現在の状態ですが、インターネットエクスプローラーでのHP閲覧に関しては問題はありません。
前回電源を切る際上手くいかなかったようで、電源を点ける時黒い画面(セーフモードを行う時に表示されるもの)になっていました。
ただ、試しにGoogle Chromeで開くと、MBAMが反応して「IPブロックしました」という表示に切り替わる場面がみられました。
私は通信大学で生徒用のページにログインをするのですが、以前はそこにログインしようとすると(IDとパス入力の画面で)高確率で広告画面に切り替わっていました。後、e-ラーニングで動画を見る時に大きな×印が表示されて動画が流れるものの画面が邪魔されたりと。
先ほどIPブロックされたと表示が出たのも、ログイン画面でしたがその後は特に何もありません。(何度かログイン画面を開きなおしましたが正常です)
以前に比べだいぶ改善されました。
【OTL.txt】
OTL logfile created on: 2015/04/20 22:14:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pc user\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.94% Memory free
3.98 Gb Paging File | 2.91 Gb Available in Paging File | 73.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 29.55 Gb Free Space | 39.70% Space Free | Partition Type: NTFS
Computer Name: PCUSER-PC | User Name: pc user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2015/04/20 21:54:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
PRC - [2015/03/13 20:10:26 | 005,529,880 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/10/17 15:24:20 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2014/05/02 15:47:14 | 001,065,024 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
PRC - [2013/12/05 09:37:24 | 001,179,232 | ---- | M] (西日本電信電話株式会社) -- C:\Program Files\NTTW\StartUpToolN\StartUpTool_w.exe
PRC - [2013/09/13 15:28:58 | 002,387,520 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\MyEPSON Connect\mep.exe
PRC - [2013/09/09 18:40:06 | 001,047,560 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2013/09/09 18:40:06 | 000,132,920 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2013/08/02 09:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/04/15 08:00:02 | 000,143,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
PRC - [2013/01/24 08:00:02 | 000,260,160 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATILDJ.EXE
PRC - [2012/11/23 11:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/01 16:17:38 | 000,703,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\MyEPSON Connect\mepService.exe
PRC - [2012/07/13 19:17:36 | 000,221,264 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\coreServiceShell.exe
PRC - [2012/07/13 19:17:24 | 000,142,984 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\coreFrameworkHost.exe
PRC - [2012/07/13 19:17:02 | 000,674,464 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\NTTW\SECURITY\AMSP\AMSP_LogServer.exe
PRC - [2012/05/17 00:00:00 | 000,126,128 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/02/25 14:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2015/03/13 22:54:32 | 000,029,696 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1041.dll
MOD - [2015/01/20 22:35:44 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/03 03:26:30 | 000,049,152 | ---- | M] () -- C:\Program Files\NTTW\SECURITY\AMSP\boost_date_time-vc80-mt-1_49.dll
MOD - [2012/05/03 03:24:14 | 000,057,344 | ---- | M] () -- C:\Program Files\NTTW\SECURITY\AMSP\boost_thread-vc80-mt-1_49.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- C:\Program Files\Baidu\IME\3.5.2.45\BaiduJPServ.exe -- (BaiduJP_IME_Service_3.5.2.45)
SRV - File not found [Auto | Running] -- C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2015/03/13 12:16:24 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/15 08:00:02 | 000,143,424 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE -- (EPSON_PM_RPCV4_06)
SRV - [2012/10/01 16:17:38 | 000,703,616 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\MyEPSON Connect\mepService.exe -- (MyEPSON Connect Service)
SRV - [2012/05/17 00:00:00 | 000,126,128 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2009/07/14 10:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\pc user\Downloads\Glary Utilities 3\ProcObsrv.sys -- (ProcObsrv)
DRV - [2015/04/20 21:51:19 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/11/21 06:14:20 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/11/21 06:14:06 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/09/05 19:38:48 | 000,263,072 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2013/09/05 19:38:48 | 000,096,736 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2013/09/05 19:38:48 | 000,076,624 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2012/12/08 02:32:32 | 000,083,256 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmeevw.sys -- (tmeevw)
DRV - [2012/08/24 13:06:36 | 000,038,328 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TMEBC32.sys -- (TMEBC)
DRV - [2012/07/06 11:33:22 | 000,171,064 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2012/05/03 03:27:24 | 000,092,304 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/11/21 06:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/21 06:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/21 06:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{30FFC99A-FB94-554B-0854-3DD24FB8D7FD}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/ja-jp/?ocid=iehp
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 62 6D 33 D9 37 7A D0 01 [binary data]
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" =
http://www.amazon.co.jp/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_jp_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-jp-ie-22&tbrId=v1_abb-channel-7_fef320802a51431fba41e444a073f06b_30_46_20131016_JP_ie_ds_&query={searchTerms}
IE - HKU\S-1-5-21-771866650-3935571951-379171006-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pc user\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pc user\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\Program Files\NTTW\Security\AMSP\Module\20002\7.5.1144\7.5.1144\firefoxextension [2015/04/06 05:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\NTTW\Security\AMSP\module\20004\FxExt\firefoxextension\ [2015/04/06 05:53:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\firefoxextension [2014/05/27 06:21:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015/01/04 18:07:10 | 000,000,000 | ---D | M]
[2012/08/17 22:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\pc user\AppData\Local\Google\Chrome\Application\42.0.2311.90\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\pc user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.14_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.417.10417_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihkglbebihpaflfihhkfmpabjgdpnol\0.125_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\
CHR - Extension: No name found = C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
O1 HOSTS File: ([2009/06/11 06:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\NTTW\SECURITY\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (Yahoo!ツールバーフィッシング警告) - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\ypho.dll (Yahoo Japan Corporation. )
