Preference

You can configure the settings for V3 start screen, data storage period and locking settings for program protection.

Preference

You can configure the preference settings the following way.

1. Click Policy.
2. Click Security Program Policy.
3. Click Add to move to Anti-Malware Policy > V3 Net.
4. Click Others > Preference.
5. Specify the required settings.

• Retention Period: Specifies the disk space and the retention period for logs and backup files created after running V3.
• Store scan logs for: Specifies the retention period for storing logs created from a PC scan and cloud diagnosis. The log retention period can be from 4 to 365.
• Store event logs for: Specifies the retention period for storing event logs created when using V3 features. The log retention period can be from 4 to 365.
• Store quarantine for: specifies the retention period for storing quarantined backup files. The quarantine retention period can be from 4 to 365.
• Use password protection: Prevents an authorized user from arbitrarily canceling features, changing the configuration settings or uninstalling the V3 program. The configured password should be correctly entered to use the feature. When the password protection is enabled, a user should enter the password to delete the V3 program or to change the configuration settings.
• Password: Specifies a password to use for password protection. A password must be a combination of alphabets, numbers and special characters with 0-30 characters long.
• Confirm Password: Confirms the specified password.
• Exclusions: Applies the password protection exception to allow changing settings without entering the configured password.

• Scheduled scan settings: You can configure the scheduled scan settings without entering the password even when the password protection is enabled.
• File and folder filtering list for Active Defense: You can configure the file filtering list of Active Defense settings without entering the password even when the password protection is enabled.

Caution

You should remember the password as the lost password cannot be found.

6. Click Save.

Notification Settings

You can hide or display an alert icon for installed V3 Net in the Windows task bar for the notification display. You can configure the notification settings the following way.

1. Click Policy.
2. Click Add to move to Anti-Malware Policy > V3 Net.
3. Click Others > Preferences > Notifications.
4. Specify the required settings.

• Do not show notifications in full-screen mode: Prevents the alert messages from being displayed when having a presentation using Microsoft Power Point or the full screen mode. If a malicious code is detected in the full screen mode, repair will be automatically done and the firewall will work in the all-blocking mode not to interfere the current user operation.
• Show notifications on the taskbar: Displays a notification message when a user specified incident occurs.
• Show help messages as balloon notifications: Displays or hides the balloon help to notify a user one time only.
• Show notifications on the taskbar for selected conditions only: Displays an alert window in the taskbar when a user specified incident occurs. You can view the detection details or malicious code name from the window depending on a occurred incident type. Click the settings to select the option in <Alert Services>.

5. Specify Alert Services.
6. Click Save to save configured policies.

Alert Service

Specifies the alert settings for specific issues and then click OK. Alerts a user varied events occurring in V3 with an alert window. A user sometimes should make a selection if necessary.

• PC Security

• When malware is detected or remediated: Displays an alert window when V3 detects a malicious code or a file should be repaired.
• When Potentially Unwanted Program (PUP) is detected or removed: Alerts If a potentially unwanted program is selected for a scan target and V3 detects a unwanted program.
• When PC restart is required after malware remediation: Alerts when a PC should be restarted to repair an infected file. You can also select to start or not to restart a PC when an infected file is repaired.
• When suspicious behavior is detected:  Alerts when a suspicious file is detected by Behavior Watcher.
• When an attempt to access V3 Self-Defense item is made: Alerts when V3 detects a process accessing the protected files, processes and registry.
• When a schedule scan starts: Alerts when a scheduled scan is running at the user-specified interval.
• When damaged files are detected during an integrity check: Alerts when a damaged file is detected during V3 integrity check at system startup.
• When a file needs to be sent for cloud analysis: Detects a file, of which information does not exist in the AhnLab cloud server, and then transfers the detected file to the automatic analysis server.
• When a user-specified file is blocked: Alerts when a file added in the user-defined file management list is blocked by Active Defense.

•  Network Security

• When access to a malicious site is blocked: An alert message appears when a malicious website is blocked to access, which download malicious codes by manipulating a website.
• When access to a phishing site is blocked: An alert message appears when a phishing site is accessed.
• When access to a Potentially Unwanted Site (PUS) is blocked: An alert message appears when a potentially unwanted site is blocked.
• When a user-specified site is blocked: An alert message appears when a user-defined website is blocked.
• When an unauthorized access to the network is blocked: An alert message appears when a network intrusion into a user PC is detected or a connected session is terminated by an attacker when V3 detects an intrusion.

