Light Agent for Windows trace files

During operation of Light Agent for Windows on a virtual machine, the following trace files may be created:

• SRV.log and GUI.log trace files The name of each file contains the application version number, file creation date and time, and process ID (PID). In addition to general data, these files may contain the following information:
  • Personal data, including the last name, first name and middle name, if such data is included in the path to files on a protected virtual machine.
  • The user name and password if they were transmitted openly. This data can be recorded in trace files during web traffic scanning. Traffic is written to trace files only from the Network Monitor component.
  • The user name and password if they are contained in HTTP headers.
  • The name of the Microsoft Windows account if the account name is included in a file name.
  • Your email address or web address containing the name of your account and password if they are contained in the name of the detected object.
  • Websites that you visit and redirects from these websites. This data is written to trace files when the application scans websites.
• SRV.exception.log trace file. The file name contains the application version number, file creation date and time, and process ID (PID). Information about unhandled exceptions is logged to this file.
• Dumpwriter.log trace file The file name contains the application version number, file creation date and time, and process ID (PID). This file records service information required for troubleshooting errors that occur when the dump file is written. The file contains general data.
• AVPCon.log trace file. The file name contains the application version number, file creation date and time, and process ID (PID). This file records information about events occurring during operation of the Kaspersky Security Center connectivity module. The file contains general data.
• Trace file of the Mail Anti-Virus plug-in – MCOU.log. The file name contains the application version number, file creation date and time, and process ID (PID). In addition to general data, this file may contain parts of messages, including email addresses.
• ALL.log trace file The file name contains the application version number, file creation date and time, and process ID (PID). This file records information about command line events. The file contains general data.
• Trace files of the Light Agent components change task (modify_watcher.base.log, modify_install.log, Setup.log). The names of the modify_watcher.base.log and modify_install.log files contain the application version number, file creation date and time, and process ID (PID). These files record information about the components change task and the events that occur when the task is performed. In addition to general data, files may contain personal data, including the last name, first name and middle name, if such data is included in the path to files on protected virtual machines.
• COMAV.log trace file. The file name contains the application version number, file creation date and time, and process ID (PID). In addition to general data, this file contains information about scan results upon AMSI requests from third-party applications.

By default, the Light Agent for Windows trace files are not created. You can create all trace files for Light Agent for Windows in one of the following ways:

• In the local interface of Light Agent for Windows.
• From the command line for Light Agent for Windows.
• Through register keys (see Knowledge Base for more details).

All created trace files, except for the trace file of the components change task named Setup.log, are located in the folder %ProgramData%\Kaspersky Lab. The trace file of the components change task (Setup.log) is located in the application installation folder in the Setup subfolder.

To obtain access to files in the folder %ProgramData%\Kaspersky Lab, enable the display of hidden files and folders.

To create trace files in the Light Agent for Windows local interface:

1. Start the tracing process. To do this, perform the following actions:
   1. On the protected virtual machine, open the main application window.
   2. In the lower part of the main application window, click the Support link to open the Support window.
   3. In the Support window, click the System tracing button.

      The Information for Technical Support window opens.

   4. In the Information for Technical Support window, select the Enable tracing check box.
   5. In the Level drop-down list, select the trace level.

      You are advised to clarify the required trace level with a Technical Support specialist. Unless otherwise directed by a Technical Support specialist, set the trace level to Normal (500).

   6. Click OK.
2. Reproduce the situation where the problem occurred.
3. Stop the tracing process. To do this, perform the following actions:
   1. On the protected virtual machine, open the main application window.
   2. In the lower part of the main application window, click the Support link to open the Support window.
   3. In the Support window, click the System tracing button.

      The Information for Technical Support window opens.

   4. In the Information for Technical Support window, clear the Enable tracing check box.
   5. Click OK.

Trace files of Light Agent for Windows are stored in a readable format. It is recommended that you ensure that information is protected against unauthorized access before it is sent to Kaspersky.

Light Agent for Windows trace files are not automatically sent to Kaspersky. Trace files are automatically deleted when uninstalling the application, unless you changed the default trace file storage folder.