;------------- Message box enums ------------ [Global] #m_okcancel = 1 #m_yesnocancel = 3 #m_yesno = 4 #m_res_cancel = 0 #m_res_ok = 1 #m_res_yes = 1 #m_res_no = 2 #m_error = 0x10 #m_warning = 0x30 #m_question = 0x20 #m_information = 0x40 #showNormal = 1 #showMaximazed = 3 #showMinimized = 6 $KeyDebug = 0 [s_MsgBoxIcon] #m_error = "e32" #m_warning = "w32" #m_question = "q32" default = "i32" [Global] #SHELL_OBJTYPE_DRIVE = 0x0001 #SHELL_OBJTYPE_FOLDER = 0x0002 #SHELL_OBJTYPE_FILE = 0x0004 #SHELL_OBJTYPE_MYCOMPUTER = 0x0008 #SHELL_OBJTYPE_CUSTOM = 0x0020 #SHELL_OBJTYPE_MASK = 0x0040 #SHELL_OBJTYPE_REGKEY = 0x0080 #SHELL_OBJTYPE_REGVALUE = 0x0100 #SHELL_OBJTYPE_FILTERED = 0x0200 #SHELL_OBJTYPE_URL = 0x0400 #SHELL_OBJTYPE_PERSONAL = 0x0800 #SHELL_OBJTYPE_PROCESS = 0x1000 #SHELL_OBJTYPE_USERACCOUNT = 0x2000 #SHELL_OBJTYPE_LIBRARY = 0x4000 #RemTags = 0x01 #RemCRLF = 0x02 #RemAmperc = 0x04 #vAdd = 1 #vRemove = 2 ;------------- Global ------------ [Global] $ProductName = switch(env("ProductType"), "ProductTitle", "") $ProductName_GEN = switch(env("ProductType"), "ProductTitle", "GEN") $ProductName_DAT = switch(env("ProductType"), "ProductTitle", "DAT") $ProductName_INS = switch(env("ProductType"), "ProductTitle", "INS") $ProductName_PRE = switch(env("ProductType"), "ProductTitle", "PRE") $ProductNameLong = switch(env("ProductType"), "ProductTitleLong", "") $ProductNameLong_GEN = switch(env("ProductType"), "ProductTitleLong", "GEN") $ProductNameLong_DAT = switch(env("ProductType"), "ProductTitleLong", "DAT") $ProductNameLong_INS = switch(env("ProductType"), "ProductTitleLong", "INS") $ProductNameLong_PRE = switch(env("ProductType"), "ProductTitleLong", "PRE") $RemoteComputer = if(remoteComputer, remoteComputer + " - ") $ProfileName=(description ? description + if($IsAdminGroupTask, $GroupTask) : switch(name, "ProfileName")) $ProfileState = s_ProfileState(state) $ProfileReport = $ProfileName + ": " + s_ProfileState(state, #true) $ProfileStateFont = s_ProfileStateFont(state) $IsErr = (!s_IsGroupProfile(name) && lastErr) $SettingsLevel=switch(level, "SettingsLevel") $ScanAction=switch(ScanAction, "ScanAction") $MyAccountLink = f_LocalizationBase() + "?hl=" + env("Localization") + "&link=my_account&syst=" + global.OSVersion + "&pid=" + env("ProductType") + "&version=" + env("ProductVersion") + "&hotfix=" + global.ProductHotfix + "&serial=" + f_KeySerNum(LicInfo.KeyInfo.KeySerNum) + "&ktype=" + LicInfo.KeyInfo.KeyType + "&kcount=" + LicInfo.KeyInfo.LicenseCount + "&kcreat=" + date(LicInfo.KeyInfo.KeyCreationDate) + "&kexp=" + date(LicInfo.KeyExpirationDate) + "&kinst=" + date(LicInfo.KeyInstallDate) + "&installid=" + env("PCID") + "&installdate=" + env("InstallDate") + "&custid=" + CustomerId $PersonalCabinetLink = bindok("SupportCustom.aLinks.PersonalCabinet.URL") && SupportCustom.aLinks.PersonalCabinet.URL!="" ? SupportCustom.aLinks.PersonalCabinet.URL : $MyAccountLink ;$PersonalCabinetLink = "https://support.kaspersky.com/" + env("Localization") + "/PersonalCabinet" $HelpdeskLink = bindok("SupportCustom.aLinks.SupportReq.URL") && SupportCustom.aLinks.SupportReq.URL!="" ? SupportCustom.aLinks.SupportReq.URL : "https://support.kaspersky.com/" + env("Localization") + "/PersonalCabinet/HelpDesk/helpdesk.html" ;$HelpdeskLink = $PersonalCabinetLink + "/HelpDesk/helpdesk.html" $ActivationLink = "https://activation.kaspersky.com/"+env("Localization") $ProductUpgradeLink = s_compareLinkLoc(env("Localization")) $KnowledgeBaseLink = "http://www.kaspersky-help.com/?hl=" + env("Localization") + "&link=kb&syst=" + global.OSVersion + "&pid=" + env("ProductType") + "&version=" + env("ProductVersion") + "&hotfix=" + global.ProductHotfix + "&serial=" + f_KeySerNum(LicInfo.KeyInfo.KeySerNum)+ "&ktype=" + LicInfo.KeyInfo.KeyType + "&kcount=" + LicInfo.KeyInfo.LicenseCount + "&kcreat=" + date(LicInfo.KeyInfo.KeyCreationDate) + "&kexp=" + date(LicInfo.KeyExpirationDate) + "&kinst=" + date(LicInfo.KeyInstallDate) + "&installid=" + env("PCID") $PersonalOnly = switch(env("ProductType"), "PersonalOnly") $CorporateOnly = switch(env("ProductType"), "CorporateOnly") $IsProcessor64Bit = s_IsProcessor64Bit(global.ProcessorType) $IsNeedReboot = (global.UpdateState & #eUpdateNeedReboot) $IsSafeMode = (global.ProtectionState & #eProtectionSafeMode) $IsProtectionNotInstalled = (global.ProtectionState & #eProtectionNotInstalled) $IsInstallNeedReboot = (global.settings.Ins_InitMode & #eInitMode_NeedReboot ? 1 : $IsNeedReboot) $IsAdminGroupTask = (admflags & #PROFILE_ADMFLAG_GROUPTASK) $IsActiveDisinfect = (name == "Active_Disinfect") $IsHelpExists = fileattr(env("HelpFile")) $IsFunctionalityLevel_Protection = s_IsFunctionalityLevel_Protection(global.LicInfo.FuncLevel) $IsSOS = (env("ProductType") == "sos") $IsKAV = (env("ProductType") == "kav") $IsKIS = (env("ProductType") == "kis") $IsRD = (env("ProductType") == "rd") ;$IsRD = isRescueCD() $IsKAT = (env("ProductType") == "kat") $ProductVersion = (env("ProductVersion") ? env("ProductVersion") : global.ProductVersion) ProductName = $ProductName ProductNameDetailed = $ProductNameLong AnyError = s_SystemError(ErrorCode) + "." HelpError = "Help" HelpErrorText = strVal1 HelpDefTopicId = $IsRD ? 