eScan Internet Security 11 Single Product Review Language: English September 2010

eScan Internet Security 11 Single Product Review Language: English September 2010
eScan Internet Security 11
Single Product Review
eScan Internet Security 11
Language: English
September 2010
Last revision: 13nd October 2010
eScan Internet Security 11
Downloading and installing the trial version .......................... 3
Post-installation ............................................................... 4
User interface.................................................................... 5
The protection components ................................................ 6
Conclusion ....................................................................... 8
Copyright and Disclaimer..................................................... 9
eScan Internet Security 11
Clicking on the link for the normal setup program
downloads an executable file of about 138 MB.
Double-clicking this file starts the installation
process. The first stage is the language selection;
the one setup file offers gives you a choice of
various different interface languages:
Downloading and installing the trial version
Obtaining a trial version of the software from the
eScan website is very straightforward. On the
homepage there are sections devoted to the antivirus program and the Internet security suite,
each one with a link entitled “Try Now”, which
enables you to download the relevant program:
Clicking on the link takes you to a short online
form with a few questions such as your name,
email address, and country. Having filled in this
information, you proceed to a page with download links to the trial program you have requested. Interestingly, the same page also enables you
to download an ISO file from which you can create an installation/rescue CD, so you can boot
from the CD in order to clean an infected computer. Offering the means to make a rescue CD on
the same page as the trial version is a nice
touch, which we have not seen before. Incidentally, one of our very few criticisms of the
previous version of eScan Security Suite was the
lack of a boot CD; naturally we are very pleased
to see that this has now been rectified, and that
this rescue option is readily available.
Having chosen your preferred language, you then
move on to the installation wizard. The initial
page recommends closing other programs before
installing. Subsequent pages present the obligatory licence agreement, then the opportunity to
change the location of the installation folder.
The installation is an “all or nothing” affair, i.e.
there is no opportunity given to install only specific components of the suite. Once you have
confirmed the destination folder, the program
starts the actual installation, with a progress bar
to show how far setup has got:
When file copying has finished, a further infor-
eScan Internet Security 11
mation box provides information about the configuration process:
Clicking “Yes” on the Reboot dialog box effectively completes the installation, which, as we
have seen, is a very quick and simple process.
To complete the section on installation, we
should also mention that we tested how easy it
is to uninstall the product. Using the Programs
and Features applet in Control Panel (Add/Remove Programs in Windows XP), it was very quick
and easy to uninstall eScan Internet Security
from the computer, although there were no options to repair the installation, or selectively
remove specific components.
This tells you, amongst other things, that Windows Firewall is being disabled (in order to prevent a conflict with eScan’s own firewall). Once
configuration is complete, a quick scan of the
computer is done, to ensure there is no immediate risk:
Shortly after our test computer had restarted
following the installation, we were pleased to
note a message from eScan informing us that the
Windows operating system was fully patched (up
to date):
After rebooting, eScan’s red shield icon can be
found in the notification area of the Windows
Taskbar (depending on the Windows configuration, it may be in the hidden section). Moving
the mouse over the icon shows the program version and date of the virus signatures:
This takes only a couple of minutes, and when it
is finished, the program suggests rebooting the
PC to complete the installation:
eScan Internet Security 11
Right-clicking on the icon produces a shortcut
menu with various useful options, such as Update, Enable Gaming Mode, Virtual Keyboard and
View Network Activity:
User interface
The program interface can be opened by doubleclicking either the Taskbar icon or the eScan
shortcut put on the Desktop by the setup program. The main eScan window may not appeal to
everyone aesthetically, but is quite simply and
clearly laid out:
This shortcut menu enables a great variety of
useful functions, for gaming, Internet shopping
or system administration, to be reached very
quickly and easily. Incidentally, in our last review, we noted that one of very few possible
improvements would be the addition of a gaming
mode, so we commend eScan for adding this to
the latest version, and making it easily accessible
through the shortcut menu.
There are three buttons towards the top of the
window, for the three main functions: Scan, Update, and Tools.
Along the bottom is a row of 7 very artistically
designed icons for the main features of the program: File Antivirus, Mail Antivirus, Anti-Spam,
Web Protection, Firewall, Endpoint Security and
Privacy Control.
