About the End User License Agreement
The End User License Agreement (License Agreement) is a binding agreement between you and AO Kaspersky Lab that stipulates the terms on which you may use the application.
Important: Carefully read the License Agreement before you start using the application.
You can view the terms of the End User License Agreement using the following methods:
- During installation of Kaspersky Endpoint Security
- By reading the license.rtf document in the application installation folder
By installing Kaspersky Endpoint Security, you confirm that you understand and accept the terms of the End User License Agreement. If you don't accept the terms of the End User License Agreement, cancel installation of Kaspersky Endpoint Security and don't use the application.
Page topAbout the license
A license is a time-limited right to use the application, granted under the terms of the End User License Agreement.
A license entitles you to the following kinds of services:
- Use of the application in accordance with the terms of the End User License Agreement
- Getting technical support
The scope of services and validity period depend on the type of license under which the application was activated.
The following license types are provided:
- Trial. A free license intended for trying out the application.
A trial license usually has a short term. When the trial license expires, all Kaspersky Endpoint Security features become disabled. To continue using the application, you need to purchase a commercial license.
You can activate the application under a trial license only once.
- Commercial. A paid license granted upon purchase of the application.
When the commercial license expires, key features of the application become disabled. To continue using Kaspersky Endpoint Security, you must renew your commercial license. If you are not planning to renew your license, you must remove the application from your computer.
We recommend renewing the license before it expires, to ensure maximum protection against all security threats.
Page topAbout subscription
A subscription for Kaspersky Endpoint Security is a purchase order for the application with specific parameters (expiry date, number of devices protected). You can order a subscription for Kaspersky Endpoint Security from your service provider (such as your ISP). You can manage your subscription in the member area on the service provider's website. For example, you can renew or cancel your subscription, reduce its term, or change the number of devices protected under your subscription.
A subscription can be limited (for one year, for example) or unlimited (without an expiration date). To keep Kaspersky Endpoint Security working after expiration of a limited subscription term, you have to renew it manually. An unlimited subscription is renewed automatically as long as you have paid the service provider in advance.
If you use the application under a limited subscription, when the subscription expires you will be given a grace period to renew your subscription. The application remains functional during the grace period.
After your subscription expires and after the grace period for subscription renewal ends, Kaspersky Endpoint Security remains functional but stops updating application databases.
To use Kaspersky Endpoint Security under subscription, you have to add the activation code received from the service provider. When you use the application under subscription, you cannot use a different activation code for renewing your subscription. You can apply a different activation code only after the subscription expires or if you cancel the subscription. To cancel your subscription, contact the service provider from which you bought Kaspersky Endpoint Security.
Note: A different subscription activation code can be applied only when the active key is deleted. The subscription doesn't have a key file. You can't add the subscription as a reserve key.
If you are already using Kaspersky Endpoint Security under a valid license but want to use the application under subscription instead, remove the current active key so that you can activate the application using a subscription key. The activation code that was previously used to activate the application on this computer can be used on a different computer.
Note: Possible subscription options may vary with each service provider. Some service providers may also choose not to provide a grace period for renewing subscriptions.
About the license certificate
A license certificate is a document that you receive along with a key file or an activation code.
A license certificate contains the following information about the license provided:
- Order number
- Information about the user who has been granted the license
- Information about the application that can be activated under the license provided
- Limit of the number of licensing units (e.g., devices on which the application can be used under the license provided)
- License validity start date
- License expiration date or license term
- License type
About the key
A key is a sequence of bits that you can apply to activate and then use the application in accordance with the terms of the End User License Agreement. Keys are generated by Kaspersky Lab specialists.
You can add a key to the application using one of the following methods: by applying a key file or by entering an activation code. The key is displayed in the application interface as a unique alphanumeric sequence after you add it to the application.
The key may be blocked by Kaspersky Lab in case the terms of the License Agreement have been violated. If the key has been blocked, you need to add another one if you want to use the application.
A key can be active or reserve.
An active key is a key that is currently used by the application. An active key can be added for a trial or commercial license or a subscription. The application cannot have more than one active key.
A reserve key is a key that entitles the user to use the application, but is not currently in use. The reserve key automatically becomes active when the license associated with the current active key expires. A reserve key can be added only if an active key has already been added.
A trial license key can be added as the active key. A key for the trial license cannot be added as the reserve key. A reserve key cannot be added when the trial license key is active.
Page topAbout the activation code
An activation code is a unique sequence of 20 letters and numbers. You have to enter an activation code in order to add a key for activating Kaspersky Endpoint Security. You receive the activation code at the email address that you provided when you bought Kaspersky Endpoint Security or requested the trial version of Kaspersky Endpoint Security.