10411 : 0 EstimatedDays = f_n_days(nVal1) RestartComputerWarning.caption = $ProductName $WinMailer = ($IsVistaOS ? "Windows Mail" : "Outlook Express") $ViruslistLink = (env("VirusListLink") + "/" + env("Localization")) $ViruslistThreatLink = ($ViruslistLink + "/search?VN=" + DetectName + "&sha1=" + Hash) $ViruslistPhishingLink = ($ViruslistLink + "/find?objs=vlgloss&words=phishing") PrepareUpdateBeforeFullScan = f_PrepareUpdateBeforeFullScan(msg("AskUpdateBeforeFullScan", #m_yesnocancel)) AskResumeScan = dialog("AskResumeScan") CleanVulnerab = if(ScanVulnerability && name == "Scan_My_Computer" && threatFind(null, #DETYPE_VULNERABILITY) && msg("DiscardVulnerab", #m_yesno), threatDiscard(null, #DETYPE_VULNERABILITY)) KAVMailQB = "newvirus@kaspersky.com" KAVMailQB_PDM = "pdm@kaspersky.com" QBCommonSendDescription="[Info]\r\nOsVersion=" + OSVersion + "\r\nProductName=" + $ProductNameLong + "\r\nProductVerion=" + $ProductVersion + "\r\nKeySerialNumber=" + f_KeySerNum(global.LicInfo.KeyInfo.KeySerNum) + "\r\n" QBObjectSendDescription="[General]\r\nTaskType=" + s_TaskID(s_TaskType2TaskId(TaskType)) + "(" + TaskType + ")\r\nThreatType=" + s_DetectSureTypes(DetectStatus, TaskType) + "\r\nThreatName=" + DetectName + "\r\nThreatDanger=" + DetectDanger + "\r\nObjectType=" + s_DetectObjectTypes(ObjectType) + s_AlertObjectLabel_AddInfo_Pid(nPID) + "\r\nObjectName=" + ObjectName + "\r\nScanningBasesTime=" + datetime(ScanningBasesTime) $LastPage = btns(Cancel(enable(0))) $IsScanActive = depend(f_ScanCommonCompletion()) $IsUpdateActive = f_IsStateActive(Updater.state) $EmptyInstalliation = !f_isInstalled("File_Monitoring") && !f_isInstalled("Mail_Monitoring") && !f_isInstalled("Web_Monitoring") && !f_isInstalled("IM_Monitoring") && !f_isInstalled("HipsTask") && !f_isInstalled("pdm") && !f_isInstalled("Firewall") && !f_isInstalled("ids") && !f_isInstalled("Anti_Spam") && !f_isInstalled("AdBlocker") && !f_isInstalled("ParCtl") ; ---- constants ---- #true = 1 #false = 0 #eFindMatchCase = 0x0002 #eFindWholeWord = 0x0004 #eFindUp = 0x0008 #eFindMarkAll = 0x0010 #errOK = 0 #errTASK_ALREADY_RUNNING = 0x99480008 #errPROXY_STATE_INVALID = 0x80000240 ;Settings level #SETTINGS_LEVEL_DEFAULT = 0 #SETTINGS_LEVEL_CUSTOM = 1 #SETTINGS_LEVEL_LOW = 2 #SETTINGS_LEVEL_HIGH = 3 ;Event classes #pmc_EVENTS_NOTIFY = 0xe532519d #pmc_EVENTS_IMPORTANT = 0x10f87d4c #pmc_EVENTS_CRITICAL = 0xbfca8487 ;Profile States #TaskRequestRun =0x00000031 ;Profile States #StateRunning =0x00300031 #StatePaused =0x00100062 #StateStopped =0x00000094 #StateCompleted =0x000000A0 #StateFailed =0x004000F0 #StateNotStarted =0x00000010 #StateDisabled =0x000000D0 #StateStarting =0x00300021 #StatePausing =0x00300052 #StateResuming =0x00300071 #StateReStarting =#StateResuming #StateStopping =0x00300084 #StateMalfunction =0x00700041 #StateFlagActive =0x100000 #StateFlagOperational=0x200000 #StateFlagMalfunction=0x400000 ;Profile State Requests #TASK_REQUEST_RUN = 0x01 #TASK_REQUEST_PAUSE = 0x02 #TASK_REQUEST_STOP = 0x04 ; tProfileOrigin #poUnk = 0xFFFFFFFF #poSystem = 1 #poUser = 2 #poLocalAdmin = 3 #poRemoteAdmin = 4 #poTemporary = 5 $TaskCheckOn = "TaskState,0" $TaskCheckTransit = "TaskState,1" $TaskCheckOff = "TaskState,2" $TaskCheckFail = "TaskState,3" ; tAdmFlags #PROFILE_ADMFLAG_GROUPTASK = 0x0010 #cREQUEST_DELAY_UP_TO_INTERNET_CONNECTION = 0x80000000 #cREQUEST_DELAY_MAKE_PERSISTENT = 0x40000000 #cREQUEST_DELAY_MAKE_PERSISTENT_60 = #cREQUEST_DELAY_MAKE_PERSISTENT | 60 #cREQUEST_DELAY_MAKE_PERSISTENT_180 = #cREQUEST_DELAY_MAKE_PERSISTENT | 180 #cREQUEST_DELAY_MAKE_PERSISTENT_300 = #cREQUEST_DELAY_MAKE_PERSISTENT | 300 #cREQUEST_DELAY_MAKE_PERSISTENT_900 = #cREQUEST_DELAY_MAKE_PERSISTENT | 900 #cREQUEST_DELAY_MAKE_PERSISTENT_1800 = #cREQUEST_DELAY_MAKE_PERSISTENT | 1800 #cREQUEST_DELAY_MAKE_PERSISTENT_3600 = #cREQUEST_DELAY_MAKE_PERSISTENT | 3600 #cREQUEST_DELAY_MAKE_PERSISTENT_10800 = #cREQUEST_DELAY_MAKE_PERSISTENT | 10800 #cREQUEST_DELAY_MAKE_PERSISTENT_18000 = #cREQUEST_DELAY_MAKE_PERSISTENT | 18000 ; licence states #eflUnknown = 0 #eflNoFeatures = 1 #eflOnlyUpdates = 2 #eflFunctionWithoutUpdates = 3 #eflFullFunctionality = 4 #ektUnknown = 0 #ektBeta = 1 #ektTrial = 2 #ektTest = 3 #ektOEM = 4 #ektCommercial = 5 #ektSubscription = 6 #ektSubscriptionProtection = 7 #edtUnknown = 0 #edtUndefined = 1 #edtUnlimited = 2 #edtLimited = 3 #edtSuspended = 4 ; eSubscriptionStatus #ssNotSubscriptionLicense = 0 #ssExpDateUnknown = 1 #ssHasExpDateActivated = 2 #ssHasExpDateProlonged = 3 #ssHasExpDateCanceled = 4 #ssUnlimitedActivated = 5 #ssUnlimitedProlonged = 6 #ssGracePeriod = 7 #ssExpired = 8 #ssNotYetSuspended = 9 #ssSuspended = 10 #ssUnlimitedResumed = 11 #ekirUnknown = 0 #ekirValid = 1 #ekirExpired = 2 #ekirCorrupted = 3 #ekirNotSigned = 4 #ekirWrongProduct = 5 #ekirBlackListed = 6 #ekirIllegalUpdate = 7 #ekirInconsistentUpdate = 8 #ekirKeyCreationDateInvalid = 9 #ekirTrialAlreadyInUse = 10 #ekirInvalidBlacklist = 11 #ekirCantBeUsedAsReserved = 12 #ekirKeyInstallDateInvalid = 13 #ekirTrialPeriodIsOver = 14 #ekirConflictsWithCommercial = 15 #ekirExpiredAsReserve = 16 #ekirLimited = 100 #eProtectionSafeMode = 0x100 #eProtectionNotInstalled = 0x200 ;enUpdateState #eUpdateNotAuto = 0x01 #eUpdateRunning = 0x02 #eUpdateError = 0x04 #eBasesNotActual = 0x08 #eBasesNotValid = 0x10 #eBasesOutOfDate = 0x20 #eUpdateNeedReboot = 0x40 #eBasesCorrupted = 0x100 #eLicenseNotificationCritical = 0x800 #eLicenseNotificationError = 0x1000 ;enKeyState #eKeyOk = 0x0000 #eKeyTrial = 0x0001 #eKeyWillBeExpired = 0x0002 #eKeyGracePeriod = 0x0004 #eKeyAboutExpiration = 0x0008 #eKeyExpired = 0x0010 #eKeyTrialExpired = 0x0020 #eKeyBlocked = 0x0040 #eNoKeys = 0x0080 #eKeyInvalid = 0x0100 #eKeyLimited = 0x0200 #eKeyUpdateFailed = 0x0400 #eKeyWaitActivation = 0x0800 #eKeySuspended = 0x1000 #eInitMode_Init = 0x01 #eInitMode_Silent = 0x02 #eInitMode_LoadSettings = 0x04 #eInitMode_NoReboot = 0x08 #eInitMode_NeedReboot = 0x10 $IsActiveKeyTrial = (global.LicInfo.KeyInfo.KeyType == #ektTrial) $IsActiveKeyBeta = (global.LicInfo.KeyInfo.KeyType == #ektBeta) $IsActiveKeyCommercial = (global.LicInfo.KeyInfo.KeyType == #ektCommercial) $IsActiveKeyBlocked = (global.KeyState & #eKeyBlocked) $HasReserveKey = (global.ResLicInfo.KeyInfo.KeyType != #ektUnknown) $HasNoKeys = (global.LicInfo.KeyInfo.KeyType == #ektUnknown) $IsKeyExpired = (global.KeyState & (#eKeyExpired|#eKeyTrialExpired)) $IsTrialKeyExpired = (global.KeyState & #eKeyTrialExpired) $IsSubscription = (SubscriptionStatus != #ssNotSubscriptionLicense) $IsNonExpSubscription = (SubscriptionStatus != #ssNotSubscriptionLicense && SubscriptionStatus != #ssExpired) $IsSubAutoRefreshing = ($IsSubscription && !SubscriptionTolerancePassed && AutoActivationError.ErrorCode == 0 && SubscriptionStatus != #ssSuspended && SubscriptionStatus != #ssExpired) $IsRefreshSubAvail = $IsSubscription $ShowNoLicReminder = ($IsActiveKeyTrial || $IsKeyExpired || (global.KeyState & #eNoKeys) || SubscriptionStatus == #ssExpired) $IsContactSubscrProvider = ($IsSubscription && (SubscriptionStatus == #ssExpired || SubscriptionStatus == #ssGracePeriod ) ) $KeyProviderLink = (if (global.LicInfo.KeyInfo.ProviderInfo, global.LicInfo.KeyInfo.ProviderInfo, env("SubscriptionProviderLink"))) $KeyProviderLinkForText = (if (global.LicInfo.KeyInfo.ProviderInfo, global.LicInfo.KeyInfo.ProviderInfo, env(\"SubscriptionProviderLink\"))) $IsBestBuyLink = (wildcard("*bestbuy*",$KeyProviderLink,1)) $IsInitMode = (global.settings.Ins_InitMode & #eInitMode_Init) ; generic error codes #warnACCESS_DENIED = 0x00000045 #warnFALSE = 0x00000003 #errACCESS_DENIED = 0x80000045 #errOBJECT_NOT_FOUND = 0x800000C5 ; OS versions #OSVER_FAMILY_MASK = 0xFF000000 #OSVER_VERHIGH_MASK = 0x00FF0000 #OSVER_VERLOW_MASK = 0x0000FF00 #OSVER_BASE_MASK = #OSVER_FAMILY_MASK|#OSVER_VERHIGH_MASK|#OSVER_VERLOW_MASK #OSVER_FAMILY_9X = 0x01000000 #OSVER_FAMILY_NT = 0x02000000 #OSVER_WIN95 = #OSVER_FAMILY_9X|0x00040000 #OSVER_WINNT351 = #OSVER_FAMILY_NT|0x00033300 #OSVER_WINNT4 = #OSVER_FAMILY_NT|0x00040000 #OSVER_WIN2000 = #OSVER_FAMILY_NT|0x00050000 #OSVER_WINXP = #OSVER_FAMILY_NT|0x00050100 #OSVER_WIN2003 = #OSVER_FAMILY_NT|0x00050200 #OSVER_VISTA = #OSVER_FAMILY_NT|0x00060000 $IsVistaOS = (((OSVersionId & #OSVER_FAMILY_MASK) == #OSVER_FAMILY_NT) ? (OSVersionId & #OSVER_VERHIGH_MASK) >= 0x00060000 : 0) $IsWin2KOS = (((OSVersionId & #OSVER_FAMILY_MASK) == #OSVER_FAMILY_NT) ? ((OSVersionId & (#OSVER_VERHIGH_MASK|#OSVER_VERLOW_MASK)) == 0x00050000) : 0) ; processor types #PROCESSOR_ARCHITECTURE_INTEL = 0 #PROCESSOR_ARCHITECTURE_MIPS = 1 #PROCESSOR_ARCHITECTURE_ALPHA = 2 #PROCESSOR_ARCHITECTURE_PPC = 3 #PROCESSOR_ARCHITECTURE_SHX = 4 #PROCESSOR_ARCHITECTURE_ARM = 5 #PROCESSOR_ARCHITECTURE_IA64 = 6 #PROCESSOR_ARCHITECTURE_ALPHA64 = 7 #PROCESSOR_ARCHITECTURE_MSIL = 8 #PROCESSOR_ARCHITECTURE_AMD64 = 9 #PROCESSOR_ARCHITECTURE_UNKNOWN = 0xFFFF ; enum enNotifyIds #eNotifyNone = 0 #eNotifyThreats = 1 #eNotifySuspicious = 2 #eNotifyThreatNotCured = 3 #eNotifyThreatDeleted = 4 #eNotifyThreatQuarantined = 5 #eNotifyLicensing = 6 #eNotifyProduct = 7 #eNotifyUpdater = 8 #eNotifyBases = 9 #eNotifyAttackBlocked = 10 #eNotifyPswdArchive = 11 #eNotifyRuleTriggered = 12 #eNotifyProtocoller = 14 #eNotifySelfProtection = 15 #eNotifyBan = 16 #eNotifySSL = 17 #eNotifyThreatsUntreated = 18 #eNotifyMyComputerNotScaned = 19 #eNotifyUpdateNeedReboot = 20 #eNotifyParCtl = 21 #eNotifyAppGroupChanged = 22 #eNotifyAppGroupChanged2Trusted = 23 #eNotifyStatisticsReportReady = 24 #eNotifySandboxRestricted = 25 #eNotifyHiddenObject = 26 #eNotifyBlockedBySelfProtection = 27 #eNotifyProductNotAutoRun = 28 #eNotifyUpdateNotAuto = 29 ; enum enNotifySeverity #eNotifySeverityNone = 0 #eNotifySeverityCritical = 1 #eNotifySeverityError = 2 #eNotifySeverityImportant = 3 #eNotifySeverityNotImportant = 4 ; enum eUpdaterSourceType #UPDSRC_AK = 0 #UPDSRC_KL = 1 ;cDetectExclude triggers flags #AVS_fObjectMask =0x01 #AVS_fVerdictMask =0x02 #AVS_fTaskList =0x04 #AVS_fVerdictPath =0x08 ;cBLTrustedApp triggers flags #BL_fExclNone =0x00 #BL_fExclOpenFiles =0x01 #BL_fExclNet =0x02 #BL_fExclNetHost =0x04 #BL_fExclNetPort =0x08 #BL_fExclBehavior =0x10 #BL_fExclRegistry =0x20 #BL_fExclChildsBehavior = 0x40 #BL_fExclAll =(#BL_fExclOpenFiles|#BL_fExclBehavior|#BL_fExclRegistry|#BL_fExclNet|#BL_fExclChildsBehavior) ; keyboard types #ktIbmEnhanced = 4 #ktJapanese = 7 ; enDriveScanMode #dsmSkip = 0 #dsmAskUser = 1 #dsmFull = 2 #dsmQuick = 3 ; cDumpFile::eType #tDump = 0 #tBSOD = 1 #tTrace = 2 #tSysInfo = 3 #tAvzInfo = 4 ; WebToolbar_Plugin #WebToolbar_Plugin_CheckAll = 1 #WebToolbar_Plugin_CheckList = 2 #WebToolbar_Plugin_CheckNone = 3 ; SandBox paths #SANDBOX_SYSTEM_PATH = 1 #SANDBOX_KAV_PATH = 2 ;Active license notification components #ActiveLicNotifMessage = 1 #ActiveLicNotifURL = 2 #ActiveLicNotifURLName = 3 ;------------- common enums ------------ [s_IsProcessor64Bit] #PROCESSOR_ARCHITECTURE_IA64 = 1 #PROCESSOR_ARCHITECTURE_ALPHA64 = 1 #PROCESSOR_ARCHITECTURE_AMD64 = 1 default = 0 [s_ProductLogo] kis = "titlekis" kat = "titlekat" def = "titlekav" [PersonalOnly] aol=1 kis=1 kav=1 default=0 [CorporateOnly] aol=0 kis=0 kav=0 default=1 [LevelGroup3_ProtLevel] #SETTINGS_LEVEL_HIGH = 2 #SETTINGS_LEVEL_DEFAULT = 1 #SETTINGS_LEVEL_LOW = 0 [f_getSuffix2] ret = (@0 ? "_e_" : "_d_") + (@1 ? ("1") : ("2")) [f_getSuffix] ret = (@0 ? "_1" : "_2") [f_IsKeySubscr] ret = @ == #ektSubscription || @ == #ektSubscriptionProtection [f_n_days] ret = @ + " " + s_days(f_numdeclension(@)) [f_n_days_remaining] ret = @ + " " + s_daysRemaining(f_numdeclension(@)) [f_n_days_past] ret = @ + " " + s_daysPast(f_numdeclension(@)) [f_KeySerNum] p_KeyInfo ret = fmt("04X", p_KeyInfo.MemberID) + "-" + fmt("06X", p_KeyInfo.AppID) + "-" + fmt("08X", p_KeyInfo.KeySerNum) [f_IfErrThenMsg] ret = if(f_ErrFail(@0), msg(@1, #m_error, p_Err(@0)), #true) [f_ObjSize] ret = filesize(@, "FileSizeTypes") [f_LicenseKeysDiscartedDetailsVFmt] ret = "" + $LicInfoKeyNumber + "\n" + f_KeySerNum(LicInfo.KeyInfo.KeySerNum)\ + "\n" + $LicInfoKeyProductName + "\n" + LicInfo.KeyInfo.ProductName\ + "\n" + $LicInfoKeyType + "\n" + s_LicKeyType(LicInfo.KeyInfo.KeyType)\ + "\n" + $LicInfoExpirationDate + "\n" + date(LicInfo.KeyExpirationDate)\ + "\n" + $LicErrReason + "\n" + s_KeyInvalidReason(LicInfo.InvalidReason) [f_Activate] ret = activate() [f_TurnSelfProtectionOn] ret = if(checkPassword(#pwdc_SaveSettings), turnSelfProtectionOn()) [f_RunAtStartup] ret = if(checkPassword(#pwdc_SaveSettings), runAtStartup()) [f_RestartApp] ret = if(msg("RestartProductWarning", #m_yesno|#m_warning), restartApp()) [f_RestartOs] ret = if(msg("RestartComputerWarning", #m_yesno|#m_warning), restartOs()) [f_StartUpdater] ret = window("MainWindow:Updater", p_postInit("setstate(#TASK_REQUEST_RUN, \"Updater\")")) [f_StartScanMyComputer] ret = window("MainWindow:Scan", p_postInit("prepareFullScanObjects(); ctxitem(ctl.Scan_My_Computer, f_setState(#TASK_REQUEST_RUN, \"Scan_My_Computer\"))")) [f_StartScan] p_ProfileName ret = window("MainWindow:Scan:" + p_ProfileName), f_setState(#TASK_REQUEST_RUN, p_ProfileName) [f_SendMail] ret = if(mail(@), msg("ErrorSendEmail")) [f_StartAntiSpamTrainingWizard] ret = if(checkPassword(#pwdc_SaveSettings), window("OutlookPlugin.TrainingWizard")) [f_isInstalled] ret = isInstalled(@) [f_isVkbdInstalled] ret = fileattr(env("ProductRoot") + "/vkbd.dll") [f_MainLightBlink] ret = if(l_LightProdStateSeverity != @ && @ != #eProtStateNormal, (l_LightProdStateSeverity = @, ctl.animate(19,2))) [f_isSandBoxAllowedForThisApp] ret = !(@ & #HIPS_APPID_FLAG_GROUP) && (@ != #AppIdProduct) && !wildcard(toupper( env("WinDir").addPath("System32").addPath("*")),toupper(f_AppInfo(@).sImagePath)) [s_IsValidTime] 0xFFFFFFFF -1 0 = 0 def = 1 [s_IsProductNoFeatures] #eflUnknown = 1 #eflNoFeatures = 1 [s_IsFunctionalityLevel_Protection] #eflFullFunctionality = 1 #eflFunctionWithoutUpdates = 1 [s_IsFunctionalityLevel_Updater] #eflFullFunctionality = 1 #eflOnlyUpdates = 1 [f_AvzWizard] ret = window(@) [f_AvzDialog] ret = dialog(@) [f_UpdateExistUserProfile] p_Profile, p_Id ret = p_Profile ? ((p_Profile.settings.ProfileId == p_Id) ? msg("ParCtlAssignUserToProfileInfo") : f_ChangeExistUserProfile(p_Profile)) : #true [f_ChangeExistUserProfile] p_Profile ret = p_Profile.settings.ProfileId != #eParCtl_ProfId_Child ? msg(f_ParCtlAssignUserToProfileWarning(p_Profile.settings.ProfileId), #m_yesno|#m_warning) : #true [f_IsActiveKeyWorkingCommercial] ret = (global.KeyState & (#eKeyTrial | #eKeyExpired | #eKeyTrialExpired | #eKeyBlocked | #eNoKeys | #eKeyWaitActivation | #eKeyInvalid)) == 0 [f_IsKeyNotExpired] ret = (@ & (#eKeyExpired | #eKeyTrialExpired | #eKeyBlocked | #eNoKeys | #eKeyWaitActivation | #eKeyInvalid | #eKeyLimited)) == 0 [f_PrepareUpdateBeforeFullScan] ret = if(@ == #m_res_yes, f_StartUpdater()); @ ;------------- profile enums ------------ [ProfileNameHK] File_Monitoring = "&" + $File_Monitoring Mail_Monitoring = "&" + $Mail_Monitoring Web_Monitoring = "&" + $Web_Monitoring Anti_Spam = "&" + $Anti_Spam [ProfileName] Protection=$Protection Antivirus=$Antivirus File_Monitoring=$File_Monitoring Mail_Monitoring=$Mail_Monitoring Web_Monitoring=$Web_Monitoring IM_Monitoring=$IM_Monitoring Scan_Objects=$Scan_Objects Scan_My_Computer=$Scan_My_Computer Scan_Critical_Areas=$Scan_Critical_Areas Scan_Rootkits=$Scan_Rootkits Scan_Vulnerabilities=$Scan_Vulnerabilities Scan_Startup=$Scan_Startup Scan_Qscan=$Scan_Rootkits Active_Disinfect=$Active_Disinfect AdvDis=$Active_Disinfect Anti_Spam=$Anti_Spam ParCtl=$ParCtl AdBlocker=$AdBlocker Updater=$Updater Rollback=$Rollback ids=$ids antiphishing=$antiphishing OnlineSecurity=$OnlineSecurity ContentFilter=$ContentFilter Hips=$Hips HipsTask=$Hips Firewall=$Fw SystemWatch=$SystemWatch SysWatch=$SysWatch pdm=$Pdm SandBox=$SandBox AVZ_CollectSysInfo=$AVZ_CollectSysInfo AVZ_Scan=$AVZ_Scan default = (bindok("type") && type == "ods") ? $QuickScan : ("<" + @ + ">") [s_ProfileIcon] Protection = "TaskKAV" av = "TaskAV" cf = "TaskCF" os = "TaskOS" sw = "TaskHIPS" ods = s_ProfileIcon_ods(name) updater = "b_updater" avz = "b_ods" [s_ProfileIcon_ods] Scan_My_Computer = "TaskFullScan" Scan_Startup = "TaskQuickScan" Scan_Objects = $IsKAT ? "TaskFullScan" : "b_ods" def = "b_ods" [s_ProfileName] Protection=$Protection av=$Antivirus cf=$ContentFilter os=$OnlineSecurity sw=$SystemWatch ods=$Scan_Objects updater=$Updater [ProfileType] default="Unknown profile type: " + type [s_IsGroupProfile] Antivirus ContentFilter OnlineSecurity SystemWatch = 1 [f_IsProfileFailed] ret = @ == #StateFailed || @ == #StateMalfunction [s_ProfileError] rollback updater = s_UpdaterError(@1) hips = s_HipsError(@1) parctl = s_ParCtlError(@1) avz = s_AvzError(@1) SandBox = s_SandBoxError(@1) def = s_SystemError(@1) [s_IsStateRunning] #StateRunning #StateStarting #StateReStarting #StateResuming #StateMalfunction = 1 [f_IsStateRunningOK] ret = s_IsStateRunning(@) && @ != #StateMalfunction [f_IsStateActive] ret = @ & #StateFlagActive [s_IsStateTransitional] #StateStarting #StateReStarting #StateResuming #StatePausing #StateStopping = 1 [TaskStartEnable] #StatePaused #StateStopped #StateCompleted #StateFailed #StateNotStarted #StateDisabled = 1 [TaskPauseEnable] #StateRunning #StateMalfunction = 1 [TaskStopEnable] #StateRunning #StatePaused #StateMalfunction = 1 [SettingsLevel] #SETTINGS_LEVEL_HIGH = $High #SETTINGS_LEVEL_DEFAULT = $Medium #SETTINGS_LEVEL_LOW = $Low #SETTINGS_LEVEL_CUSTOM = $Custom [s_ProfileStateFont] #StateRunning = $IsErr ? "Header1Green_u" : "Header1Green" #StatePaused #StateStopped #StateCompleted #StateNotStarted #StateDisabled = "Header1Grey" #StateStarting #StatePausing #StateResuming #StateStopping = "Header1LGreen" #StateFailed #StateMalfunction = "Header1Red_u" [s_ProfileSmallStateFont] #StateRunning = $IsErr ? "Normal_Green_u" : "Normal_Green" #StatePaused #StateStopped #StateCompleted #StateNotStarted #StateDisabled = "Normal_Grey" #StateStarting #StatePausing #StateResuming #StateStopping = "Normal_Green" #StateFailed #StateMalfunction = "Normal_Red_u" [s_ProfileStateImage] #StateRunning = $TaskCheckOn #StatePaused #StateStopped #StateCompleted #StateNotStarted #StateDisabled = $TaskCheckOff #StateStarting #StatePausing #StateResuming #StateStopping = $TaskCheckTransit #StateFailed #StateMalfunction = $TaskCheckFail ;------------- EmulatorLevelsProductValues ------------- [EmulatorLevels_scan] 10 = 2 5 = 1 3 = 0 [EmulatorLevels_OAS] 10 = 2 3 = 1 1 = 0 [EmulatorLevels_Web] 50 = 2 10 = 1 1 = 0 ;------------- Scheduler enums ------------ [Global] #schmManual = 0 #schmEnabled = 1 #schmAuto = 2 #schtMinutely = 0 #schtHourly = 1 #schtDaily = 2 #schtWeekly = 3 #schtExactTime = 4 #schtMonthly = 5 #schtOnStartup = 6 #schtAfterUpdate = 7 #schEveryDays = 0 #schEveryWeekday = 1 #schEveryHoliday = 2 $SchedulerDescription = switch(Mode, "SchedulerDescription") [Scheduler_Time_Show] #schtDaily #schtWeekly #schtMonthly = #true [Scheduler_RunIfSkipped_Show] #schtExactTime #schtDaily #schtWeekly #schtMonthly = #true [Scheduler_PostponeStart_Show] #schtExactTime #schtMinutely #schtHourly #schtDaily #schtWeekly #schtMonthly = #true [f_ErrFail] ret = @ & 0x80000000 [f_GetProfileErrorText] ret = name == "Web_Monitoring" ? (f_ErrFail(httpscan.lastErr) ? s_ProfileError("httpscan", httpscan.lastErr) : s_ProfileError("sc", sc.lastErr)) : s_ProfileError(type, lastErr) [Global] ProfileErrorInfo.caption = $ProfileName ProfileErrorInfo = $ProfileName + ": " + f_GetProfileErrorText() + "\n" + $KnowledgeBaseLinkText + "" ;-------------------- GlobalEvents ------------------------- ; Hips enums [Global] ; InterfaceTypes #If_other = 0 #If_LoopBack = 1 #If_Ethernet = 2 #If_WiFi = 3 #If_Tunnel = 4 #If_PPP = 5 #If_PPPoE = 6 #If_VPN = 7 #If_Modem = 8 #If_Internet =100 #If_OtherNetwork =101 ; WebService flags #wsProtocol = 0x01 #wsIcmpCode = 0x02 #wsIcmpType = 0x04 ; Protocls #protoTCP = 6 #protoUDP = 17 #protoICMP = 1 #protoICMPV6 = 58 ; SocketTypes #fwstAll = 0 #fwstNormal = 1 #fwstRaw = 2 ; WebService direction #wsIn = 1 #wsOut = 2 #wsInOut = 3 #wsInStream = 4 #wsOutStream = 5 ;fw zone severity #znAll = 0 #znTrusted = 1 #znNetBIOS = 2 #znUntrusted = 3 ;fw zone flags #znPermanent = 0x1 #znConfirmOnConnect = 0x2 #znUptoGateway = 0x4 #znARPWatch = 0x8 #znConnectedProgram = 0x40 #znDisconnectedprogram = 0x80 #znDefPrinter = 0x100 #znSavDefPrinter = 0x200 #znWallPaper = 0x400 #znStealth = 0x8000 #znNotifyWhenConnected = 0x200000 #znNewMacNotify = 0x800000 #znChgMacNotify = 0x1000000 #znArpPoison = 0x2000000 ;fw zone state flags #znVisible = 0x01 #znConnected = 0x10 ;fw adapter flags #znAskWhenNewZones = 0x1 #znAskOnlyWhenSecureZones = 0x2 #znTemporaryNewZones = 0x4 #znStealthForNewZones = 0x20 ;fw work mode #fwAllowAll = 4 #fwAllow = 3 #fwAsk = 2 #fwBlock = 1 #fwBlockAll = 0 ;fw work flags #fwFtpTracking = 0x004 #fwDhcpTracking = 0x008 #fwCantAskDeny = 0x040 #fwNotShutDown = 0x080 #HIPS_RULE_STATE_DENY = 0 #HIPS_RULE_STATE_ALLOW = 1 #HIPS_RULE_STATE_ASK = 2 #HIPS_RULE_STATE_MIX = 3 #HIPS_RULE_STATE_UNK = 4 #HIPS_RULE_STATE_INH_DENY = 5 #HIPS_RULE_STATE_INH_ALLOW = 6 #HIPS_RULE_STATE_INH_ASK = 7 #HIPS_RULE_STATE_INH_MIX = 8 #HIPS_RULE_STATE_INH_UNK = 9 #HIPS_RULE_STATE_INH = 10 #HIPS_RULE_TYPE_PACKET = 4 #HIPS_RULE_TYPE_FW = 7 #HIPS_FLAG_ALLOW = 0 #HIPS_FLAG_ASK = 1 #HIPS_FLAG_BYAPP = 2 #HIPS_FLAG_DENY = 3 #HIPS_FLAG_LOG = 4 #HIPS_FLAG_INHERIT = 8 #HIPS_FLAG_ALL_ACTIONS = 3 #HIPS_FLAG_ALL_ACTIONS_INH = 0xb #HIPS_APP_FLAG_NOINHERIT = 0x08 #HIPS_RESID_FLAG_USER = 0x40000000 #HIPS_APPID_FLAG_GROUP = 0x80000000 #HIPS_APPID_FLAG_USER = 0x40000000 #HIPS_APPID_ROOT = 0x80000001 #HIPS_APPID_TRUSTED = 0x80000003 #HIPS_APPID_LO_REST = 0x80000005 #HIPS_APPID_HI_REST = 0x80000006 #HIPS_APPID_UNTRUSTED = 0x80000007 #HIPS_APP_ID_TRUSTED = 0 #HIPS_APP_ID_LO_REST = 1 #HIPS_APP_ID_HI_REST = 2 #HIPS_APP_ID_UNTRUSTED = 3 #HIPS_APP_ID_CUSTOM = 4 #HIPS_APP_ID_DEFAULT = 5 #HIPS_APP_ID_HIPSNOTRUNNING = 0xFFFFFFFE #HIPS_APP_ID_UNKNOWN = 0xFFFFFFFF #nafWasTerminated = 0x0001 ; hips resource types & flags #rtFileInfo = 0x0002 #rtRegKeyInfo = 0x0003 #rtWebService = 0x0006 #rtIpRange = 0x0007 #rtMask = 0x000f #rfEnabled = 0x0020 #rfResourceView = 0x0040 #rfFilesRegistryView = 0x0080 #rfRulesView = 0x0100 #rfDisableEdit = 0x0200 #rfCreateByUser = 0x0400 ; hips resource group IDs #riKLSystemData = 2 #riKLPrivateData = 3 #riKLWebServices = 7 #riIPRanges = 8 #riKLNetwork = 9 #riKLProtectedApps = 0x40000000 ; hips resource struct types #stFileInfo = 0xbf8d0000 #stRegKeyInfo = 0xbf8d0100 #stWebService = 0xbf8d2000 #stIpRange = 0xbf8d2100 #stFwEvent = 0xbf8d1800 ; hips resource group search macro $rfKLSystemData = Resource.treeFind("Childs", "Id == #riKLSystemData") $rfKLPrivateData = Resource.treeFind("Childs", "Id == #riKLPrivateData") $rfKLOtherSoft = Resource.treeFind("Childs", "Name == \"KLOtherSoft\"") $rfKLWebServices = Resource.treeFind("Childs", "Id == #riKLWebServices") $rfKLIPRanges = Resource.treeFind("Childs", "Id == #riIPRanges") $rfKLNetwork = Resource.treeFind("Childs", "Name == \"KLNetwork\"") #ehsssAllow = 0 #ehsssDeny = 1 #ehsssApp = 2 ; extenal plugin mask #mpOutlook = 0x02 #mpOutlookExpress = 0x04 #mpTheBat = 0x08 #mpEudora = 0x10 #mpThunderbird = 0x20 ; mask for spam attachment checking #pfParseNothing = 0x0 #pfParsePlainText = 0x1 #pfParseHtml = 0x2 #pfParseRtf = 0x4 #pfParsePdf = 0x8 #pfParseMSOffice = 0x10 #pfParseAll = 0xffffffff #pfParseAdditional = 0x14 ;#pfParseAdditional = 0x1C ; pdm virdict flags #vfSkipTrusted = 0x01 #vfSkipWormP2P = 0x02 #vfSkipTrojGen = 0x04 #vfSkipKeylogger = 0x08 #vfSkipSuspDrvInst = 0x10 #vfSkipIrpTableChange = 0x20 #vfSkipHiddenObj = 0x40 #vfSkipNegativePID = 0x80 #vfSkipWormGen = 0x100 #vfUseWithoutHIPS = 0x200 #vfSkipHostsChange = 0x400 #vfSkipRootShell = 0x1000 #vfSkipInvader = 0x2000 #vfSkipInvaderLoader = 0x4000 #vfSkipStrangeKey = 0x8000 #vfSkipHiddenDataSend = 0x10000 #vfSkipStrangeBeh = 0x20000 #vfSkipDNSQuery = 0x40000 #vfSkipPrtStgAccess = 0x80000 #vfNotSkipDetectFromSigned = 0x100000 #vfNotSkipDetectFromKSN = 0x200000 #IpRangeSerId = 0xbf8d2100 #SeveritySerId = 0xbf8d0e00 [s_HIPSCheckSwitch] #ehsssAllow = 0 #ehsssApp = 1 [s_AddrFilter] 50 = "ResIdEx2 != 51 && ResIdEx2 != 52" 51 = "ResIdEx2 != 50 && ResIdEx2 != 52" 52 = "ResIdEx2 != 50 && ResIdEx2 != 51" def = "" [s_AddrInit] 0 = 0 50 = 51 = 52 = ctl.NetSel.value = @; 1 def = ctl.List.focus("Id == " + @); 2 [s_AddrGet] 1 = ctl.NetSel.value 2 = ctl.List.seldata().Id def = 0 [s_LogFilter] ; 0x2 - allow, 0x4 - out, 1 = "!