Thread: Keylogger issue
View Single Post
19 May 2011  
MRValiant

Windows 8 Pro
 
 
Keylogger issue

Hi I just got a replacement hardrive through RMA. After I initialize the drive I shut the computer off. Later on when I got back on this came up.


behavior similar to keylogger detected. Now I read where Kaspersky is giving people who use this anti-virus some problems with this. So far im running a bunch of scans. But in the mean time I put the word keylogger in the search thingy by the all programs and this came up.

Report=notepad

Code:
;--------------------------------------------

[MainReport]
@       = $DlgAttrBase mg(0,0) alias(taskview) at(resizable,minimizable,a_close) sz(720,570) oninit(l_currep=ctl.defList) h($IsKAT ? 15761 : 15765)
Header  = [MainReport_Header]
Body    = [MainReport_Body]
defList = t(list) visible(0)

[MainReport_Header]
@       = sz(p,53) at(singleline,fixstyle) ta(lc) bg("MainWindowHeader") f("Header1") extprm(1)
hdr     = [ProductHeader] sz(p,p)
Save    = [BtnGlass] sz($Button_Medium_CX,$Button_CY) a(rc) xy(28) onclick(l_currep.savereport()) use(!$IsKAT)

[MainReport_Body]
@               = sz(p,p) alias(navigator) at(enum,loadpages) btns(Task) a(la) mg(7,7) xy(,,,$DialogPanelSizeY)
Navigator       = [MainReport_Body_Navigator]
_client_area    = a(la) sz(p,p)

[MainReport_Body_Navigator]
@           = sz(p,a) xy(,,,7) oninit(ctl.Statistic.value=1)
Task        = [MainReport_Body_Navigator_Task]
Group       = $Combo sz(a,a) a(at) xy(,,7) v(l_currep.curview()) items(vector(l_currep.getview()) text(ViewName) v(ViewId))
Filter      = [MainReport_Body_Navigator_Filter]
Warn        = $Link a(as) xy(7,3) i("warning") visible(ctl.Filter.All.selected && !global.FullReport) onclick(window("OptionsWindow:Reports")) use(!$IsKAT)
Statistic   = $ToolButton a(rt) ia(cc) i("Toolbox,0,0,0,0,0,0") enable(s_IsStatisticsEnabled(ctl.Task.value)) use(!$IsKAT)

[MainReport_Body_Navigator_Task]
$ReportNavTask = at(radiolike) text(switch(ctl.id, "ProfileName")) use(f_isInstalled(ctl.id))
@               = $Combo sz(a,a) dl(20) rs(0,0) xy(,,7)
Protection      = text($Protection) at(radiolike) use(!$IsProtectionNotInstalled)
Hips            = $ReportNavTask
File_Monitoring = $ReportNavTask
Mail_Monitoring = $ReportNavTask
Web_Monitoring = $ReportNavTask
IM_Monitoring = $ReportNavTask
Firewall    = $ReportNavTask
pdm         = $ReportNavTask
ids         = $ReportNavTask
;OnlineSecurity  = text($ids) at(radiolike) use(f_isInstalled(ctl.id))
Anti_Spam   = $ReportNavTask
AdBlocker   = $ReportNavTask
ParCtl      = $ReportNavTask
;ContentFilter   = text($ContentFilter) at(radiolike) use(f_isInstalled(ctl.id))
Scan            = text($Scan_Objects) at(radiolike)
Updater         = text($Updater) at(radiolike) use(f_isInstalled(ctl.id))
AVZ_Scan        = text($AVZ_Scan) at(radiolike) use(f_isInstalled(ctl.id))



[MainReport_Body_Navigator_Filter]
@           = $Combo sz(a,a) rs(0,0) at(rememberdata) onchange(l_currep.setfilter(ctl.value,3)) a(at)
Critical    = v("Severity <= #eNotifySeverityError")
Important   = v("Severity <= #eNotifySeverityImportant") at(default)
All         = v("")

[ProfileReport]
@       = t(splitter) at(rememberdata) sz(p,p) ext(1) v(65000)
Group1  = extprm(1) sz(p,p)
Stat    = [ProfileReportStat]

