[69_Medichi_HKLM]
Key=\Software\Microsoft\Windows\CurrentVersion\Run
Val=Medichi
Root=HKLM
Type=0
Delete=1
[Registry]
69_Medichi_HKLM=1
69_Medichi2_HKLM=1
21_1201_HKLM=1
22_1201_HKLM=1
23_1201_HKLM=1
63_AppInit_DLLs_HKLM=1
[69_Medichi2_HKLM]
Key=\Software\Microsoft\Windows\CurrentVersion\Run
Val=Medichi2
Root=HKLM
Type=0
Delete=1
[DEL_AT_STARTUP]
medichi2.exe=1
medichi.exe=1
murka.dat=1
BEEP.SYS=1
BEEP_C.SYS=1
user32.dat=1
[medichi2.exe]
Val=%WinDir%\medichi2.exe
[medichi.exe]
Val=%WinDir%\medichi.exe
[21_1201_HKLM]
Key=\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
Val=1201
Root=HKLM
Type=4
Def=3
[22_1201_HKLM]
Key=\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
Val=1201
Root=HKLM
Type=4
Def=3
[23_1201_HKLM]
Key=\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
Val=1201
Root=HKLM
Type=4
Def=3
[63_AppInit_DLLs_HKLM]
Key=Software\Microsoft\Windows NT\CurrentVersion\Windows
Val=AppInit_DLLs
Root=HKLM
Type=1
Def=
[murka.dat]
Val=%WinDir%\murka.dat
[BEEP.SYS]
Val=%WinDir%\System32\DRIVERS\BEEP.SYS
[BEEP_C.SYS]
Val=%WinDir%\system32\dllcache\BEEP.SYS
[65_Beep.SYS_HKCU]
Val=Beep.SYS
[DRIVERS]
65_Beep.SYS_HKCU=1
65_Beep.SYS_HKLM=1
[65_Beep.SYS_HKLM]
Val=Beep.SYS
[user32.dat]
Val=%WinDir%\system32\user32.dat
[KILL_REG_KEYS]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\