(Flags & 2) && !(Flags & 8)" 2 = "!(Flags & 6) && !(Flags & 8)" 3 = "(Flags & 6) == 4 && !(Flags & 8)" 4 = "(Flags & 2) && !(Flags & 8)" 5 = "(Flags & 6) == 2 && !(Flags & 8)" 6 = "(Flags & 6) == 6 && !(Flags & 8)" 7 = "Flags & 8" def = "" [Global] $AddressesFormat = Address ? Address + " (" + f_formatIpAddr(AddressIP) + ")" : ip(IP) [f_formatPortsSimple] ret = format(@, "e") [f_formatPorts] ret = format(@, "PortLo == PortHi ? PortLo : PortLo + \" - \" + PortHi") [f_formatIps] ret = format(@, "e") [f_formatIpAddr] ret = format(@, "ip(ser(Version))") [f_NetProtocol] ret = if(@.Flags & #wsProtocol, s_Protocols(@.Proto)) [f_setState] ret = if((@0 == #TASK_REQUEST_RUN && checkPassword(#pwdc_StartTask, @1)) || checkPassword(#pwdc_StopTask, @1), setstate(@0, @1, @2)) [f_setState_dbl] ret = if((@0 == #TASK_REQUEST_RUN && checkPassword(#pwdc_StartTask, @1) && checkPassword(#pwdc_StartTask, @2)) || (checkPassword(#pwdc_StopTask, @1) && checkPassword(#pwdc_StopTask, @2)), (setstate(@0, @1, @3), setstate(@0, "AVZ_Scan_Vulnerabilities", @3)) ) [f_formatGrpPath] ret = @.format("s_ResGroupName(sName)", "/") [s_ResGroupIcon] KLSystemData = "system" KLWebServices = "netservice" KLIPRanges = "netadress" def = "appgroup" [s_DevicesGroupIcon] def = @1 ? "devices" : "appgroup" [s_ResourceDescription] #stFileInfo = Data.Path #stRegKeyInfo = Data.KeyPath.addPath(Data.KeyValue) #stWebService = Name #stIpRange = Name def = "unknown resource type: 0x" + fmt("08x", @) [s_ResourceDescriptionIcon] #stFileInfo = "resfile" #stRegKeyInfo = "registry" #stWebService = "netservice" #stIpRange = "netadress" def = "unkobj" [s_ResourceDialog] #stFileInfo = browseobject(Data.Path, "BrowseForFile", #SHELL_OBJTYPE_FILE | #SHELL_OBJTYPE_FOLDER | #SHELL_OBJTYPE_MASK) #stRegKeyInfo = browseregistry(Data, "BrowseForRegistry", #SHELL_OBJTYPE_REGKEY | #SHELL_OBJTYPE_REGVALUE | #SHELL_OBJTYPE_MASK) #stWebService = dialog("WebServiceEdit") #stIpRange = dialog("IpRangeEdit") [f_ResourceType] ret = @ & #rtMask ? mask(Flags, #rtMask) = @ : menu("Hips_ResListAddMenu") [s_ResourceSerID] #rtFileInfo = #stFileInfo #rtRegKeyInfo = #stRegKeyInfo #rtWebService = #stWebService #rtIpRange = #stIpRange [s_RuleState] #HIPS_RULE_STATE_DENY = "States,2" #HIPS_RULE_STATE_ALLOW = "States,0" #HIPS_RULE_STATE_ASK = "States,6" #HIPS_RULE_STATE_MIX = "States,4" #HIPS_RULE_STATE_UNK = "States,10" #HIPS_RULE_STATE_INH_DENY = "States,3" #HIPS_RULE_STATE_INH_ALLOW = "States,1" #HIPS_RULE_STATE_INH_ASK = "States,7" #HIPS_RULE_STATE_INH_MIX = "States,5" #HIPS_RULE_STATE_INH_UNK = "States,11" [f_AppRuleIcon] ret = mergeIcon(s_AppRuleIcon(@ & #HIPS_FLAG_ALL_ACTIONS_INH), if(@ & #HIPS_FLAG_LOG, @ & #HIPS_FLAG_INHERIT ? "States,9" : "States,8")) [f_DeviceRuleIcon] ret = mergeIcon(s_AppRuleIcon(@ & #HIPS_FLAG_ALL_ACTIONS_INH), if((@ & #HIPS_FLAG_LOG) && (@ & #HIPS_FLAG_ALL_ACTIONS) == #HIPS_FLAG_DENY, @ & #HIPS_FLAG_INHERIT ? "States,9" : "States,8")) [f_PacketRuleIcon] ret = mergeIcon(s_AppRuleIcon(@ & #HIPS_FLAG_ALL_ACTIONS_INH), if((@ & #HIPS_FLAG_LOG) && (@ & #HIPS_FLAG_ALL_ACTIONS) != #HIPS_FLAG_BYAPP, @ & #HIPS_FLAG_INHERIT ? "States,9" : "States,8")) [f_UnknownApp] ret = f_UnknownAppEx(@, @1, objfile(@1)) [f_UnknownAppEx] ret = stricmp(@2, "avp.exe") == 0 ? $ProductName : (@ ? @ : (@1 ? @2 : $UnknownApp)) [s_AppRuleIcon] #HIPS_FLAG_ALLOW = "States,0" #HIPS_FLAG_ALLOW | #HIPS_FLAG_INHERIT = "States,1" #HIPS_FLAG_DENY = "States,2" #HIPS_FLAG_DENY | #HIPS_FLAG_INHERIT = "States,3" #HIPS_FLAG_BYAPP = "States,10" #HIPS_FLAG_BYAPP | #HIPS_FLAG_INHERIT = "States,11" #HIPS_FLAG_ASK = "States,6" #HIPS_FLAG_ASK | #HIPS_FLAG_INHERIT = "States,7" [f_AppIDFromAppBrowsePath] p_AppID, p_AppPath ret = browseapp(p_AppPath) ? (p_AppID = appIDFromAppPath(p_AppPath), true) : false [s_validateSBoxPath] #SANDBOX_SYSTEM_PATH = msg("SandBoxSystemPath", #m_yesno) #SANDBOX_KAV_PATH = balloon("SandBoxAVPPath"), false def = true [s_SandBoxBlackList] env("SystemRoot").addPath("System32").addPath("control.exe") env("SystemRoot").addPath("explorer.exe") = 1 def = 0 [s_SandBoxWhiteList] env("SystemRoot").addPath("System32").addPath("calc.exe") env("SystemRoot").addPath("System32").addPath("regedit.exe") env("SystemRoot").addPath("System32").addPath("notepad.exe") env("SystemRoot").addPath("System32").addPath("cmd.exe") = 1 def = 0 [f_validateSBoxPath] ret = s_SandBoxBlackList(@) ? (balloon("SandBoxBlackList"), false) : (s_SandBoxWhiteList(@) ? true : s_validateSBoxPath(validateSBoxPath(@))) [f_isStream] ret = @ == #wsOutStream || @ == #wsInStream || @ == #wsInOut [f_isTcpUdp] ret = @ == 6 || @ == 17 [f_isTcpUdpEx] ret = !