To check that eScan Internet Security was
properly installed and running, we checked in
Windows 7’s Action Center (the equivalent of
Security Center in Windows XP/Vista). Action
Center reported that all was well in the security
section, and we could see that eScan had been
registered as the firewall, virus protection and
spyware protection program.
Simply moving the mouse over an icon enlarges
it and displays its name tag:
The central area of the program windows contains information and options relating to whichever of the 7 protection components are selected. By default, the program window opens up
showing the details for File Antivirus.
eScan Internet Security 11
The window control icons in the top right-hand
corner of the window deviate somewhat from the
Windows standard. There is no Maximise button
(not that one is needed), and the “power off”
symbol for the Close command may be a little
confusing to some – it suggests the idea of shutting down the program completely, rather than
simply closing its control window.
The Anti-Spam page allows configuration of the
Anti-Spam status, Mail Phishing Filter, and Action (to be taken when spam is found). There is
also a Reports section which indicates the number of mails quarantined, and the number of
“clear” mails. On our test PC, the Anti-Spam and
Mail Phishing Filter functions were switched off
by default, although there was no email account
configured that they could have protected.
We will now look at the 7 protection components
in more detail.
The Protection Components
File Anti-Virus
Web Protection
The File Anti-Virus page opens by default when
the program window is opened, and can be
reached at any time by clicking the leftmost of
the icons at the bottom of the window. The configuration section gives information on the File
Anti-Virus Status (started by default), Proactive
Scan Status (disabled by default), and Action
(i.e. what the program should do when a threat
is detected). This is set to Disinfect – Quarantine
by default. The Reports section gives information
on the last scan run, including number of threats
Clicking on the Web Protection button at the
bottom of the program window allows configuration of 3 components: one is simply called Web
Protection Status, the second is Selected User
Profile, and the third is Web Phishing Filter Status. Of these, only the Web Phishing Filter is
activated by default. The Selected User Profile
Status essentially refers to parental controls, and
can easily be configured by clicking on Settings.
The Web Protection component can easily be
activated by clicking the Start link in the configuration section of the window.
Mail Anti-Virus
The Mail Anti-Virus page includes a Configuration
section, showing the status, and action to be
taken if a virus is found in an email. There is also
a Reports section, showing the number of mails
scanned and infected objects found. We noted
that Mail Anti-Virus is set to Stopped by default,
but no email program had been configured on
our test PC when we installed eScan Internet
Security, so there was no email account for it to
The Firewall page includes a Configuration section, showing the Firewall Status (Started by
default), and links enabling the user to allow or
block all traffic, and adjust settings. The latter
gives experienced users very fine control over
incoming and outgoing traffic, as well as over
individual applications.
eScan Internet Security 11
any negative effect on normal access to the local
area network.
Endpoint Security
The Endpoint Security button at the bottom of
the eScan window opens a page with configuration options for Endpoint Security Status (active
by default), Application Control (deactivated by
default), and USB Control (enabled by default).
Clicking on Settings allows the Application Control and USB Control to be configured. In the
latter section, there are options for blocking USB
ports, making USB devices read only (both disabled by default), plus disabling Autoplay doing a
virus scan of USB drives (both activated). The
last two options are particularly sensible, considering that the Autorun feature in Windows has
been exploited by malware writers to spread
worms and viruses using USB flash drives.
Reaction to threats (File Antivirus)
We investigated eScan Internet Security to determine how well it does its job. A good security
suite should give clear warnings in the event
that a threat is detected, without expecting the
user to make a difficult decision about what
should be done. To simulate eScan’s reaction to a
malicious program, we downloaded the EICAR
antivirus test file. This is an entirely harmless
piece of code which looks like a virus to an antivirus program, and so can be used to test the
protection mechanisms of security software (the
test file and more information can be found at Only a second after we had
clicked on the link to download the EICAR test
file, eScan popped up the following warning:
Privacy Control
The Privacy Control page, reached by clicking the
relevant icon at the bottom of the window, is
very simple. In the Configuration section, Privacy
Control Status is set to Manual, and there is information on Next Scheduled Cleanup, which by
default is set to Not Scheduled. There is a Settings link, which opens a dialog box with a number of very detailed options, such as Cookies,
Plugins, History, and Auto-Erase options. This
gives the user very fine control of storage of
potentially confidential information on the PC.
