About data provision

Should the application be activated with an activation code, in order to verify legitimate use of the application and to receive statistical information on the distribution and use of the License Rightholder's products, you agree to automatically provide the following information: the type, version and localization of the installed application, versions of the installed updates, the identifier of the computer and the identifier of the application installation on the computer, the activation code and the unique identifier of application activation, activation time, packing parameters of the confirmation of license key status, application key creation date and time, the type, version and word size of the operating system, and identifiers of the application components that are active at the time the information is provided.

If you use the Kaspersky update servers to download the updates, in order to increase the efficiency of the update procedure and to receive statistical information on the distribution and use of the License Rightholder's products, you agree to automatically provide the following information: the version and localization of the installed application, identifiers of the application components to be updated, the identifier of the application installation on the computer, the type, version and bit count of the operating system.

By accepting the terms of the Kaspersky Security Network Statement, you also agree to automatically transmit the following information:

• performed commands IDs
• ID of the operation being performed on the third-party software
• third-party software update ID
• heuristically derived name of the email marketer-email message sender
• fragment content of the object being processed
• unique ID of the activity log for the object being processed
• date and time when the certificate expires
• date and time when the certificate was issued
• version of list of revoked application service's decisions
• unique event identifier
• date and time of event
• the application categorization base ID
• the application database record ID
• type of the triggered application anti-virus databases record
• the application database record version
• ID of the triggered application anti-virus databases record
• timestamp of the triggered application anti-virus databases record
• type of the triggered application anti-virus databases record
• date and time of the application databases release
• binary mask of options of the DNS query
• type of DNS query
• device ID
• operating system version
• operating system build number, operating system update number, operating system edition, extended information about the operating system edition
• operating system Service Pack version
• ID of the account under which the controlled process was started
• IP address
• network interfaces list of the computer
• HTTP request method
• location where code was injected in process
• unique User ID in rightholder's systems
• license identifier
• zone index where the endpoint IP address belongs
• ID of the key from the keystore used for encryption
• computer name on the network (domain name)
• the version of the protocol used to connect with KSN
• ID of the web service accessed by the application
• encryption characteristics of data package that is being sent to KSN
• ID of data package that is being sent to KSN
• external IP address
• local IP address
• MAC address of the network attack source
• name of network protocol used in the detected network attack
• direction of a network connection
• the type of user account under which the malicious object was started
• file attributes of an object being processed
• fragment order in the object being processed
• data of the internal log, generated by the anti-virus application module for an object being processed
• certificate issuer name
• public key of the certificate
• calculation algorithm of public key of the certificate
• certificate serial number
• date and time of signing the object
• certificate owner name and settings
• digital certificate thumbprint of the scanned object and hashing algorithm
• date and time of the last modification of the object being processed
• date and time of creating an object being processed
• detect characteristics
• sequence number of the script detected on the web page by the application
• description of an object being processed as defined in the object properties
• entropy of the file being processed
• format of the object being processed
• checksum type for the object being processed
• application image size
• the result of status check in KSN of an object being processed
• checksum (MD5) of an object being processed
• name of an object being processed
• names of the packers that packed the object being processed
• indicator showing that the object being processed is a PE file
• value of the characteristics attribute from the PE file header
• bit mask of the Data Directories section in the PE file
• overlay size in the PE file
• number of sections in the PE file
• value of the subsystem attribute from the PE file header
• application name
• checksum (SHA256) of an object being processed
• information on who signed the file being processed
• size of an object being processed
• name of the detected malware or legitimate software that can be used to damage the computer or user data
• object type code
• application vendor name
• the application decision on an object being processed
• version of the object being processed
• time of the first launch of the object being processed
• source of the decision made for the object being processed
• checksum of an object being processed
• parent application name
• integrity level for the object being processed
• checksum (MD5) of the object being processed
• detected file operations with the object being processed
• result of action with the object being processed
• file operation code
• path to the object being processed
• directory code
• process system ID (PID)
• access rights for the object being processed
• information about file signature check results
• source file path
• vulnerability ID
• vulnerability danger class
• operating system kernel version
• the full path to parent process file used to launch the process
• parent process system ID (PID)
• command line arguments for the process
• application ID derived from the license
• version of the application component
• data about the license for identifying a group of users of the company that purchased the license by the comment in the license key properties
• full version of the application
• application update ID
• date and time of application installation
• application activation date
• application license identifier
• information about the application license key
• application localization
• operating system versions
• the application version
• identifier of the partner organization via which the application license order was placed
• information about application updates
• ID of application installation (PCID)
• ID of application rebranding
• application component name
• ID of the licensed application
• application health status after update
• type of installed application
• indicator of participation in KSN
• the application component ID
• name of the created/modified operating system service
• logon session key
• encryption algorithm for the logon session key
• web address from which the file that matches the process was downloaded
• DNS server response
• IP address of the DNS server
• date and time of the statistics obtaining end
• error code
• debug detection indicator
• attribute of an object being processed, that allowed to recall the false positive decision on the object
• ID of the task in which detection was performed
• number of connections to KSN taken from cache
• number of requests with response in the local request database
• number of unsuccessful connections to KSN
• number of unsuccessful KSN-transactions
• time spread of the cancelled requests to KSN
• time spread of the unsuccessful connections to KSN
• time spread of the unsuccessful KSN-transactions
• time spread of the successful connections to KSN
• time spread of the successful KSN-transactions
• time spread of the successful requests to KSN
• time spread of the requests to KSN with exceeded time limit
• number of new connections to KSN
• number of unsuccessful requests to KSN caused by incorrect routing
• number of unsuccessful requests caused by disabled KSN in the application settings
• number of unsuccessful requests to KSN caused by network problems
• number of successful connections to KSN
• number of successful KSN-transactions
• number of successful requests to KSN
• delay of sending the statistics
• ID of the operation being performed by the application
• statistics obtaining start date and time
• version of the statistics being sent
• the technical specifications of the applied detection technologies
• 4-byte vector calculated over the first 4096 bytes of the section
• numeric value frequency calculated over the first 4096 bytes of the section
• zero value frequency calculated over the first 4096 bytes of the section
• version of a certain compiler
• properties and checksums of the parts of the execution file
• emulator version
• 4-byte vector calculated over the last 4096 bytes of the section
• numeric value frequency calculated over the last 4096 bytes of the section
• zero value frequency calculated over the last 4096 bytes of the section
• emulation depth
• type of executable file scan task that sends statistics
• storage time for object being processed
• algorithm for digital certificate thumbprint calculating
• component name
• timestamp of the update component (updated version)
• timestamp of the component (local version)
• number of failed update installations for the updater component
• code of the error category
• number of update installation error for the updater component
• timestamp of the root index of updates being downloaded
• timestamp of the root index of available updates
• error code of the update task
• value of the update task TARGET filter
• update task type
• version of the updater component
• binary mask of the parameters for the object being processed
• checksum of the user name
• user account security identifier (SID)
• header of the http request being processed
• port number
• web address of the web service request source (referer)
• web address being processed
• information about the client that uses a network protocol (user agent)
• security zone identifier extracted from the NTFS stream

Kaspersky protects any information received in accordance with law and applicable Kaspersky rules. Data is transmitted over a secure channel.

For more detailed information about the processing, storage, and destruction of information obtained during the use of the application and transmitted to Kaspersky, please read the End User License Agreement, the KSN Statement, and refer to the Privacy Policy on the Kaspersky website. The license.<language ID> and ksn_license.<language ID> files contain the End User License Agreement and Kaspersky Security Network Statement and are part of the application distribution kit.