12:56:52.0817 3836 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 12:56:53.0113 3836 ============================================================ 12:56:53.0113 3836 Current date / time: 2013/10/03 12:56:53.0113 12:56:53.0113 3836 SystemInfo: 12:56:53.0113 3836 12:56:53.0113 3836 OS Version: 6.0.6002 ServicePack: 2.0 12:56:53.0113 3836 Product type: Workstation 12:56:53.0113 3836 ComputerName: RAMCOM 12:56:53.0113 3836 UserName: Ramcom 12:56:53.0113 3836 Windows directory: C:\Windows 12:56:53.0113 3836 System windows directory: C:\Windows 12:56:53.0113 3836 Processor architecture: Intel x86 12:56:53.0113 3836 Number of processors: 2 12:56:53.0113 3836 Page size: 0x1000 12:56:53.0113 3836 Boot type: Normal boot 12:56:53.0113 3836 ============================================================ 12:56:54.0361 3836 BG loaded 12:56:57.0497 3836 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 12:56:57.0606 3836 ============================================================ 12:56:57.0606 3836 \Device\Harddisk0\DR0: 12:56:57.0778 3836 MBR partitions: 12:56:57.0778 3836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F000, BlocksNum 0x1400000 12:56:57.0778 3836 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143F000, BlocksNum 0x1B885FF8 12:56:58.0183 3836 ============================================================ 12:56:58.0277 3836 C: <-> \Device\Harddisk0\DR0\Partition2 12:56:58.0324 3836 D: <-> \Device\Harddisk0\DR0\Partition1 12:56:58.0324 3836 ============================================================ 12:56:58.0324 3836 Initialize success 12:56:58.0324 3836 ============================================================ 12:57:16.0389 3084 Deinitialize success