:OTL
IE - HKU\S-1-5-21-2103629919-1227636591-90160027-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.yahoo.com.../www.yahoo.com/ [binary data]
IE - HKU\S-1-5-21-2103629919-1227636591-90160027-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
O2 - BHO: (Facetheme) - {3fdba1ba-ae28-4045-9048-4ed2f3865629} - C:\Program Files (x86)\Object\bho_project.dll (InternetEngine)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Somoto Toolbar) - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll ()
O3 - HKU\S-1-5-21-2103629919-1227636591-90160027-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKU\S-1-5-21-2103629919-1227636591-90160027-1000..\Run: [EPSON WorkForce 320 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJA.EXE /FU "C:\Windows\TEMP\E_SD315.tmp" /EF "HKCU" File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
[2012/02/08 00:32:28 | 000,000,448 | ---- | M] () -- C:\ProgramData\1Bw2a3XcW36ZrR
[2012/02/08 00:16:06 | 000,000,456 | ---- | M] () -- C:\ProgramData\JAlRqVDtXulGJ8
[2012/02/08 00:14:21 | 000,000,272 | ---- | M] () -- C:\ProgramData\~JAlRqVDtXulGJ8
[2012/02/07 10:28:19 | 000,000,184 | ---- | M] () -- C:\ProgramData\~JAlRqVDtXulGJ8r
[2012/02/08 00:30:36 | 000,000,448 | ---- | C] () -- C:\ProgramData\1Bw2a3XcW36ZrR


:files
ipconfig /flushdns /c
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
C:\Users\Oscar is the best\AppData\Local\Temp\6AEA.tmp
C:\Users\Oscar is the best\AppData\Local\Temp\unregmp2.exe


:Commands
[purity]
[resethosts]
[emptyflash]
[emptyjava]
[createrestorepoint]
[Reboot]