CreateRestorePoint:
() C:\ProgramData\boostwebapp\1.1.0.31\mohqwban.EXE
() C:\ProgramData\boostwebapp\1.1.0.31\GaaflaCoce.exe
() C:\ProgramData\boostwebapp\1.1.0.31\mohqaban.EXE
() C:\ProgramData\boostwebapp\1.1.0.31\Zutadye.EXE
() C:\ProgramData\boostwebapp\1.1.0.31\mohqdban.exe
C:\ProgramData\boostwebapp
() C:\Windows\mtnj.exe
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3769467500-3583379074-2392525900-1002\...\Run: [PCKeeper2] => "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
C:\Program Files\Kromtech
Startup: C:\Users\tsutton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-05-04]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{e1453844-7f13-c9fa-e145-538447f1e111}\hqghumeaylnlf.exe (No File)
C:\ProgramData\{e1453844-7f13-c9fa-e145-538447f1e111}
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Locked "esegixy" service could not be unlocked. <===== ATTENTION
Locked "HowgazJuldo" service could not be unlocked. <===== ATTENTION
Locked "mespelcamm" service could not be unlocked. <===== ATTENTION
Locked "tammgF119" service could not be unlocked. <===== ATTENTION
Locked "tammgR119" service could not be unlocked. <===== ATTENTION
R2 mtnj; c:\windows\mtnj.exe [408576 2015-05-04] () [File not signed]
S4 tnj; c:\windows\tnj.exe [417792 2015-05-04] () [File not signed]
c:\windows\tnj.exe
R3 Zutadye; C:\ProgramData\boostwebapp\1.1.0.31\Zutadye.exe [0 ] () <==== ATTENTION (zero size file/folder)
R5 tammgF119; C:\Windows\System32\Drivers\tammgF119.sys [34952 2015-05-04] () [File not signed]
R5 tammgR119; C:\Windows\System32\Drivers\tammgR119.sys [36488 2015-05-04] () [File not signed]
C:\Windows\System32\Drivers\tammgF119.sys
C:\Windows\System32\Drivers\tammgR119.sys
2015-05-04 13:19 - 2015-05-04 13:19 - 00001020 _____ () C:\Windows\Tasks\eWIXeY4wGiRJ.job
2015-05-04 13:18 - 2015-05-04 13:18 - 00000000 ____D () C:\Users\tsutton\AppData\Local\Bypass
2015-05-04 13:18 - 2015-05-04 13:18 - 00000000 ____D () C:\ProgramData\o
2015-05-04 13:18 - 2015-05-04 13:18 - 00000000 ____D () C:\Program Files (x86)\S5
2015-05-04 13:06 - 2015-05-04 14:04 - 00000000 ___HD () C:\ProgramData\tnj
2015-05-04 13:03 - 2015-05-04 13:03 - 00631296 _____ () C:\Windows\tnj.dat
2015-05-04 13:03 - 2015-05-04 13:03 - 00417792 _____ () C:\Windows\tnj.exe
2015-05-04 13:03 - 2015-05-04 13:03 - 00408576 _____ () C:\Windows\mtnj.exe
2015-05-04 12:07 - 2015-05-04 12:07 - 00000000 ____D () C:\Users\tsutton\Documents\Optimizer Pro
2015-05-04 12:02 - 2015-05-04 16:51 - 00004720 _____ () C:\Windows\SysWOW64\Zutadye.ini
2015-05-04 12:02 - 2015-05-04 16:51 - 00002624 _____ () C:\Windows\SysWOW64\ZutadyeOff.ini
2015-05-04 12:02 - 2015-05-04 16:51 - 00002624 _____ () C:\Windows\system32\ZutadyeOff.ini
2015-05-04 12:02 - 2015-05-04 12:02 - 00000000 ____D () C:\ProgramData\boostwebapp
2015-05-04 12:02 - 2015-05-04 11:08 - 00398336 _____ () C:\Windows\system32\Zutadye64.dll
2015-05-04 12:02 - 2015-05-04 11:08 - 00329216 _____ () C:\Windows\SysWOW64\Zutadye.dll
2015-05-04 12:01 - 2015-05-04 12:01 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-05-04 12:01 - 2015-05-04 12:01 - 00000000 ____D () C:\Users\tsutton\AppData\Local\Zeoinsight
2015-05-04 12:01 - 2015-05-04 12:01 - 00000000 ____D () C:\Users\tsutton\AppData\Local\ZBAnalyticsCore
Task: {098FB0E7-6BC9-4777-80A9-508686258A06} - \PCDEventLauncherTask No Task File <==== ATTENTION
Task: {AABA3FA7-6D8F-41E5-A268-481811E08430} - \Optimize Start Menu Cache Files-S-1-5-21-3769467500-3583379074-2392525900-1002 No Task File <==== ATTENTION
Task: {B37A962E-C8F7-47C3-9694-7D32B7015C36} - \Optimize Start Menu Cache Files-S-1-5-21-3203721793-3198379332-896013655-6197 No Task File <==== ATTENTION
Task: {C04F3477-8263-4F39-8271-4EBF704587BF} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
Task: {C69E6A07-0922-4626-8C16-931C588045C8} - \Optimize Start Menu Cache Files-S-1-5-21-3769467500-3583379074-2392525900-1001 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\eWIXeY4wGiRJ.job => C:\Users\tsutton\AppData\Roaming\eWIXeY4wGiRJ.exe <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Zutadye => ""="service"
EmptyTemp: