R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F2 - REG:system.ini: UserInit=D:\WINDOWS\SYSTEM32\Userinit.exe,D:\WINDOWS\system32\ee2f61d0.exe,D:\WI NDOWS\system32\zxffax.exe,
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DeleteFile('D:\WINDOWS\system32\ee2f61d0.exe');
DeleteFile('D:\WINDOWS\system32\zxffax.exe');
DeleteFile('D:\Documents and Settings\Иван\Главное меню\Программы\Автозагрузка\monoca32.exe');
BC_DeleteFile('D:\Documents and Settings\Иван\Главное меню\Программы\Автозагрузка\monoca32.exe');
DeleteFileMask('D:\Documents and Settings\Иван\Local Settings\Temp', '*.*', true);
BC_ImportALL;
ExecuteSysClean;
ExecuteRepair(20);
ExecuteWizard('TSW', 2, 2, true);
ExecuteWizard('SCU', 2, 2, true);
BC_Activate;
RebootWindows(true);
end.

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O4 - S-1-5-18 Startup: monoca32.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Север-Связь.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: monoca32.exe (User 'Default user')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT Startup: Север-Связь.lnk = ? (User 'Default user')
O4 - Startup: monoca32.exe
O4 - Startup: OpenOffice.org 3.1.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Север-Связь.lnk = ?