CmdLine - quick
aswBoot.exe /A:"C:" /A:"*STARTUP" /L:"1033" /heur:80 /RA:fix /pup /archives /IA:0 /KBD:2 /dir:"C:\Program Files\AVAST Software\Avast"
CmdLine end
SafeBoot: 0
CreateKbThread
new CKbBuffer
CKbBuffer::Init
CKbBuffer::Init end
NtCreateEvent(g_hStopEvent)
dep_osBeginThread - KbThread
CreateKbThread end
NtInitializeRegistry
KbThread start
ReadRegistry
DATA=C:\ProgramData\AVAST Software\Avast
PROG=C:\Program Files\AVAST Software\Avast
BUILD=2397
LOADER=73
OS=6.1.7601/1 (9)
Windows 7 Professional Service Pack 1
SystemRoot=C:\Windows
TEMP=C:\Windows\TEMP
TMP=C:\Windows\TEMP
ReadRegistry end
CreateTemp
CreateTemp end
aswcmnbDllMain
cmnbInit
aswEnginDllMain(DLL_PROCESS_ATTACH)
InitLog
InitLog end
CmdLine - full
aswBoot.exe /A:"C:" /A:"*STARTUP" /L:"1033" /heur:80 /RA:fix /pup /archives /IA:0 /KBD:2 /dir:"C:\Program Files\AVAST Software\Avast"
CmdLine end
Program folder: C:\Program Files\AVAST Software\Avast
Engine folder: C:\Program Files\AVAST Software\Avast\defs\20031600
Base addr: 7feff990000
TimeStamp: 5e309e94
Unschedule
61,00,75,00,74,00,6F,00,63,00,68,00,65,00,63,00,
6B,00,20,00,61,00,75,00,74,00,6F,00,63,00,68,00,
6B,00,20,00,2A,00,00,00,61,00,73,00,77,00,42,00,
6F,00,6F,00,74,00,2E,00,65,00,78,00,65,00,20,00,
2F,00,41,00,3A,00,22,00,43,00,3A,00,22,00,20,00,
2F,00,41,00,3A,00,22,00,2A,00,53,00,54,00,41,00,
52,00,54,00,55,00,50,00,22,00,20,00,2F,00,4C,00,
3A,00,22,00,31,00,30,00,33,00,33,00,22,00,20,00,
2F,00,68,00,65,00,75,00,72,00,3A,00,38,00,30,00,
20,00,2F,00,52,00,41,00,3A,00,66,00,69,00,78,00,
20,00,2F,00,70,00,75,00,70,00,20,00,2F,00,61,00,
72,00,63,00,68,00,69,00,76,00,65,00,73,00,20,00,
2F,00,49,00,41,00,3A,00,30,00,20,00,2F,00,4B,00,
42,00,44,00,3A,00,32,00,20,00,2F,00,64,00,69,00,
72,00,3A,00,22,00,43,00,3A,00,5C,00,50,00,72,00,
6F,00,67,00,72,00,61,00,6D,00,20,00,46,00,69,00,
6C,00,65,00,73,00,5C,00,41,00,56,00,41,00,53,00,
54,00,20,00,53,00,6F,00,66,00,74,00,77,00,61,00,
72,00,65,00,5C,00,41,00,76,00,61,00,73,00,74,00,
22,00,00,00,00,00,
Unschedule end
LoadResources
LoadResources end
InitReport
InitReport end
Global exclusions: C:\Program Files\FileMaker\FileMaker Server\Data\*";"E:\Pbackup\*";"C:\Program Files\Malwarebytes\*";"C:\Windows\System32\drivers\MbamChameleon.sys";"C:\Windows\System32\drivers\mbae64.sys
NtSetEvent(g_hInitEvent) - 1
CPU: Phys(8), Log(16), Aff(16), Feat(00001804000083ff)
InitKeyboard
g_dwKbdNum: 2
FreeMemory: 48959320064
Now: 16/03/2020 17:40:50 (-240)
\Device\KeyboardClass0 succeeded
\Device\KeyboardClass1 succeeded
\Device\KeyboardClass2 failed: 0xC0000034
\Device\KeyboardClass3 failed: 0xC0000034
\Device\KeyboardClass4 failed: 0xC0000034
s_dwKbdClassCnt: 2
InitKeyboard end
NtSetEvent(g_hInitEvent) - 2
GetKey
Auxiliary data files present
avworkInitialize
FreeMemory: 48937762816
CKbBuffer::Wait
CKbBuffer::Get
CKbBuffer::Get end
CKbBuffer::Wait end
ProcessArea
Loading raw access support
avfilesScanAdd *RAW:C:  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *STARTUP
avfilesScanRealMulti begin
avfilesScanRealMulti finished
Runtime: 10195241ms
avworkClose
TerminateKbThread
GetKey end (?/00)
CloseKeyboard
CloseKeyboard end
KbThread stop
CKbBuffer::~CKbBuffer
CKbBuffer::~CKbBuffer end
aswEnginDllMain(DLL_PROCESS_DETACH)
cmnbFree
FreeResources
CloseReport
CloseLog