eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

Revision as of 08:02, 23 June 2008; view current revision
←Older revision | Newer revision→
Jump to: navigation, search


Contents

eMail Attachment Control

The latest version of eScan that has this feature is 9.x and is available in these editions - Virus Control(VC), Professional(PRO), Internet Security Suite(ISS), Corporate and Enterprise. It is compatible with Microsoft Windows operating systems like W'95,98,ME,NT 4(srv & wks),2000,2003,XP,Vista (32 & 64 bit)

This is the first option page available in the eScan Content Administrator. It can be accessed after installing eScan, by right clicking on the green 'e icon added to the systray.

It has different options like "Block Attachment types", "Port Configuration", "Compression and Decompression of Attachments" and "Advanced".

A) Block Attachment types:

This option holds a list of different file types, for example - *.exe, *.pif,* .scr, etc... which when encountered during an email download would be deleted by default (automatically). This option is set to ensure that emails having these types of known attachments (used by worms, trojans, spyware, etc...) would not be downloaded as they cannot be disinfected/ cleaned but deleted at the MWL (MicroWorld Winsock Layer).

This option can be customized based on requirements, for example - if you wish to receive the file type (*.pif), there are two options available within to set it. Firstly, delete it from the list that holds this file type or secondly you can add the file type to the Exclude Attachments (Whitelist), point no.8 explained below.

The other available options are:-

1. Delete all attachments in email if disinfection is not possible - this option is enabled by default. It would delete all attachments listed in the Block Attachments types section as they are the files that cannot be disinfected/ cleaned.

2. Delete entire email if disinfection is not possible - this option is also enabled by default. It would delete the entire email if the files within the email cannot be disinfected/cleaned.

3. Delete entire email if any virus is found - this option when enabled would delete the entire email if any virus is found in it.

4. Quarantine blocked sttachmetns - this option when enabled would quarant the attachments blocked.

5. Delete entire email if any blocked attachment is found - this option when enabled would delete the entire email if any blocked attachment is found in it.

6. Quarantine email if attachments are not scanned - this option when enabled would quarant emails if the attachments within are not scanned.

7. Quarantine attachments if they are not scanned - this option when enabled would quarant attachments when not scanned.

8. Exclude attachments (White list) - this option is useful in case a file type listed in the block attachment types section needs to be delivered into the user's mailbox/ inbox and should not be deleted. This option holds precedence over the Block Attachment types.

The other section is called "Action", which is set on the right hand side of the Block Attachments types and just below the Port Configuration option, this section is useful in setting up the action to be taken when an infection is found, the default value set is to "Disinfect" while the other is "Delete".

The options that can be set up here are of quaranting infected files and emails, if eScan is installed in the said path - by default then the path would be C:\PROGRA~1\eScan\INFECTED for infected files and C:\PROGRA~1\eScan\Quarant for emails and can be easily changed as per requirements.


B) Port Configuration:

This option is useful for setting up an outbreak alert or notification or warning messages that are sent by eScan when it detects any violation or breach of security.

There are two sections to this port configuration -

1. Mail Server settings - the mail server ip address and port details needs to be defined along with credentials like valid username and password (though optional) in case the mail server requires it, so that eScan can automatically use these details and send the notification alerts.

2. Port settings for eMail/Web Scan - the ports that are used for sending (smtp,25 )and receiving (pop3 ,110) emails are defined and if these emails need to be scanned or not.


C) Compression and Decompression of Attachments:

this option helps in Internet Bandwidth Management.

There are two options available within:-

1. Compress outbound attachments - this option when enabled will decrease the size of all attachments that are sent in emails.

2. Create self extracing zip files - this option when enabled overrides the above point no.1 and creates a self extractable .zip file which when clicked on automatically uncompresses itself thereby eliminating the need at the receiver's end from using any unzipping tool.

3. Do not compress files with extensions (Exclude following attachments) - this option is helpful in excluding the file types {attachments} that need not be compressed when being sent out.

4. a)Uncompress inbound attachments - this option when enabled will automatically open/unpack the compressed file and be scanned. b)Uncompress inbound attachments (Local Domain) - this option when enabled will automatically open/unpack the compressed file and be scanned when sent within the local domain.