[ProfileReportStat]
@       = extprm(1) sz(p,p) visible(ctl.Statistic.value)
Group2  = extprm(1) sz(p,p) visible(!ctl.EnableChart.value || !$GVF_HAS_STAT )
Group3  = extprm(1) sz(p,p) visible(!ctl.Group2.visible) b(System) mg(10,10,10,10) bg("ColorWindow")

[Product_Events]
@       = ext(1) sz(p,p)
Report  = [Product_Events_Report]

[Product_Events_Report]
@           = $List at(rememberdata) alias(taskevents) refresh(100) a(la) extprm(1) onshow(l_currep=ctl.Report;ctl.Group.reinit();ctl.setfilter(ctl.Filter.value,3))
Time        = sz(150) text(datetimeDT(Timestamp)) group(date,dategroupDT(Timestamp),default) sort(index,sortup) filter(auto,s_date(dategroupDT(Timestamp))) extprm(1)
Application = [Product_Events_Report_Application]
Task        = sz(80,a) text($TaskText) extprm(1) group(task,TaskID) filter(auto)
Verdict     = [Product_Events_Report_Verdict]
Action      = sz(160) text($ActionText) group(Action) extprm(1) filter(auto,$ActionText,Product_Events_Report_Action_Filter) use(f_isInstalled("HipsTask"))
InSandbox    = sz(a) text($ObjectInSandboxText) at(nosort) use(f_isInstalled("SandBox"))
Object      = [Product_Events_Report_Object]
OldObject   = [Product_Events_Report_OldObject]
Size        = sz(a,a) use(0) extprm(1) text($ObjectSizeText) sort(ExtraInfoSub2)
Reason      = sz(80,a) text($ReasonText) filter(custom,,Product_Events_Report_Reason_Filter) extprm(1)
row         = at(clickable) i($RepEventIcon) bg($RepEventBg) onrclick(menu("Product_Events_Report_Menu"))
views       = extprm(1)

[Product_Events_Report_Application]
@           = sz(280) text($AppName) group(AppGroup,AppID) extprm(1) i($AppIcon)
Name        = sz(a) text($AppModule) i($AppIcon)
Path        = sz(a) text($AppPath)
PID         = sz(a) text($hasNativePID ? $AppNativePID : "") group(PIDGroup,PID)
CommandLine = sz(a) text($AppCmdLine)

[Product_Events_Report_Verdict]
@               = sz(p) rs(40) text($VerdictText) group(Verdict) filter(auto,$VerdictDescrText,Product_Events_Report_Verdict_Filter) extprm(1)
Descr           = sz(a) text($VerdictDescrText) extprm(1)
DetectType      = sz(a) text($DetectTypeText) group(DetectType) filter(auto) extprm(1)
DetectName      = sz(a) text($DetectNameText) group(DetectName) filter(auto) extprm(1)
DetectDanger    = sz(a) text($DetectDangerText) group(DetectDanger) filter(auto) extprm(1)
Exact           = sz(a) text($ExactText) group(IsExact) filter(auto) extprm(1)

[Product_Events_Report_Object]
@       = sz(p) rs(60) text($ObjectText) i($ObjectIcon) group(ObjectType) filter(auto,$ObjectTypeText,Product_Events_Report_Object_Filter) extprm(1)
Type    = sz(60) text($ObjectTypeText) i($ObjectIcon) group(ObjectType) filter(auto) extprm(1)
Path    = sz(a) text($ObjectPathText)
Name    = sz(a) text($ObjectNameText)

[Product_Events_Report_OldObject]
@       = sz(p) rs(60) text($OldObjectText) at(nosort) i($OldObjectIcon) group(ObjectType) filter(auto,$ObjectTypeText,Product_Events_Report_Object_Filter) use(0) extprm(1)
Type    = sz(60) text($ObjectTypeText) i($OldObjectIcon) group(ObjectType) filter(auto) extprm(1)
Path    = sz(a) text($OldObjectPathText) at(nosort)
Name    = sz(a) text($OldObjectNameText) at(nosort)

[Product_Events_Report_Ex]
@       = sz(p,p) ext(1)
Report  = [Product_Events_Report]

[Product_Events_Report_Save]
@ = [EditSimpleItem] onok(l_combo.add(ctl.Name.value,ctl.Name.value)) subst(Example(use(0))) ext(1)

