悪代官の伏魔殿掲示板

ブックマークに行きたいのに、時々ＤＭＭや警告/警という全面広告に飛ばされてしまいます。
その時は拡張機能のところに、見慣れないものが自動的に追加されていてそれさえ削除していれば症状は治まっていたのですが、今はその拡張機能に不振なものが表示されていなくても広告表示がみられます。

数ヶ月前に、オプティマイザープロというソフトを間違ってダウンロードしてしまってからパソコンがおかしいです。削除したつもりですが、残骸が残っている可能性もあります。


今まではGoogle Chromeを使っていましたが、推奨ではないのでインターネットエクスプローラーにこれから切り替えていこうと思います。

ＰＣに関しては詳しくないので、解決までにお手間を取らせてしまうとは思いますがなにとぞよろしくお願いいたします。


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:44:41, on 2015/04/18
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
CHROME: 42.0.2311.90

Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\pc user\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\pc user\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\pc user\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
C:\Program Files\NTTW\StartUpToolN\StartUpTool_w.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\EPSON\MyEPSON Connect\mep.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc user\Downloads\HijackThis.exe
C:\Users\pc user\AppData\Local\Google\Chrome\Application\chrome.exe

O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\NTTW\Security\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\ypho.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O2 - BHO: E-Photo - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\Epson Software\E-Photo\EPTBL.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\Security\AMSP\Module\20002\7.5.1144\7.5.1144\TmBpIe32.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll
O3 - Toolbar: セキュリティツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: E-Photo - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\Epson Software\E-Photo\EPTBL.dll
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
O4 - HKLM\..\Run: [NTTW_OSA_AUS] "C:\Program Files\NTTW\OSA_Aus\acs.exe" -silent
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\pc user\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Google Update] "C:\Users\pc user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplicationManager] C:\Users\pc user\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
O4 - Global Startup: スタートアップツール.lnk = ?
O9 - Extra button: 故障かな？と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files\NTTW\OSA_SupportTool\start_w.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{892FD758-0C1F-4701-949C-42276264BE02}: NameServer = 202.238.95.24 202.238.95.26
O17 - HKLM\System\CS1\Services\Tcpip\..\{892FD758-0C1F-4701-949C-42276264BE02}: NameServer = 202.238.95.24 202.238.95.26
O17 - HKLM\System\CS2\Services\Tcpip\..\{892FD758-0C1F-4701-949C-42276264BE02}: NameServer = 202.238.95.24 202.238.95.26
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\Security\AMSP\Module\20002\7.5.1144\7.5.1144\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\NTTW\Security\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Baidu Japanese IME Service_3.5.2.45 (BaiduJP_IME_Service_3.5.2.45) - Unknown owner - C:\Program Files\Baidu\IME\3.5.2.45\BaiduJPServ.exe (file missing)
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MyEPSON Connect Service - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\MyEPSON Connect\mepService.exe

--
End of file - 6948 bytes


Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 2014/05/27 6.00 MB 11.9.900.117
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2014/12/31 203 MB 11.0.10
AnyTrans 3.6.9 iMobie Inc. 2014/02/01 38.5 MB 3.6.9
Apple Application Support（32 ビット） Apple Inc. 2015/04/14 95.4 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/03/04 22.5 MB 8.1.1.3
Apple Software Update Apple Inc. 2012/08/04 2.38 MB 2.1.3.127
ApplicationManager 2011.4.27.209 kingsoft 2012/10/07 2011.4.27.209
Baidu IME 3.5 Baidu Japan Inc. 2014/09/29 3.5
Bonjour Apple Inc. 2012/08/04 0.98 MB 3.0.0.10
CCleaner Piriform 2015/04/18 5.04
Epson E-Photo SEIKO EPSON CORPORATION 2015/01/04 1.5.1.0
Epson E-Web Print SEIKO EPSON CORPORATION 2015/01/04 9.22 MB 1.21.0000
Epson Event Manager Seiko Epson Corporation 2015/01/04 38.3 MB 3.10.0035
EPSON PX-046A Series プリンター アンインストール SEIKO EPSON Corporation 2014/07/28
EPSON Scan Seiko Epson Corporation 2014/07/27
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2014/07/27 1.33.0000
EPSON ﾏﾆｭｱﾙ SEIKO EPSON CORPORATION 2015/01/11 12.0 KB 1.0.1.0
EpsonNet Print SEIKO EPSON CORPORATION 2014/07/27 2.6.0
f.lux 2014/11/23
Google Chrome Google Inc. 2012/08/04 42.0.2311.90
iCloud Apple Inc. 2015/01/06 60.1 MB 4.0.6.28
iTunes Apple Inc. 2015/04/14 221 MB 12.1.2.27
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/28 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/03/02 2.93 MB 4.5.50938
Microsoft Silverlight Microsoft Corporation 2014/07/25 44.8 MB 5.1.30514.0
MyEPSON Portal SEIKO EPSON Corporation 2014/07/27
NTT西日本 リモートサポートツール 西日本電信電話株式会社 2014/05/27
PhoneClean 3.2.1 iMobie Inc. 2014/02/01 16.4 MB 3.2.1
Software Updater SEIKO EPSON CORPORATION 2015/01/04 9.70 MB 4.3.3
Yahoo!ツールバー Yahoo! JAPAN. 2012/10/07 2.76 MB 7.3.0.18
スタートアップツール 西日本電信電話株式会社 2014/05/27 2.61 MB 7.3
セキュリティ対策ツール 西日本電信電話株式会社 2014/05/27 450 MB 6.11
セキュリティ申込・設定ツール 西日本電信電話株式会社 2014/07/28 3.59 MB 7.0.0.2
診断復旧ツール 西日本電信電話株式会社 2014/05/27 23.5 MB

こんばんは。
ここの管理人の悪代官です。
夜8時45分頃に成敗されるのが嫌なので、日アサ8時45分頃の美少女戦士にお仕置きの「喝！」をくらってます（←とっととおうちに帰りなさい

説明とログを見せていただきました。

>オプティマイザープロというソフトを間違ってダウンロードしてしまってからパソコンがおかしいです

なるほど、悪名高い迷惑アプリですね。まだこれも生きて暴れているようですか。
しかもf.luxまで食らってますね。
この名前を見たのは数年ぶりでしょうか。これも以前に相談受けたことがあります。

でもこの伏魔殿に来たからには年貢の納め時です（←この辺が悪代官

向こうは悪名高くても、こちらはもうすぐ他界して悪霊になる予定なので大丈夫です（何がだよ

全部片付くまでにはどうしても手間はかけてもらう必要があるので、時間はかかってもいいですから落ち着いてひとつずつ確実に進めてください。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」（通称：GU）
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」（通称：CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

「AdwCleaner」（通称：AC）
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

少なくとも下記のアプリは旧バージョンです。
>Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 2014/05/27 6.00 MB 11.9.900.117

各種アプリの更新を怠っただけでも、脆弱性を悪用されて深刻な感染はあっさり起きます。
使うなら最新版に更新してください。使わないアプリならアンインストールが安全です。
他にも旧バージョンないか調べて、あれば同様に更新するか、アンインストールしてください。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

次にここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

今度はPCをセーフモードで起動してください（やり方↓）
http://www.pc-master.jp/sousa/s-safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
>ApplicationManager 2011.4.27.209 kingsoft 2012/10/07 2011.4.27.209

>Baidu IME 3.5 Baidu Japan Inc. 2014/09/29 3.5

>f.lux 2014/11/23

続いてセーフモードのままでスタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
>O4 - HKCU\..\Run: [f.lux] "C:\Users\pc user\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow

>O4 - HKCU\..\Run: [ApplicationManager] C:\Users\pc user\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe

>O23 - Service: Baidu Japanese IME Service_3.5.2.45 (BaiduJP_IME_Service_3.5.2.45) - Unknown owner - C:\Program Files\Baidu\IME\3.5.2.45\BaiduJPServ.exe (file missing)

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

マイコンピュータのCドライブを開いて、下記のフォルダを探して、見つかればゴミ箱に削除してください。
>C:\Users\pc user\AppData\Local\FluxSoftware

>C:\Users\pc user\AppData\Roaming\ApplicationManager

>C:\Program Files\Baidu

今度は先にも起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

今度はCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

続いて「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。
ただし、「コンテキストメニュー」のログは取らなくていいです。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、ACとCCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

こんにちは！
お忙しい中、早速の回答ありがとうございます。
とっととおうちに帰りなさい、懐かしいですね 笑

f.luxはブルーライト対策（夜になると画面が暗く黄色っぽくなる）で入れたのですが、あまり良くないのですね。
指示下さった作業を一通り終えましたので、確認をお願いします。


# AdwCleaner v4.201 - ログファイルの作成日 19/04/2015 作成時間 11:06:28
# 更新日 08/04/2015 作成元 Xplode
# データベース : 2015-04-08.1 [ローカル]
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (x86)
# ユーザー名 : pc user - PCUSER-PC
# 実行場所 : C:\Users\pc user\Desktop\adwcleaner_4.201.exe
# オプション : 削除

***** [ サービス ] *****


***** [ ファイル / フォルダ ] *****

フォルダ 削除済み項目 : C:\Users\pc user\AppData\LocalLow\baidu
ファイル 削除済み項目 : C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjpglkicenollcignonpgiafdgfeehoj
ファイル 削除済み項目 : C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fdloijijlkoblmigdofommgnheckmaki
ファイル 削除済み項目 : C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0
ファイル 削除済み項目 : C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam

***** [ スケジュールタスク ] *****


***** [ ショートカット ] *****


***** [ レジストリ ] *****


***** [ Webブラウザ ] *****


【CC】

※Windows

無効 EPLTarget
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
有効 HKCU:Run Google Update Google Inc. "C:\Users\pc user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
有効 HKCU:Run iCloudServices Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
有効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
有効 HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NTTW_OSA_AUS 西日本電信電話株式会社 "C:\Program Files\NTTW\OSA_Aus\acs.exe" -silent
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run Trend Micro Titanium Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
有効 Startup Common スタートアップツール.lnk C:\Windows\Installer\{A162AF3F-7908-44E1-A072-67FB887A9517}\_3B47FDE35444B41F912355.exe


※InternetExplorer

有効 Extension 故障かな？と思ったら・・・ 西日本電信電話株式会社 C:\Program Files\NTTW\OSA_SupportTool\start_w.exe
無効 Helper E-Photo SEIKO EPSON CORPORATION C:\Program Files\Epson Software\E-Photo\EPTBL.dll
無効 Helper E-Web Print SEIKO EPSON CORPORATION C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
有効 Helper TmBpIeBHO Class Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\Module\20002\7.5.1144\7.5.1144\TmBpIe32.dll
有効 Helper TmIEPlugInBHO Class Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll
有効 Helper TSToolbarBHO Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\ypho.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll
無効 Toolbar E-Photo SEIKO EPSON CORPORATION C:\Program Files\Epson Software\E-Photo\EPTBL.dll
無効 Toolbar E-Web Print SEIKO EPSON CORPORATION C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll
有効 Toolbar セキュリティツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll

※Google chrome

無効 Extension iCloud ブックマーク 1.4.14 最初のユーザー C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.14_0
有効 Extension 楽天スーパーサーチ 0.125 最初のユーザー C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihkglbebihpaflfihhkfmpabjgdpnol\0.125_0
有効 Plugin Chrome PDF Viewer 最初のユーザー C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\pdf.dll
有効 Plugin Google Update 1.3.21.111 最初のユーザー C:\Users\pc user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
有効 Plugin Native Client 最初のユーザー C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll
有効 Plugin Remoting Viewer 最初のユーザー internal-remoting-viewer
有効 Plugin Shockwave Flash 11,3,300,268 最初のユーザー C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\gcswf32.dll
有効 Plugin Shockwave Flash 11.3.31.222 最初のユーザー C:\Users\pc user\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll

※スケジュールされたタスク

有効 Task Apple Diagnostics Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe
有効 Task BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} C:\Program Files\baidu\update\baidujp_update.exe -Update
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task EPSON PX-046A Series Update {0F27948F-E85D-4B4E-AA36-8FE6F045BDFE} SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLDJ.EXE /EXE:"{0F27948F-E85D-4B4E-AA36-8FE6F045BDFE}" /F:"Update"
有効 Task EPSON PX-046A Series Update {696C66E9-4FCF-44DA-8238-04FAFA9B2A1A} SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLDJ.EXE /EXE:"{696C66E9-4FCF-44DA-8238-04FAFA9B2A1A}" /F:"Update"
有効 Task EPSON PX-046A Series Update {9CB45B62-469F-4526-86A2-260664693BB5} SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLDJ.EXE /EXE:"{9CB45B62-469F-4526-86A2-260664693BB5}" /F:"Update"
有効 Task EPSON PX-046A Series Update {C70B0581-4D6C-4A94-8220-F9584C02EBB9} SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLDJ.EXE /EXE:"{C70B0581-4D6C-4A94-8220-F9584C02EBB9}" /F:"Update"
有効 Task GlaryInitialize 5 E:\guportable\Portable\Initialize.exe
有効 Task GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000Core Google Inc. C:\Users\pc user\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000UA Google Inc. C:\Users\pc user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler


様子見後

【HJT】
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:34:55, on 2015/04/19
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
CHROME: 42.0.2311.90

Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\NTTW\StartUpToolN\StartUpTool_w.exe
C:\Program Files\EPSON\MyEPSON Connect\mep.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\pc user\Desktop\HijackThis.exe ☆.exe

O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\NTTW\Security\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\ypho.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O2 - BHO: E-Photo - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\Epson Software\E-Photo\EPTBL.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\Security\AMSP\Module\20002\7.5.1144\7.5.1144\TmBpIe32.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll
O3 - Toolbar: セキュリティツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: E-Photo - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\Epson Software\E-Photo\EPTBL.dll
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
O4 - HKLM\..\Run: [NTTW_OSA_AUS] "C:\Program Files\NTTW\OSA_Aus\acs.exe" -silent
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\pc user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - Global Startup: スタートアップツール.lnk = ?
O9 - Extra button: 故障かな？と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files\NTTW\OSA_SupportTool\start_w.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll
O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\Security\AMSP\Module\20002\7.5.1144\7.5.1144\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\NTTW\Security\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Baidu Japanese IME Service_3.5.2.45 (BaiduJP_IME_Service_3.5.2.45) - Unknown owner - C:\Program Files\Baidu\IME\3.5.2.45\BaiduJPServ.exe (file missing)
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MyEPSON Connect Service - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\MyEPSON Connect\mepService.exe

--
End of file - 7091 bytes


【CC】
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2014/12/31 203 MB 11.0.10
AnyTrans 3.6.9 iMobie Inc. 2014/02/01 38.5 MB 3.6.9
Apple Application Support（32 ビット） Apple Inc. 2015/04/14 95.4 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/03/04 22.5 MB 8.1.1.3
Apple Software Update Apple Inc. 2012/08/04 2.38 MB 2.1.3.127
Bonjour Apple Inc. 2012/08/04 0.98 MB 3.0.0.10
CCleaner Piriform 2015/04/18 5.04
Epson E-Photo SEIKO EPSON CORPORATION 2015/01/04 1.5.1.0
Epson E-Web Print SEIKO EPSON CORPORATION 2015/01/04 9.22 MB 1.21.0000
Epson Event Manager Seiko Epson Corporation 2015/01/04 38.3 MB 3.10.0035
EPSON PX-046A Series プリンター アンインストール SEIKO EPSON Corporation 2014/07/28
EPSON Scan Seiko Epson Corporation 2014/07/27
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2014/07/27 1.33.0000
EPSON ﾏﾆｭｱﾙ SEIKO EPSON CORPORATION 2015/01/11 12.0 KB 1.0.1.0
EpsonNet Print SEIKO EPSON CORPORATION 2014/07/27 2.6.0
Google Chrome Google Inc. 2012/08/04 42.0.2311.90
iCloud Apple Inc. 2015/01/06 60.1 MB 4.0.6.28
iTunes Apple Inc. 2015/04/14 221 MB 12.1.2.27
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/28 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/03/02 2.93 MB 4.5.50938
Microsoft Silverlight Microsoft Corporation 2014/07/25 44.8 MB 5.1.30514.0
MyEPSON Portal SEIKO EPSON Corporation 2014/07/27
NTT西日本 リモートサポートツール 西日本電信電話株式会社 2014/05/27
Software Updater SEIKO EPSON CORPORATION 2015/01/04 9.70 MB 4.3.3
Yahoo!ツールバー Yahoo! JAPAN. 2012/10/07 2.76 MB 7.3.0.18
スタートアップツール 西日本電信電話株式会社 2014/05/27 2.61 MB 7.3
セキュリティ対策ツール 西日本電信電話株式会社 2014/05/27 450 MB 6.11
セキュリティ申込・設定ツール 西日本電信電話株式会社 2014/07/28 3.59 MB 7.0.0.2
診断復旧ツール 西日本電信電話株式会社 2014/05/27 23.5 MB

作業と報告、ご苦労様です。
作業後のログも見せていただきました。

>f.luxはブルーライト対策（夜になると画面が暗く黄色っぽくなる）で入れたのですが、あまり良くないのですね

はい、これですが自分も調べ直したところ、まみたそさんが入れたf.luxは以前自分が相談受けた迷惑アプリとは別物の可能性が出てきました。
今回のこれはおっしゃるとおりPCのディスプレイ管理アプリのようですが、過去に自分が見た同名の迷惑アプリとの関連が不明です。
当時のデータが既に残ってないので自分の記憶だけで削除対象としましたが、とりあえず今回のf.luxについてはこのスレが解決した時点で再度入れなおすかどうかを考えましょう。

同名の別アプリを削除推奨したなら自分の判断ミスとなります。
あぁっ、こいつはうっかりだぁ！（←それ悪代官ポジションじゃないから

ではまた説明を読んでから続きの作業をお願いします。

ACはもういいので、準備時の説明に沿って片付けてください。
ACでもいくつか検出されてますが、それらはそのままACで処置していればいいです。

次に先の手順でCCを起動して、「スケジュールされたタスク」タブ内の下記を右クリックから「無効」にしたあと「エントリの削除」してください。
>有効 Task BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} C:\Program Files\baidu\update\baidujp_update.exe -Update
無効にできないときはそのまま削除でもいいです。

次に以下のアプリを準備してください。
Malwarebytes' Anti-Malware（通称・MBAM）
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://fine.tok2.com/home/heto2/0700SecurityApp/Malwarebytes/0001.htm

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注）インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

アップデートまでできたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてセーフモードのままMBAMでスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」してください。
対象ドライブはCを含めて全ドライブを選択してください。

スキャン対象は全ドライブを選択（チェック）してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」（隔離）したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。

丁寧なご指導ありがとうございます。ええ、f.luxは後で考えることにしましょう。

スキャン終了後、再起動する前にログを保存しようとあくせくしているうちにログを保存出来ずに再起動してしまったようです；
MBAMの履歴のアプリケーションログ【スキャン履歴ログ】しか残ってませんので、こちらを添付させていただきます。
情報不足かもしれませんがよろしくお願いいたします。



