 | |
| |
| 19 May 2011 | |
| Windows 8 Pro 303 posts Cleveland | Keylogger issue Hi I just got a replacement hardrive through RMA. After I initialize the drive I shut the computer off. Later on when I got back on this came up. behavior similar to keylogger detected. Now I read where Kaspersky is giving people who use this anti-virus some problems with this. So far im running a bunch of scans. But in the mean time I put the word keylogger in the search thingy by the all programs and this came up. Report=notepad Code: ;--------------------------------------------
[MainReport]
@ = $DlgAttrBase mg(0,0) alias(taskview) at(resizable,minimizable,a_close) sz(720,570) oninit(l_currep=ctl.defList) h($IsKAT ? 15761 : 15765)
Header = [MainReport_Header]
Body = [MainReport_Body]
defList = t(list) visible(0)
[MainReport_Header]
@ = sz(p,53) at(singleline,fixstyle) ta(lc) bg("MainWindowHeader") f("Header1") extprm(1)
hdr = [ProductHeader] sz(p,p)
Save = [BtnGlass] sz($Button_Medium_CX,$Button_CY) a(rc) xy(28) onclick(l_currep.savereport()) use(!$IsKAT)
[MainReport_Body]
@ = sz(p,p) alias(navigator) at(enum,loadpages) btns(Task) a(la) mg(7,7) xy(,,,$DialogPanelSizeY)
Navigator = [MainReport_Body_Navigator]
_client_area = a(la) sz(p,p)
[MainReport_Body_Navigator]
@ = sz(p,a) xy(,,,7) oninit(ctl.Statistic.value=1)
Task = [MainReport_Body_Navigator_Task]
Group = $Combo sz(a,a) a(at) xy(,,7) v(l_currep.curview()) items(vector(l_currep.getview()) text(ViewName) v(ViewId))
Filter = [MainReport_Body_Navigator_Filter]
Warn = $Link a(as) xy(7,3) i("warning") visible(ctl.Filter.All.selected && !global.FullReport) onclick(window("OptionsWindow:Reports")) use(!$IsKAT)
Statistic = $ToolButton a(rt) ia(cc) i("Toolbox,0,0,0,0,0,0") enable(s_IsStatisticsEnabled(ctl.Task.value)) use(!$IsKAT)
[MainReport_Body_Navigator_Task]
$ReportNavTask = at(radiolike) text(switch(ctl.id, "ProfileName")) use(f_isInstalled(ctl.id))
@ = $Combo sz(a,a) dl(20) rs(0,0) xy(,,7)
Protection = text($Protection) at(radiolike) use(!$IsProtectionNotInstalled)
Hips = $ReportNavTask
File_Monitoring = $ReportNavTask
Mail_Monitoring = $ReportNavTask
Web_Monitoring = $ReportNavTask
IM_Monitoring = $ReportNavTask
Firewall = $ReportNavTask
pdm = $ReportNavTask
ids = $ReportNavTask
;OnlineSecurity = text($ids) at(radiolike) use(f_isInstalled(ctl.id))
Anti_Spam = $ReportNavTask
AdBlocker = $ReportNavTask
ParCtl = $ReportNavTask
;ContentFilter = text($ContentFilter) at(radiolike) use(f_isInstalled(ctl.id))
Scan = text($Scan_Objects) at(radiolike)
Updater = text($Updater) at(radiolike) use(f_isInstalled(ctl.id))
AVZ_Scan = text($AVZ_Scan) at(radiolike) use(f_isInstalled(ctl.id))
[MainReport_Body_Navigator_Filter]
@ = $Combo sz(a,a) rs(0,0) at(rememberdata) onchange(l_currep.setfilter(ctl.value,3)) a(at)
Critical = v("Severity <= #eNotifySeverityError")
Important = v("Severity <= #eNotifySeverityImportant") at(default)
All = v("")
[ProfileReport]
