:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
[2012/01/07 00:17:28 | 000,000,000 | ---D | M] (Spam Free Search Bar) -- C:\Users\lucas\AppData\Roaming\mozilla\Firefox\Profiles\m1jku03x.default\extensions\{00f12770-e60e-4dc6-9105-425bface7c73}
[2012/01/06 21:31:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lucas\AppData\Roaming\mozilla\Firefox\Profiles\m1jku03x.default\extensions\ffxtlbr@babylon.com
[2011/11/17 19:25:44 | 000,002,333 | ---- | M] () -- C:\Users\lucas\AppData\Roaming\Mozilla\Firefox\Profiles\m1jku03x.default\searchplugins\askcom.xml
[2011/12/17 17:07:22 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/11/10 05:54:13 | 000,476,904 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/03 19:38:20 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://focilux.photo...geUploader4.cab (Image Uploader Control)
[2012/01/03 19:37:02 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Local\Babylon
[2012/01/03 19:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/01/03 19:35:54 | 000,000,000 | ---D | C] -- C:\Users\lucas\AppData\Roaming\Babylon
[2011/12/21 20:47:49 | 000,000,000 | -H-D | C] -- C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/12/17 17:11:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\Sun
[2011/12/17 17:10:53 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\Java
[2011/12/21 22:04:39 | 000,000,448 | -H-- | M] () -- C:\ProgramData\xyVnk1DM374bcg
[2011/12/21 22:03:27 | 000,008,627 | -H-- | M] () -- C:\Windows\System32\PAV_FOG.OPC
[2011/12/21 22:03:21 | 000,000,312 | -H-- | M] () -- C:\ProgramData\~xyVnk1DM374bcg
[2011/12/21 22:03:21 | 000,000,208 | -H-- | M] () -- C:\ProgramData\~xyVnk1DM374bcgr
[2011/12/21 22:02:55 | 000,000,629 | -H-- | M] () -- C:\Users\lucas\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/21 20:51:43 | 000,000,440 | -H-- | M] () -- C:\ProgramData\XbjbnAJdxZhEWK
[2011/12/21 20:48:19 | 000,000,312 | -H-- | M] () -- C:\ProgramData\~XbjbnAJdxZhEWK
[2011/12/21 20:48:19 | 000,000,208 | -H-- | M] () -- C:\ProgramData\~XbjbnAJdxZhEWKr
[2011/12/21 20:47:50 | 000,000,605 | -H-- | M] () -- C:\Users\lucas\Desktop\System Fix.lnk
[2011/12/21 22:02:42 | 000,000,448 | -H-- | C] () -- C:\ProgramData\xyVnk1DM374bcg
[2011/12/21 20:47:43 | 000,000,440 | -H-- | C] () -- C:\ProgramData\XbjbnAJdxZhEWK
[2012/01/03 19:35:54 | 000,000,000 | ---D | M] -- C:\Users\lucas\AppData\Roaming\Babylon



:files
ipconfig /flushdns /c
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C


:Commands
[purity]
[resethosts]
[emptyflash]
[emptyjava]
[createrestorepoint]
[Reboot]