Malwarebytes Anti-Malware
www.malwarebytes.org


Scan, 2015/04/20 0:31:28, SYSTEM, PCUSER-PC, Manual, 開始: 2015/04/1923:12:56, 期間: 1 hr 16 分 28 秒, カスタムスキャン, 完了しました, 3 マルウェア検出, 11 - マルウェア検出,
Protection, 2015/04/20 0:36:26, SYSTEM, PCUSER-PC, Protection, Malware Protection, Starting,
Protection, 2015/04/20 0:36:26, SYSTEM, PCUSER-PC, Protection, Malware Protection, Started,
Protection, 2015/04/20 0:36:26, SYSTEM, PCUSER-PC, Protection, Malicious Website Protection, Starting,
Protection, 2015/04/20 0:36:38, SYSTEM, PCUSER-PC, Protection, Malicious Website Protection, Started,

(end)


【スキャン履歴ログ】

結果: 完了しました
スキャンされたオブジェクト数: 410144
経過時間: 1 時間, 16 分, 28 秒

メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 有効
ヒューリスティック: 有効
PUP: 有効
PUM: 有効

プロセス: 0
（なし悪意のある項目を検出）

モジュール: 0
（なし悪意のある項目を検出）

レジストリキー: 8
Adware.GamePlayLab, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11111111-1111-1111-1111-110011221158}, 隔離, [17fc6fdd5832e353d84f67edc142768a],
Adware.GamePlayLab, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158}, 隔離, [17fc6fdd5832e353d84f67edc142768a],
Adware.GamePlayLab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158}, 隔離, [17fc6fdd5832e353d84f67edc142768a],
PUP.Optional.Babylon.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, 隔離, [55be45076b1fe2544ee8251a31d257a9],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, 隔離, [2ee59ab2345612248a6ebe37778c20e0],
PUP.GamesPlayLab, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mpfapcdfbbledbojijcbcclmlieaoogk, 隔離, [23f0b5974941989e049c0515a460e51b],
PUP.BitSpirit, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\3721, 隔離, [6ea514385e2cd46262913347af55ff01],
PUP.Optional.DealPly.A, HKU\S-1-5-21-771866650-3935571951-379171006-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, 隔離, [d63d2f1d810995a140b951a4689b2ad6],

レジストリ値: 0
（なし悪意のある項目を検出）

レジストリデータ: 0
（なし悪意のある項目を検出）

フォルダー: 2
PUP.Optional.CrossRider.A, C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0, 隔離, [39da90bc5535bb7bd1eb088c2ad92ad6],
PUP.Optional.FunMoods.A, C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjpglkicenollcignonpgiafdgfeehoj, 隔離, [64afcf7d8efcce68cd9b5545e91ac040],

ファイル: 4
PUP.Optional.RegCleanerPro, C:\Users\pc user\Downloads\rcpsetup_6642_6642.exe, 隔離, [e62d19336822c571348a0536d928c739],
PUP.Optional.Installcore, C:\Users\pc user\Downloads\ZipExtractorSetup (1).exe, 隔離, [3cd750fcb7d3c373cf26b7e814f128d8],
PUP.Optional.Installcore, C:\Users\pc user\Downloads\ZipExtractorSetup.exe, 隔離, [42d1e16ba5e54ee8cc29c5dac63f5fa1],
PUP.Optional.Babylon.A, C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\chromepreferences, 良: (), 悪: ( "homepage": "http://search.babylon.com/?affID=110809&tt=bandext_3312_6&babsrc=HP_ss&mntrId=a8fe032c0000000000000013d33ec266",), 置換,[58bbe369dcaeb1853f15ef521beb3dc3]

物理セクタ: 0
（なし悪意のある項目を検出）


(end)

レスが遅くなってすみません。

>スキャン終了後、再起動する前にログを保存しようとあくせくしているうちにログを保存出来ずに再起動してしまったようです

はい、履歴ログを見せてもらいましたが、検出されたものはわかったのでそれでいいです。
Babylon等が見つかったようですね。
検出されたものもMBAMで全部隔離処置したならいいでしょう。

では現在どこまでPC状態が改善できたかも次回レスで教えてください。
それと次の作業もお願いします。

以下のツールを準備してください。
OTL(OldTimer Listit)
ファイル直リンなので、DLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで分割して、複数回に分けてレス送信してください。

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです

現在の状態ですが、インターネットエクスプローラーでのＨＰ閲覧に関しては問題はありません。
前回電源を切る際上手くいかなかったようで、電源を点ける時黒い画面（セーフモードを行う時に表示されるもの）になっていました。

ただ、試しにGoogle Chromeで開くと、MBAMが反応して「ＩＰブロックしました」という表示に切り替わる場面がみられました。

私は通信大学で生徒用のページにログインをするのですが、以前はそこにログインしようとすると（ＩＤとパス入力の画面で）高確率で広告画面に切り替わっていました。後、e-ラーニングで動画を見る時に大きな×印が表示されて動画が流れるものの画面が邪魔されたりと。

先ほどＩＰブロックされたと表示が出たのも、ログイン画面でしたがその後は特に何もありません。（何度かログイン画面を開きなおしましたが正常です）

以前に比べだいぶ改善されました。



【OTL.txt】

OTL logfile created on: 2015/04/20 22:14:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pc user\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.94% Memory free
3.98 Gb Paging File | 2.91 Gb Available in Paging File | 73.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 29.55 Gb Free Space | 39.70% Space Free | Partition Type: NTFS

Computer Name: PCUSER-PC | User Name: pc user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/20 21:54:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
PRC - [2015/03/13 20:10:26 | 005,529,880 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/10/17 15:24:20 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2014/05/02 15:47:14 | 001,065,024 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
PRC - [2013/12/05 09:37:24 | 001,179,232 | ---- | M] (西日本電信電話株式会社) -- C:\Program Files\NTTW\StartUpToolN\StartUpTool_w.exe
PRC - [2013/09/13 15:28:58 | 002,387,520 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\MyEPSON Connect\mep.exe
PRC - [2013/09/09 18:40:06 | 001,047,560 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2013/09/09 18:40:06 | 000,132,920 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2013/08/02 09:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/04/15 08:00:02 | 000,143,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
PRC - [2013/01/24 08:00:02 | 000,260,160 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATILDJ.EXE
PRC - [2012/11/23 11:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/01 16:17:38 | 000,703,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\MyEPSON Connect\mepService.exe
PRC - [2012/07/13 19:17:36 | 000,221,264 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\coreServiceShell.exe
PRC - [2012/07/13 19:17:24 | 000,142,984 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\coreFrameworkHost.exe
PRC - [2012/07/13 19:17:02 | 000,674,464 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\AMSP_LogServer.exe
PRC - [2012/05/17 00:00:00 | 000,126,128 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/02/25 14:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/03/13 22:54:32 | 000,029,696 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1041.dll
MOD - [2015/01/20 22:35:44 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/03 03:26:30 | 000,049,152 | ---- | M] () -- C:\Program Files\NTTW\SECURITY\AMSP\boost_date_time-vc80-mt-1_49.dll
MOD - [2012/05/03 03:24:14 | 000,057,344 | ---- | M] () -- C:\Program Files\NTTW\SECURITY\AMSP\boost_thread-vc80-mt-1_49.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Baidu\IME\3.5.2.45\BaiduJPServ.exe -- (BaiduJP_IME_Service_3.5.2.45)
SRV - File not found [Auto | Running] -- C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2015/03/13 12:16:24 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/15 08:00:02 | 000,143,424 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE -- (EPSON_PM_RPCV4_06)
SRV - [2012/10/01 16:17:38 | 000,703,616 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\MyEPSON Connect\mepService.exe -- (MyEPSON Connect Service)
SRV - [2012/05/17 00:00:00 | 000,126,128 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2009/07/14 10:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\pc user\Downloads\Glary Utilities 3\ProcObsrv.sys -- (ProcObsrv)
DRV - [2015/04/20 21:51:19 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/11/21 06:14:20 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/11/21 06:14:06 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/09/05 19:38:48 | 000,263,072 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2013/09/05 19:38:48 | 000,096,736 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2013/09/05 19:38:48 | 000,076,624 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2012/12/08 02:32:32 | 000,083,256 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmeevw.sys -- (tmeevw)
DRV - [2012/08/24 13:06:36 | 000,038,328 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TMEBC32.sys -- (TMEBC)
DRV - [2012/07/06 11:33:22 | 000,171,064 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2012/05/03 03:27:24 | 000,092,304 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/11/21 06:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/21 06:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/21 06:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{30FFC99A-FB94-554B-0854-3DD24FB8D7FD}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ja-jp/?ocid=iehp
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 62 6D 33 D9 37 7A D0 01 [binary data]
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://www.amazon.co.jp/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_jp_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-jp-ie-22&tbrId=v1_abb-channel-7_fef320802a51431fba41e444a073f06b_30_46_20131016_JP_ie_ds_&query={searchTerms}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pc user\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pc user\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\Program Files\NTTW\Security\AMSP\Module\20002\7.5.1144\7.5.1144\firefoxextension [2015/04/06 05:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\NTTW\Security\AMSP\module\20004\FxExt\firefoxextension\ [2015/04/06 05:53:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\firefoxextension [2014/05/27 06:21:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015/01/04 18:07:10 | 000,000,000 | ---D | M]

[2012/08/17 22:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\pc user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.14_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.417.10417_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihkglbebihpaflfihhkfmpabjgdpnol\0.125_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\