[Product_Events_Report_Menu]
$ForASMail      = TaskID==#eTASK_AS && ObjectType==#eMailMessage
$ForAB          = TaskID==#eTASK_AB && ObjectType==#eURL
$GotoFileVirt = exec(env("ProductRoot").addPath("sbstart.exe"), f_getSandboxIdFromPath($ObjectRealText) + " \"iexplore\" -new -e " + objdir($ObjectText))
$GotoFileReal = if(!gotofile($ObjectText), msg("CantOpenFolder"))
@               = t(menu) bg("MenuIconBg")
ASDetails       = at(default) use($ForASMail) onclick(dialog("AntiSpam_MailDetails"))
ASMarkAsSpam    = use($ForASMail) onclick(ctl.Report.antispam_action(0))
ASMarkAsHam     = use($ForASMail) onclick(ctl.Report.antispam_action(1))
ASAddToWL       = use($ForASMail) onclick(ctl.Report.antispam_action(2))
ASAddToBL       = use($ForASMail) onclick(ctl.Report.antispam_action(3))
ABAllow         = use($ForAB) enable(DetectName) onclick(ctl.Report.antibanner_allow())
sep
MakeFilter
MakeGroup
sep
ClearFilters
ClearGroup
sep
Expand          = visible(isNode && !isExpanded)
Collapse        = visible(isNode && isExpanded)
CollapseAll     = visible(isNode)
sep
Copy
SelectAll
sep
GotoFile        = enable(ObjectType==#eFile) onclick( if(PID && PID != #PIDProduct && PID != #PIDSystem && f_isSandboxed(PID),$GotoFileVirt,$GotoFileReal) ) use(!$IsRD)

;all events see in 'enVerdict'
[Product_Events_Report_Verdict_Filter]
CLEAN               = v(#eCLEAN)     use($GVF_AV)
ARCHIVED            = v(#eARCHIVED)  use($GVF_AV)
PACKED              = v(#ePACKED)      use($GVF_AV)
;ENCRYPTED             = v(#eENCRYPTED) use($GVF_AV)
CORRUPTED           = v(#eCORRUPTED) use($GVF_AV)
DETECTED            = v(#eDETECTED)
ALLOWED             = v(#eALLOWED)   use($GVF_NOT_SCAN)
DENIED              = v(#eDENIED)    use($GVF_NOT_SCAN)
REJECTED            = v(#eREJECTED)  use($GVF_NOT_SCAN)
NOT_PROCESSED       = v(#eNOT_PROCESSED)      use($GVF_AV)
PASSWORD_PROTECTED  = v(#ePASSWORD_PROTECTED) use(!($GVF_NOT_SCAN))
PROCESSING_ERROR    = v(#ePROCESSING_ERROR)   use($GVF_AV)
ADDEDTOEXCLUDE      = v(#eADDEDTOEXCLUDE)     use($GVF_NOT_CF)
Cure                = [Product_Events_Report_Verdict_Filter_Cure] use($GVF_NOT_CF)
Task                = [Product_Events_Report_Verdict_Filter_Task] use($GVF_NOT_SCAN)
ProdState           = [Product_Events_Report_Verdict_Filter_Prod] use(ctl.Report.value == #eTASK_GROUP_PROTECTION)