5. Compression options

a) Compress only if compression % greater than - the default value set is 25, this option will compress all attachments in emails to 25 % or more.

b) Compress if attachment size is above (KB) - the default value set is 50, this option will compress all attachments that are and above 50 KB in size and not below.

c) Select the compression ratio - the default value set is of Max. Speed, this option will utilize the system resources to the best and compress the attachments in emails quicker and send it out too.


D) Advanced:

Internet Explorer (IE) has vulnerabilities and using them as the base, malwares easily transmit themselves onto the system and email clients like Outlook and Outlook Express thus making it easier for malware authors to get their malicious code propagating.

To overcome them, MicroWorld with it's security range of solutions is committed to securing your data and system from such vulnerabilities.

1. IE Vulnerabilities 1

a) Delete attachments with CLSID extensions - this option is enabled by default. It deletes Class ID file extensions [CLSID - files that are hidden and do not show the actual file extension] to prevent dangerous files from exploiting the vulnerabilities of IE.

b) Delete HTML attachments with Scripts - this option is not enabled by default. In general, eMails are sent and received in different formats and one of them being HTML, this HTML can have Scripts {similar to a batch file - .bat) with Tags to perform a particular or a set of task/s (embedded), such emails when encountered are deleted to prevent exploiting the vulnerabilities.

c) Script & Content check disabled for mails From - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - abc@xyz.net or *@xyz.net) all emails coming from this user or domain would automatically be delivered to the receiver's inbox/mailbox.

d) Script & Content check disabled for mails To - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - suzanne@xyz.net or *@xyz.net) all emails being sent from this user or domain would automatically be delivered to the receiver's inbox/mailbox.


2. IE Vulnerabilities 2

a) Select action on mails with Multiple Extension Attachment - the default option set is to "No Action", the other is "Delete mail", this option is very useful to prevent malware like worms from propagating itself using multiple (double or triple) extensions via email attachments, for example -nimda, sircam, etc...

b) Allow Multiple Extension attachment for ZIP file - the default option set is to "Yes" or "Allowed", this option is very useful and helps in transmitting multiple extensions attachments in email, for example - compressed files like .zip, .pdf that have multiple extensions can be allowed.


3. Archival

a) Archive emails - this option is not enabled by default. This option is useful to archive or backup all emails that are sent and received via eScan. The folder or the path to this destination is customizable as per one's requirements.

b) Archive attachments - this option is not enabled by default. This option is useful to archive or backup all email attachments that are sent and received via eScan. The folder or the path to this destination is customizable as per one's requirements.

c) Do not archive attachments of type - With this option certain file types can be excluded from being archived, for example - *.vcf, *.htm, *.html, etc...

Other options -

Save - this option enables the user to Save the settings done.

Refresh - this option refreshes itself and displays the latest status.

eMail Content Scanning

The latest version of eScan that has this feature is 9.x and is available in these editions - Virus Control(VC), Professional(PRO), Internet Security Suite(ISS), Corporate and Enterprise. It is compatible with Microsoft Windows operating systems like W'95,98,ME,NT 4(srv & wks),2000,2003,XP,Vista (32 & 64 bit)

This is the second option page available in the eScan Content Administrator. It can be accessed by right clicking on the green 'e icon added to the systray after installing eScan.

It has different options like "Phrases to check" and "Advanced", "Disclaimer" and "Advanced" and lastly the "View Quarantined Mails" and View Ham Mails".

A) Phrases to check:

This feature has different options within -

1. Default white list of words/phrases - this is pre-defined white list of words/phrases that would be allowed to be sent and received.

2. User specified white list of words/phrases - this is a user specified white list of words/phrases that would be allowed to be sent and received.

3. Default black list of words/phrases - this is pre-defined black list of words/phrases that would not be allowed to be sent and received.

4. User specified black list of words/phrases - this is a user specified black list of words/phrases that would not be allowed to be sent and received.

  • To add a new word/phrase to the available list, select any word/phrase from the list, right click on it, then add the desired word/phrase to the existing list and Save the settings.
  • To modify any existing word/phrase from the available list, select the desired word/phrase from the list, right click on it, then change the desired word/phrase and / or the desired action to be taken, lastly Save the settings.
  • The default action set within eScan is to "Quarant". The above listed white and black lists when viewed on a color monitor would be visible in different colors like 1. Default white list of words/phrases in Yellow , 2. User specified white list of words/phrases in Blue , Default black list of words/phrases in Purple, User specified black list of words/phrases in Green.
  • Now, there may arise a point where genuine emails are also being blocked due to the occurence of a word/phrase in the available list, so, to overcome the same, one should always ensure and define , the desired word/phrase in Double Quotes so that it is blocked appropriately, for example - "test" , here, when an email arrives and if there is a defined word called test in the list, then, the content filter will scan the email BUT will not tag the email or take the necessary action defined on this email, because the word is defined in quotes, i.e unless and until the exact word/phrase is matched no action would be taken, this is how False Positives are taken care off.