O1 HOSTS File: ([2009/06/11 06:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\NTTW\SECURITY\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (Yahoo!ツールバーフィッシング警告) - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\ypho.dll (Yahoo Japan Corporation. )
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\EPSON Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\SECURITY\AMSP\module\20002\7.5.1144\7.5.1144\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Yahoo!ツールバーヘルパー) - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\EPSON Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo!ツールバー) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O3 - HKLM\..\Toolbar: (セキュリティツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NTTW_OSA_AUS] C:\Program Files\NTTW\OSA_Aus\acs.exe (西日本電信電話株式会社)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [EPLTarget\P0000000000000003] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATILDJ.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun = 255
O9 - Extra Button: 故障かな？と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files\NTTW\OSA_SupportTool\start_w.exe (西日本電信電話株式会社)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892FD758-0C1F-4701-949C-42276264BE02}: NameServer = 202.238.95.24 202.238.95.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5499131-6265-488D-B08A-69A9DB98D6D1}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\SECURITY\AMSP\module\20002\7.5.1144\7.5.1144\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\NTTW\SECURITY\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ProToolbarIMRatingActiveX.dll (西日本電信電話株式会社)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 06:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/20 21:54:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
[2015/04/19 22:24:11 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/04/19 22:23:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/04/19 22:23:27 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/04/19 22:23:27 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/04/19 22:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/04/19 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Roaming\Malwarebytes
[2015/04/19 22:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/19 22:18:12 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015/04/19 10:48:48 | 000,000,000 | ---D | C] -- C:\Users\pc user\Desktop\backups
[2015/04/19 10:37:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\pc user\Desktop\HijackThis.exe ☆.exe
[2015/04/19 10:08:36 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Local\ElevatedDiagnostics
[2015/04/19 09:40:46 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Roaming\Geek Uninstaller
[2015/04/18 20:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/04/18 20:11:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/04/18 20:06:09 | 000,000,000 | -HSD | C] -- C:\Users\pc user\AppData\Local\EmieBrowserModeList
[2015/04/18 19:47:09 | 005,344,528 | ---- | C] (Piriform Ltd) -- C:\Users\pc user\Desktop\ccsetup504.exe
[2015/04/15 15:18:17 | 000,896,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015/04/15 15:18:17 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/04/15 15:18:17 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/04/15 15:18:17 | 000,576,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/04/15 15:18:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015/04/15 15:18:16 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/04/15 15:18:15 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/04/15 15:18:15 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015/04/15 15:18:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2015/04/15 15:18:05 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/04/15 15:18:05 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/04/15 15:18:03 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/04/15 15:18:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/04/15 15:18:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/04/15 15:18:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/04/15 15:18:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/04/15 15:18:02 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/04/15 15:18:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/04/15 15:18:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/04/15 15:18:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/04/15 15:18:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/04/15 15:17:47 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015/04/15 15:17:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/04/15 15:17:47 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015/04/15 15:17:46 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/04/15 15:17:46 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015/04/15 15:17:46 | 000,342,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/04/15 15:17:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/04/15 15:17:45 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015/04/15 15:17:45 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/04/15 15:17:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015/04/15 15:17:45 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/04/15 15:17:45 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/04/15 15:17:45 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/04/15 15:17:44 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/04/15 15:17:44 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/04/15 15:17:43 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015/04/15 15:17:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/04/15 15:17:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015/04/15 15:17:41 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/04/15 15:17:41 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/04/15 15:17:39 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/04/15 15:17:38 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015/04/15 15:17:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015/04/15 15:17:34 | 004,305,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/04/15 15:17:25 | 003,088,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015/04/15 15:17:25 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015/04/15 15:17:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015/04/15 15:17:25 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015/04/15 15:17:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2015/04/15 15:17:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015/04/15 15:17:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015/04/15 15:17:25 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015/04/15 15:17:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2015/04/15 15:17:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2015/04/14 21:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/04/14 21:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/04/14 21:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/04/14 21:16:52 | 000,000,000 | ---D | C] -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
[2015/04/05 03:01:00 | 000,000,000 | --SD | C] -- C:\Windows\System32\GWX
[2015/04/02 19:59:14 | 006,337,032 | ---- | C] (Geek Uninstaller) -- C:\Users\pc user\Desktop\geek.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/20 22:12:01 | 000,000,708 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000UA.job
[2015/04/20 22:00:16 | 000,000,020 | ---- | M] () -- C:\Users\pc user\AppData\Roaming\appdataFr3.bin
[2015/04/20 22:00:05 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {0F27948F-E85D-4B4E-AA36-8FE6F045BDFE}.job
[2015/04/20 22:00:03 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {C70B0581-4D6C-4A94-8220-F9584C02EBB9}.job
[2015/04/20 22:00:03 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {9CB45B62-469F-4526-86A2-260664693BB5}.job
[2015/04/20 22:00:03 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {696C66E9-4FCF-44DA-8238-04FAFA9B2A1A}.job
[2015/04/20 21:59:41 | 000,028,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/04/20 21:59:41 | 000,028,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/04/20 21:54:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
[2015/04/20 21:51:19 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/04/20 21:50:11 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2015/04/20 21:49:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/20 21:49:55 | 1603,870,720 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/19 22:23:37 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/19 10:37:36 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\pc user\Desktop\HijackThis.exe ☆.exe
[2015/04/19 09:47:23 | 006,337,032 | ---- | M] (Geek Uninstaller) -- C:\Users\pc user\Desktop\geek.exe
[2015/04/19 00:12:01 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000Core.job
[2015/04/18 22:15:11 | 000,653,762 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/04/18 22:15:11 | 000,410,670 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2015/04/18 22:15:11 | 000,121,716 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2015/04/18 22:15:11 | 000,121,634 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/04/18 20:11:24 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/18 19:47:51 | 005,344,528 | ---- | M] (Piriform Ltd) -- C:\Users\pc user\Desktop\ccsetup504.exe
[2015/04/17 21:01:32 | 000,002,361 | ---- | M] () -- C:\Users\pc user\Desktop\Google Chrome.lnk
[2015/04/14 21:18:26 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/04/02 08:49:48 | 000,342,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/03/25 12:00:57 | 003,088,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015/03/25 12:00:57 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015/03/25 12:00:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015/03/25 12:00:57 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015/03/25 12:00:57 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015/03/25 12:00:57 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015/03/25 12:00:27 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2015/03/25 12:00:18 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2015/03/25 12:00:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015/03/24 09:42:55 | 000,214,576 | ---- | M] (Trend Micro Inc.) -- C:\Windows\RegBootClean.exe
[2015/03/24 09:42:55 | 000,025,136 | ---- | M] (Trend Micro Inc.) -- C:\Windows\DCEBoot.exe
[2015/03/23 12:06:47 | 000,576,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/03/23 12:06:32 | 000,630,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/03/23 12:06:26 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/03/23 12:06:22 | 000,860,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/03/23 12:06:21 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/03/23 12:06:21 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015/03/23 12:06:21 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015/03/23 11:59:03 | 000,896,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/19 22:18:18 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/18 20:11:24 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/15 15:17:42 | 000,016,303 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2015/04/14 21:18:26 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/03/11 06:35:40 | 000,000,020 | ---- | C] () -- C:\Users\pc user\AppData\Roaming\appdataFr3.bin
[2014/05/27 06:20:08 | 000,000,056 | ---- | C] () -- C:\Windows\System32\SupportTool.exe.bat
[2014/05/27 06:20:00 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/27 06:16:13 | 000,000,036 | ---- | C] () -- C:\Users\pc user\AppData\Local\housecall.guid.cache
[2013/10/16 18:19:02 | 000,000,006 | ---- | C] () -- C:\Users\pc user\AppData\Roaming\WBPU-TTL.DAT
[2013/09/29 12:22:03 | 000,000,262 | ---- | C] () -- C:\Users\pc user\AppData\Roaming\WB.CFG
[2013/02/17 17:15:34 | 000,003,584 | ---- | C] () -- C:\Users\pc user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 06:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 10:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/20 22:00:05 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {0F27948F-E85D-4B4E-AA36-8FE6F045BDFE}.job
[2015/04/20 22:00:03 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {696C66E9-4FCF-44DA-8238-04FAFA9B2A1A}.job
[2015/04/20 22:00:03 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {9CB45B62-469F-4526-86A2-260664693BB5}.job
[2015/04/20 22:00:03 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {C70B0581-4D6C-4A94-8220-F9584C02EBB9}.job
[2015/04/20 21:50:11 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2015/04/19 00:12:01 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000Core.job
[2015/04/20 22:12:01 | 000,000,708 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000UA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD800JD-55MSA1 ATA Device
Partitions: 2
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 74.00GB
Starting Offset: 105906176
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV - [2009/07/14 10:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2013/02/27 13:49:16 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 10:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/21 06:29:08 | 000,585,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/21 06:29:12 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2015/03/17 13:56:28 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/05 06:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/21 06:29:12 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/21 06:29:12 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 14:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 10:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/21 06:29:07 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/07/14 10:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 10:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 10:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2014/12/06 12:50:19 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 10:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 19:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 14:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2015/03/17 13:56:28 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 10:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/21 06:29:24 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/21 06:29:12 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 10:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2015/03/17 13:56:28 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/14 10:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/21 06:29:07 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/21 06:29:12 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/21 06:29:21 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/21 06:29:07 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 10:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2014/12/19 11:43:00 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/21 06:29:12 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/21 06:29:49 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/21 06:29:11 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/21 06:29:06 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/21 06:29:41 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/21 06:29:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 10:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2015/03/25 12:00:57 | 002,020,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/21 06:29:20 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 10:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/21 06:29:07 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >

OTL Extras logfile created on: 2015/04/20 22:14:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pc user\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.94% Memory free
3.98 Gb Paging File | 2.91 Gb Available in Paging File | 73.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 29.55 Gb Free Space | 39.70% Space Free | Partition Type: NTFS