;see s_ProdState
[Product_Events_Report_Verdict_Filter_Prod]
ProdState1               = v(#ePROTECTION + #ProdStateProductNotActivated)
ProdState2               = v(#ePROTECTION + #ProdStateProductNotProtected)
ProdState3               = v(#ePROTECTION + #ProdStateKeyAboutExpiration)
ProdState4               = v(#ePROTECTION + #ProdStateKeyExpired)
ProdState5               = v(#ePROTECTION + #ProdStateKeyWillBeExpired)
ProdState6               = v(#ePROTECTION + #ProdStateKeyTrialExpired)
ProdState7               = v(#ePROTECTION + #ProdStateKeyBlocked)
ProdState8               = v(#ePROTECTION + #ProdStateNoKeys)
ProdState9               = v(#ePROTECTION + #ProdStateKeyWaitActivation)
ProdState10               = v(#ePROTECTION + #ProdStateKeyInvalid)
ProdState11               = v(#ePROTECTION + #ProdStateKeyLimited)
ProdState12               = v(#ePROTECTION + #ProdStateKeyGracePeriod)
ProdState13               = v(#ePROTECTION + #ProdStateKeyUpdateFailed)
ProdState14               = v(#ePROTECTION + #ProdStateKeySuspended)
ProdState15               = v(#ePROTECTION + #ProdStateHighRiskTasksNotRunning)
ProdState16               = v(#ePROTECTION + #ProdStateTasksNotRunning)
ProdState17               = v(#ePROTECTION + #ProdStateTasksMalfunction)
ProdState18               = v(#ePROTECTION + #ProdStateHighRiskTasksDisabled)
ProdState19               = v(#ePROTECTION + #ProdStateTasksDisabled)
ProdState20               = v(#ePROTECTION + #ProdStateProtectionSafeMode)
ProdState21               = v(#ePROTECTION + #ProdStateProtectionNotInstalled)
ProdState22               = v(#ePROTECTION + #ProdStateBasesNotValid)
ProdState23               = v(#ePROTECTION + #ProdStateBasesOutOfDate)
ProdState24               = v(#ePROTECTION + #ProdStateBasesNotActual)
ProdState25               = v(#ePROTECTION + #ProdStateUpdateNeedReboot)
ProdState26               = v(#ePROTECTION + #ProdStateBasesCorrupted)
ProdState27               = v(#ePROTECTION + #ProdStateOnDemandTaskRunning)
ProdState28               = v(#ePROTECTION + #ProdStateProtectionNotRunning)
ProdState29               = v(#ePROTECTION + #ProdStateProtectionDisabled)
ProdState30               = v(#ePROTECTION + #ProdStateThreatsMalwareUntreated)
ProdState31               = v(#ePROTECTION + #ProdStateThreatsRiskwareUntreated)
ProdState32               = v(#ePROTECTION + #ProdStateBasesCacheResizeFail)


[Product_Events_Report_Verdict_Filter_Cure]
DISINFECTED                 = v(#eDISINFECTED) use($GVF_AV)
DELETED                     = v(#eDELETED)     use($GVF_AV)
OVERWRITED                  = v(#eOVERWRITED)  use($GVF_AV)
QUARANTINED                 = v(#eQUARANTINED)
TERMINATED                  = v(#eTERMINATED)  use($GVF_HIPS)
RESTORED                    = v(#eRESTORED)    use($GVF_AV)
RENAMED                     = v(#eRENAMED)     use($GVF_AV)
BACKUPED                    = v(#eBACKUPED)    use($GVF_AV)
REPARED                     = v(#eREPARED)     use($GVF_AV)
ROLLBACKED                  = v(#eROLLBACKED)  use($GVF_HIPS)
NOT_DISINFECTED             = v(#eNOT_DISINFECTED)  use($GVF_AV)
NOT_DELETED                 = v(#eNOT_DELETED)      use($GVF_AV)
NOT_QUARANTINED             = v(#eNOT_QUARANTINED)
NOT_RENAMED                 = v(#eNOT_RENAMED)      use($GVF_AV)
TERMINATE_FAILED            = v(#eTERMINATE_FAILED) use($GVF_HIPS)
ROLLBACK_FAILED             = v(#eROLLBACK_FAILED)  use($GVF_HIPS)
BACKUP_FAILED               = v(#eBACKUP_FAILED)    use($GVF_AV)
REPAIR_FAILED               = v(#eREPAIR_FAILED)    use($GVF_AV)
DISINFECTED_ON_REBOOT       = v(#eDISINFECTED_ON_REBOOT) use($GVF_AV)
DELETED_ON_REBOOT           = v(#eDELETED_ON_REBOOT)     use($GVF_AV)
QUARANTINED_ON_REBOOT       = v(#eQUARANTINED_ON_REBOOT) use($GVF_AV)
DISINFECT_ON_REBOOT_FAILED  = v(#eDISINFECT_ON_REBOOT_FAILED) use($GVF_AV)
DELETE_ON_REBOOT_FAILED     = v(#eDELETE_ON_REBOOT_FAILED)    use($GVF_AV)

