16:59:23.0386 0x1298 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57 16:59:25.0445 0x1298 ============================================================ 16:59:25.0445 0x1298 Current date / time: 2015/10/17 16:59:25.0445 16:59:25.0445 0x1298 SystemInfo: 16:59:25.0445 0x1298 16:59:25.0445 0x1298 OS Version: 6.1.7601 ServicePack: 1.0 16:59:25.0445 0x1298 Product type: Workstation 16:59:25.0445 0x1298 ComputerName: ADMIN-KOMPUTER 16:59:25.0445 0x1298 UserName: Admin 16:59:25.0445 0x1298 Windows directory: C:\Windows 16:59:25.0445 0x1298 System windows directory: C:\Windows 16:59:25.0445 0x1298 Running under WOW64 16:59:25.0445 0x1298 Processor architecture: Intel x64 16:59:25.0445 0x1298 Number of processors: 4 16:59:25.0445 0x1298 Page size: 0x1000 16:59:25.0445 0x1298 Boot type: Normal boot 16:59:25.0445 0x1298 ============================================================ 16:59:25.0445 0x1298 BG loaded 16:59:26.0865 0x1298 System UUID: {7B66B039-5312-D3AD-DD2F-732095A6C1BB} 16:59:29.0851 0x1298 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:59:29.0861 0x1298 ============================================================ 16:59:29.0861 0x1298 \Device\Harddisk0\DR0: 16:59:29.0881 0x1298 MBR partitions: 16:59:29.0881 0x1298 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 16:59:29.0881 0x1298 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866E000 16:59:29.0881 0x1298 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x5C065800 16:59:29.0881 0x1298 ============================================================ 16:59:29.0971 0x1298 C: <-> \Device\Harddisk0\DR0\Partition2 16:59:30.0051 0x1298 D: <-> \Device\Harddisk0\DR0\Partition3 16:59:30.0051 0x1298 ============================================================ 16:59:30.0051 0x1298 Initialize success 16:59:30.0051 0x1298 ============================================================