@ = t(splitter) at(rememberdata) sz(p,p) ext(1) v(65000)
Group1 = extprm(1) sz(p,p)
Stat = [ProfileReportStat]
[ProfileReportStat]
@ = extprm(1) sz(p,p) visible(ctl.Statistic.value)
Group2 = extprm(1) sz(p,p) visible(!ctl.EnableChart.value || !$GVF_HAS_STAT )
Group3 = extprm(1) sz(p,p) visible(!ctl.Group2.visible) b(System) mg(10,10,10,10) bg("ColorWindow")
[Product_Events]
@ = ext(1) sz(p,p)
Report = [Product_Events_Report]
[Product_Events_Report]
@ = $List at(rememberdata) alias(taskevents) refresh(100) a(la) extprm(1) onshow(l_currep=ctl.Report;ctl.Group.reinit();ctl.setfilter(ctl.Filter.value,3))
Time = sz(150) text(datetimeDT(Timestamp)) group(date,dategroupDT(Timestamp),default) sort(index,sortup) filter(auto,s_date(dategroupDT(Timestamp))) extprm(1)
Application = [Product_Events_Report_Application]
Task = sz(80,a) text($TaskText) extprm(1) group(task,TaskID) filter(auto)
Verdict = [Product_Events_Report_Verdict]
Action = sz(160) text($ActionText) group(Action) extprm(1) filter(auto,$ActionText,Product_Events_Report_Action_Filter) use(f_isInstalled("HipsTask"))
InSandbox = sz(a) text($ObjectInSandboxText) at(nosort) use(f_isInstalled("SandBox"))
Object = [Product_Events_Report_Object]
OldObject = [Product_Events_Report_OldObject]
Size = sz(a,a) use(0) extprm(1) text($ObjectSizeText) sort(ExtraInfoSub2)
Reason = sz(80,a) text($ReasonText) filter(custom,,Product_Events_Report_Reason_Filter) extprm(1)
row = at(clickable) i($RepEventIcon) bg($RepEventBg) onrclick(menu("Product_Events_Report_Menu"))
views = extprm(1)
[Product_Events_Report_Application]
@ = sz(280) text($AppName) group(AppGroup,AppID) extprm(1) i($AppIcon)
Name = sz(a) text($AppModule) i($AppIcon)
Path = sz(a) text($AppPath)
PID = sz(a) text($hasNativePID ? $AppNativePID : "") group(PIDGroup,PID)
CommandLine = sz(a) text($AppCmdLine)
[Product_Events_Report_Verdict]
@ = sz(p) rs(40) text($VerdictText) group(Verdict) filter(auto,$VerdictDescrText,Product_Events_Report_Verdict_Filter) extprm(1)
Descr = sz(a) text($VerdictDescrText) extprm(1)
DetectType = sz(a) text($DetectTypeText) group(DetectType) filter(auto) extprm(1)
DetectName = sz(a) text($DetectNameText) group(DetectName) filter(auto) extprm(1)
DetectDanger = sz(a) text($DetectDangerText) group(DetectDanger) filter(auto) extprm(1)
Exact = sz(a) text($ExactText) group(IsExact) filter(auto) extprm(1)
[Product_Events_Report_Object]
@ = sz(p) rs(60) text($ObjectText) i($ObjectIcon) group(ObjectType) filter(auto,$ObjectTypeText,Product_Events_Report_Object_Filter) extprm(1)
Type = sz(60) text($ObjectTypeText) i($ObjectIcon) group(ObjectType) filter(auto) extprm(1)
Path = sz(a) text($ObjectPathText)
Name = sz(a) text($ObjectNameText)
[Product_Events_Report_OldObject]
@ = sz(p) rs(60) text($OldObjectText) at(nosort) i($OldObjectIcon) group(ObjectType) filter(auto,$ObjectTypeText,Product_Events_Report_Object_Filter) use(0) extprm(1)
Type = sz(60) text($ObjectTypeText) i($OldObjectIcon) group(ObjectType) filter(auto) extprm(1)