[Product_Events_Report_Verdict_Filter_Task]
DISABLED        = v(#eDISABLED) use(!ctl.Report.value)
TASK_STARTED    = v(#eTASK_STARTED)
TASK_STOPPED    = v(#eTASK_STOPPED)
TASK_FAILED     = v(#eTASK_FAILED)
TASK_COMPLETED  = v(#eTASK_COMPLETED)

[Product_Events_Report_Action_Filter]
Open    = v(#evtOpen)
Create  = v(#evtCreate)
Read    = v(#evtRead)
Write   = v(#evtWrite)
Delete  = v(#evtDelete)
Rename  = v(#evtRename)
Process = [Product_Events_Report_Action_Filter_Process]
Data    = [Product_Events_Report_Action_Filter_DataAccess]
System  = [Product_Events_Report_Action_Filter_System]

[Product_Events_Report_Reason_Filter]
User                            = v(#eUSER)
ReportOnly                      = v(#eREPORTONLY)
Postponed                       = v(#ePOSTPONED)
TaskStopped                     = v(#eTASKSTOPPED)
Error                           = v(#eERROR)
Database                        = v(#eDATABASE)                                    use($GVF_UC)
WhiteList                       = v(#eWHITE_LIST)                                use($GVF_UC)
UserBlackList                   = v(#eUSER_BLACK_LIST)                            use($GVF_UC)
UserWhiteList                   = v(#eUSER_WHITE_LIST)                            use($GVF_UC)
Emulator                        = v(#eEMULATOR)
BB                              = v(#eBB)
Heuristic                       = v(#eHEURISTIC)                                use($GVF_UC)
Bayes                           = v(#eBAYES)                                    use($GVF_UC)
GSG                             = v(#eGSG)                                        use($GVF_UC)
PDB                             = v(#ePDB)                                        use($GVF_UC)
RecentTerms                     = v(#eRECENTTERMS)                                use($GVF_UC)
SFDB                            = v(#eSFDB)                                        use($GVF_AV)
ISWIFT                          = v(#eISWIFT)                                    use($GVF_AV)
UNCHANGED                       = v(#eUNCHANGED)                                use($GVF_AV)
KSN                             = v(#eKSN)                                        use($GVF_AV)
AllowedSender                   = v(#eALLOWED_SENDER)                            use($GVF_UC)
BlockedSender                   = v(#eBLOCKED_SENDER)                            use($GVF_UC)
AllowedPhrase                   = v(#eALLOWED_PHRASE)                            use($GVF_UC)
BlockedPhrase                   = v(#eBLOCKED_PHRASE)                            use($GVF_UC)
DetectByHash                    = v(#eDETECT_BYHASH)
DetectInformation               = v(#eDETECT_INFORMATION)
Size                            = v(#eSIZE)
Type                            = v(#eTYPE)
Exclude                         = v(#eEXCLUDE)
Time                            = v(#eTIME)
NoRights                        = v(#eNORIGHTS)                                    use($GVF_AV)
NotFound                        = v(#eNOTFOUND)                                    use($GVF_AV)
Locked                          = v(#eLOCKED)                                    use($GVF_AV)
Noncurable                      = v(#eNONCURABLE)                                use($GVF_AV)
WriteProtect                    = v(#eWRITEPROTECT)                                use($GVF_AV)