(@.Flags & #wsProtocol) || f_isTcpUdp(@.Proto) [f_isIcmp] ret = @ == 1 || @ == 58 [f_fwRuleAdd] ret = AppIdEx = @; RuleTypeId = @ ? #HIPS_RULE_TYPE_FW : #HIPS_RULE_TYPE_PACKET; RuleId = getHipsNewRuleID(); dialog("PacketRuleEdit") [s_IcmpCode] default = "code " + @ [f_NetAddr] ret = f_NetAddrEx(@, resolveIp(@)) [f_NetAddrEx] ret = @1 ? @1 + " (" + ip(@) + ")" : ip(@) [s_NetActionDescrOut] #protoICMP = $IcmpOut #protoICMPV6 = $Icmp6Out #protoTCP = $TcpOut #protoUDP = $UdpOut [s_NetActionDescrIn] #protoICMP = $IcmpIn #protoICMPV6 = $Icmp6In #protoTCP = $TcpIn #protoUDP = $UdpIn [f_NetActionDescr] ret = @1 ? s_NetActionDescrOut(@) : s_NetActionDescrIn(@) [f_isOut] ret = (@ == #wsOut) || (@ == #wsOutStream) [f_AlertNetAdressDescr] ret = @ ? (@1 ? $AlertTcpOut : $AlertTcpIn) : (@1 ? $AlertUdpOut : $AlertUdpIn) [s_AlertNetAdressDescrEx] #protoICMP = f_isOut(Data.Direction) ? $AlertIcmpOut : $AlertIcmpIn #protoICMPV6 = f_isOut(Data.Direction) ? $AlertIcmp6Out : $AlertIcmp6In #protoTCP = f_isOut(Data.Direction) ? $AlertTcpOut : $AlertTcpIn #protoUDP = f_isOut(Data.Direction) ? $AlertUdpOut : $AlertUdpIn def = f_isOut(Data.Direction) ? $AlertProtoOut : $AlertProtoIn [f_NetAdapterIcon] ret = "network_types" + if(@3, 32) + "," + (s_NetAdapterIconType(@0) + (@2 & #znConnected ? 0 : 1)) [s_NetAdapterIconType] #If_WiFi = 9 #If_Tunnel #If_PPP #If_PPPoE #If_VPN = 6 #If_Modem = 3 def = 0 [s_NetZoneTypeIcon] #znTrusted = "trusted" #znNetBIOS = "local" def = "internet16" [s_NetDirectionIcon] #wsIn = "directions,1" #wsOut = "directions,3" #wsInOut = "directions,2" #wsInStream = "directions,0" #wsOutStream = "directions,4" [f_LocalAddrText] ret = if (@.serid() == #IpRangeSerId, @.LocalAddresses.format("Address ? Address + \" (\" + f_formatIpAddr(AddressIP) + \")\" : ip(IP)", ", ")) [f_RemoteAddrText] ret = if (@.serid() == #SeveritySerId, s_ResGroupName(l_ip.Name), if (@.serid() == #IpRangeSerId, @.RemoteAddresses.format("Address ? Address + \" (\" + f_formatIpAddr(AddressIP) + \")\" : ip(IP)", ", "))) [Global] $ExportAll = msg("ExportAll", #m_yesno|#m_warning) $ImportAll = msg("ImportAll", #m_yesno|#m_warning) [f_browseFileSave] ret = browsefilesave(l_browseFileSavePath, @0, @1); l_browseFileSavePath [f_browseFileOpen] ret = browsefileopen(l_browseFileOpenPath, @0, @1); l_browseFileOpenPath ;------------- MakeRescueDiskWizard -------------- [Global] #eRdiskIsoCopyLocal = 0x00000002 #eRdiskIsoDownload = 0x00000003 [s_AlertDialogOutline] 1 = "AlertOutlineRed" 2 4 = "AlertOutlineYellow" def = "AlertOutline" [s_DlgHeader] 1 = "DlgHeaderRed" 2 4 = "DlgHeaderYellow" def = "DlgHeader" [s_DlgFooter] 1 = "DlgFooterRed" 2 4 = "DlgFooterYellow" def = "DlgFooter" [s_DetectDanger2ProtSeverity] 1 = #eProtStateCrit 2 4 = #eProtStateWarn def = #eProtStateNormal [AlertDialog_Body_Action] $Def = const(if((DefaultAction == ctl.parent.value && TaskType != "hipstask"), $AlertDefault)) [NewNetwork_Body_Actions] $Def = const(if(Severity == ctl.parent.value, $AlertDefault)) [Global] #fPiwActivation = 0x01 #fPiwSettings = 0x02 #fPiwReset = 0x04 #fPiwRebootOnly = 0x08 ;Wizard triggers #wzNone = 0x00000 #wzResetArea = 0x00001 #wzActivationBegin = 0x00002 #wzActivationForm = 0x00004 #wzActivationProgress = 0x00008 #wzActivationChooseKey = 0x00010 #wzActivationEnd = 0x00020 #wzUpdate = 0x00040 #wzAntivirus = 0x00080 #wzPassword = 0x00100 #wzPdmRules = 0x00200 #wzPdmRulesCollect = 0x00400 #wzFwNetworks = 0x00800 #wzFwRules = 0x01000 #wzFwAdditional = 0x02000 #wzInherit = 0x04000 #wzInitFinish = 0x08000 #wzActivationServerForm = 0x10000 #wzTrainAntiSpam = 0x20000 #wzMaskActivation = #wzActivationBegin | #wzActivationForm | #wzActivationProgress | #wzActivationChooseKey | #wzActivationEnd #wzMaskActivationOnline = #wzActivationBegin | #wzActivationForm | #wzActivationProgress | #wzActivationEnd #wzMaskActivationKey = #wzActivationBegin | #wzActivationChooseKey | #wzActivationEnd #wzMaskSettings = #wzUpdate | #wzAntivirus | #wzPassword | #wzPdmRules | #wzPdmRulesCollect | #wzFwNetworks | #wzFwRules | #wzFwAdditional | #wzTrainAntiSpam #wzMaskAll = #wzMaskActivation | #wzMaskSettings ;------------ Threats list filter --------------------- [Global] $IsThreatsFor_SystemWatch = s_IsThreatsFor_SystemWatch(TaskType) $IsThreatsFor_Antivirus = s_IsThreatsFor_Antivirus(TaskType) $IsThreatsFor_OnlineSecurity = s_IsThreatsFor_OnlineSecurity(TaskType) $IsThreatsFor_Scan = TaskType == "ods" [s_IsThreatsFor_SystemWatch] Hips pdm SysWatch = 1 [s_IsThreatsFor_Antivirus] oas mc httpscan sc wmuf = 1 [s_IsThreatsFor_OnlineSecurity] ids = 1 [s_CmnStatGroup] #eVirware = 1 #eTrojware = 1 #eMalware = 1 #eAdware = 2 #ePornware = 2 #eRiskware = 2 #eHidden #eXFiles #eSoftware #eVulnerability #ePhishing #eDialing #eAttack #eBanner #eUnwantedWebContent #eSpam #eProbableSpam #eHam #eFileAccess #eRegistryAccess #eNetworkAccess #eHardwareAccess #eSecurityAccess #eSuspicionActivity default = 3 [f_TaskTypeExcludable] ret = @ == "avs" || s_TaskTypeExcludable(@) [s_TaskTypeExcludable] oas = f_isInstalled("File_Monitoring") ? $File_Monitoring : "" mc = f_isInstalled("Mail_Monitoring") ? $Mail_Monitoring : "" wm = f_isInstalled("Web_Monitoring") ? $Web_Monitoring : "" hips hipstask = f_isInstalled("Hips") ? $Hips : "" pdm = f_isInstalled("pdm") ? $Pdm : "" ods = f_isInstalled("Scan_Objects") ? $Scan : "" ;$DefaultAlertText=$(LicInvalidReason,DefaultTextForSpecifiedReason) $DefaultAlertText=s_DefaultTextForSpecifiedReason(global.LicInvalidReason) [s_DefaultTextForSpecifiedReason] #ekirValid=s_DefaultTextForValidReason(LicInfo.KeyInfo.KeyType) #ekirExpired=s_DefaultExpirationText(LicInfo.KeyInfo.KeyType) #ekirTrialPeriodIsOver=s_DefaultExpirationText(LicInfo.KeyInfo.KeyType) default=$ProductNotificationText [s_DetectTypeModification] #DETYPE_REGISTRY = #DETYPE_ATTACHMENT = default = s_TaskTypeModification(@1) [s_DetectSureTypes] #DSTATUS_SURE = s_DetectType(@) default = s_DetectType(@) + s_DetectTypeModification(@, @1) [s_AlertObjectLabel_AddInfo_Pid] 0 = default = "\ (PID: " + @ + ")" [f_RemoveTags] ret = removetags(@, #RemTags|#RemCRLF) [f_MakeLink] expr, action, text ret = expr ? "" + text + "" : text ;------------- Chart enums ------------ [Global] #ChartMode_CheckedObjects = 0 #ChartMode_DetectedObjects = 1 [f_Reset] ret = reset(dialog("SettingsReset")) [s_TroubleGroup] #tDump = @ #tBSOD = @ #tTrace = @ def = #tSysInfo [s_IsStatisticsEnabled] File_Monitoring = 1 Firewall = 1 Updater = 1 def = 0 [Global] #eTrafMon_Ssl_Unaccess = 0xB3ACC48B #eTrafMon_Ssl_SwitchTo = 0x203F2960 #eTrafMon_Ssl_Disconnect = 0x9AAC7FF2 #eTrafMon_Ssl_Break = 0xBA9801FD #eTrafMon_Ssl_NotSupported = 0x5DA35180 $IsRedProgress = (global.KeyState & (#eKeyExpired|#eKeyTrialExpired|#eKeyBlocked|#eKeyInvalid|#eKeyLimited|#eKeyUpdateFailed) ) [ActivationSubscr_ActLic_Visible] #ssUnlimitedActivated = #ssHasExpDateActivated = AutoActivationError.ErrorCode != 0 || SubscriptionTolerancePassed def=1 [SubscrStatus_Font] #ssHasExpDateCanceled #ssGracePeriod #ssExpired #ssSuspended = "Normal9_Bold_Red" #ssNotYetSuspended = "Normal9_Bold" def = (LicInfo.InvalidReason!