Start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
Reboot:
HKU\Xplode\...\Run: [SecuROM] RUNDLL32.EXE C:\Users\Xplode\AppData\Local\SecuROM\ghckuvob.dll,DeleteCTXMLListElement [311296 2012-03-15] (Creative Technology Ltd)
C:\Users\Xplode\AppData\Local\SecuROM\ghckuvob.dll
2012-07-19 18:27 - 2012-07-19 18:27 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA% 
C:\Windows\Installer\{fb42f445-dc22-cd7f-b504-e16d82bd7246}  
C:\Users\Xplode\AppData\Local\{fb42f445-dc22-cd7f-b504-e16d82bd7246}  
C:\Windows\assembly\GAC_32\Desktop.ini          
C:\Windows\assembly\GAC_64\Desktop.ini   
Replace: C:\Windows\erdnt\cache64\services.exe C:\Windows\System32\services.exe 
EmptyTemp:
DeleteQuarantine:
End::