Nonoverwritable                 = v(#eNONOVERWRITABLE)                            use($GVF_AV)
CopyFailed                      = v(#eCOPYFAILED)                                use($GVF_AV)
WriteError                      = v(#eWRITEERROR)
OutOfSpace                      = v(#eOUTOFSPACE)
ReadError                       = v(#eREADERROR)
DeviceNotReady                  = v(#eDEVICENOTREADY)
WriteNotSupported               = v(#eWRITENOTSUPPORTED)
CannotBackup                    = v(#eCANNOTBACKUP)                                use($GVF_AV)
AddedToWhiteRecipient           = v(#eANTISPAM_AddedToWhiteRecipient)            use($GVF_UC)
HasBeenTrained                  = v(#eANTISPAM_HasBeenTrained)                    use($GVF_UC)
Training                        = v(#eANTISPAM_Training)                        use($GVF_UC)
NeedTraining                    = v(#eANTISPAM_NeedTraining)                    use($GVF_UC)
WhiteAddress                    = v(#eANTISPAM_WhiteAddress)                    use($GVF_UC)
BlackAddress                    = v(#eANTISPAM_BlackAddress)                    use($GVF_UC)
WhiteString                     = v(#eANTISPAM_WhiteString)                        use($GVF_UC)
BlackString                     = v(#eANTISPAM_BlackString)                        use($GVF_UC)
AntiFishing                     = v(#eANTISPAM_AntiFishing)                        use($GVF_UC)
WhiteAddressNotFound            = v(#eANTISPAM_WhiteAddress_NOTFOUND)            use(0)
WhiteStringNotFound             = v(#eANTISPAM_WhiteString_NOTFOUND)            use(0)
MailDispatcher                  = v(#eANTISPAM_MailDispatcher)                    use($GVF_UC)
Eicar                           = v(#eANTISPAM_Eicar)                            use($GVF_UC)
Banner                          = v(#eANTISPAM_Banner)                            use($GVF_UC)
InvalidHTML                     = v(#eANTISPAM_InvalidHTML)                        use($GVF_UC)
ExternalObj                     = v(#eANTISPAM_ExternalObj)                        use($GVF_UC)
InternalObj                     = v(#eANTISPAM_InternalObj)                        use($GVF_UC)
EmptyMessage                    = v(#eANTISPAM_EmptyMessage)                    use($GVF_UC)
NotForMe                        = v(#eANTISPAM_NotForMe)                        use($GVF_UC)
NotEnglish                      = v(#eANTISPAM_NotEnglish)                        use($GVF_UC)
RecipLimit                      = v(#eANTISPAM_RecipLimit)                        use($GVF_UC)
RecipLimitNotFound              = v(#eANTISPAM_RecipLimit_NOTFOUND)                use($GVF_UC)
InvalidHTML_UnknownDefsCount    = v(#eANTISPAM_InvalidHTML_UnknownDefsCount)    use($GVF_UC)
InvalidHTML_SeemsColors         = v(#eANTISPAM_InvalidHTML_SeemsColors)            use($GVF_UC)
InvalidHTML_SmallText           = v(#eANTISPAM_InvalidHTML_SmallText)            use($GVF_UC)
InvalidHTML_InvisibleCharCount  = v(#eANTISPAM_InvalidHTML_InvisibleCharCount)    use($GVF_UC)
InvalidHTML_Scripts             = v(#eANTISPAM_InvalidHTML_Scripts)                use($GVF_UC)
InvalidHTML_HiddenElements      = v(#eANTISPAM_InvalidHTML_HiddenElements)        use($GVF_UC)
CannotBeSpam                    = v(#eANTISPAM_CannotBeSpam)                    use($GVF_UC)
SpamTest                        = v(#eANTISPAM_SPAMTEST)                        use($GVF_UC)