Computer Name: PCUSER-PC | User Name: pc user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\pc user\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045AB91C-8DE9-43AD-BA2E-D0A43EDA517B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{283FA28C-1882-4A19-A8DC-B5BF3E63C81C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{29087145-A07C-4201-9F9B-0D107D02633A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4230869B-A15E-4F2B-B8C7-7A37FD76592D}" = lport=139 | protocol=6 | dir=in | app=system |
"{4388A0C7-9186-451E-AA14-C2CEE7BF2CC2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{451DCBE1-5256-4C53-A4A1-2E379AC9995E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E6AF22C-30D8-4C1A-86A2-0BA3DC11A24C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{521C27B0-05A5-4206-ADB6-3F56BA102791}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{587A5013-9852-4E83-B315-8028DFA09F21}" = lport=138 | protocol=17 | dir=in | app=system |
"{6032AC9C-2ED5-4A40-B285-356A5AEA0982}" = rport=445 | protocol=6 | dir=out | app=system |
"{61233171-DFA9-4982-A057-DA187543AEDB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{771C6FEF-D024-40FC-AB2D-B2984514344B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A7A729C-FC85-434E-83C3-27522BE65A14}" = lport=10243 | protocol=6 | dir=in | app=system |
"{80EA3108-EACE-4E5A-A971-B47C62050060}" = lport=34683 | protocol=6 | dir=in | app=c:\windows\system32\config\systemprofile\appdata\local\windows internet name service\wins.exe |
"{8E6AEF7D-7725-49AF-AED3-B7401B3737FE}" = rport=139 | protocol=6 | dir=out | app=system |
"{905E0E1F-AE31-4D3D-92F9-CDB9AEE5AF81}" = rport=138 | protocol=17 | dir=out | app=system |
"{9736651B-F6E8-46A5-ADD6-7D5DB8A61171}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97BB60E5-947D-486E-B651-7574C824E2E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{BA815603-7D26-425B-B7EF-BE4EA61FC5BC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE8B9426-201A-4318-8E5F-1E90E28D637C}" = lport=137 | protocol=17 | dir=in | app=system |
"{C6A02ACD-BC8B-4D88-8EAE-727C932FE898}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C81D8CBD-5B45-49FA-80A6-1BA354C43DF2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D01673E6-89F5-4F72-85C8-42EC46E89F42}" = rport=137 | protocol=17 | dir=out | app=system |
"{D6117EB2-811D-4D09-A65E-C7A08F546A3A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DA09900E-7149-4C2F-9943-4644AB70B27C}" = lport=34683 | protocol=17 | dir=in | app=c:\windows\system32\config\systemprofile\appdata\local\windows internet name service\wins.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EDDE427-2807-4E91-8BDE-89A4C428B613}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{20DDDC86-923C-4D1F-B5A8-D33496A8B71F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{31B7351D-D777-47F4-A572-1EFEB0E1E820}" = protocol=6 | dir=in | app=c:\program files\common files\kingsoft\kiscommon\kxeserv.exe |
"{31FCCCD9-6AB9-409C-9FE9-5E7282FDB639}" = protocol=6 | dir=in | app=c:\users\pc user\appdata\local\temp\epinsnav\dl\3013\network\epsonnetsetup\epsonnetsetup3_6_1_2200\eneasyapp.exe |
"{420AD0BF-5F0F-4D7F-A2B6-A39958A313F5}" = protocol=58 | dir=in | app=system |
"{5132844F-F4D1-4D46-A22E-BBEC6331CAF2}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{5B7054A3-CA6A-4BD2-BC7A-6851A0A21A86}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64C131E9-1DE8-4852-9246-9CB74806928B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A2F6864-2409-442E-A365-6FE5660B9960}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6AC5A17D-6B18-46F7-A468-B7BD3B9AB6CB}" = protocol=6 | dir=out | app=system |
"{785E0B4D-8D6A-4087-AECD-2198A077C607}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7DA9B2C3-160A-4544-A71B-CEF9AEDA16D4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8CDE86A5-C26B-4EE4-835E-21C3C7BA5548}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{966CD70A-43A7-487A-BABA-15FD12FEAE78}" = protocol=17 | dir=in | app=c:\program files\common files\kingsoft\kiscommon\kxeserv.exe |
"{A5B34C3B-9599-4738-896A-8BC681D73141}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A8319EBA-AC6F-4EF2-B63B-9244EE136D94}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AA59BD58-9586-4BD2-BD65-5264D8CA963F}" = dir=out | app=c:\windows\system32\config\systemprofile\appdata\local\windows internet name service\wins.exe |
"{AB0B7099-3C2B-4A91-A015-820EEFEFC7B4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B1103FDF-0BF7-41F1-9DD2-ADB6CDA9C6AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B2E3AEE9-AD46-4EDA-8F66-3C5F11781BE2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B7037E3B-1469-4331-A092-F744B225A636}" = protocol=17 | dir=in | app=c:\users\pc user\appdata\local\temp\epinsnav\dl\3013\network\epsonnetsetup\epsonnetsetup3_6_1_2200\eneasyapp.exe |
"{B8F72649-C3B6-4A3B-B287-AA001EEB2A28}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BD260A99-9318-4FEC-B33F-67240F26AC60}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D01EBA92-821B-4C0E-A42C-5F9D43C20321}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EA0BB8EA-90CF-4F6F-BF27-7EA845DF80EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFDFF2CC-E70D-45FC-AD65-90134B75BCA4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{26F31982-B531-4302-BE86-59AB71531B7E}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{32FC40A1-A8A2-45C9-B7C2-B7848EE94D53}C:\program files\downloadmanager\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\downloadmanager\jre\bin\javaw.exe |
"TCP Query User{5080EB83-1DB1-43D3-9FD9-DB0EBCF2A315}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{02936BC1-52DF-4517-B849-3B1A859EC831}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{0BDC616F-EF3E-4AF3-B07F-953D85E90EA2}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{83EB3E80-7B60-4580-8062-C87765CE4DB2}C:\program files\downloadmanager\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\downloadmanager\jre\bin\javaw.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}" = Epson Event Manager
"{139C06F6-2DC5-485F-B34A-D333AA122379}" = セキュリティ申込・設定ツール
"{3361D415-BA35-4143-B301-661991BA6219}" = MyEPSON Portal
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}" = EPSON Scan OCR コンポーネント
"{63B92EB0-446C-3778-9E6B-C1BE202FE44F}" = Microsoft .NET Framework 4.5.1 (JPN)
"{682A3328-9621-4BAD-91FA-873A076610C4}" = Epson E-Web Print
"{760BB327-3973-4608-85C8-88162E2FF3B6}" = iCloud
"{7864287E-F3F7-4A26-AAC3-4983CC7E2C64}" = Epson E-Photo
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}" = EPSON ﾏﾆｭｱﾙ
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{A162AF3F-7908-44E1-A072-67FB887A9517}" = スタートアップツール
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = セキュリティ対策ツール
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{AC76BA86-7AD7-1041-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Japanese
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Apple Application Support（32 ビット）
"{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}" = iTunes
"{E1DB0812-2D60-43DB-AE09-6C7027D93B28}" = Apple Mobile Device Support
"{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1" = AnyTrans 3.6.9
"{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}" = Software Updater
"CCleaner" = CCleaner
"EPSON PX-046A Series" = EPSON PX-046A Series プリンター アンインストール
"EPSON Scanner" = EPSON Scan
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"MyEPSON Connect" = MyEPSON Portal
"RemoteToolGuider.west_is1" = NTT西日本 リモートサポートツール
"Yahoo!Jツールバー" = Yahoo!ツールバー
"診断復旧ツール_is1" = 診断復旧ツール

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealPly" = DealPly

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealPly" = DealPly

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/04/14 18:30:06 | Computer Name = pcuser-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/04/15 14:43:05 | Computer Name = pcuser-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/04/16 8:40:23 | Computer Name = pcuser-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/04/17 7:50:14 | Computer Name = pcuser-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/04/17 8:18:56 | Computer Name = pcuser-PC | Source = SideBySide | ID = 16842785
Description = "C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/17 8:19:03 | Computer Name = pcuser-PC | Source = SideBySide | ID = 16842785
Description = "C:\Program Files\Epson Software\E-Web Print\ewps.exe" のアクティブ化コンテキストの生成に失敗しました。
従属アセンブリ
Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/17 8:19:07 | Computer Name = pcuser-PC | Source = SideBySide | ID = 16842785
Description = "C:\Program Files\Epson Software\E-Web Print\ewpsbw.exe" のアクティブ化コンテキストの生成に失敗しました。
従属アセンブリ
Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/18 5:39:28 | Computer Name = pcuser-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/04/18 6:14:34 | Computer Name = pcuser-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/04/18 7:01:32 | Computer Name = pcuser-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2014/10/12 7:31:30 | Computer Name = pcuser-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = ファームウェアの問題により、グループ 0 のプロセッサ 1 のパフォーマンス電源管理機能は無効になっています。更新されたファームウェアについては、コンピューターの製造元に問い合わせてください。

Error - 2014/10/12 7:35:21 | Computer Name = pcuser-PC | Source = DCOM | ID = 10010
Description =

Error - 2014/10/12 16:50:37 | Computer Name = pcuser-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = ファームウェアの問題により、グループ 0 のプロセッサ 0 のパフォーマンス電源管理機能は無効になっています。更新されたファームウェアについては、コンピューターの製造元に問い合わせてください。

Error - 2014/10/12 16:50:37 | Computer Name = pcuser-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = ファームウェアの問題により、グループ 0 のプロセッサ 1 のパフォーマンス電源管理機能は無効になっています。更新されたファームウェアについては、コンピューターの製造元に問い合わせてください。

Error - 2014/10/12 16:51:17 | Computer Name = pcuser-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = 致命的なハードウェア エラーが発生しました。 コンポーネントによる報告: プロセッサ コア エラー ソース: 3 エラーの種類: 10 プロセッサ
ID: 0 詳細は、このエントリの詳細ビューに含まれています。