B) Advanced:

This option page has different options like when to check emails, anti-spam configuration and mail tagging.

1. When to check emails - this option is very important and relevant and can help the user customize as to how the email content filter should work.

The options available within:-

a) Send Original mail to user - this option is not enabled by default, once enabled it helps to send the email (though tagged as spam) to the original receipient of the email.

b) Do not check content of Replied or Forwarded emails - this option is not enabled by default, once enabled it will not check contents in all emails that are either replied or forwarded. This eventually helps is releasing system resources on an email that is already scanned and come into the mailbox/ inbox.

c) Content check of Outgoing emails - this option is not enabled by default, once enabled it will start checking all outgoing emails for restricted contents.


2. Mail Tagging - this option is very important as it helps in identifying emails as Spam (bad) or Ham (good).

a) Only (Spam) tag is added in Subject, the Body is left unchanged - this is the default action set within the software so that all spam emails are identified.

There are many other options that can be set as per the user's requirements like,

b) Do not change at all - this option will not tag the email at all.

c) Both subject and body is changed, [Spam] tag is added in subject, Actual Spam content is embedded in the body - this option helps identify the email as spam based on the subject and body.

d) X-MailScan-Spam: 1" header line is added, Actual Spam content is embedded in the body - this option helps identify the email as spam based on the header.

e) X-MailScan-Spam: 1" header line is added - Body and Subject both remain unchanged - this option helps identify the email as spam based on the header.


3. Spam Filter (Anti-Spam) Configuration - this option is enabled by default, it helps to block/prevent spam emails from entering into the mailbox/inbox of the user/s.

The options available within:-

a) Check content of HTML mails - this option is enabled by default, it helps to scan emails in HTML format alongwith Text.

b) Treat mails with Chinese/Korean character set as Spam - this option is enabled by default, it is observed from the reports received from our world wide sample collection centres that emails with Chinese/Korean characters are used by spammers to send as spam and hence when received such emails are first analyzed based on a number of conditions afterwhich then tagged as Spam.

c) Treat Subject with more than 5 Whitespaces as Spam - this option is enabled by default, it is observed from the reports received from our world wide sample collection centres that spammers are applying a technique of "spacing" (leaving spaces) in the subject of the email to get their malicious emails inside the user's mailbox/inbox by fooling the spam filters.

d) Treat HTML mails with "SRC=" string as Spam - It is also observed from the reports received from our world wide sample collection centres that spammers are skillfully inserting SRC (source) within an email. SRC= Source is basically inserting of a source, for example - a weblink/s (url), image/s within a email that can run/ execute itself automatically in the background and download data from a remote server/ site even without being viewed or executed.

e) Quarantine Advertisement mails - this option is enabled by default. Advertisement emails are big in size, use a lot of the internet bandwidth and are known [from reports] to be carrying malicious and/or unwanted content/data within, hence, when such emails are encountered\, they are Quarantined.

The Advanced option within -

a) Enable Non Intrusive Learning Pattern (NILP) check - this option is enabled by default. Non Intrusive Learning Pattern (NILP) is an advanced Bayesian Filtering method with the intelligence to analyze each mail according to the Behavioral Patterns of the user and comes with a self learning capability. It is one of the component of the Anti-Spam Module that helps prevent spam emails from reaching the user's mailbox/inbox.

b) Enable eMail Header check - this option is enabled by default. The generic fields of an email like the email From, To, CC are checked for it's validity before accepting the email. This is another component of the Anti-Spam Module that helps prevent spam emails from reaching the user's mailbox/inbox.

c) Enable X-Spam Rules check - this option is enabled by default. A database of words /phrases used by spammers is in-built within the software and each word / phrase is assigned a particular score or threshold level. If any of these words /phrases appear in an email, using this database, different validations along with a score or threshold level check is also done [match] and here if the score or threshold value is found to be True [matching], the mail is tagged as spam or otherwise. This is one more component of the Anti-Spam Module that helps prevent spam emails from reaching the user's mailbox/inbox.