=#ekirValid&&global.KeyState)? "Normal9_Bold_Red":"Normal9_Bold" [f_calcActive] ret = (LicInfo.InvalidReason==#ekirValid)? 100*LicInfo.LicenseDurationInfo.DaysTillExpiration/(LicInfo.LicenseDurationInfo.DaysTillExpiration+LicInfo.LicenseDurationInfo.DaysFromActivation) : 0 [f_calcActiveSubscrBySubscrStatus] #ssUnlimitedActivated = 70 def = f_calcActive() [f_calcActiveSubscr] ret = switch(SubscriptionStatus,"f_calcActiveSubscrBySubscrStatus") [s_filterEmptyText] = $NoInfo default = @ [s_get_act_lic_l] #ekirValid = (global.KeyState&(#eKeyWillBeExpired|#eKeyAboutExpiration|#eLicenseNotificationCritical|#eLicenseNotificationError))? "LicLightYellowLeft" : ( (!$IsRedProgress)? "LicLightGreenLeft" : "LicRedLeft" ) default = $IsSubscription? ((global.KeyState)? "LicRedLeft" : "LicLightGreenLeft" ) : ((global.KeyState & #eNoKeys)? "LicGreyLeft" : "LicRedLeft") [s_get_act_lic_m] #ekirValid = (global.KeyState&(#eKeyWillBeExpired|#eKeyAboutExpiration|#eLicenseNotificationCritical|#eLicenseNotificationError))? "LicLightYellowMiddle" : ( (!$IsRedProgress)? "LicLightGreenMiddle" : "LicRedMiddle" ) default = $IsSubscription? ((global.KeyState)? "LicRedMiddle" : "LicLightGreenMiddle" ) : ((global.KeyState & #eNoKeys)? "LicGreyMiddle" : "LicRedMiddle") [s_get_act_lic_r] #ekirValid = (global.KeyState&(#eKeyWillBeExpired|#eKeyAboutExpiration|#eLicenseNotificationCritical|#eLicenseNotificationError))? "LicLightYellowRight" : ( (!$IsRedProgress)? "LicLightGreenRight" : "LicRedRight" ) default = $IsSubscription? ((global.KeyState)? "LicRedRight" : "LicLightGreenRight" ) : ((global.KeyState & #eNoKeys)? "LicGreyRight" : "LicRedRight") [s_get_exp_lic_l] #ekirValid = (global.KeyState&(#eKeyWillBeExpired|#eKeyAboutExpiration|#eLicenseNotificationCritical|#eLicenseNotificationError))? "LicYellowLeft" : ( (!$IsRedProgress)? "LicGreenLeft" : "LicRedLeft" ) default = $IsSubscription? ((global.KeyState)? "LicRedLeft" : "LicGreenLeft" ) : ((global.KeyState & #eNoKeys)? "LicGreyLeft" : "LicRedLeft") [s_get_exp_lic_m] #ekirValid = (global.KeyState&(#eKeyWillBeExpired|#eKeyAboutExpiration|#eLicenseNotificationCritical|#eLicenseNotificationError))? "LicYellowMiddle" : ( (!$IsRedProgress)? "LicGreenMiddle" : "LicRedMiddle" ) default = $IsSubscription? ((global.KeyState)? "LicRedMiddle" : "LicGreenMiddle" ) : ((global.KeyState & #eNoKeys)? "LicGreyMiddle" : "LicRedMiddle") [s_get_exp_lic_r] #ekirValid = (global.KeyState&(#eKeyWillBeExpired|#eKeyAboutExpiration|#eLicenseNotificationCritical|#eLicenseNotificationError))? "LicYellowRight" : ( (!$IsRedProgress)? "LicGreenRight" : "LicRedRight" ) default = $IsSubscription? ((global.KeyState)? "LicRedRight" : "LicGreenRight" ) : ((global.KeyState & #eNoKeys)? "LicGreyRight" : "LicRedRight") [f_isSandboxed] ret = ((@ & 0xffffffff00000000) && ((@ & 0xffffffff00000000) != 0xffffffff00000000)) ? (@ & 0x8000000000000000) : (f_ProcessInfo(@).UniqPid & 0x8000000000000000) [f_getProcessSandboxId] p_pid ret = getProcessSboxID(p_pid) [f_getSandboxIdFromPath] p_realPath ret = getSboxIdFromRealPath(p_realPath) [f_displayPath] p_pid, p_realPath ret = convertToDisplayPath(p_pid, p_realPath) [f_displayRegKey] p_pid, p_realKey ret = convertToDisplayRegKey(p_pid, p_realKey) [f_displayObject] p_pid, p_realObjectName ret = (!p_pid || p_pid == #PIDProduct || p_pid == #PIDSystem) ? p_realObjectName : ((TaskType == "hipstask" && ObjectType == #eRegKey) ? convertToDisplayRegKey(p_pid, p_realObjectName) : convertToDisplayPath(p_pid, p_realObjectName)) [f_ProfileDurationTime] l_EndTime ret = l_EndTime = f_IsStateActive(state) ? utctime() : FinishTime; if(s_IsValidTime(StartTime) && s_IsValidTime(l_EndTime) && l_EndTime > StartTime, l_EndTime - StartTime, -1) [s_Navigator2SettingsRedirection] Btns.Protection = "Protection" Btns.AppCtrl = "HipsTask" Btns.Scan = "Scan" Btns.Updater = "Updater" Btns.AddSvc = "Protection" default = "Protection" [f_LocalizationBase] ret = s_LocalizationBase(env("Localization")) [s_LocalizationBase] ru = "https://my.kaspersky.ru/" fr = "https://my.kaspersky.com/fr/" de = "https://my.kaspersky.com/de/" it = "https://my.kaspersky.com/it/" esp = "https://my.kaspersky.com/sp/" pt = "https://my.kaspersky.com/pt/" nl = "https://my.kaspersky.com/nl/" tch = "https://my.kaspersky.com/cn/" sch = "https://my.kaspersky.com/cn/" def = "https://my.kaspersky.com/" [s_compareLinkLoc] ru = "http://www.kaspersky.ru/compare" fr = "http://www.kaspersky.com/fr/compare" de = "http://www.kaspersky.com/de/compare" it = "http://www.kaspersky.com/it/compare" esp = "http://www.kaspersky.com/sp/compare" sv = "http://www.kaspersky.se/compare" da = "http://www.kaspersky.dk/compare" la = "http://latam.kaspersky.com/comparar" br = "http://brazil.kaspersky.com/comparar" nl = "http://www.kaspersky.nl/compare" def = "http://www.kaspersky.com/compare" [s_MainWindow_ProfileDoWork_Icon] Scan_My_Computer = "fscan32" Scan_Startup = "qscan32" Scan_Vulnerabilities = "vulnerability32" Updater = "TaskUpdater32" Rollback = "TaskRollback32" def = if(type == "ods", "custom_scan32") [f_PersCab] ret = url(@ ? $HelpdeskLink : $PersonalCabinetLink) [f_IsGermanLayout] ret = s_IsGermanLayout(@ & 0xffff) [s_IsGermanLayout] 0x407 = 1 def = 0