Path = sz(a) text($OldObjectPathText) at(nosort)
Name = sz(a) text($OldObjectNameText) at(nosort)
[Product_Events_Report_Ex]
@ = sz(p,p) ext(1)
Report = [Product_Events_Report]
[Product_Events_Report_Save]
@ = [EditSimpleItem] onok(l_combo.add(ctl.Name.value,ctl.Name.value)) subst(Example(use(0))) ext(1)
[Product_Events_Report_Menu]
$ForASMail = TaskID==#eTASK_AS && ObjectType==#eMailMessage
$ForAB = TaskID==#eTASK_AB && ObjectType==#eURL
$GotoFileVirt = exec(env("ProductRoot").addPath("sbstart.exe"), f_getSandboxIdFromPath($ObjectRealText) + " \"iexplore\" -new -e " + objdir($ObjectText))
$GotoFileReal = if(!gotofile($ObjectText), msg("CantOpenFolder"))
@ = t(menu) bg("MenuIconBg")
ASDetails = at(default) use($ForASMail) onclick(dialog("AntiSpam_MailDetails"))
ASMarkAsSpam = use($ForASMail) onclick(ctl.Report.antispam_action(0))
ASMarkAsHam = use($ForASMail) onclick(ctl.Report.antispam_action(1))
ASAddToWL = use($ForASMail) onclick(ctl.Report.antispam_action(2))
ASAddToBL = use($ForASMail) onclick(ctl.Report.antispam_action(3))
ABAllow = use($ForAB) enable(DetectName) onclick(ctl.Report.antibanner_allow())
sep
MakeFilter
MakeGroup
sep
ClearFilters
ClearGroup
sep
Expand = visible(isNode && !isExpanded)
Collapse = visible(isNode && isExpanded)
CollapseAll = visible(isNode)
sep
Copy
SelectAll
sep
GotoFile = enable(ObjectType==#eFile) onclick( if(PID && PID != #PIDProduct && PID != #PIDSystem && f_isSandboxed(PID),$GotoFileVirt,$GotoFileReal) ) use(!$IsRD)
;all events see in 'enVerdict'
[Product_Events_Report_Verdict_Filter]
CLEAN = v(#eCLEAN) use($GVF_AV)
ARCHIVED = v(#eARCHIVED) use($GVF_AV)
PACKED = v(#ePACKED) use($GVF_AV)
;ENCRYPTED = v(#eENCRYPTED) use($GVF_AV)
CORRUPTED = v(#eCORRUPTED) use($GVF_AV)
DETECTED = v(#eDETECTED)
ALLOWED = v(#eALLOWED) use($GVF_NOT_SCAN)
DENIED = v(#eDENIED) use($GVF_NOT_SCAN)
REJECTED = v(#eREJECTED) use($GVF_NOT_SCAN)
NOT_PROCESSED = v(#eNOT_PROCESSED) use($GVF_AV)
PASSWORD_PROTECTED = v(#ePASSWORD_PROTECTED) use(!($GVF_NOT_SCAN))
PROCESSING_ERROR = v(#ePROCESSING_ERROR) use($GVF_AV)
ADDEDTOEXCLUDE = v(#eADDEDTOEXCLUDE) use($GVF_NOT_CF)
Cure = [Product_Events_Report_Verdict_Filter_Cure] use($GVF_NOT_CF)
Task = [Product_Events_Report_Verdict_Filter_Task] use($GVF_NOT_SCAN)
ProdState = [Product_Events_Report_Verdict_Filter_Prod] use(ctl.Report.value == #eTASK_GROUP_PROTECTION)
;see s_ProdState
[Product_Events_Report_Verdict_Filter_Prod]
ProdState1 = v(#ePROTECTION + #ProdStateProductNotActivated)
ProdState2 = v(#ePROTECTION + #ProdStateProductNotProtected)
ProdState3 = v(#ePROTECTION + #ProdStateKeyAboutExpiration)
ProdState4 = v(#ePROTECTION + #ProdStateKeyExpired)
ProdState5 = v(#ePROTECTION + #ProdStateKeyWillBeExpired)
ProdState6 = v(#ePROTECTION + #ProdStateKeyTrialExpired)
ProdState7 = v(#ePROTECTION + #ProdStateKeyBlocked)
ProdState8 = v(#ePROTECTION + #ProdStateNoKeys)
ProdState9 = v(#ePROTECTION + #ProdStateKeyWaitActivation)
