After the work of Kaspersky Virus Removal Tool is completed, the folder KVRT_Data remains on your computer (by default, it is located in C:\KVRT_Data). The user is personally responsible for ensuring the safety of the data collected, and in particular for monitoring and restricting access to the collected data stored on the computer.
The KVRT2020_Data folder contains:
- Quarantined files. The files are stored in an encrypted form with the name format kvrt*.klq and can be accessed by users with administrators permissions only.
Quarantined files may contain the following user data: paths to files scanned by Kaspersky Virus Removal Tool, Microsoft Windows account name, names of the objects moved into quarantine. - Report files containing the results of scan tasks. The files are stored in an encrypted form with the name format report_<date>_*.klr.enc1 in the C:\KVRT2020_Data\Report folder and can be accessed by all users.
Report files may contain the following user data: paths to files scanned by Kaspersky Virus Removal Tool, paths to registry keys modified by Kaspersky Virus Removal Tool, Microsoft Windows username, URLs detected as a part of scanned objects (e.g. web addresses that are specified as values of parameters in the system registry). - Detailed reports containing the results of scan tasks. The files are stored in an encrypted form with the name format details_<date>_*.klr.enc1 in the C:\KVRT2020_Data\Report folder and can be accessed by all users.
Detailed report files may contain the following user data: paths to files scanned by Kaspersky Virus Removal Tool, paths to registry keys modified by Kaspersky Virus Removal Tool, Microsoft Windows username, results of object scans, URLs detected as a part of scanned objects (e.g. web addresses that are specified as values of parameters in the system registry). - Files with System Analysis results. The files are stored in the *.txt format in the C:\KVRT2020_Data\Anomalies folder and are available for all users.
These files may contain the following user data: paths to files scanned by Kaspersky Virus Removal Tool. - Trace files created during the tool operation. Trace files are stored in an encrypted form and have the format:
KVRT.<tool version>_<date>_<time>_*.log.enc1 in the C:\KVRT2020_Data\Traces folder. The files are only available for users with administrator permissions.
Trace files may contain the following user data: event time, number of the thread of execution, application component that caused the event, degree of event severity (informational event, warning, critical event, error), description of the event involving command execution by a component of the application and the result of the execution of this command. In addition to general data, trace files can contain the following user data: personal data, including the last name, first name, and middle name, if such data is included in the path to files on the local computer, the Microsoft Windows account name if it is included in a file name, email address or a web address containing the name of your account and password if they are contained in the name of the detected object, addresses of web pages detected as the part of scanned objects if web addresses are specified as values of parameters in the system registry, remote IP addresses to which your computer established connections. If the application uses a proxy server traces files may contain proxy server address, computer name, port, IP address, user name used to sign in to the proxy server. - Dump files created during the tool operation. Dump files are stored in the *.dmp format and can be accessed by users with administrators permissions only.
Dump files contain information about the working memory of processes at the time of the process crash. A dump file may also contain personal data.
Source : Official Kaspersky Brand
Editor by : BEST Antivirus KBS Team