• Update

• When update is failed: An alert message appears when the engine update failed.
• When update is required: An alert message appears when the engine update should be done to the latest version.

• Other

• When license is expired: An alert message appears when a license expires.

Email Notification

Set to send notifications emails to single or multiple recipients.

• Send notifications via email: Sends a notifications mail.
• Sender: Specifies an email address of a recipient.
• Recipient: Specifies an email address of a sender. To specify the multiple recipients, use a semicolon (;) to separate the recipients and the recipients can be added up to 5.
• Email Server Address: Specifies an IP address for the mail server address.
• ID: Specifies a login ID to log in to the mail server.
• Password: Specifies a login password to log in to the mail server.
• Port: Specifies a mail server port. The default port is 25.
• Authentication Method: Specifies an authentication method for the mail server to be used for mail delivery.

• None: Does not authenticate a user when sending a mail. Does not specify a mail server ID and a password.
• AUTH LOGIN: Enter a mail server ID and a password to authenticate the login information with encryption.
• AUTH PLAIN: Enter a mail server ID and a password to authenticate the login information without encryption.
• Transmission Interval: Specifies a time interval to send a mail. The default interval is 30 minutes and the time interval can be between 0 to 23 hours and 10 to 59 minutes.

Note

Sends a alert mail to the specified mail address when an urgent issue occurs. However, if the same issue occurs several times while sending a mail, the same mail message will not be repeatedly sent. Sends an alert mail when the same issue occurred even after the time interval.

Detailed Condition

Specifies conditions for receiving an alert mail. When a user-specified event occurs, an alert mail will be sent to the specified mail address.

• When real-time scan fails to start: Sends an alert mail when the real-time scan failed.
• When update is failed: Sends an alert mail when the update cannot be started or failed to complete.
• When IP is registered to be temporarily blocked: Sends an alert mail when an IP address is registered to temporarily block an attacker’s IP address.
• When the number of blocked ports exceeds the threshold: Sends an alert mail when the number of blocked accesses are more than the number that a user specified.

• Threshold: Sends an alert mail when the number of blocked accesses are more than the number that a user specified for a certain period of time. The default setting is 100 times and 30 minutes. Sends an alert mail when access is blocked more than 100 times for 30 minutes in the default settings.

• When the number of blocked IPS exceeds the threshold: Sends an alert mail when the number of allowed or blocked accesses are more than the number that a user specified.

• Threshold: Sends an alert mail when the number of blocked accesses are more than the number that a user specified for a certain period of time. The default setting is 100 times and 30 minutes. Sends an alert mail when access is blocked more than 100 times for 30 minutes in the default settings.

Note

The configurable settings for network block alert and IP block alert are max 120 minutes and max 3767 times.

Server Settings

You can configure the proxy server settings for the Internet connection for V3 update and the communication port settings to print an analysis report. You can configure the server settings the following way.

You can hide or display an alert icon for installed V3 Net in the Windows task bar for the notification display. You can configure the notification settings the following way.

1. Click Policy.
2. Click Add to move to Anti-Malware Policy > V3 Net.
3. Click Others > Preferences > Server.
4. Select the Use the proxy server checkbox to connect the internet for updates.

• Server IP: Enter the proxy server address. You can enter an IP address or a domain name for the proxy server address, and the up to 1024 characters can be entered.
• Port No.: Specifies a port number for the proxy server. The port number should be between 1 and 65535.
• User ID: Specifies a login ID for the proxy server.
• Password: Enter the password to log in to the proxy server.

5. Report Server: V3 installs the report server in a user PC to print a file analysis report and site analysis report. You can modify the communication port number for the report server in the report server settings. The report communication port is automatically configured by V3, but if the port is already used in a user PC, another port number, not used in the report server settings, should be specified.

• Port No.: The default port number is 1235.

6. Click Save.

Note

If the report server does not conflict the port number in use, the default settings configured in V3 can be used, but if the port numbers conflict, it is recommended to specify a new port number in the report server settings.