User guide
130
NOTIFICATIONS
When Kaspersky Anti-Virus runtime events occur, special notification messages are displayed. Depending on how critical
the event is for computer security, you might receive the following types of notifications:
Alarm. A critical event has occurred, for instance, a malicious object or dangerous activity has been detected on
your system. You should immediately decide how to deal with this threat. The notification window of this type is
of the red color.
Warning. A potentially dangerous event has occurred. For instance, potentially infected files or suspicious
activity have been detected on your system. You should decide on how dangerous you think this action is. The
notification window of this type is of the yellow color.
Info. This notification gives information about non-critical events. The notification window of this type is of the
green color.
The notification window consists of four parts:
1. Window heading. The notification window heading contains a brief description of the event, for example: request
for rights, suspicious activity, new network, alert, virus.
2. Event description. The event description section displays detailed information about the reason for the
notification to have appeared: name of the application which caused the event, name of the threat detected,
settings of the detected network connection, etc.
3. Action selection area. In this section you will be offered to select one of the actions available for this event.
Suggested options for the action depend on the event type, for example: Disinfect, Delete, Skip – if a virus was
detected, Allow, Block – in case of the application's request to obtain rights for executing potentially harmful
actions. The action recommended by Kaspersky Lab's experts will be displayed in bold typeface.
If you select Allow or Block, the window will open where you will be able to select the action application mode.
For the Allow action you can select one of the following modes:
Allow always. Select this option in order to allow activities of the program by entering changes into the rule
of the program's access to the system resources.
Allow now. Select this option to apply the selected action to all similar events detected during the
application's session. Application session is the time since the moment it was started until the moment it
was closed or restarted.
Make trusted. Select this option to move the application to the Trusted group.
For the Block action you can select one of the following modes:
Block always. Select this option in order to block activities of the program by entering changes into the rule
of the program's access to the system resources.
Block now. Select this option to apply the selected action to all similar events detected during the
application's session. Application session is the time since the moment it was started until the moment it
was closed or restarted.
Terminate. Select this option to interrupt the program's operation.
4. Additional action selection area. Using this section you can select an additional action:
Add to exclusions. If you are sure that the object detected it is not malicious, we recommend adding it to
the trusted zone to avoid the program making repeat false positives when you use the object.
Apply to all objects. Check this box to force the specified action to be applied to all objects with the same
status in similar situations.