To activate the application with an activation code, you need Internet access in order to connect to Kaspersky Lab activation servers.
If you have lost your activation code after installing the application, it can be recovered. You may need the activation code to register a Kaspersky CompanyAccount, for example. To recover your activation code, contact Kaspersky Lab Technical Support.
Page topAbout the key file
A key file is a file with the .key extension provided to you by Kaspersky Lab. Key files are designed to activate the application by adding a key.
You receive a key file at the email address that you provided when you bought Kaspersky Endpoint Security or ordered the trial version of Kaspersky Endpoint Security.
You do not need to connect to Kaspersky Lab activation servers in order to activate the application with a key file.
You can restore a key file if it has been accidentally deleted. You may need a key file to register a Kaspersky CompanyAccount, for example.
To restore your key file, perform any of the following actions:
- Contact the license seller.
- Receive a key file through Kaspersky Lab website by using your available activation code.
About data provision
End User License Agreement
When activating Kaspersky Endpoint Security by the activation code, in order to collect statistical information on the distribution and use of Kaspersky Lab products, you agree to automatically provide the following information during use of Kaspersky Endpoint Security:
- The version of the installed application: the installed updates, installation ID and information about the current license.
- The operating system version.
- Identifiers of the Kaspersky Endpoint Security components that are active at the time of data provision.
Kaspersky Security Network Statement
Use of the KSN could lead to increase the effectiveness of protection provided by the application, against information and network security threats. The declared purpose is achieved by:
- Determining the reputation of scanned objects
- Identifying information security threats that are new and challenging to detect, and their sources
- Taking prompt measures to increase the protection of the data stored and processed by the End User with the Computer
- Reducing the likelihood of false positives
- Increasing the efficiency of application components
- Preventing information security incidents and investigating incidents that did occur
- Improving the performance of the Kaspersky Lab products
- Receiving reference information about the number of objects with known reputation
- Promptly identifying and correcting errors related to the installation, removal, and updating of the product
During use of the KSN, Kaspersky Lab will automatically receive and process the following data:
- Information about the version of the operating system (OS) and service packs installed on the computer, version and checksums (MD5, SHA2-256, SHA1) of the OS kernel file, parameters of the OS run mode.
- Information about the failed last OS reboot: number of failed reboots.
- Information about the Kaspersky Lab installed applications and the anti-virus protection status: unique identifier of the instance of application installation on the computer, ID of application type, the full version of the application installed, the identifier of the application settings version, the type of installation of the application on the computer (first installation, update) and an attribute indicating successful installation or the installation error code, the type identifier of the computer and its model name, the unique identifier of the computer on which the application is installed, the unique user identifier in the KL services.
- Information about all scanned objects and operations: the name of the scanned object, the date and time of the scan, the URL-, and referrer addresses from which it was downloaded, the size of scanned files and the paths to them, the archive sign, the date and time of the file's creation, the name, size and checksums (MD5, SHA2-256) of the packer (if the file was packed), the file's entropy, the file's type, the file type code, the executable file sign, ID and format, the object's checksum (MD5, SHA2-256), the type and value of the object's supplementary checksum, data about the object's digital signature (certificate): data on the certificate's publisher, number of starts of the object since the last statistics delivery, ID of the application scanning task, the means of receiving information about the object's reputation, the value of the TARGET filter, technical parameters of the applicable detection technologies.
For executable files: the entropy of the file sections, reputation verification flag or file signature flag, name, type, ID, type, checksum (MD5) and the size of the application that was loaded by the object being validated, the application path and template paths, an attribute indicating presence in the Autorun list, date of entry, the list of attributes, name of the packer, information about the digital signature of the application: the publisher certificate, the name of the uploaded file in the MIME format, file build date and time.
- Information about the applications launched and their modules: checksums (MD5, SHA2-256) of running files, size, attributes, creation date, name of the packer (if the file was packed), names of files, information about processes running on the system (process ID (PID), process name, information about the account the process was started from, the application and command that started the process, the full path to the process's files, and the starting command line, a description of the product that the process belongs to (the name of the application and information about the publisher), as well as the digital certificates being used and information needed to verify their authenticity or information about the absence of a file's digital signature), and information about the modules loaded into the processes: their names, sizes, types, creation dates, attributes, checksums (MD5, SHA2-256, SHA1), the paths to them, PE-file header information, names of packers (if the file was packed), information about the availability and validity of these statistics, identifier of the mode for generating the statistics being sent.
- If threats or vulnerabilities are detected, in addition to information about the detected object, information is provided about the identifier, version, and type of the record in the anti-virus database, the name of the threat based on the Kaspersky Lab classification, the date and time of the last update of the anti-virus database, executable file name, the checksum (MD5) of the application file that requested the URL where the threat was detected, the IP address (IPv4 or IPv6) of the detected threat, the vulnerability identifier and its threat level, the URL and referrer of the web page where the vulnerability was detected.
- If a potentially malicious object is detected, information is provided about data in the processes’ memory.
- Network attack information: IP address of the attacking computer and number of the port on the user’s computer targeted by the network attack, ID of the attack protocol, name and type of attack.
- Information about network connections: version and checksums (MD5, SHA2-256, SHA1) of the file from which process was started that opened the port, the path to the process’s file and its digital signature, local and remote IP-addresses, numbers of local and remote connection ports, connection state, timestamp of the port’s opening.
- The URL and IP address of the web page where harmful or suspicious content was detected, the name, size, and checksum of the file that requested the URL, the identifier, weight and degree of the rule used to reach a verdict, the objective of the attack.
- Information about updates of the installed product and anti-virus databases: status of completion of the update task, type of error that may have occurred during the update process, the number of unsuccessful updates, the identifier of the product component that performs updates.
- Aggregated data from the results of scanning using the local and cloud KSN databases: version of the local KSN database on the computer at the time the statistics are sent, the application database settings identifier, information about successful/unsuccessful requests to KSN, the duration of sessions with KSN, the amount of data sent and received, the times at which the collection of information to be sent to KSN was started and stopped.
- Information about system log events: event time, name of the log where the event has been detected, type and category of event, name of the event source and event description.
- Information to determine the reputation of files and URL-addresses: the URL-address at which the reputation is being requested and the referrer, the connection’s protocol type, the internal identifier of the application type, the number of the port being used, the user identifier, checksum of the scanned file (MD5), type of the detected threat, information about the record used to detect a threat (record identifier for the anti-virus databases, the record timestamp and type).
- Data on the application territorial distribution. date of the application installation and activation, ID of the partner providing the license for the application activation, application ID, application localization ID, application activation license serial number, KSN participation sign.
- Information about the license used: the license type and its term, the number of days till the license expiration, identifier of the partner from whom the license was purchased.
- Identifiers of third-party software that was suggested for installation and also that was selected by the user for installation and installed along with the application: the name of the software and the name of its publisher, information about software components files: checksums (MD5, SHA2-256, SHA1), name of a file, its path on the computer, size, version and digital signature.
- Information about hardware installed on the computer: type, name, model name, firmware version, parameters of built-in and connected devices.
Also, in order to achieve the declared purpose of increasing the effectiveness of protection provided by the application, Kaspersky Lab may receive objects that could be exploited by intruders to harm the Computer and create information security threats:
- Executable or non-executable files or parts thereof
- Computer's RAM areas
- Sectors involved in the OS boot process
- Network traffic data packages
- Web pages and emails containing suspicious or malicious objects
- Description of classes and class instances for the WMI storage
- Application activity reports
Application activity reports contain the following information about the files and processes:
- Name, size, and version of the file being sent, it's description and checksums (MD5, SHA2-256, SHA1), format ID, its manufacturer's name, the name of the product the file belongs to, the fully qualified path to the file on the Computer and the path template code, date and time of file creation and update.
- Certificate validity start and end dates and times if the file being sent has a digital signature, date and time when the certificate was signed, name of the certificate issuer, information about the certificate holder, impression and public key of the certificate and algorithms used to calculate them, certificate serial number.
- Name of the account that had run the process.
- Checksums (MD5, SHA2-256, SHA1) for the name of the computer that is running the process.
- Process’ windows headers.
- ID for the anti-virus databases, name of the identified threat according to the Kaspersky Lab classification.
- Information about the license used for the application, license ID, it's type and expiry date.
- Computer's local time at the moment the information was provided.
- Names and paths of the files that were accessed by the process.
- URL- and IP-addresses that were accessed by the process.
- URL- and IP-addresses from which the running file was downloaded.
Read Kaspersky Security Network Statement
You agree to submit the following information for the purpose of application identification during database and module updates:
- Application ID (AppID).
- Active license ID.
- Unique application installation ID (InstallationID).
- Unique Update task launch ID (SessionID).
- Version of application (BuildInfo).
- Information about updating the Updater component: unsuccessful update tasks, the number of failed starts after the upgrade, the version of the component, the error code, the ID of the type of update task, the status code of the application after the update, the date and time the statistics is sent.
To check the legitimacy of the application use, Kaspersky Lab reserves the right to verify that you have a licensed copy of Kaspersky Endpoint Security.
Kaspersky Endpoint Security can transmit the following license information needed to verify the legitimacy of the application use to Kaspersky Lab:
- Identifier of regional activation center.