d) Enable Sender Policy Framework {SPF) check - this option is not enabled by default. When enabled, it will check the SPF record of a particular domain from where the email is being downloaded from. This is an additional component of the Anti-Spam Module that helps prevent spam emails from reaching the user's mailbox/inbox.

e) Enable Spam URI Real Time Blacklist (SURBL) check - this option is not enabled by default. When enabled, it checks for spammers IP addresses using SURBL technology (Spam URI Realtime Black List), which help identify spam URLs in the message body. This is an additional component of the Anti-Spam Module that helps prevent spam emails from reaching the user's mailbox/inbox.

f) Enable Real Time BlackHole list (RBL) check - this option is not enabled by default.When enabled, it check for the spammers IP addresses in RBL's (databases of known spammer IP Addresses), which help identify and block an email from being downloaded from a spammer IP. This is an additional component of the Anti-Spam Module that helps prevent spam emails from reaching the user's mailbox/inbox.

and...

RBL servers -

These are the different servers which hold databases of spammers IP Addreses and can be changed as per one's requirement/s (add/delete).

Auto Spam Whitelist -

This is a whitelist generated of email addresses (valid email addresses) from the mail clients. This is a list of addresses to whom emails have been sent to earlier.


C) Disclaimer and Advanced:

this option is not enabled by default. Disclaimer is a footer or signature that gets added/appended to all outbound (outgoing) emails when enabled. It can be customized to be added to all incoming emails using the Add Disclaimer to Incoming emails option within the Advanced option and further can be restricted too from being added/appended to certain or specific email addresses or domains using the option of Outgoing mails excluded from adding disclaimer.


D) View Quarantined Mails:

this option is set right at the bottom end of the eMail Content Scanning page. When clicked on, one can view all the emails that have been quarantined (marked as spam) by eScan for any of the above mentioned rules/policies.

This has different options set within -

1. View - this option helps in viewing the emails that have been quarantined.

2. Delete - this option is for permantely deleting/purging the email quarantined (if it is not required)

3. Message Source - this option helps in finding out more details of the email that has been quarantined (email from, email to,cc, ip address,etc...)

4. Add Sender's eMail-ID to White List - this option helps in releasing the email that has been quarantined (will not be quarantined in future).

As a result, the email that had been quarantined will now be received by the user(receipient).


E) View Ham Mails:

this option is set right at the bottom end of the eMail Content Scanning page. When clicked on, one can view all the emails that are not spam (not marked as spam).

This has different options set within -

1. View - this option helps in viewing the emails that are not quarantined (spam).

2. Delete - this option is for permantely deleting/purging the email that is not marked as spam (if it is not required)

3. Message Source - this option helps in finding out more details of the email that has been quarantined (email from, email to,cc, ip address,etc...)

4. Train as spam - this option helps the eScan software in training (analysis) such emails as spam.

As a result, such an email that was not quarantined earlier, after training will be quarantined and will not be received by the user(receipient).

Other options -

Save - this option enables the user to Save the settings done.

Refresh - this option refreshes itself and displays the latest status.

Webpage Scanning

The latest version of eScan that has this feature is 9.x and is available in these editions - Professional(PRO), Internet Security Suite(ISS), Corporate and Enterprise. It is compatible with Microsoft Windows operating systems like W'95,98,ME,NT 4(srv & wks),2000,2003,XP,Vista (32 & 64 bit)

This is the third option page available in the eScan Content Administrator. It can be accessed by right clicking on the green 'e icon added to the systray after installing eScan.

It has different options like "Inactive", "Active", "Block Web Access", "Time Restrictions" and "Advanced".

A) Inactive:

this is the default option set.

B) Active:

this option is not set as the default. When enabled, this option helps in controlling and blocking access to the Web.

To control and block the access to the web, it has different pre-defined categories in the "Filter categories" section, like:-

1. Pornography - this helps to control and block access to the web based on pornographic content. On selection of this category, it displays the words/phrases defined for it along with the site names that when accessed would result in Blocking of Access or "Access Denied" to the site desired.

The words and phrases and/or sites defined can be added or deleted based on requirements.