ProdState10 = v(#ePROTECTION + #ProdStateKeyInvalid)
ProdState11 = v(#ePROTECTION + #ProdStateKeyLimited)
ProdState12 = v(#ePROTECTION + #ProdStateKeyGracePeriod)
ProdState13 = v(#ePROTECTION + #ProdStateKeyUpdateFailed)
ProdState14 = v(#ePROTECTION + #ProdStateKeySuspended)
ProdState15 = v(#ePROTECTION + #ProdStateHighRiskTasksNotRunning)
ProdState16 = v(#ePROTECTION + #ProdStateTasksNotRunning)
ProdState17 = v(#ePROTECTION + #ProdStateTasksMalfunction)
ProdState18 = v(#ePROTECTION + #ProdStateHighRiskTasksDisabled)
ProdState19 = v(#ePROTECTION + #ProdStateTasksDisabled)
ProdState20 = v(#ePROTECTION + #ProdStateProtectionSafeMode)
ProdState21 = v(#ePROTECTION + #ProdStateProtectionNotInstalled)
ProdState22 = v(#ePROTECTION + #ProdStateBasesNotValid)
ProdState23 = v(#ePROTECTION + #ProdStateBasesOutOfDate)
ProdState24 = v(#ePROTECTION + #ProdStateBasesNotActual)
ProdState25 = v(#ePROTECTION + #ProdStateUpdateNeedReboot)
ProdState26 = v(#ePROTECTION + #ProdStateBasesCorrupted)
ProdState27 = v(#ePROTECTION + #ProdStateOnDemandTaskRunning)
ProdState28 = v(#ePROTECTION + #ProdStateProtectionNotRunning)
ProdState29 = v(#ePROTECTION + #ProdStateProtectionDisabled)
ProdState30 = v(#ePROTECTION + #ProdStateThreatsMalwareUntreated)
ProdState31 = v(#ePROTECTION + #ProdStateThreatsRiskwareUntreated)
ProdState32 = v(#ePROTECTION + #ProdStateBasesCacheResizeFail)
[Product_Events_Report_Verdict_Filter_Cure]
DISINFECTED = v(#eDISINFECTED) use($GVF_AV)
DELETED = v(#eDELETED) use($GVF_AV)
OVERWRITED = v(#eOVERWRITED) use($GVF_AV)
QUARANTINED = v(#eQUARANTINED)
TERMINATED = v(#eTERMINATED) use($GVF_HIPS)
RESTORED = v(#eRESTORED) use($GVF_AV)
RENAMED = v(#eRENAMED) use($GVF_AV)
BACKUPED = v(#eBACKUPED) use($GVF_AV)
REPARED = v(#eREPARED) use($GVF_AV)
ROLLBACKED = v(#eROLLBACKED) use($GVF_HIPS)
NOT_DISINFECTED = v(#eNOT_DISINFECTED) use($GVF_AV)
NOT_DELETED = v(#eNOT_DELETED) use($GVF_AV)
NOT_QUARANTINED = v(#eNOT_QUARANTINED)
NOT_RENAMED = v(#eNOT_RENAMED) use($GVF_AV)
TERMINATE_FAILED = v(#eTERMINATE_FAILED) use($GVF_HIPS)
ROLLBACK_FAILED = v(#eROLLBACK_FAILED) use($GVF_HIPS)
BACKUP_FAILED = v(#eBACKUP_FAILED) use($GVF_AV)
REPAIR_FAILED = v(#eREPAIR_FAILED) use($GVF_AV)
DISINFECTED_ON_REBOOT = v(#eDISINFECTED_ON_REBOOT) use($GVF_AV)
DELETED_ON_REBOOT = v(#eDELETED_ON_REBOOT) use($GVF_AV)
QUARANTINED_ON_REBOOT = v(#eQUARANTINED_ON_REBOOT) use($GVF_AV)
DISINFECT_ON_REBOOT_FAILED = v(#eDISINFECT_ON_REBOOT_FAILED) use($GVF_AV)
DELETE_ON_REBOOT_FAILED = v(#eDELETE_ON_REBOOT_FAILED) use($GVF_AV)
[Product_Events_Report_Verdict_Filter_Task]
DISABLED = v(#eDISABLED) use(!ctl.Report.value)
TASK_STARTED = v(#eTASK_STARTED)
TASK_STOPPED = v(#eTASK_STOPPED)
TASK_FAILED = v(#eTASK_FAILED)
TASK_COMPLETED = v(#eTASK_COMPLETED)
[Product_Events_Report_Action_Filter]
Open = v(#evtOpen)
Create = v(#evtCreate)
Read = v(#evtRead)
Write = v(#evtWrite)
Delete = v(#evtDelete)
Rename = v(#evtRename)
Process = [Product_Events_Report_Action_Filter_Process]
Data = [Product_Events_Report_Action_Filter_DataAccess]
System = [Product_Events_Report_Action_Filter_System]
[Product_Events_Report_Reason_Filter]
User = v(#eUSER)
ReportOnly = v(#eREPORTONLY)
Postponed = v(#ePOSTPONED)
TaskStopped = v(#eTASKSTOPPED)
Error = v(#eERROR)
Database = v(#eDATABASE) use($GVF_UC)
WhiteList = v(#eWHITE_LIST) use($GVF_UC)
UserBlackList = v(#eUSER_BLACK_LIST) use($GVF_UC)
UserWhiteList = v(#eUSER_WHITE_LIST) use($GVF_UC)
Emulator = v(#eEMULATOR)
BB = v(#eBB)
Heuristic = v(#eHEURISTIC) use($GVF_UC)
Bayes = v(#eBAYES) use($GVF_UC)
GSG = v(#eGSG) use($GVF_UC)
PDB = v(#ePDB) use($GVF_UC)
RecentTerms = v(#eRECENTTERMS) use($GVF_UC)
SFDB = v(#eSFDB) use($GVF_AV)
ISWIFT = v(#eISWIFT) use($GVF_AV)
UNCHANGED = v(#eUNCHANGED) use($GVF_AV)
KSN = v(#eKSN) use($GVF_AV)
AllowedSender = v(#eALLOWED_SENDER) use($GVF_UC)
BlockedSender = v(#eBLOCKED_SENDER) use($GVF_UC)
AllowedPhrase = v(#eALLOWED_PHRASE) use($GVF_UC)
BlockedPhrase = v(#eBLOCKED_PHRASE) use($GVF_UC)
DetectByHash = v(#eDETECT_BYHASH)
DetectInformation = v(#eDETECT_INFORMATION)
Size = v(#eSIZE)
Type = v(#eTYPE)
Exclude = v(#eEXCLUDE)
Time = v(#eTIME)
NoRights = v(#eNORIGHTS) use($GVF_AV)
NotFound = v(#eNOTFOUND) use($GVF_AV)
Locked = v(#eLOCKED) use($GVF_AV)
Noncurable = v(#eNONCURABLE) use($GVF_AV)
WriteProtect = v(#eWRITEPROTECT) use($GVF_AV)
Nonoverwritable = v(#eNONOVERWRITABLE) use($GVF_AV)
CopyFailed = v(#eCOPYFAILED) use($GVF_AV)
WriteError = v(#eWRITEERROR)
OutOfSpace = v(#eOUTOFSPACE)
ReadError = v(#eREADERROR)
DeviceNotReady = v(#eDEVICENOTREADY)
WriteNotSupported = v(#eWRITENOTSUPPORTED)
CannotBackup = v(#eCANNOTBACKUP) use($GVF_AV)
AddedToWhiteRecipient = v(#eANTISPAM_AddedToWhiteRecipient) use($GVF_UC)
HasBeenTrained = v(#eANTISPAM_HasBeenTrained) use($GVF_UC)
Training = v(#eANTISPAM_Training) use($GVF_UC)
NeedTraining = v(#eANTISPAM_NeedTraining) use($GVF_UC)
WhiteAddress = v(#eANTISPAM_WhiteAddress) use($GVF_UC)
BlackAddress = v(#eANTISPAM_BlackAddress) use($GVF_UC)
WhiteString = v(#eANTISPAM_WhiteString) use($GVF_UC)
BlackString = v(#eANTISPAM_BlackString) use($GVF_UC)
AntiFishing = v(#eANTISPAM_AntiFishing) use($GVF_UC)
WhiteAddressNotFound = v(#eANTISPAM_WhiteAddress_NOTFOUND) use(0)
WhiteStringNotFound = v(#eANTISPAM_WhiteString_NOTFOUND) use(0)
MailDispatcher = v(#eANTISPAM_MailDispatcher) use($GVF_UC)
Eicar = v(#eANTISPAM_Eicar) use($GVF_UC)
Banner = v(#eANTISPAM_Banner) use($GVF_UC)
InvalidHTML = v(#eANTISPAM_InvalidHTML) use($GVF_UC)
ExternalObj = v(#eANTISPAM_ExternalObj) use($GVF_UC)
InternalObj = v(#eANTISPAM_InternalObj) use($GVF_UC)
EmptyMessage = v(#eANTISPAM_EmptyMessage) use($GVF_UC)
NotForMe = v(#eANTISPAM_NotForMe) use($GVF_UC)
NotEnglish = v(#eANTISPAM_NotEnglish) use($GVF_UC)
RecipLimit = v(#eANTISPAM_RecipLimit) use($GVF_UC)
RecipLimitNotFound = v(#eANTISPAM_RecipLimit_NOTFOUND) use($GVF_UC)