The page additionally has a Reports section,
showing when the PC was last “cleaned”, i.e. had
potentially confidential data erased.
The alert tells the user that the file he/she is
attempting to download is dangerous, and that it
has been quarantined automatically by eScan.
Thus the user knows not to try to download the
file again, but does not have to worry about
what action to take. Quarantining suspicious files
is an ideal default action, as it renders malware
harmless, but means that e.g. a genuine program
file that has been infected by a virus is not deleted, so that an expert can try to clean the file
eScan Internet Security in everyday use
To get an idea of how easy eScan Internet Security is to use, we looked at a couple of areas in
which security suites can commonly cause difficulties. Firstly, we looked at how eScan reacts to
potential threats, and secondly, whether it has
eScan Internet Security 11
at a later date. We were pleased to note that
eScan immediately detected all three versions of
the EICAR test file, including zipped and doublezipped versions, meaning that malware cannot
hide in a zip file. We also tested the sensitivity
of eScan’s real-time protection by sharing a folder on the test computer running eScan Internet
Security, then transferring the EICAR test file to
this folder using another PC on the network.
eScan immediately quarantined the file and
popped up a warning like the one shown above.
and from the test PC, still functioned perfectly.
eScan even recognised the somewhat uncommon
Microsoft Hyper-V Manager as a trusted application, and allowed it to access our Hyper-V Server
without any configuration being required. We were
pleased to note that configuring eScan’s firewall
to allow or block specific programs is a very
straightforward process that works flawlessly.
eScan Internet Security 11, like its predecessor,
does not slow down much the PC while running
in the background. Details about the performance
can be obtained on our website.
Finally, we were very impressed to see that as
soon as we inserted a USB flash drive into our
test computer, eScan immediately started a scan
of the drive, without any intervention from ourselves. Given that the Conficker worm, amongst
others, has spread to many PCs via infected flash
drives, this is evidently a very wise precaution.
The screenshot below shows the scan window in
eScan Internet Security 11 is a very sophisticated
security suite which contains a wealth of protection features. It is very easy to install, and the
most important security components are activated by default. The suite did not cause noticeable
slowing of either of our test PCs, or block normal
network access in any way. Anyone who is moderately experienced with PCs will find the suite
easy to use, although we did think that a few
minor interface changes would make the program
easier for beginners to understand. We were
pleased to note a number of useful and innovative features, such as reporting on the state of
Windows updates, and scanning flash drives by
default. We were also very impressed by the sensitivity and effectiveness of the real-time virus
Local network access (Firewall)
Whilst the firewall of a security suite has to protect the computer from outside attacks, it should
not hinder access to and from the trusted local
network. eScan was exemplary in this respect.
Before installing the suite, we had configured
our test PC for file sharing and Remote Desktop
connections. After installing eScan Internet Security, remote access, as well as file sharing to
eScan Internet Security 11
Copyright and Disclaimer
This publication is Copyright © 2010 by AV-Comparatives e.V. ®. Any use of the results, etc. in whole or
in part, is ONLY permitted after the explicit written agreement of the management board of AVComparatives e.V., prior to any publication. AV-Comparatives e.V. and its testers cannot be held liable for
any damage or loss which might occur as result of, or in connection with, the use of the information
provided in this paper. We take every possible care to ensure the correctness of the basic data, but a
liability for the correctness of the test results cannot be taken by any representative of AV-Comparatives
e.V. We do not give any guarantee of the correctness, completeness, or suitability for a specific purpose
of any of the information/content provided at any given time. No one else involved in creating, producing or delivering test results shall be liable for any indirect, special or consequential damage, or loss of
profits, arising out of, or related to, the use or inability to use, the services provided by the website, test
documents or any related data. AV-Comparatives e.V. is a registered Austrian Non-Profit-Organization.
For more information about AV-Comparatives and the testing methodologies please visit our website.
AV-Comparatives e.V. (September 2010)
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF