Malware Hub Report eScan ISS 14 - November 2019 Report

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
eScan ISS 14 - November 2019 Report
Due to the small number of samples used in this tests, you should take results with a grain of salt. We encourage you to compare these results with others and take informed decisions on what security products to use.
__

C: Clean / P: Protected / P - NC: Protected - Not Clean / I: Infected / E: Encrypted


* Dynamic BB Bonus Test (Resident Protection Disabled)
* Partially Blocked
* BSR: Before System Reboot
* ASR: After System Reboot




November
2019
Samples
Pack
Static
Detection
Dynamic
Detection
Total
Detection
System Files
Encrypted
2nd Opinion
Scanners
System
Final Status
Thread
Link
30/10/2019​
1​
1 / 1
0 / 1*
0 / 1*
1 / 1​
No
Yes*
N/A
C
I + E*
31/10/2019​
16​
12 / 16​
2 / 4​
14 / 16​
No​
C
BSR: I
ASR: P - NC
31/10/2019​
1​
0 / 1​
1 / 1​
1 / 1​
No​
C
C
01/11/2019​
1​
0 / 1​
1 / 1​
1 / 1​
No​
C
P
04/11/2019​
19​
5 / 19​
7 / 13​
12 / 19​
No​
C: ZAM3
I: WV HMP NPE
BSR: I
ASR: I
05/11/2019​
11​
1 / 1​
N/A​
1 / 1​
No​
C
C
06/11/2019​
16​
11 / 16​
5 / 5​
16 / 16​
No​
C
P
06/11/2019​
21​
15 / 21​
2 / 6​
17 / 21​
No​
C: ZAM3 HMP
I: WV NPE
BSR: I
ASR: I
07/11/2019​
20​
11 / 20​
6 / 9​
17 / 21​
No​
HMP: NC EEK
C: WV ZAM3 NPE MWB4
P - NC
 
Last edited:

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
My 1st impressions after some tests:
  • GUI feels slow/heavy inside the VM, don't know in a real system...
  • It uses BD engine for signatures... the on demand detection usually after malware pack is posted is slow, but after about 12 hours, even not sending the undetected samples to BD, rises until around 75% ~ 85%, not bad, but of course after 12 hours...
  • FireWall by default set in "Allow All", but I changed it to "Limited Filers".
  • There are a number of extra features oriented to small office (Application Control, Remote Managing, etc.)
  • I can't manage to work the option to "Upload Samples", when I click over the link anything happens...
  • I performed a Bonus BB test -> Medusa Locker (disabling File AntiVirus module), it failed and the system got encrypted, so I will not perform BB future tests because the BB is inside/tied to File AntiVirus module.
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
I forgot to add that notifications during dynamic testing were almost inexistent :unsure: only sometimes when Powershell script got blocked...

I'm finishing today testing eScan, I think was enough to check its protection capabilities...
 

XLR8R

Level 4
Jan 20, 2020
164
Hello,

Couple of queries:

1. Since the videos are no longer available to see, there is an option File Anti-Virus settings to "enable code analyser". Does this option actually do anything, because I have observed heuristic/BB detection occurs even without it on.
2. From the screenshots, it appears the tested version was v14. Could you kindly verify the same?
3. Phishing Protection has a setting for "Limited Filter" or "Smart Filter" and it does affect the webfiltering performance (blocking connections to known malicious addresses).
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Sorry, check again video links, rights were modified...

All modules were enabled, product was tested in default settings, including Web...
 

XLR8R

Level 4
Jan 20, 2020
164
Sorry, check again video links, rights were modified...

All modules were enabled, product was tested in default settings, including Web...
Thanks for the response. The owncloud video in this thread is not working still, and the ones in the links for individual malwarepack tests are also not working ("specified document has not been found on this server").

The default settings are pretty good except for the phishing filter and the weird "code analyser" option in File Anti-Virus which I do not know what it actually does (the manual just states "behaviour analysis"). The web protection is enhanced by using smart filter in the web protection settings and also by enabling the parental control and setting it to "adult" mode (it's surprising, but true - the adult mode still blocks certain websites deemed to be involved in criminal activities - which includes malware).
 

XLR8R

Level 4
Jan 20, 2020
164
Re-check eScan Settings and malware testing video, I repaired the 2 links...
Thanks.

Seems to me like something was off, you should have been getting alerts from "Advanced Proactive Scan", "Proactive Scan" or the File Anti-Virus Monitor (even for cloud suspicious detected files). I am observing the File Monitor was working like it should but these alerts basically correspond to the signature detection, cloud query and PBAE (eScan own BB). The "Proactive Scan"/"Advanced Proactive Scan" refers to the BitDefender BB. I also observed the file monitor is not throwing any alerts about detecting things, this is not normal behaviour - it always throws alerts....
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Yes, in fact I almost got any waning via popups :unsure: I had to manually check the different modules or reports to check...

If there is a newer recent version, then probably will conduct again some tests again with eScan :)
 
  • +Reputation
Reactions: Der.Reisende

XLR8R

Level 4
Jan 20, 2020
164
Yes, in fact I almost got any waning via popups :unsure: I had to manually check the different modules or reports to check...

If there is a newer recent version, then probably will conduct again some tests again with eScan :)

Looking forward to that. BTW, the version you tested is version 14, so please correct the tests - it's not eScan ISS 11 but rather eScan ISS 14. :)

P.S. regarding the UI, eScan doesn't really care - they are not really interested in enduser/consumer market and target SMB and enterprise, where their management reckons the average employee really doesn't want to know or tinker with the interface of the security product. :p
 

XLR8R

Level 4
Jan 20, 2020
164
Yes, in fact I almost got any waning via popups :unsure: I had to manually check the different modules or reports to check...

If there is a newer recent version, then probably will conduct again some tests again with eScan :)
There is no new version per se, but it appears eScan have updated several drivers and components through the regular update system. Would it be possible to give this product another try?
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Just be patient, I have a long list of requests in queue :sick:, many forum users usually send me pms asking to tests security products hehe... I have sometimes even posting results for 2 products at the same time, but You have to think that it is time consuming and I spend lots of hours here in the forum and in others, apart from of own working...
 

XLR8R

Level 4
Jan 20, 2020
164
Just be patient, I have a long list of requests in queue :sick:, many forum users usually send me pms asking to tests security products hehe... I have sometimes even posting results for 2 products at the same time, but You have to think that it is time consuming and I spend lots of hours here in the forum and in others, apart from of own working...

I understand sir. :)

Between eScan and AVG (paid), what would you recommend? (I am going on some extended travel soon and during that period, I will not be able to mess with my personal laptop at all - no time, so I might as well install something GOOD).
 

XLR8R

Level 4
Jan 20, 2020
164
New version of eScan released now (14.0.1400.2281). The company claims improved protection and proactive blocking performance.

On a glance through the files:

- Updated application blocker module
- Added two-factor authentication module for protected system access
- Updated trufos drivers and rootkit scan drivers
- Updated file system filter drivers and behaviour monitoring system (already pushed via regular update to old versions)
- Firewall driver has also received a version bump
- The "scanner" components have received updates

Whether all this translates to any real world improvement remains to be seen. Though this version runs smooth as butter with settings maxed out on my SSD laptop.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top