webroot Toolbar - {d84a64a0-f2b2-4975-b264-3a3bce8d57d6} - C:\Program Files (x86)\Webroot\Security\current\products\WISE\toolbar\LPBar.dll No File
Toolbar: HKLM-x32 - No Name - {9D425283-D487-4337-BAB6-AB8354A81457} - No File
Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll [2014-10-21] (Mindspark)
Toolbar: HKU\.DEFAULT -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-953755312-1047696154-580582300-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-953755312-1047696154-580582300-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-953755312-1047696154-580582300-1000 -> No Name - {9D425283-D487-4337-BAB6-AB8354A81457} - No File
CHR NewTab: Default -> Active:"chrome-extension://ijjnmdphpnlnelhbhefnfmimenjgbfcn/newtabproduct.html", Not-active:"chrome-extension://ceopoaldcnmhechacafgagdkklcogkgd/newtabproduct.html"
R2 RadioRage_4jService; C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe [90696 2014-10-21] (Mindspark)
R2 RadioRage_4jService
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {6B78A880-15CA-468f-8422-A7960AD6FBB9} => C:\Program Files (x86)\Webroot\Security\current\plugins\sync\WebRootShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {4EE7A346-5845-471e-9FAB-002EAF83F8B0} => C:\Program Files (x86)\Webroot\Security\current\plugins\sync\WebRootShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {53DABC15-4F29-44ad-B09A-E0D0F9A3D075} => C:\Program Files (x86)\Webroot\Security\current\plugins\sync\WebRootShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {493FC96E-B938-4924-9B38-C4088E9B8AC2} => C:\Program Files (x86)\Webroot\Security\current\plugins\sync\WebRootShellExt_x64.dll -> No File
ContextMenuHandlers1: [SugarSync] -> {B3EBAFF9-4F61-4f66-8340-A35895D3A9D3} => C:\Program Files (x86)\Webroot\Security\current\plugins\sync\WebRootShellExt_x64.dll -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {035BEF8B-CF03-48C2-AF35-D22C43495FC9} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {0EF2EF71-D4AA-4D83-9496-A95DC0BF7544} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0FC21B1D-A3A4-43A6-AAE6-D7BCD13DFF94} - System32\Tasks\{54730CEC-ED05-42A3-A9FD-2E6C53C3EB60} => C:\Windows\system32\pcalua.exe -a C:\Users\Weilands\AppData\Local\Temp\Temp1_InstallRoot_v3.15A.zip\InstallRoot_v3.15A.exe <==== ATTENTION
Task: {24948F8D-D0F7-4078-90C7-30E05CED4F09} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3F955CD7-6C59-4DBD-839E-C8C882E9C910} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4F49ED78-61BF-4630-AE18-E990078E7426} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {51DABAB1-CFEC-4AE9-B39C-05746C16E8A6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7B1937FE-A960-44ED-AF84-09BE362B18A3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {90EC1218-D802-42DC-99D1-9C1809D41F24} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {ABFC489B-253C-4476-83FA-F72310AA3275} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {ADADA255-30B6-458B-8209-9D55A4EC4C6D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B4A2101D-5ED7-4D06-9CC4-A3AD77DA2502} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {C34B523F-FECE-4A29-92FD-7EA4072F55E9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C6FD495F-8F51-46B3-B384-A0E425A32158} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EB1F39D8-9032-4091-BB15-B679F12693EF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
C:\Windows\Temp\*.*
Emptytemp:
End::