InvalidHTML_UnknownDefsCount = v(#eANTISPAM_InvalidHTML_UnknownDefsCount) use($GVF_UC)
InvalidHTML_SeemsColors = v(#eANTISPAM_InvalidHTML_SeemsColors) use($GVF_UC)
InvalidHTML_SmallText = v(#eANTISPAM_InvalidHTML_SmallText) use($GVF_UC)
InvalidHTML_InvisibleCharCount = v(#eANTISPAM_InvalidHTML_InvisibleCharCount) use($GVF_UC)
InvalidHTML_Scripts = v(#eANTISPAM_InvalidHTML_Scripts) use($GVF_UC)
InvalidHTML_HiddenElements = v(#eANTISPAM_InvalidHTML_HiddenElements) use($GVF_UC)
CannotBeSpam = v(#eANTISPAM_CannotBeSpam) use($GVF_UC)
SpamTest = v(#eANTISPAM_SPAMTEST) use($GVF_UC)
[Product_Events_Report_Action_Filter_Process]
ProcessStart = v(#evtProcessStart)
ProcStart = v(#evtProcStart)
ProcessStop = v(#evtProcessStop)
ProcStop = v(#evtProcStop)
ImageLoad = v(#evtImageLoad)
ImageUnload = v(#evtImageUnload)
Terminate = v(#evtTerminate)
ReadProcMem = v(#evtReadProcMem)
SetHook = v(#evtSetHook)
CodeInject = v(#evtCodeInject)
Suspend = v(#evtSuspend)
AddAppToGr = v(#evtAddAppToGr)
[Product_Events_Report_Action_Filter_DataAccess]
Send = v(#evtSend)
Receive = v(#evtReceive)
WMSend = v(#evtWMSend)
LLDiskAccess = v(#evtLLDiskAccess)
LLFSAccess = v(#evtLLFSAccess)
ADSAccess = v(#evtADSAccess)
DirectMemAccess = v(#evtDirectMemAccess)
ClipBoardAcceess = v(#evtClipBoardAcceess)
[Product_Events_Report_Action_Filter_System]
SelfStart = v(#evtSelfStart)
WindowsShutDown = v(#evtWindowsShutDown)
HiddenRegistry = v(#evtHiddenRegistry)
KeyLogger = v(#evtKeyLogger)
SetHardLink = v(#evtSetHardLink)
SchedulerStart = v(#evtSchedulerStart)
DrvStart = v(#evtDrvStart)
ServiceStart = v(#evtServiceStart)
ScreenShots = v(#evtScreenShots)
CriticalCOMAccess = v(#evtCriticalCOMAccess)
UseBrowserCL = v(#evtUseBrowserCL)
UseBrowserAPI = v(#evtUseBrowserAPI)
UseDNS = v(#evtUseDNS)
UseBITS = v(#evtUseBITS)
SetDbgPrivilege = v(#evtSetDbgPrivilege)
ChangeObjPrivilege = v(#evtChangeObjPrivilege)
ShellWindowsAcceess = v(#evtShellWindowsAcceess)
UserAccountAccess = v(#evtUserAccountAccess)
[Product_Events_Report_Object_Filter]
File = v(#eFile)
Directory = v(#eDirectory) use($GVF_HIPS)
RegKey = v(#eRegKey) use($GVF_HIPS)
RegValue = v(#eRegValue) use($GVF_HIPS)
Process = v(#eProcess) use($GVF_HIPS)
Thread = v(#eThread) use($GVF_HIPS)
Module = v(#eModule) use($GVF_HIPS)
LogSector = v(#eLogSector) use($GVF_AV)
PhysSector = v(#ePhysSector) use($GVF_AV)
Memory = v(#eMemory) use($GVF_AV)
MailMessage = v(#eMailMessage) use($GVF_AV)
MailAttach = v(#eMailAttach) use($GVF_AV)
PagerData = v(#ePagerData) use($GVF_AV)
URL = v(#eURL) use($GVF_NOT_SCAN)
Script = v(#eScript) use($GVF_NOT_SCAN)
Port = v(#ePort) use($GVF_HIPS)
Connection = v(#eConnection) use($GVF_HIPS)
Packet = v(#ePacket) use($GVF_HIPS)
DialStr = v(#eDialStr) use($GVF_OS)
Task = v(#eTask) use($GVF_NOT_SCAN)
;--------------------------------------------
[Product_Scan_Statistics_List]
$ObjectPath = c_object(ObjectId, object(ObjectId))
@ = $List alias(scanstat) refresh(100) a(la) ext(1) extprm(1)
