13:03:56.0518 1600 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 13:03:56.0770 1600 ============================================================ 13:03:56.0770 1600 Current date / time: 2012/12/10 13:03:56.0770 13:03:56.0770 1600 SystemInfo: 13:03:56.0770 1600 13:03:56.0770 1600 OS Version: 6.1.7601 ServicePack: 1.0 13:03:56.0770 1600 Product type: Workstation 13:03:56.0770 1600 ComputerName: XXX-KOMPUTER 13:03:56.0770 1600 UserName: xxx 13:03:56.0770 1600 Windows directory: C:\Windows 13:03:56.0770 1600 System windows directory: C:\Windows 13:03:56.0770 1600 Running under WOW64 13:03:56.0770 1600 Processor architecture: Intel x64 13:03:56.0770 1600 Number of processors: 4 13:03:56.0770 1600 Page size: 0x1000 13:03:56.0770 1600 Boot type: Normal boot 13:03:56.0770 1600 ============================================================ 13:03:58.0622 1600 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:03:58.0639 1600 ============================================================ 13:03:58.0639 1600 \Device\Harddisk0\DR0: 13:03:58.0649 1600 MBR partitions: 13:03:58.0649 1600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 13:03:58.0649 1600 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC7FF800 13:03:58.0649 1600 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC832000, BlocksNum 0x33F6A000 13:03:58.0649 1600 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x4079C000, BlocksNum 0x33F6A000 13:03:58.0649 1600 ============================================================ 13:03:58.0696 1600 C: <-> \Device\Harddisk0\DR0\Partition2 13:03:58.0763 1600 D: <-> \Device\Harddisk0\DR0\Partition3 13:03:58.0863 1600 E: <-> \Device\Harddisk0\DR0\Partition4 13:03:58.0863 1600 ============================================================ 13:03:58.0863 1600 Initialize success 13:03:58.0863 1600 ============================================================ 13:07:19.0641 3064 Deinitialize success