2. Gambling - this helps to control and block access to the web based on gambling content. On selection of this category, it displays the words/phrases defined for it that when accessed would result in Blocking of Access or "Access Denied" to the site desired.

The words and phrases defined can be added or deleted based on requirements.

3. Ratings_block_category - this helps to control and block access to the web and is kept open for any words/phrases to be added to the words/phrases and to the site names list.

  • Categories can be added or deleted using the field provided just above the "Filter Options".
  • The sites that are denied access to would automatically be added to the Block category to be filtered.

C) Block Web Access:

this option is not set as default. When enabled, it blocks / denies access to the web completely. If the need arises, access to the web can be given on a conditional basis, for example - access to the web, given only to certain websites like www.hotmail.com, yahoo.*, gmail.com, etc... and all the others would be blocked / denied access.

This conditional access can be applied through the "Filter Categories", for which the words/phrases and site names can be added to the list accordingly.

D) Time Restrictions:

this option is set as per requirement. This option helps to customize the access to the web based on time or as per the day of the week or daily, for example - access to the web should be allowed everyday only during lunch hours and blocked otherwise.

E) Advanced:

this option is available at the bottom end of Webpage Scanning. When clicked on, it has many sub- features and functionalities that help to control and block access to the web.

There are different options available like "Content Matching Options", "Content Type", "ActiveX Blocking", "Port Setting", "Rating Systems" and "Actions"

1. Content Matching Options - this option is helpful in controlling and blocking access to the web based on matching content and which works on different criterias:-

a. Search in Site Name - the site name or url typed would be checked if it is listed in the restricted or blocked categories.

b. Search in HTML Tags - the HTML tags would be checked if they contains any restricted or blocked words/phrases or site names.

c. Search in Title - the title would be checked if it contains any restricted or blcoked words/phrases or site names.

d. Search in Page Text - the web page text would be checked if it contains any restricted or blocked words/phrases.

e. Search in Description and Keywords - the restricted or blocked words/phrases would be checked in the website's description and keywords.

f. Reserved Word Threshold Level - This is a threshold level/limit set within the software that keeps a count of how many times a restricted or blocked word/s appears, if the set word/s have appeared as per the default value or more the access to the web is blocked or restricted and vice versa.

2. Content Type - this option is helpful in controlling and blocking access to the web based on the type of content and which works on different criterias:-

a. Block Images - Images on websites will be blocked from being viewed

i) Saving on Internet Bandwidth - for example - to view an image that we like, we would click on it and enlarge it as a result eating up internet bandwidth. ii) Secure the system and data from malwares like spywares, adwares, trojans, etc... that creep onto the system when surfing and exploit vulnerabilities of the operating system and the applications installed on them. iii) Degradation of the system (performance).

b. Block Applications - Applications on websites will be blocked from being run / executed

i) Saving on Internet Bandwidth - for example - to view an image that we like, we would click on it and enlarge it as a result eating up internet bandwidth. ii) Secure the system and data from malwares like spywares, adwares, trojans, etc... that creep onto the system when surfing and exploit vulnerabilities of the operating system and the applications installed on them. iii) Degradation of the system (performance).

c. Block eMails (RFC 822) - Messages of RFC 822 would be blocked by default.

d. Block Audio files - Audio files on websites will be blocked from being run / executed.

i) Saving on Internet Bandwidth - for example - listening to a audio available on the website, we would click on it and start listening as a result eating up internet bandwidth. ii) Secure the system and data from malwares like spywares, adwares, trojans, etc... that creep onto the system when surfing and exploit vulnerabilities of the operating system and the applications installed on them. iii) Degradation of the system (performance).

e. Block Video files - Video files on websites will be blocked from being run / executed.

i) Saving on Internet Bandwidth - for example - to view and listen to a video available on the website, we would click on it and start viewing and listening as a result eating up internet bandwidth. ii) Secure the system and data from malwares like spywares, adwares, trojans, etc... that creep onto the system when surfing and exploit vulnerabilities of the operating system and the applications installed on them. iii) Degradation of the system (performance).


3. ActiveX Blocking - ActiveX is a technology developed by Microsoft. With an ActiveX-enabled browser, ActiveX controls can be downloaded as part of a Web document to add functionality to the browser (similar to Java applets).

a. Java Applets - Java is a programming language from Sun Microsystems and in which an applet is written, it can be included in an HTML page, much in the same way an image is included in a page. When you use a Java technology-enabled browser to view a page that contains an applet, the applet's code is transferred to your system and executed by the browser.