Error - 2014/10/13 4:10:44 | Computer Name = pcuser-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = ファームウェアの問題により、グループ 0 のプロセッサ 0 のパフォーマンス電源管理機能は無効になっています。更新されたファームウェアについては、コンピューターの製造元に問い合わせてください。

Error - 2014/10/13 4:10:44 | Computer Name = pcuser-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = ファームウェアの問題により、グループ 0 のプロセッサ 1 のパフォーマンス電源管理機能は無効になっています。更新されたファームウェアについては、コンピューターの製造元に問い合わせてください。

Error - 2014/10/14 8:17:21 | Computer Name = pcuser-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = ファームウェアの問題により、グループ 0 のプロセッサ 0 のパフォーマンス電源管理機能は無効になっています。更新されたファームウェアについては、コンピューターの製造元に問い合わせてください。

Error - 2014/10/14 8:17:21 | Computer Name = pcuser-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = ファームウェアの問題により、グループ 0 のプロセッサ 1 のパフォーマンス電源管理機能は無効になっています。更新されたファームウェアについては、コンピューターの製造元に問い合わせてください。

Error - 2014/10/14 8:17:52 | Computer Name = pcuser-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = 致命的なハードウェア エラーが発生しました。 コンポーネントによる報告: プロセッサ コア エラー ソース: 3 エラーの種類: 10 プロセッサ
ID: 0 詳細は、このエントリの詳細ビューに含まれています。


< End of report >

今夜はレスが遅くなってすみません。
まあ人生が手遅れなので、これが芸風とでも思ってください（謎

説明も見せてもらいました。だいぶ状況も見えてきたようです。

では今度はOTLでの処置しましょうか。
このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」（赤字のボタン）を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Baidu\IME\3.5.2.45\BaiduJPServ.exe -- (BaiduJP_IME_Service_3.5.2.45)
IE - HKLM\..\SearchScopes\{30FFC99A-FB94-554B-0854-3DD24FB8D7FD}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 62 6D 33 D9 37 7A D0 01 [binary data]
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://www.amazon.co.jp/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_jp_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-jp-ie-22&tbrId=v1_abb-channel-7_fef320802a51431fba41e444a073f06b_30_46_20131016_JP_ie_ds_&query={searchTerms}
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihkglbebihpaflfihhkfmpabjgdpnol\0.125_0\
[2015/04/14 21:16:52 | 000,000,000 | ---D | C] -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
[2015/04/20 22:00:16 | 000,000,020 | ---- | M] () -- C:\Users\pc user\AppData\Roaming\appdataFr3.bin
[2015/03/11 06:35:40 | 000,000,020 | ---- | C] () -- C:\Users\pc user\AppData\Roaming\appdataFr3.bin

:Files
C:\Program Files\Baidu
C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihkglbebihpaflfihhkfmpabjgdpnol
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
C:\Users\pc user\AppData\Roaming\appdataFr3.bin

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------

こんばんは、私のほうこそ大変にレスが遅くなってしまいました。ごめんなさい；

人生 笑
人生とは長い道のりですよね、悪代官さんは私のパソコン生活を導いて下さる貴重な存在です。感謝しております。

ログの確認と対処方法の指示ありがとうございます。確認をお願い致します。



OTL logfile created on: 2015/04/26 20:52:01 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pc user\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.99 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.10% Memory free
3.98 Gb Paging File | 2.83 Gb Available in Paging File | 70.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 30.30 Gb Free Space | 40.71% Space Free | Partition Type: NTFS

Computer Name: PCUSER-PC | User Name: pc user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/20 21:54:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
PRC - [2015/03/13 20:10:26 | 005,529,880 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/10/17 15:24:20 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2014/05/02 15:47:14 | 001,065,024 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
PRC - [2013/09/13 15:28:58 | 002,387,520 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\MyEPSON Connect\mep.exe
PRC - [2013/09/09 18:40:06 | 001,047,560 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2013/09/09 18:40:06 | 000,132,920 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2013/08/02 09:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/04/15 08:00:02 | 000,143,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
PRC - [2013/01/24 08:00:02 | 000,260,160 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATILDJ.EXE
PRC - [2012/11/23 11:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/01 16:17:38 | 000,703,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\MyEPSON Connect\mepService.exe
PRC - [2012/07/13 19:17:36 | 000,221,264 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\coreServiceShell.exe
PRC - [2012/07/13 19:17:24 | 000,142,984 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\coreFrameworkHost.exe
PRC - [2012/07/13 19:17:02 | 000,674,464 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\AMSP_LogServer.exe
PRC - [2012/05/17 00:00:00 | 000,126,128 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/02/25 14:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/03/13 22:54:32 | 000,029,696 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1041.dll
MOD - [2015/01/20 22:35:44 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/03 03:26:30 | 000,049,152 | ---- | M] () -- C:\Program Files\NTTW\SECURITY\AMSP\boost_date_time-vc80-mt-1_49.dll
MOD - [2012/05/03 03:24:14 | 000,057,344 | ---- | M] () -- C:\Program Files\NTTW\SECURITY\AMSP\boost_thread-vc80-mt-1_49.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Running] -- C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2015/03/13 12:16:24 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/15 08:00:02 | 000,143,424 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE -- (EPSON_PM_RPCV4_06)
SRV - [2012/10/01 16:17:38 | 000,703,616 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\MyEPSON Connect\mepService.exe -- (MyEPSON Connect Service)
SRV - [2012/05/17 00:00:00 | 000,126,128 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2009/07/14 10:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\pc user\Downloads\Glary Utilities 3\ProcObsrv.sys -- (ProcObsrv)
DRV - [2015/04/26 20:45:29 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/11/21 06:14:20 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/11/21 06:14:06 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/09/05 19:38:48 | 000,263,072 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2013/09/05 19:38:48 | 000,096,736 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2013/09/05 19:38:48 | 000,076,624 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2012/12/08 02:32:32 | 000,083,256 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmeevw.sys -- (tmeevw)
DRV - [2012/08/24 13:06:36 | 000,038,328 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TMEBC32.sys -- (TMEBC)
DRV - [2012/07/06 11:33:22 | 000,171,064 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2012/05/03 03:27:24 | 000,092,304 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/11/21 06:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/21 06:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/21 06:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 EE 6F 0C 17 80 D0 01 [binary data]
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pc user\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pc user\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\Program Files\NTTW\Security\AMSP\Module\20002\7.5.1144\7.5.1144\firefoxextension [2015/04/06 05:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\NTTW\Security\AMSP\module\20004\FxExt\firefoxextension\ [2015/04/06 05:53:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\firefoxextension [2014/05/27 06:21:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015/01/04 18:07:10 | 000,000,000 | ---D | M]

[2012/08/17 22:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\pc user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.14_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.417.10417_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\8.0.0.1257_0\