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\EPSON Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\SECURITY\AMSP\module\20002\7.5.1144\7.5.1144\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Yahoo!ツールバーヘルパー) - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (E-Photo) - {60B127CA-8AA4-4DCD-84A8-D18C2B2C4A96} - C:\Program Files\EPSON Software\E-Photo\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo!ツールバー) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O3 - HKLM\..\Toolbar: (セキュリティツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NTTW_OSA_AUS] C:\Program Files\NTTW\OSA_Aus\acs.exe (西日本電信電話株式会社)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\NTTW\Security\SEC\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [EPLTarget\P0000000000000003] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATILDJ.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-771866650-3935571951-379171006-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKU\S-1-5-21-771866650-3935571951-379171006-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun = 255
O9 - Extra Button: 故障かな?と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files\NTTW\OSA_SupportTool\start_w.exe (西日本電信電話株式会社)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892FD758-0C1F-4701-949C-42276264BE02}: NameServer = 202.238.95.24 202.238.95.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5499131-6265-488D-B08A-69A9DB98D6D1}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\SECURITY\AMSP\module\20002\7.5.1144\7.5.1144\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\NTTW\SECURITY\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\SECURITY\SEC\UIFramework\ProToolbarIMRatingActiveX.dll (西日本電信電話株式会社)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 06:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2015/04/20 21:54:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\pc user\Desktop\OTL.exe
[2015/04/19 22:24:11 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/04/19 22:23:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/04/19 22:23:27 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/04/19 22:23:27 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/04/19 22:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/04/19 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Roaming\Malwarebytes
[2015/04/19 22:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/19 22:18:12 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015/04/19 10:48:48 | 000,000,000 | ---D | C] -- C:\Users\pc user\Desktop\backups
[2015/04/19 10:37:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\pc user\Desktop\HijackThis.exe ☆.exe
[2015/04/19 10:08:36 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Local\ElevatedDiagnostics
[2015/04/19 09:40:46 | 000,000,000 | ---D | C] -- C:\Users\pc user\AppData\Roaming\Geek Uninstaller
[2015/04/18 20:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/04/18 20:11:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/04/18 20:06:09 | 000,000,000 | -HSD | C] -- C:\Users\pc user\AppData\Local\EmieBrowserModeList
[2015/04/18 19:47:09 | 005,344,528 | ---- | C] (Piriform Ltd) -- C:\Users\pc user\Desktop\ccsetup504.exe
[2015/04/15 15:18:17 | 000,896,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015/04/15 15:18:17 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/04/15 15:18:17 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/04/15 15:18:17 | 000,576,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/04/15 15:18:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015/04/15 15:18:16 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/04/15 15:18:15 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/04/15 15:18:15 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015/04/15 15:18:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2015/04/15 15:18:05 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/04/15 15:18:05 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/04/15 15:18:03 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/04/15 15:18:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/04/15 15:18:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/04/15 15:18:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/04/15 15:18:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/04/15 15:18:02 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/04/15 15:18:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/04/15 15:18:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/04/15 15:18:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/04/15 15:18:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/04/15 15:17:47 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015/04/15 15:17:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/04/15 15:17:47 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015/04/15 15:17:46 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/04/15 15:17:46 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015/04/15 15:17:46 | 000,342,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/04/15 15:17:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/04/15 15:17:45 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015/04/15 15:17:45 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/04/15 15:17:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015/04/15 15:17:45 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/04/15 15:17:45 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/04/15 15:17:45 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/04/15 15:17:44 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/04/15 15:17:44 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/04/15 15:17:43 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015/04/15 15:17:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/04/15 15:17:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015/04/15 15:17:41 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/04/15 15:17:41 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/04/15 15:17:39 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/04/15 15:17:38 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015/04/15 15:17:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015/04/15 15:17:34 | 004,305,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/04/15 15:17:25 | 003,088,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015/04/15 15:17:25 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015/04/15 15:17:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015/04/15 15:17:25 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015/04/15 15:17:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2015/04/15 15:17:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015/04/15 15:17:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015/04/15 15:17:25 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015/04/15 15:17:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2015/04/15 15:17:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2015/04/14 21:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/04/14 21:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/04/14 21:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/04/14 21:16:52 | 000,000,000 | ---D | C] -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
[2015/04/05 03:01:00 | 000,000,000 | --SD | C] -- C:\Windows\System32\GWX
[2015/04/02 19:59:14 | 006,337,032 | ---- | C] (Geek Uninstaller) -- C:\Users\pc user\Desktop\geek.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]