16:32:36.0272 0x1df8  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
16:32:36.0272 0x1df8  UEFI system
16:32:36.0897 0x1df8  ============================================================
16:32:36.0897 0x1df8  Current date / time: 2021/02/07 16:32:36.0897
16:32:36.0897 0x1df8  SystemInfo:
16:32:36.0897 0x1df8  
16:32:36.0897 0x1df8  OS Version: 10.0.19042 ServicePack: 0.0
16:32:36.0897 0x1df8  Product type: Workstation
16:32:36.0897 0x1df8  ComputerName: DESKTOP-C7V7QKB
16:32:36.0897 0x1df8  UserName: Ricardo
16:32:36.0897 0x1df8  Windows directory: C:\WINDOWS
16:32:36.0897 0x1df8  System windows directory: C:\WINDOWS
16:32:36.0897 0x1df8  Running under WOW64
16:32:36.0897 0x1df8  Processor architecture: Intel x64
16:32:36.0897 0x1df8  Number of processors: 4
16:32:36.0897 0x1df8  Page size: 0x1000
16:32:36.0897 0x1df8  Boot type: Normal boot
16:32:36.0897 0x1df8  CodeIntegrityOptions = 0x00000001
16:32:36.0897 0x1df8  ============================================================
16:32:36.0897 0x1df8  KLMD ARK init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
16:32:36.0897 0x1df8  KLMD BG init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
16:32:36.0897 0x1df8  BG loaded
16:32:37.0132 0x1df8  System UUID: {4E7232EB-0F20-CC85-1594-9D0A3BDED056}
16:32:37.0976 0x1df8  !crdlk
16:32:37.0976 0x1df8  Drive \Device\Harddisk0\DR0 - Size: 0x6FC86D6000 ( 447.13 Gb ), SectorSize: 0x200, Cylinders: 0xE401, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
16:32:38.0023 0x1df8  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1115E00 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:32:38.0023 0x1df8  Drive \Device\Harddisk2\DR2 - Size: 0x15D4EF00000 ( 1397.23 Gb ), SectorSize: 0x200, Cylinders: 0x2C87D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:32:38.0038 0x1df8  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1115800 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:32:38.0038 0x1df8  ============================================================
16:32:38.0038 0x1df8  \Device\Harddisk0\DR0:
16:32:38.0038 0x1df8  GPT partitions:
16:32:38.0038 0x1df8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AFB0463E-F92E-4117-8B12-1F9E35149C1E}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
16:32:38.0038 0x1df8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {677BC9EA-927E-454B-91C6-C24813A6CA89}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
16:32:38.0038 0x1df8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {EFBD3F13-E848-41B5-839C-67FFD9758194}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x8000
16:32:38.0038 0x1df8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {421B5778-C0E3-45BD-A625-951DDCB74128}, Name: Basic data partition, StartLBA 0x134000, BlocksNum 0x37B6A465
16:32:38.0038 0x1df8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {95B8805E-6FE7-456E-A099-8A1CB485CE5C}, Name: , StartLBA 0x37C9E800, BlocksNum 0x1A4000
16:32:38.0038 0x1df8  MBR partitions:
16:32:38.0038 0x1df8  \Device\Harddisk1\DR1:
16:32:38.0038 0x1df8  MBR partitions:
16:32:38.0038 0x1df8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0xE8E074C1
16:32:38.0038 0x1df8  \Device\Harddisk2\DR2:
16:32:38.0038 0x1df8  MBR partitions:
16:32:38.0038 0x1df8  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA77000
16:32:38.0038 0x1df8  \Device\Harddisk3\DR3:
16:32:38.0038 0x1df8  MBR partitions:
16:32:38.0038 0x1df8  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x32000, BlocksNum 0xE8DD5800
16:32:38.0038 0x1df8  ============================================================
16:32:38.0038 0x1df8  C: <-> \Device\Harddisk0\DR0\Partition4
16:32:38.0116 0x1df8  F: <-> \Device\Harddisk1\DR1\Partition1
16:32:38.0163 0x1df8  H: <-> \Device\Harddisk3\DR3\Partition1
16:32:38.0304 0x1df8  I: <-> \Device\Harddisk2\DR2\Partition1
16:32:38.0304 0x1df8  ============================================================
16:32:38.0304 0x1df8  Initialize success
16:32:38.0304 0x1df8  ============================================================
16:33:32.0525 0x1cd8  Deinitialize success