Object = at(fixedpos) text(ObjectType == #eFile ? objfile($ObjectPath) : s_ObjectType(ObjectType)) ia(lc) i(s_ObjectTypeIcon(ObjectType, $ObjectPath, #true, #true)) sz(150) extprm(1)
Time = text(timestamp(TimeSpend/1000)) sz(a) a(r) sort(TimeSpend)
Scaned = [Product_Scan_Statistics_List_Scaned]
Detected = text(Detected) sz(a) a(r)
row = bg(if(Flags & 1,"EventWarn")) f(((Flags & 2) && isExpanded) ? "Normal_Bold" : "Normal")
[Product_Scan_Statistics_List_Scaned]
@ = text(Scaned) sz(a) a(r)
Scaned = text(Scaned) sz(a) a(r)
Archived = text(Archived) sz(a) a(r)
Packed = text(Packed) sz(a) a(r)
PswProtected = text(PswProtected) sz(a) a(r)
Corrupted = text(Corrupted) sz(a) a(r)
ScanErrors = text(ScanErrors) sz(a) a(r)
[Product_Statistics_List]
@ = $List alias(blstat) at(nosearch) prm(#dbStatistics) refresh(500) a(la) group(dateonly,dategroup(Date),default) ext(1) extprm(1)
Counter = at(fixedpos) ia(lc) sz(240) group(CounterItem,Counter,default) sort(s_RepDetectType(Counter),sortdown) extprm(1)
Blocked = text(Blocked) a(r) sz(60) extprm(1)
Total = text(Total) a(r) sz(60) extprm(1)
row = f(depend(!level) ? "Normal_Bold" : "Normal")
;-------------------------------------------- Can someone tell me what this is. |
My System Specs | |
| 19 May 2011 | |
| Windows 7 Ultimate 64-bit / Ubuntu Linux 11.04 40 posts | This might be a false positive from Kaspersky. Just to make sure, could you try a second opinion scanner? Try downloading Malwarebytes : Free anti-malware, anti-virus and spyware removal download and see what it says. Make sure to do a full scan. |
| My System Specs |
| 20 May 2011 | |
| Windows 8 Pro 303 posts Cleveland | Yes I did these scans also. Malwarebytes full scan SUPERAntiSpyware full scan Kaspersky full scan and nothing came up. I did download and ran a Keylogger detector and this came up lol |
| My System Specs |
| . |
| |
| 20 May 2011 | |
| ultimate 64 sp1 8,636 posts | i think the key word in "behavior similar to keylogger detected" is similar. i've noticed kaspersky doing this when i start certain games. i forget now exactly, but if you click on the arrow and select 'hide this notification' (or something like that) then you won't get bothered by that particular warning for that particular 'problem' software again. looks like you're clean!  |
| My System Specs |
| 20 May 2011 | |
| Windows 8 Pro 303 posts Cleveland | Thanks guys |
| My System Specs |
| 20 May 2011 | |
| Windows 8 Pro 303 posts Cleveland | I am running ESET Online scanner and so far its showing 3 infections (Win32/ ADWARE. ADON ). Just have to wait till its done to see what else comes up. |
| My System Specs |
 |
Keylogger issue problems?
| Thread Tools | |
| Similar help and support threads for: Keylogger issue | ||||
| Thread | Forum | |||
| Detecting keylogger | System Security | |||
 Spyware, keylogger? | System Security | |||
| Problems with Keylogger | System Security | |||
All times are GMT -5. The time now is 06:21 PM.