O1 HOSTS File: ([2009/06/11 06:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\NTTW\SECURITY\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\EPSON Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\SECURITY\AMSP\module\20002\7.5.1144\7.5.1144\TmBpIe32.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\EPSON Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (セキュリティツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NTTW_OSA_AUS] C:\Program Files\NTTW\OSA_Aus\acs.exe (西日本電信電話株式会社)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [EPLTarget\P0000000000000003] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATILDJ.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun = 255
O9 - Extra Button: 故障かな？と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files\NTTW\OSA_SupportTool\start_w.exe (西日本電信電話株式会社)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892FD758-0C1F-4701-949C-42276264BE02}: NameServer = 202.238.95.24 202.238.95.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5499131-6265-488D-B08A-69A9DB98D6D1}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\SECURITY\AMSP\module\20002\7.5.1144\7.5.1144\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\NTTW\SECURITY\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ProToolbarIMRatingActiveX.dll (西日本電信電話株式会社)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 06:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/26 11:34:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/04/20 21:54:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
[2015/04/19 22:24:11 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/04/19 22:23:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/04/19 22:23:27 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/04/19 22:23:27 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/04/19 22:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/04/19 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Roaming\Malwarebytes
[2015/04/19 22:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/19 22:18:12 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015/04/19 10:48:48 | 000,000,000 | ---D | C] -- C:\Users\pc user\Desktop\backups
[2015/04/19 10:37:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\pc user\Desktop\HijackThis.exe ☆.exe
[2015/04/19 10:08:36 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Local\ElevatedDiagnostics
[2015/04/19 09:40:46 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Roaming\Geek Uninstaller
[2015/04/18 20:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/04/18 20:11:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/04/18 20:06:09 | 000,000,000 | -HSD | C] -- C:\Users\pc user\AppData\Local\EmieBrowserModeList
[2015/04/18 19:47:09 | 005,344,528 | ---- | C] (Piriform Ltd) -- C:\Users\pc user\Desktop\ccsetup504.exe
[2015/04/15 15:18:17 | 000,896,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015/04/15 15:18:17 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/04/15 15:18:17 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/04/15 15:18:17 | 000,576,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/04/15 15:18:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015/04/15 15:18:16 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/04/15 15:18:15 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/04/15 15:18:15 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015/04/15 15:18:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2015/04/15 15:18:05 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/04/15 15:18:05 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/04/15 15:18:03 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/04/15 15:18:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/04/15 15:18:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/04/15 15:18:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/04/15 15:18:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/04/15 15:18:02 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/04/15 15:18:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/04/15 15:18:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/04/15 15:18:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/04/15 15:18:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/04/15 15:17:47 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015/04/15 15:17:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/04/15 15:17:47 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015/04/15 15:17:46 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/04/15 15:17:46 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015/04/15 15:17:46 | 000,342,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/04/15 15:17:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/04/15 15:17:45 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015/04/15 15:17:45 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/04/15 15:17:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015/04/15 15:17:45 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/04/15 15:17:45 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/04/15 15:17:45 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/04/15 15:17:44 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/04/15 15:17:44 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/04/15 15:17:43 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015/04/15 15:17:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/04/15 15:17:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015/04/15 15:17:41 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/04/15 15:17:41 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/04/15 15:17:39 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/04/15 15:17:38 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015/04/15 15:17:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015/04/15 15:17:34 | 004,305,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/04/15 15:17:25 | 003,088,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015/04/15 15:17:25 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015/04/15 15:17:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015/04/15 15:17:25 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015/04/15 15:17:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2015/04/15 15:17:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015/04/15 15:17:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015/04/15 15:17:25 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015/04/15 15:17:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2015/04/15 15:17:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2015/04/14 21:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/04/14 21:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/04/14 21:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/04/05 03:01:00 | 000,000,000 | --SD | C] -- C:\Windows\System32\GWX
[2015/04/02 19:59:14 | 006,337,032 | ---- | C] (Geek Uninstaller) -- C:\Users\pc user\Desktop\geek.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/26 21:00:30 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {0F27948F-E85D-4B4E-AA36-8FE6F045BDFE}.job
[2015/04/26 21:00:24 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {C70B0581-4D6C-4A94-8220-F9584C02EBB9}.job
[2015/04/26 21:00:24 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {9CB45B62-469F-4526-86A2-260664693BB5}.job
[2015/04/26 21:00:24 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {696C66E9-4FCF-44DA-8238-04FAFA9B2A1A}.job
[2015/04/26 20:45:56 | 000,000,708 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000UA.job
[2015/04/26 20:45:29 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/04/26 20:44:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/26 11:44:18 | 000,028,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/04/26 11:44:18 | 000,028,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/04/26 11:35:40 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2015/04/26 11:35:24 | 1603,870,720 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/23 07:01:37 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000Core.job
[2015/04/20 21:54:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
[2015/04/19 22:23:37 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/19 10:37:36 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\pc user\Desktop\HijackThis.exe ☆.exe
[2015/04/19 09:47:23 | 006,337,032 | ---- | M] (Geek Uninstaller) -- C:\Users\pc user\Desktop\geek.exe
[2015/04/18 22:15:11 | 000,653,762 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/04/18 22:15:11 | 000,410,670 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2015/04/18 22:15:11 | 000,121,716 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2015/04/18 22:15:11 | 000,121,634 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/04/18 20:11:24 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/18 19:47:51 | 005,344,528 | ---- | M] (Piriform Ltd) -- C:\Users\pc user\Desktop\ccsetup504.exe
[2015/04/17 21:01:32 | 000,002,361 | ---- | M] () -- C:\Users\pc user\Desktop\Google Chrome.lnk
[2015/04/14 21:18:26 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/04/02 08:49:48 | 000,342,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/19 22:18:18 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/18 20:11:24 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/15 15:17:42 | 000,016,303 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2015/04/14 21:18:26 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/27 06:20:08 | 000,000,056 | ---- | C] () -- C:\Windows\System32\SupportTool.exe.bat
[2014/05/27 06:20:00 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/27 06:16:13 | 000,000,036 | ---- | C] () -- C:\Users\pc user\AppData\Local\housecall.guid.cache
[2013/10/16 18:19:02 | 000,000,006 | ---- | C] () -- C:\Users\pc user\AppData\Roaming\WBPU-TTL.DAT
[2013/09/29 12:22:03 | 000,000,262 | ---- | C] () -- C:\Users\pc user\AppData\Roaming\WB.CFG
[2013/02/17 17:15:34 | 000,003,584 | ---- | C] () -- C:\Users\pc user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 06:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 10:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/26 21:00:30 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {0F27948F-E85D-4B4E-AA36-8FE6F045BDFE}.job
[2015/04/26 21:00:24 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {696C66E9-4FCF-44DA-8238-04FAFA9B2A1A}.job
[2015/04/26 21:00:24 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {9CB45B62-469F-4526-86A2-260664693BB5}.job
[2015/04/26 21:00:24 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {C70B0581-4D6C-4A94-8220-F9584C02EBB9}.job
[2015/04/26 11:35:40 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2015/04/23 07:01:37 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000Core.job
[2015/04/26 20:45:56 | 000,000,708 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000UA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD800JD-55MSA1 ATA Device
Partitions: 2
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 74.00GB
Starting Offset: 105906176
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV - [2009/07/14 10:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2013/02/27 13:49:16 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 10:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/21 06:29:08 | 000,585,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/21 06:29:12 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2015/03/17 13:56:28 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/05 06:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/21 06:29:12 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/21 06:29:12 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 14:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 10:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/21 06:29:07 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/07/14 10:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 10:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 10:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2014/12/06 12:50:19 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 10:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 19:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 14:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2015/03/17 13:56:28 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 10:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/21 06:29:24 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/21 06:29:12 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 10:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2015/03/17 13:56:28 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/14 10:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/21 06:29:07 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/21 06:29:12 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/21 06:29:21 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/21 06:29:07 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 10:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2014/12/19 11:43:00 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/21 06:29:12 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/21 06:29:49 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/21 06:29:11 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/21 06:29:06 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/21 06:29:41 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/21 06:29:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 10:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2015/03/25 12:00:57 | 002,020,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/21 06:29:20 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 10:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/21 06:29:07 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >

作業と報告、ご苦労様です。

ログを見せてもらいましたが、ちょっとOTLでの操作を誤ったようですね。
先と同じスキャンログが出ています。

お手数ですが先の要領でセーフモードでOTLを起動して、スクリプトをOTLに貼り付けて「Run fix」ボタンを押してください。
「Run scan」すると最初の作業と同様にOTLスキャンログがまた出てしまいますので。

自分から次のレスできるのはまた明日夜になりそうなので、異常が沈静化しているなら作業も急がなくていいです

返信が大変に遅くなってしまい、申し訳ございません。


引越しと、プロバイダー変更等ありネットへの接続が出来ていない状態が続いてしまいました。
引越し先で、やたらとPCの動作が重く開くのさえ億劫でしたがようやく久しぶりに悪代官様のHPにたどり着くことができました。

暑い日が続きますが、体調等崩されてはいませんか？

ログを貼り付けましたので、確認をお願い致します。
これから様子を見まして、状況の報告を後ほどさせて頂きますね。



Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}\ not found.
File C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihkglbebihpaflfihhkfmpabjgdpnol\0.125_0 not found.
Folder C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\ not found.
File C:\Users\pc user\AppData\Roaming\appdataFr3.bin not found.
File C:\Users\pc user\AppData\Roaming\appdataFr3.bin not found.
File rity] not found.
File sethosts] not found.
File ptytemp] not found.
File eaterestorepoint] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 07122015_145214

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

作業と報告、ご苦労様です。

>引越しと、プロバイダー変更等ありネットへの接続が出来ていない状態が続いてしまいました。
>引越し先で、やたらとPCの動作が重く開くのさえ億劫でしたがようやく久しぶりに悪代官様のHPにたどり着くことができました。

お引越しでしたか。
リアルでかなりお忙しかったようですね。

OTLログを見せていただきましたが、処置対象はnot found（見つからない）となってますね。
ということはそれらは既に消えているようです。

ではまた状態確認しましょうか。
先の要領で、OTLでスキャンしてみてください。

スキャンできたらそのログをまた見せてください

%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe

お返事遅くなりましてごめんなさい、パソコンの調子は問題ありません。

OTLでスキャンしましたので、確認をお願い致します。





OTL logfile created on: 2015/07/21 15:07:23 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pc user\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.99 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 38.06% Memory free
3.98 Gb Paging File | 2.74 Gb Available in Paging File | 68.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 30.99 Gb Free Space | 41.64% Space Free | Partition Type: NTFS

Computer Name: PCUSER-PC | User Name: pc user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/07/03 15:28:02 | 000,132,160 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2015/05/08 06:21:06 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2015/04/20 21:54:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
PRC - [2015/04/08 22:03:10 | 000,180,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
PRC - [2015/04/07 11:51:22 | 000,691,968 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\McAPExe.exe
PRC - [2015/04/02 15:07:12 | 000,563,200 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
PRC - [2015/04/02 15:07:12 | 000,291,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
PRC - [2015/04/01 11:33:32 | 000,334,576 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
PRC - [2015/03/13 20:10:26 | 005,529,880 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015/02/17 14:50:38 | 000,238,288 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2015/02/17 14:49:02 | 000,196,600 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2015/01/16 01:40:10 | 000,764,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
PRC - [2014/10/17 15:24:20 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2014/09/12 18:43:26 | 000,041,336 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
PRC - [2014/05/02 15:47:14 | 001,065,024 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
PRC - [2013/09/13 15:28:58 | 002,387,520 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\MyEPSON Connect\mep.exe
PRC - [2013/04/15 08:00:02 | 000,143,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
PRC - [2013/01/24 08:00:02 | 000,260,160 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATILDJ.EXE
PRC - [2012/11/23 11:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/01 16:17:38 | 000,703,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\MyEPSON Connect\mepService.exe
PRC - [2012/05/17 00:00:00 | 000,126,128 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/02/25 14:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/03/13 22:54:32 | 000,029,696 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1041.dll
MOD - [2015/01/20 22:35:44 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015/07/21 14:56:16 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/07/03 15:28:02 | 000,132,160 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2015/05/26 03:01:45 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/05/23 12:05:18 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/04/09 15:59:34 | 000,481,336 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2015/04/08 22:03:10 | 000,180,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe -- (mccspsvc)
SRV - [2015/04/07 11:51:22 | 000,691,968 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV - [2015/04/02 15:07:12 | 000,291,816 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2015/04/02 15:07:12 | 000,291,816 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2015/04/02 15:07:12 | 000,291,816 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV - [2015/04/02 15:07:12 | 000,291,816 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2015/04/02 15:07:12 | 000,291,816 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2015/04/02 15:07:12 | 000,291,816 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV - [2015/04/01 11:33:32 | 000,334,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe -- (mfemms)
SRV - [2015/02/17 14:50:38 | 000,238,288 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2015/02/17 14:49:02 | 000,196,600 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/15 08:00:02 | 000,143,424 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE -- (EPSON_PM_RPCV4_06)
SRV - [2012/10/01 16:17:38 | 000,703,616 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\MyEPSON Connect\mepService.exe -- (MyEPSON Connect Service)
SRV - [2012/05/17 00:00:00 | 000,126,128 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2009/07/14 10:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\pc user\Downloads\Glary Utilities 3\ProcObsrv.sys -- (ProcObsrv)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2015/02/17 14:52:48 | 000,082,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfedisk.sys -- (mfedisk)
DRV - [2015/02/17 14:52:08 | 000,304,928 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeaack.sys -- (mfeaack)
DRV - [2015/02/17 14:51:42 | 000,061,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2015/02/17 14:50:42 | 000,217,584 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2015/02/17 14:49:36 | 000,648,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2015/02/17 14:49:06 | 000,371,648 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2015/02/17 14:48:32 | 000,260,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2015/01/16 00:48:40 | 000,080,760 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencrk.sys -- (mfencrk)
DRV - [2015/01/16 00:48:24 | 000,380,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfencbdc.sys -- (mfencbdc)
DRV - [2013/09/23 13:48:38 | 000,147,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2010/11/21 06:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/21 06:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/21 06:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ja-jp/?ocid=iehp
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E 86 52 21 76 C3 D0 01 [binary data]
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pc user\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pc user\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015/01/04 18:07:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2015/07/12 11:25:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2015/06/23 14:29:44 | 000,000,000 | ---D | M]

