16:47:35.0984 0x1a40  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
16:47:35.0984 0x1a40  UEFI system
16:49:23.0193 0x1a40  ============================================================
16:49:23.0193 0x1a40  Current date / time: 2022/04/19 16:49:23.0193
16:49:23.0193 0x1a40  SystemInfo:
16:49:23.0193 0x1a40  
16:49:23.0193 0x1a40  OS Version: 10.0.19044 ServicePack: 0.0
16:49:23.0194 0x1a40  Product type: Workstation
16:49:23.0194 0x1a40  ComputerName: DESKTOP-PIO23F2
16:49:23.0194 0x1a40  UserName: USUARIO
16:49:23.0194 0x1a40  Windows directory: C:\WINDOWS
16:49:23.0194 0x1a40  System windows directory: C:\WINDOWS
16:49:23.0194 0x1a40  Running under WOW64
16:49:23.0194 0x1a40  Processor architecture: Intel x64
16:49:23.0194 0x1a40  Number of processors: 8
16:49:23.0194 0x1a40  Page size: 0x1000
16:49:23.0194 0x1a40  Boot type: Normal boot
16:49:23.0194 0x1a40  CodeIntegrityOptions = 0x0000C001
16:49:23.0194 0x1a40  ============================================================
16:49:23.0706 0x1a40  KLMD registered as C:\WINDOWS\system32\drivers\43559962.sys
16:49:23.0706 0x1a40  KLMD ARK init status: drvProperties = 0xF0F02, osBuild = 19044.0, osProperties = 0x1D
16:49:24.0318 0x1a40  System UUID: {2445B6A7-E3B8-CAB7-A080-20E5D5C0BACA}
16:49:25.0225 0x1a40  !crdlk
16:49:25.0228 0x1a40  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
16:49:25.0231 0x1a40  ============================================================
16:49:25.0231 0x1a40  \Device\Harddisk0\DR0:
16:49:25.0231 0x1a40  GPT partitions:
16:49:25.0246 0x1a40  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D3283A6C-63F3-40A4-B14D-3705C18F7B97}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
16:49:25.0246 0x1a40  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8296AF70-C41A-439E-BC92-3D42D48628F4}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000
16:49:25.0246 0x1a40  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {78A99398-EC0C-47E5-8ADD-0E8FC401BDB4}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0xF25CA72
16:49:25.0246 0x1a40  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A4B7E769-D565-440A-9612-4B7E1B490F63}, Name: , StartLBA 0xF297800, BlocksNum 0x18C800
16:49:25.0246 0x1a40  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {835BA5E8-9178-40FB-9B2A-42075EFE0BDB}, Name: Basic data partition, StartLBA 0xF424800, BlocksNum 0x652E2000
16:49:25.0246 0x1a40  MBR partitions:
16:49:25.0246 0x1a40  ============================================================
16:49:25.0314 0x1a40  C: <-> \Device\Harddisk0\DR0\Partition3
16:49:25.0440 0x1a40  D: <-> \Device\Harddisk0\DR0\Partition5
16:49:25.0440 0x1a40  ============================================================
16:49:25.0440 0x1a40  Initialize success
16:49:25.0440 0x1a40  ============================================================
16:49:48.0850 0x1ea4  KLMD registered as C:\WINDOWS\system32\drivers\29219650.sys
16:49:49.0740 0x1ea4  Deinitialize success