- Hashsum of activation code.
- Time and date of ticket creation.
- License information identifier.
- License ticket identifier.
- License ticket sequence identifier.
- Unique identifier of user's computer HDD.
- Date of from which the license ticket is valid.
- The current state of license.
- License version.
- Ticket header ID.
- Application ID of the currently used application.
- List of application IDs of applications that are compatible with the currently used application.
- Localization ID.
- Application version.
- Installation ID.
- Application build ID.
Kaspersky Endpoint Security saves the following information in a Trace file:
- Information about the anti-virus protection status of the computer, as well as all detected objects and actions (the name of the detected object, date and time of detection, the web address from which it was downloaded, the names and sizes of infected files and paths to them, the IP address of the attacking computer and the number of the computer port targeted by the network attack, list of malware activity, and unwanted web addresses) and the decisions taken by the Software and the user on them.
- Information about applications downloaded by the user (web address, attributes, file size, and information about the process that downloaded the file).
- Information about the applications launched and their modules (size, attributes, creation date, PE header details, region, name, location, and packers).
- Information about interface errors and usage of the interface of the installed Kaspersky Lab applications.
- Information about network connections: the IP address of the remote computer and the user's computer, the numbers of ports through which the connection was established, and the network protocol of the connection.
- Information about network packets received and sent by the computer over IT and telecom networks.
- Information about email and instant messages sent and received.
- Information about web addresses visited: the time when the connection was established using an open protocol, data on the website access login and password, and the content of cookies.
- Server public certificate.
Trace files contain only the information necessary to fix defects in the application. Kaspersky Lab uses trace files to investigate incidents associated with errors in the operation of Kaspersky Endpoint Security.
By default, the creation of trace files is disabled. You can enable generation of trace files in the application preferences.
Trace files can only be manually sent to Kaspersky Lab. Kaspersky Endpoint Security does not send trace files to Kaspersky Lab automatically.
You can choose how trace files are sent to Kaspersky Lab.
Before sending trace files to Kaspersky Lab, please review the data they contain.
Important: Trace files may contain personal or sensitive information. By sending trace files to Kaspersky Lab, you agree to provide to Kaspersky Lab all data contained in the trace files you send and you consent to the method used to send them.
Files (or their parts) that may be exploited by intruders to harm the computer or data may be also sent to Kaspersky Lab to be examined additionally.
Kaspersky Lab protects any information thus received in accordance with law and applicable Kaspersky Lab rules.
Kaspersky Lab uses any received information in anonymized form and as general statistics only. Aggregate statistics are automatically generated from the source information received, and do not contain any personal or other confidential data. The original information received is destroyed as new information is accumulated (once a year). Aggregate statistics are stored indefinitely.
Participation in Kaspersky Security Network is voluntary. The decision to participate is made when you install Kaspersky Endpoint Security. However, you can change your decision later at any time.
Page topActivate Kaspersky Endpoint Security
Important: Before activating Kaspersky Endpoint Security, make sure that the date and time that set on your computer match the actual date and time.
Activating the application involves adding a key to the application.
Note: An Internet connection is required to activate the application.
Activate the application with an activation code
After you have activated the application with the activation code, you can view the following information in the Licensing window:
- Active key
- Key or subscription status
- The number of computers on which you can use the application under the current license or subscription
- License expiration date and time
- Number of days until license expiration
View license information
The Licensing window may contain the following information:
- Active key
- Reserve key (if any)
- License or subscription status
- The number of computers on which you can use the application under the current license or subscription
- License expiration date and time
- Number of days until license expiration
Manage licenses and subscriptions
You have to renew the license if the license associated with the active key has expired and no reserve key has been added. When the license expires, the application continues to operate with limited functionality (updates, Kaspersky Security Network and FileVault disk encryption via Kaspersky Security Center become unavailable). You can still use all application components and run virus scans, but only with the anti-virus databases that were installed before the license expired.
Important: When your anti-virus databases are out of date, your computer is at increased risk of infection.
When you use the application under subscription, Kaspersky Endpoint Security automatically contacts the activation server at specific intervals until your subscription expires.
If you use the application under an unlimited subscription, Kaspersky Endpoint Security renews your subscription without requiring any action from you.
If you use the application under a limited subscription and the grace period for renewing the subscription is over, Kaspersky Endpoint Security notifies you of this and stops trying to automatically renew the subscription and updating the application databases.
You can renew your subscription manually by contacting the vendor that sold you Kaspersky Endpoint Security.
Your subscription status may become out of date. In this case, you need to manually update the status of your subscription. If you do not have a current subscription, Kaspersky Endpoint Security stops updating the application databases.
Page top