For example - to enhance interactive control, primarily in Web browsers and other network-oriented interactive software applications.

b. Scripts (Java and VB) - is a list of commands that can be executed without user interaction, to automate certain application tasks or to work in a particular computing environment/scenario. So, when any script be it Java or VB (Visual Basic) is found to contain any malicious code, it is blocked.

This option is very useful in blocking programs that trigger or execute themselves when a website is being viewed.

c. Check for virus - this is the default action set. This option scans and blocks all activities carried out while browsing (reading of data on the website, downloading the files, etc...) if found to contain any malicious code.


4. Port Setting - Internet Access (HTTP Port)- 80,8080,3128,658. These are the different ports defined within the software that are monitored for any data transfer that happens through them and if it contains any malicious data, it is blocked. You can add or delete the ports as per your requirements.


5. Rating Systems - this option is not enabled by default. When enabled, this option allows each user or the administrator to set for each user, of how he/ she should access content on the web. These suggestions (advice) are laid down by World Renowned Organisations that cater to Content Filtering on the Internet, viz. RSACi, ICRA, SafeSurf.

a. RSACi - Based on the study and work of Dr.Donal F. Roberts of Stanford University on the effects of media on children for nearly 20 years certain guidelines were laid, based on which "Recreational Software Advisory Council" (RSAC) was formed. Is a rating service of websites for content on the Internet.

b. ICRA - "Internet Content Rating Association" (ICRA) came into existence to protect children from harmful content on the internet. Is a global, cross-cultural filtering and rating service of websites for content on the Internet.

c. SAFESURF - Designed with inputs from millions of users (parents) and Net Citizens to empower each family to make informed decisions concerning accessibility of content on the Internet.


6. Actions - All of the above criteria are checked when enabled and if any violation is found appropriate action is taken.

a. Log Violations - All violations are logged for easy administration and for future reference.

b. Shutdown program in 30 seconds - If any of the rules/policies that are defined are found to be violated, then the software has a in-built functionality to automatically shutdown the program (browser) in 30 seconds.

Other options -

Save - this option enables the user to Save the settings done.

Refresh - this option refreshes itself and displays the latest status.

PopUp Filter

The latest version of eScan that has this feature is 9.x and is available in these editions - Internet Security Suite(ISS), Corporate and Enterprise. It is compatible with Microsoft Windows operating systems like W'95,98,ME,NT 4(srv & wks),2000,2003,XP,Vista (32 & 64 bit)

This is the fourth option page available in the eScan Content Administrator. It can be accessed by right clicking on the green 'e icon added to the systray after installing eScan.

It has different options like "Block Popup", "Beep via PC Speaker", "Play Sound", "White List" and "History Logs".

A) Block Popup:

This option is not enabled by default. This option is very useful in many ways i) Saving on Internet Bandwidth - for example - for a popup to appear on the desktop screen, it would utilize the internet bandwidth, thus eating up the internet bandwidth. ii) Secure the system and data from malwares like spywares, adwares, trojans, etc... that creep onto the system when popups are viewed /opened, exploiting the vulnerabilities of the operating system and the applications installed on them. iii) Degradation of the system (performance).

B) Beep via PC Speaker:

This option is not enabled by default. This option would beep (makes a sound)when a popup is encountered and filtered/blocked.

C) Play Sound:

This option is not enabled by default. This option will play a sound when a popup is encountered and filtered/blocked.

D) White List:

This is a white list that holds the website addresses where the popup's appear (are not filtered/blocked).

There are different options within:-

1. Add - this option enables the user or administrator to add a website to the White List so that the next time when this website is accessed, popup's appear, are visible.

2. Delete - this option enables the user or administrator to delete a website from the White List so that the next time when the same website is accessed, it gets filtered/blocked.

3. Remove All - this option enables the user or administrator to remove all listed websites from the White List so that when any of these websites are being accessed and a popup tries to appear, they are filtered/blocked.

4. Browse - this option enables the user to browse any of the listed websites in the White List.

E) History Logs:

All activity related to popup's (allowed/blocked) is logged for future reference.

1. Log Violations - All violations that occured are logged for future reference like for which user the popup was blocked along with date & time, website(url) address, reason for blocking and offensive word.

