;============================
;(0) groups list
;============================
[GROUPS]
1=HOSTS file
2=System Startup
3=Internet Security
4=Internet Explorer Settings
5=Internet Explorer Plugins
6=System Security
7=System services

;============================
;(1) HOSTS file (nt-based)
;============================
[HOSTS file]
1=Tcpip

[Tcpip]
key=HKLM\SYSTEM\ControlSet???\Services\Tcpip\Parameters
1=DatabasePath

;============================
;(2) System Startup
;============================
; All record from Start-Up.ini file
[System Startup]
19=anyfile_open
20=anyfile_runas
21=AEDebug
22=Winlogon_Shell
23=SafeBoot_Network_Parameters
24=Winlogon_Notify
25=Main_Run
26=ICQ_Agent
27=ICQ_Path
31=ActiveSetup
32=WOW_BOOT
33=WOW_NonWindowsApp
34=WOW_Standard
35=CurrentVersion_Drivers
36=CurrentVersion_Drivers32
37=AppInit_DLLs
38=ShellServiceObjectDelayLoad
39=BootExecute
40=VBA_Monitors
41=SCRNSAVE
42=SharedTaskScheduler
43=ShellExecuteHooks
44=System_Scripts
45=Explorer_Run
46=WinSock2_Parameters
47=Taskman
48=Policies_Shell
49=Shell Extensions
50=Command_Processor_AutoRun
51=Explorer_FileExts
52=MPRServices
53=Common Startup
54=Users_Startup
55=Environment_ComSpec
57=GinaDLL
58=BootVerificationProgram
59=VirtualDeviceDrivers
60=SafeBoot_AlternateShell
61=SafeBoot_Minimal
62=SafeBoot_Network
63=SafeBoot_Minimal_Parameters
64=Main_Run_CUser

[anyfile_open]
key=HKEY_CLASSES_ROOT\*file\shell\open\command
1=*

[anyfile_runas]
key=HKEY_CLASSES_ROOT\*file\shell\runas\command
1=*

[AEDebug]
key=*\Software\Microsoft\Windows NT\CurrentVersion\AEDebug
1=Debugger

[Winlogon_Shell]
key=*\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
1=Shell
2=UserInit

[Winlogon_Notify]
key=*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\*
1=DllName

[Main_Run]
key=*\Software\Microsoft\Windows*\CurrentVersion\Run*
1=*

[ICQ_Agent]
key=HKCU\Software\Mirabilis\ICQ\Agent\Apps
1=*

[ICQ_Path]
key=HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ICQ*
1=Path

[ActiveSetup]
key=HKLM\Software\Microsoft\Active Setup\Installed Components\*
1=StubPath

[WOW_BOOT]
key=HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\BOOT
1=*

[WOW_NonWindowsApp]
key=HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\NonWindowsApp
1=*

[WOW_Standard]
key=HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\Standard
1=*

[CurrentVersion_Drivers]
key=HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers
1=*

[CurrentVersion_Drivers32]
key=HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
1=*

[AppInit_DLLs]
key=HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows
1=AppInit_DLLs

[ShellServiceObjectDelayLoad]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
1=*

[BootExecute]
key=HKLM\system\currentcontrolset\control\Session Manager
1=BootExecute

[VBA_Monitors]
key=HKLM\SOFTWARE\Microsoft\VBA\Monitors\*
1=CLSID

[SCRNSAVE]
key=*\Control Panel\Desktop
1=SCRNSAVE.EXE

[SharedTaskScheduler]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
1=*

[ShellExecuteHooks]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
1=*

[System_Scripts]
key=*\Software\Policies\Microsoft\Windows\System\Scripts\*
1=*

[Explorer_Run]
key=*\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
1=*

[WinSock2_Parameters]
key=HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries
recursive=1
1=*

[Taskman]
key=*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
1=Taskman

[Policies_Shell]
key=*\Software\Microsoft\Windows\CurrentVersion\Policies\System
1=Shell

[Shell Extensions]
key=HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
1=*

[Command_Processor_AutoRun]
key=*\Software\Microsoft\Command Processor
1=AutoRun

[Explorer_FileExts]
key=HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe
1=*

[MPRServices]
key=HKLM\System\CurrentControlSet\Control\MPRServices\*
1=DLLName

[Common Startup]
key=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
1=Common Startup

[Users_Startup]
key=HKEY_USERS\*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
1=Startup

[Environment_ComSpec]
key=HKLM\SYSTEM\ControlSet???\Control\Session Manager\Environment
1=ComSpec

[GinaDLL]
key=HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
1=GinaDLL

[BootVerificationProgram]
key=HKLM\SYSTEM\ControlSet???\Control\BootVerificationProgram
1=ImagePath

[VirtualDeviceDrivers]
key=HKLM\SYSTEM\ControlSet???\Control\VirtualDeviceDrivers
1=VDD