[2012/08/17 22:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\pc user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.14_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.417.10417_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\8.0.0.1257_0\

O1 HOSTS File: ([2009/06/11 06:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\EPSON Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\EPSON Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [EPLTarget\P0000000000000003] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATILDJ.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun = 255
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 122.197.254.7 122.197.254.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892FD758-0C1F-4701-949C-42276264BE02}: NameServer = 202.238.95.24 202.238.95.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5499131-6265-488D-B08A-69A9DB98D6D1}: DhcpNameServer = 122.197.254.7 122.197.254.10
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 06:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/07/12 14:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2015/06/24 03:43:06 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015/06/23 14:59:04 | 000,901,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015/06/23 14:59:04 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/06/23 14:59:04 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/06/23 14:59:04 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/06/23 14:59:04 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/06/23 14:59:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015/06/23 14:59:04 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015/06/23 14:59:03 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/06/23 14:59:00 | 002,384,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/06/23 14:58:58 | 000,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2015/06/23 14:58:50 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/06/23 14:58:50 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015/06/23 14:58:50 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015/06/23 14:58:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/06/23 14:58:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015/06/23 14:58:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/06/23 14:58:49 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015/06/23 14:58:49 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/06/23 14:58:49 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015/06/23 14:58:49 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/06/23 14:58:49 | 000,342,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/06/23 14:58:49 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/06/23 14:58:49 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/06/23 14:58:48 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/06/23 14:58:47 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/06/23 14:58:47 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015/06/23 14:58:47 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/06/23 14:58:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015/06/23 14:58:45 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/06/23 14:58:45 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/06/23 14:58:43 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/06/23 14:58:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015/06/23 14:58:40 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015/06/23 14:58:39 | 004,305,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/06/23 14:57:50 | 000,853,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015/06/23 14:57:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015/06/23 14:57:49 | 003,989,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/06/23 14:57:48 | 003,934,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/06/23 14:57:47 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/06/23 14:57:47 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015/06/23 14:57:46 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/06/23 14:57:46 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015/06/23 14:57:46 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/06/23 14:57:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/06/23 14:57:46 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015/06/23 14:57:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/06/23 14:57:45 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015/06/23 14:57:45 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/06/23 14:57:45 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015/06/23 14:57:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015/06/23 14:57:44 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/06/23 14:57:44 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/06/23 14:57:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/06/23 14:57:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/06/23 14:57:23 | 001,250,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015/06/23 14:56:52 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdbinst.exe
[2015/06/23 14:56:47 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2015/06/23 14:56:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jnwmon.dll
[2015/06/23 14:56:43 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2015/06/23 14:56:39 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2015/06/23 14:56:39 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2015/06/23 14:56:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2015/06/23 14:56:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2015/06/23 14:56:35 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2015/06/23 14:56:35 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2015/06/23 14:56:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2015/06/23 14:56:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/06/23 14:56:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2015/06/23 14:56:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2015/06/23 14:56:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2015/06/23 14:56:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2015/06/23 14:56:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2015/06/23 14:56:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2015/06/23 14:56:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2015/06/23 14:56:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2015/06/23 14:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\マカフィー
[2015/06/23 14:29:30 | 000,147,912 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2015/06/23 14:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2015/06/23 14:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2015/06/23 14:17:42 | 000,238,288 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2015/06/23 14:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2015/06/23 14:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/07/21 15:03:38 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {C70B0581-4D6C-4A94-8220-F9584C02EBB9}.job
[2015/07/21 15:03:38 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {9CB45B62-469F-4526-86A2-260664693BB5}.job
[2015/07/21 15:03:38 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {696C66E9-4FCF-44DA-8238-04FAFA9B2A1A}.job
[2015/07/21 15:03:38 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {0F27948F-E85D-4B4E-AA36-8FE6F045BDFE}.job
[2015/07/21 14:56:24 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/07/21 14:56:00 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/07/21 14:56:00 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/07/21 14:52:48 | 000,028,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/07/21 14:52:48 | 000,028,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/07/21 14:44:35 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2015/07/21 14:44:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/07/21 14:44:20 | 1603,870,720 | -HS- | M] () -- C:\hiberfil.sys
[2015/07/21 14:34:07 | 000,000,708 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000UA.job
[2015/07/21 14:31:09 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000Core.job
[2015/07/12 11:57:27 | 000,002,361 | ---- | M] () -- C:\Users\pc user\Desktop\Google Chrome.lnk
[2015/07/12 11:36:16 | 000,653,930 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/07/12 11:36:16 | 000,410,838 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2015/07/12 11:36:16 | 000,121,884 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2015/07/12 11:36:16 | 000,121,802 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/07/12 11:26:10 | 000,267,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/06/23 14:30:28 | 000,001,916 | ---- | M] () -- C:\Users\Public\Desktop\マルチアクセス - PCセキュリティセンター.lnk
[2015/06/23 14:01:40 | 000,000,242 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/07/12 14:23:08 | 000,000,626 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/06/23 14:30:28 | 000,001,916 | ---- | C] () -- C:\Users\Public\Desktop\マルチアクセス - PCセキュリティセンター.lnk
[2015/06/23 14:29:43 | 000,002,233 | ---- | C] () -- C:\Windows\System32\drivers\mfencrk.inf
[2015/06/23 14:29:30 | 000,002,151 | ---- | C] () -- C:\Windows\System32\drivers\mfencbdc.inf
[2014/05/27 06:20:00 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/27 06:16:13 | 000,000,036 | ---- | C] () -- C:\Users\pc user\AppData\Local\housecall.guid.cache
[2013/10/16 18:19:02 | 000,000,006 | ---- | C] () -- C:\Users\pc user\AppData\Roaming\WBPU-TTL.DAT
[2013/09/29 12:22:03 | 000,000,262 | ---- | C] () -- C:\Users\pc user\AppData\Roaming\WB.CFG
[2013/02/17 17:15:34 | 000,003,584 | ---- | C] () -- C:\Users\pc user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 06:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 10:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/07/21 14:56:24 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/07/21 15:03:38 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {0F27948F-E85D-4B4E-AA36-8FE6F045BDFE}.job
[2015/07/21 15:03:38 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {696C66E9-4FCF-44DA-8238-04FAFA9B2A1A}.job
[2015/07/21 15:03:38 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {9CB45B62-469F-4526-86A2-260664693BB5}.job
[2015/07/21 15:03:38 | 000,000,917 | ---- | M] () -- C:\Windows\tasks\EPSON PX-046A Series Update {C70B0581-4D6C-4A94-8220-F9584C02EBB9}.job
[2015/07/21 14:44:35 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2015/07/21 14:31:09 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000Core.job
[2015/07/21 15:31:10 | 000,000,708 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771866650-3935571951-379171006-1000UA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD800JD-55MSA1 ATA Device
Partitions: 2
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 74.00GB
Starting Offset: 105906176
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV - [2015/03/04 13:10:52 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2013/02/27 13:49:16 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 10:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/21 06:29:08 | 000,585,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/21 06:29:12 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2015/05/26 03:00:17 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/05 06:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/21 06:29:12 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/21 06:29:12 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 14:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 10:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/21 06:29:07 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/07/14 10:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 10:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 10:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2014/12/06 12:50:19 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 10:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 19:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 14:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2015/05/26 03:00:17 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 10:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/21 06:29:24 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/21 06:29:12 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 10:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2015/05/26 03:00:17 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/14 10:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/21 06:29:07 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/21 06:29:12 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/21 06:29:21 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/21 06:29:07 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 10:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2014/12/19 11:43:00 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/21 06:29:12 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/21 06:29:49 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/21 06:29:11 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/21 06:29:06 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/21 06:29:41 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/21 06:29:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 10:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2015/03/25 12:00:57 | 002,020,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/21 06:29:20 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 10:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/21 06:29:07 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >

作業と報告、ご苦労様です。
再度のOTLスキャンログも見せてもらいました。

見たところ、今度はおかしなエントリも消えてるようです。

ではここで一度他のログから再確認してみましょう。
お手数ですがCCで「コンテキストメニュー」を含む各タブのログとインストール情報とHJTログを取り直して、それらをまた見せてください。