2. Add to White List - This is a option that enables the user or administrator to add the violated (blocked) popup website to the White (allowed)list.

3 Clear Log - This option will clear the log file completely (empty).

4. Browse - this option enables the user to browse the listed websites.

5. Refresh Log - this option refreshes the logs and displays the latest status.


At the bottom end of the same page, there are other options available like -

1. Hot Key - allows you to assign a key that when kept pressed temporarily allows popup's on the website being accessed.

2. Test Popup - this option opens up a page on our website where you can test the efficacy and userfulnees of this popup filter (there are five different types of popup's displayed).

3. Default - this option resets all the settings to the original (all latest changes made will be lost).

4. Save - this option enables the user to Save the settings done.

5. Refresh - this option refreshes itself and displays the latest status.

Browser Cleanup

The latest version of eScan that has this feature is 9.x and is available in these editions - Internet Security Suite(ISS), Corporate and Enterprise. It is compatible with Microsoft Windows operating systems like W'95,98,ME,NT 4(srv & wks),2000,2003,XP,Vista (32 & 64 bit)

This is the fifth option page available in the eScan Content Administrator. It can be accessed by right clicking on the green 'e icon added to the systray after installing eScan.

It has different options like "Scheduler Options" and "Auto Erase Options".

A) Scheduler options:

this option is not enabled by default. This option helps in scheduling the auto-eraser of the below mentioned point no. B functions.

1. Run at System Startup:- this option is not enabled by default. When enabled, it auto-executes itself at system startup (boot-up)and performs the desired auto-erase functionalities.

2. Run Everyday at:- this option is not enabled by default. When enabled, it auto-executes itself at the time specified within the software.


B) Auto Erase Options:

this option is not enabled by default. This option helps in automatically -

i) Cleaning up the hard-disk (free space) ii) Effective optimization and maintainence of system resources (cpu,ram,etc...) iii) Private(Confidential) data is secured iv) Keeping the hackers at bay v) Keeping the crackers at bay vi) Keeping the intruders at bay vii) Securing from Online Thefts viii)Securing from Online Frauds ix) Securing from worms,spywares,password stealing trojans,etc... x) Troubleshooting and problem solving ease with comprehensive report (log)


1. Clear Auto-Complete Memory - When you browse, the browser on your system stores "N" records of the data you enter on a website (form), keywords typed into a search engine, your personal information-name and address, etc... , this information can be used to track the way you browse (surfing habits).

2. Clear Last Run Menu Command - Windows stores executed programs (run) in the start menu run command text box, so everytime you don't have to re-type the same, this information if known to other users will enable them to know what you did on the system and also allow them to execute/run it.

3. Clear Temporary Folder/s - Every time you install a software, open a document or a web page, a temporary file gets created in the temporary folder/s. If this temporary folder is not cleared on a regular basis, it will cause problems with accessing data, slowing down of the system, etc..., this results in ineffeciency of the system resources being used.

4. Clear Last Find Computer - Windows stores searched queries in a temporary file (log), so everytime you don't have to re-type the same for searching, this information if known to other users will enable them to know what you did on the system and also allow them to execute/run it.

5. Clear Browser Address Bar History - The website address you typed and visited are stored in the browser's address bar history and the operating system on it's own does not delete (clear) them automatically, this information if known to other users will enable them to know what you did on the system and also misuse it.

6. Clear Last Search Menu - Windows stores searched queries in a temporary file (log), so everytime you don't have to re-type the same for searching, this information if known to other users will enable them to know what you did on the system and also allow them to misuse it.

7. Clear Recent Documents - Windows stores the recent documents made and accessed in a temporary file (log), this information if known to other users will enable them to know what were the documents you worked on the system and also allow them to misuse it.

8. Clear Files and Folders - this option has to be used with caution as it helps to permanently clear, delete unwanted files and folders from the system thus efficiently making free space on the system.

9. Clear Open/Save Dialog Box History - Windows stores links of all files opened and saved, in the registry,so next when you open or save a file, it displays a list of the files accessed and this information if known to other users will enable them to know what you did on the system and also allow them to misuse it.

10. Empty Recycle Bin - this option has to be used with caution as it helps to permanently clear the recycle bin of all the deleted files and folders from the system thus efficiently making free space on the system.