[SafeBoot_AlternateShell]
key=HKLM\SYSTEM\ControlSet???\Control\SafeBoot
1=AlternateShell

[SafeBoot_Minimal]
key=HKLM\SYSTEM\ControlSet???\Control\SafeBoot\Minimal\*
1=ImagePath

[SafeBoot_Network]
key=HKLM\SYSTEM\ControlSet???\Control\SafeBoot\Network\*
1=ImagePath
    
[SafeBoot_Minimal_Parameters]
key=HKLM\SYSTEM\ControlSet???\Control\SafeBoot\Minimal\*\Parameters
1=ServiceDll

[Main_Run_CUser]
key=HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
1=load
2=run

[SafeBoot_Network_Parameters]
key=HKLM\SYSTEM\ControlSet???\Control\SafeBoot\Network\*\Parameters
1=ServiceDll

;============================    
;(3) Internet Security
;============================
[Internet Security]
1=TemplatePolicies
2=ZoneMap
3=Zones
4=Policies_TemplatePolicies
5=Policies_ZoneMap
6=Policies_Zones

[TemplatePolicies]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies\*
1=*

[ZoneMap]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\*
1=*

[Zones]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\*
1=*

[Policies_TemplatePolicies]
key=HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies\*
1=*

[Policies_ZoneMap]
key=HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\*
1=*

[Policies_Zones]
key=HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\*
1=*

;============================
;(4) Internet Explorer Settings
;============================
[Internet Explorer Settings]
1=DefaultPrefix
2=Prefixes
3=AboutURLs
4=Search
5=Main
6=URLSearchHooks
7=SearchURL
8=FeatureControl
9=IEWallpaper
10=IESafeModeWallpaper
11=SafeSites
12=Styles

[DefaultPrefix]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
1=*

[Prefixes]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
1=*

[AboutURLs]
key=*\SOFTWARE\Microsoft\Internet Explorer\AboutURLs
1=*

[Search]
key=*\SOFTWARE\Microsoft\Internet Explorer\Search
1=SearchAssistant
2=CustomizeSearch

[Main]
key=*\SOFTWARE\Microsoft\Internet Explorer\Main
1=Default_Page_URL
2=Default_Search_URL
3=Search Page
4=Start Page
5=Search Bar

[URLSearchHooks]
key=HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks
1=*

[SearchURL]
key=HKCU\Software\Microsoft\Internet Explorer\SearchURL
1=*

[FeatureControl]
key=HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\*
1=*

[IEWallpaper]
key=HKCU\Software\Microsoft\Internet Explorer\Desktop\General
1=Wallpaper

[IESafeModeWallpaper]
key=HKCU\Software\Microsoft\Internet Explorer\Desktop\SafeMode\General
1=Wallpaper

[SafeSites]
key=HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites
1=*

[Styles]
key=*\Software\Microsoft\Internet Explorer\Styles
1=Use My Stylesheet
2=User Stylesheet


;============================
;(5) Internet Explorer Plugins
;============================
[Internet Explorer Plugins]
1=BHO
2=IEToolbar
3=MenuExt

[BHO]
key=*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\*
1=*

[IEToolbar]
key=*\SOFTWARE\Microsoft\Internet Explorer\Toolbar\*
1=*

[MenuExt]
key=*\SOFTWARE\Microsoft\Internet Explorer\MenuExt\*
1=*

;============================
;(6) System Security
;============================
[System Security]
1=Policies_Explorer
2=Policies_System
3=Memory Management
4=Winlogon
5=Driver Signing
6=Firewall Policy

[Policies_Explorer]
key=*\SOFTWARE\Microsoft\Windows\Currentversion\Policies\Explorer
1=*

[Policies_System]
key=*\Software\Microsoft\Windows\CurrentVersion\Policies\System
1=*

[Memory Management]
key=HKLM\SYSTEM\ControlSet???\Control\Session Manager\Memory Management
1=EnforceWriteProtection

[Winlogon]
key=HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
1=SFCDisable

[Driver Signing]
key=*\Software\Microsoft\Driver Signing
1=Policy

[Firewall Policy]
key=HKLM\SYSTEM\ControlSet???\Services\SharedAccess\Parameters\FirewallPolicy\* 
1=*

;============================
;(7) System services
;============================
[System services]
28=Services_ImagePath
29=Services_Parameters
30=Services_VXD

[Services_ImagePath]
key=HKLM\System\ControlSet???\Services\*
1=ImagePath

[Services_Parameters]
key=HKLM\System\ControlSet???\Services\*\Parameters
1=ServiceDll

[Services_VXD]
key=HKLM\System\ControlSet???\Services\VXD\*
1=StaticVxD

; 0XLSznpdI71fB300e7Uwj1Nj0OM1VBE73pDPLuKL7ZZCpRVtjUINBVrR4dнн