TDSSKiller.3.1.0.28-09.03.2023-18.37.58-log.txt

Document joint : MCjrUuZHbik_TDSSKiller.3.1.0.28-09.03.2023-18.37.58-log.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþ18:37:58.0785 0x2f00 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46
18:37:58.0785 0x2f00 UEFI system
18:38:05.0952 0x2f00 ============================================================
18:38:05.0952 0x2f00 Current date / time: 2023/03/09 18:38:05.0952
18:38:05.0952 0x2f00 SystemInfo:
18:38:05.0952 0x2f00
18:38:05.0952 0x2f00 OS Version: 10.0.19044 ServicePack: 0.0
18:38:05.0952 0x2f00 Product type: Workstation
18:38:05.0952 0x2f00 ComputerName: LAPTOP-G1IEG48T
18:38:05.0952 0x2f00 UserName: ocean
18:38:05.0952 0x2f00 Windows directory: C:\WINDOWS
18:38:05.0952 0x2f00 System windows directory: C:\WINDOWS
18:38:05.0952 0x2f00 Running under WOW64
18:38:05.0952 0x2f00 Processor architecture: Intel x64
18:38:05.0952 0x2f00 Number of processors: 8
18:38:05.0952 0x2f00 Page size: 0x1000
18:38:05.0952 0x2f00 Boot type: Normal boot
18:38:05.0952 0x2f00 CodeIntegrityOptions = 0x0000C001
18:38:05.0952 0x2f00 ============================================================
18:38:07.0310 0x2f00 KLMD registered as C:\WINDOWS\system32\drivers\33256851.sys
18:38:07.0310 0x2f00 KLMD ARK init status: drvProperties = 0xF0F02, osBuild = 19044.0, osProperties = 0x1D
18:38:07.0484 0x2f00 System UUID: {4ADF01F7-7568-6424-083E-F3751EA6F3C6}
18:38:07.0820 0x2f00 !crdlk
18:38:07.0820 0x2f00 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
18:38:07.0820 0x2f00 ============================================================
18:38:07.0820 0x2f00 \Device\Harddisk0\DR0:
18:38:07.0820 0x2f00 GPT partitions:
18:38:07.0820 0x2f00 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4DDE8A54-2306-441B-B881-F544D256B608}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
18:38:07.0820 0x2f00 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2D1D7F35-E111-4DBB-8864-3687C139F8E8}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000
18:38:07.0820 0x2f00 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {06C38A7A-A0AE-4E85-99F3-A00F72544339}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0xA000000
18:38:07.0820 0x2f00 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F049B324-8565-4E89-8639-367E83C3D7D8}, Name: Basic data partition, StartLBA 0xA03A800, BlocksNum 0x11DB8800
18:38:07.0820 0x2f00 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B64A022D-9C58-4FEC-845E-B77F5527E0A2}, Name: Basic data partition, StartLBA 0x1BDF3000, BlocksNum 0x100000
18:38:07.0828 0x2f00 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BD523C43-264C-4693-A958-48C76848B979}, Name: Basic data partition, StartLBA 0x1BEF3000, BlocksNum 0x1C00000
18:38:07.0828 0x2f00 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D7D036BA-056C-4DA2-A01F-6F95A5AD2DE7}, Name: Basic data partition, StartLBA 0x1DAF3000, BlocksNum 0x200000
18:38:07.0828 0x2f00 MBR partitions:
18:38:07.0828 0x2f00 ============================================================
18:38:07.0828 0x2f00 C: <-> \Device\Harddisk0\DR0\Partition3
18:38:07.0828 0x2f00 D: <-> \Device\Harddisk0\DR0\Partition4
18:38:07.0828 0x2f00 ============================================================
18:38:07.0828 0x2f00 Initialize success
18:38:07.0828 0x2f00 ============================================================
18:39:11.0449 0x23dc KLMD registered as C:\WINDOWS\system32\drivers\25985965.sys
18:39:12.0014 0x23dc Deinitialize success

Signaler le contenu de ce document