[Product_Events_Report_Action_Filter_Process]
ProcessStart    = v(#evtProcessStart)
ProcStart       = v(#evtProcStart)
ProcessStop     = v(#evtProcessStop)
ProcStop        = v(#evtProcStop)
ImageLoad       = v(#evtImageLoad)
ImageUnload     = v(#evtImageUnload)
Terminate       = v(#evtTerminate)
ReadProcMem     = v(#evtReadProcMem)
SetHook         = v(#evtSetHook)
CodeInject      = v(#evtCodeInject)
Suspend         = v(#evtSuspend)
AddAppToGr      = v(#evtAddAppToGr)

[Product_Events_Report_Action_Filter_DataAccess]
Send                = v(#evtSend)
Receive             = v(#evtReceive)
WMSend              = v(#evtWMSend)
LLDiskAccess        = v(#evtLLDiskAccess)
LLFSAccess          = v(#evtLLFSAccess)
ADSAccess           = v(#evtADSAccess)
DirectMemAccess     = v(#evtDirectMemAccess)
ClipBoardAcceess    = v(#evtClipBoardAcceess)

[Product_Events_Report_Action_Filter_System]
SelfStart           = v(#evtSelfStart)
WindowsShutDown     = v(#evtWindowsShutDown)
HiddenRegistry      = v(#evtHiddenRegistry)
KeyLogger           = v(#evtKeyLogger)
SetHardLink         = v(#evtSetHardLink)
SchedulerStart      = v(#evtSchedulerStart)
DrvStart            = v(#evtDrvStart)
ServiceStart        = v(#evtServiceStart)
ScreenShots         = v(#evtScreenShots)
CriticalCOMAccess   = v(#evtCriticalCOMAccess)
UseBrowserCL        = v(#evtUseBrowserCL)
UseBrowserAPI       = v(#evtUseBrowserAPI)
UseDNS              = v(#evtUseDNS)
UseBITS             = v(#evtUseBITS)
SetDbgPrivilege     = v(#evtSetDbgPrivilege)
ChangeObjPrivilege  = v(#evtChangeObjPrivilege)
ShellWindowsAcceess = v(#evtShellWindowsAcceess)
UserAccountAccess   = v(#evtUserAccountAccess)

[Product_Events_Report_Object_Filter]
File        = v(#eFile)
Directory   = v(#eDirectory)   use($GVF_HIPS)
RegKey      = v(#eRegKey)      use($GVF_HIPS)
RegValue    = v(#eRegValue)    use($GVF_HIPS)
Process     = v(#eProcess)     use($GVF_HIPS)
Thread      = v(#eThread)      use($GVF_HIPS)
Module      = v(#eModule)      use($GVF_HIPS)
LogSector   = v(#eLogSector)   use($GVF_AV)
PhysSector  = v(#ePhysSector)  use($GVF_AV)
Memory      = v(#eMemory)      use($GVF_AV)
MailMessage = v(#eMailMessage) use($GVF_AV)
MailAttach  = v(#eMailAttach)  use($GVF_AV)
PagerData    = v(#ePagerData)   use($GVF_AV)
URL         = v(#eURL)         use($GVF_NOT_SCAN)
Script      = v(#eScript)      use($GVF_NOT_SCAN)
Port        = v(#ePort)        use($GVF_HIPS)
Connection  = v(#eConnection)  use($GVF_HIPS)
Packet      = v(#ePacket)      use($GVF_HIPS)
DialStr     = v(#eDialStr)     use($GVF_OS)
Task        = v(#eTask)        use($GVF_NOT_SCAN)

;--------------------------------------------

[Product_Scan_Statistics_List]
$ObjectPath = c_object(ObjectId, object(ObjectId))
@           = $List alias(scanstat) refresh(100) a(la) ext(1) extprm(1)
Object      = at(fixedpos) text(ObjectType == #eFile ? objfile($ObjectPath) : s_ObjectType(ObjectType)) ia(lc) i(s_ObjectTypeIcon(ObjectType, $ObjectPath, #true, #true)) sz(150) extprm(1)
Time        = text(timestamp(TimeSpend/1000)) sz(a) a(r) sort(TimeSpend)
Scaned      = [Product_Scan_Statistics_List_Scaned]
Detected    = text(Detected) sz(a) a(r)
row         = bg(if(Flags & 1,"EventWarn")) f(((Flags & 2) && isExpanded) ? "Normal_Bold" : "Normal")

[Product_Scan_Statistics_List_Scaned]
@               = text(Scaned) sz(a) a(r)
Scaned          = text(Scaned) sz(a) a(r)
Archived        = text(Archived) sz(a) a(r)
Packed          = text(Packed) sz(a) a(r)
PswProtected    = text(PswProtected) sz(a) a(r)
Corrupted       = text(Corrupted) sz(a) a(r)
ScanErrors      = text(ScanErrors) sz(a) a(r)

[Product_Statistics_List]
@       = $List alias(blstat) at(nosearch) prm(#dbStatistics) refresh(500) a(la) group(dateonly,dategroup(Date),default) ext(1) extprm(1)
Counter = at(fixedpos) ia(lc) sz(240) group(CounterItem,Counter,default) sort(s_RepDetectType(Counter),sortdown) extprm(1)
Blocked = text(Blocked) a(r) sz(60) extprm(1)
Total   = text(Total) a(r) sz(60) extprm(1)
row     = f(depend(!level) ? "Normal_Bold" : "Normal")

;--------------------------------------------

Can someone tell me what this is.
My System SpecsSystem Spec