11. Clear Cache - (Temporary Internet Files ) & History : Every time you open a Web page, your browser creates a cache file (a temporary copy) of the page's text and graphics. When you open the page again, your browser checks the Web site server for changes to the page. If the page has changed, your browser retrieves a new version. If the page hasn't changed, your browser uses the cache files from your RAM or hard drive to display the page. For example, Internet Explorer caches Web pages to both memory (RAM) and disk (hard drive) until the respective cache is full; Internet Explorer then rotates out pages based on age. Internet Explorer designed this system to help load Web pages quicker. However, if you've viewed lots of Web pages, you may have an overloaded hard disk cache, which Internet Explorer will have to check before it loads a new page. Unfortunately, over time, your browser's cache grows. A cache full of outdated information is worse than no cache at all. It causes problems with Java applets, causes you to see out of date text or images, and slows your browser. This also gives an easy means to others to find out your surfing habits.

12. Clear Cookies - Cookies are basically files that store information generated by a web server and stored on your computer (from a website) and acts as a shortcut when you access the same website in the near future. Cookies make a part of the HTML information that flows to and fro between the user's computer and the web servers, as a result web servers automatically gain access to relevant cookies whenever the user re-visits the website (it is usually in the form of web requests). Most of the time, not only does the storage of such personal information into a cookie go unseen/ unobserved but also the access to it because it is not visible to the naked eye (it all happens in the background). This information can be used to track the way you browse (surfing habits) and this information if known to other users will enable them to know what you did on the system and also allow them to misuse it.

13. Clear PlugIns - PlugIn is a add-on (hardware or software) module that adds a specific feature, functionality or service to an existing system. For example - Netscape navigator uses PlugIns to display different types of audio or video messages. This information if known to other users can be used to trace the URL's or web pages you visited and misuse it.

14. Clear ActiveX - ActiveX is a technology developed by Microsoft. ActiveX is a set of rules that specify how applications should share information. With an ActiveX-enabled browser, ActiveX controls can be downloaded as part of a Web document to add functionality to the browser (similar to Java applets). This information if known to other users can be used to track the sites and pages you visited and misuse it.

15. Clear History - When you visit a site, the site name along with the pages opened, images or files downloaded, etc.... are stored in your system in a folder called the history folder, the next time you visit the same site, the browser checks this history folder and quickly opens the website with the information it already has about the website.As a result, the history folder offers a very easy way to find out about the sites you have accessed and this information if known to other users can be used to track the sites and pages you visited and misuse it.

16. Unselect All - this option de-selects all the options you had selected from this list.

17. Select All - this option selects all the options available in the list

18. Run Checked - this option runs/executes the auto-eraser to clear all the selected options from the list, thus aiding in fine tuning and improving the system's performance.


At the bottom end of the same page, there are other options available like -

1. Browsers - these are the list of browsers that are supported by this module.

2. General - this displays all of the above mentioned options to be selected for use

3. Cache - displays the list of cached items.

4. Cookies - displays the list of cookies.

5. ActiveX - displays the list of ActiveX components.

6. PlugIns - displays the list of plugin components.

7. History - displays the history of the websites surfed.

8. Files & Folders - displays the list of files & folders that would be cleared/deleted when this auto-eraser is run/executed, it displays all system, read only and hidden files.

9. Advanced - this is an option to further customize which files need to be cleared/deleted from the system.

a) MS Office - it includes files from the MS-Office suite like Word,Excel,Powerpoint,FrontPage and Access.

b) Windows - it includes files from tasks performed within the windows environment like temp files created by the Scan Disk, ClipBoard Data, Start Menu Order History, Registry Streams MRU & Applicatioon Log.

c) Others - it includes files created by other softwares like Windows Media Player play list, Windows Media Player History.

d) Select All - All the options listed above would be checked.

e) Unselect All - All the options listed above would be unchecked.

f) Internet Explorer - the files held within the browser (IE) like cookies are treated differently and for which these options are available -

Options -

a) List of cookies - lists the cookies detected on the system.

i) Add to Exclude list - you can add any cookie listed to the exclude list.

ii) Remove from the Exclude list - you can delete any cookie from the list

b) Exclude list of cookies - the cookies that are excluded from the list are displayed here, i.e. the cookies that are added to the exclude list (just above).


Other options -

Save - this option enables the user to Save the settings done.

Refresh - this option refreshes itself and displays the latest status.


eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers