Free f prot antivirus software for linux

F-Prot Antivirus security software package has various components that help keep your system secure from viruses, backdoors, trojans and other malicious programs. The project includes the RealTime Protector, a memory-resident monitoring utility that observes all files accessed on your system, a Scheduler where you can set the Scanner to make automatic scans or updates on your system at any time and an Updater to manage all signature updates.
For home users using the Linux open-source operating system, we offer F-Prot Antivirus for Linux Workstations. F-Prot Antivirus for Linux Workstations utilizes the renowned F-Prot Antivirus scanning engine for primary scan but has in addition to that a system of internal heuristics devised to search for unknown viruses
F-Prot Antivirus for Linux was especially developed to effectively eradicate viruses threatening workstations running Linux. It provides full protection against macro viruses and other forms of malicious software - including Trojans.
Main features:
- Scans for over 191534 known viruses and their variants
- Ability to perform scheduled scans when used with the cron utility
- Scans hard drives, CD-ROMS, diskettes, network drives, directories and specific files
- Scans for images of boot sector viruses, macro viruses and Trojan Horses
F-Prot Antivirus for Linux Workstations is FREE for use by personal users on personal workstations

Yet Another antiVirus Recipe is a procmail that helps to filter out a lot of the most common e-mail worms.
For some of the above (plain iframe, clsid, xml, macro) e-mail is delivered normally but gets a WARNING in subject plus its old subject ($SUB).
Some of the warnings are:
WARNING-XML-CODEBASE-OBJECT-$SUB
WARNING-CLSID-EXTENSION-$SUB
WARNING-IFRAME-$SUB
WARNING-MACRO-$SUB
WARNING-NSCAM-SCORE:$NKNGS-$SUB
Main features:
- :: base64 signatures ::
- Most of these worms are MS-Windows executables and arrive at our e-mail encoded through base64 routines. YAVR uses especially selected signatures to locate these attachments. After that it places them in a directory (/virus/) sorted by name.
-
- :: iframe html exploit ::
- Through IFrame tag a html encoded e-mail can download and execute a file from a remote http site without informing the user.
-
- :: CLSID hidden extensions exploit ::
- Attachments which end with a Class ID (CLSID) file extension do not show the actual file extension saved and viewed with Windows Explorer. This allows dangerous file types to look as though they are actually innocent files, such as JPG or WAV files.
-
- :: xml codebase exploit ::
- Usage of some xml objects allow local files to be automatically executed, regardless of the security settings on the target machine.
-
- :: generic executable trap for bat, pif, vbs, vba, scr, lnk, com, exe ::
- The rest of MS-executable files that are not caught from base64 signatures end up in a virus-could-be file.
-
- :: generic macro detection for doc,dot,xls,xla files ::
- MS-Word and MS-Excel files that contain macro commands are marked with a warning.
-
- :: generic detection for most of nigeria scam e-mails (most of them) ::
- Nigeria scam e-mail is not a virus but a big spam problem... There are many good filters that use great algorithms for spam. This is just an add-on.
Enhancements:
- new switches for quarantine or not certain e-mailsbased on some ideas by Dan Smart
- YAVRQUARANTEXE if set to ON it sends unknown executables to /virus/virus-could-be as usual if set to OFF it delivers at inbox with a warning (and the X- header ;)
- YAVRQUARANTNIG same for nigeria scam
- YAVRQUARANTPRN same for porn e-mail read instuctions inside nkvir-rc
- X- marks in headers to help your own procmail scripts
- X-YAVR: MS-EXEC (any MS executable that wasnt identified by signatures)
- X-YAVR: NIGERIA (nigeria scam)
- X-YAVR: PORN (porn related)
- X-YAVR: MACRO (containing macro code)
- X-YAVR: XML-CODEBASE
- X-YAVR: IFRAME
- X-YAVR: CLSID-EXTENSION
- X-YAVR: SENDMAIL-EXPLOIT
- some more Worm.Moodown.b aka Netsky.b signatures
- another Mimail.Q

AntiVirus Scanner is an anti-virus scanner for Endeavour Mark II that uses the ClamAV library (libclamav).

AntiVirus Scanner allows you to create a list of scan items for frequently scanned locations and features easy virus database updating, all in a simple GUI environment.

Antivirus Scan with F-Prot is a simple servicemenu for konqueror that allows to scan single or multiple files and folders using the F-Prot Antivirus. Antivirus Scan with F-Prot shows the result of the scanning in a textbox using kdialog. It can also show the progress of the scanning in a terminal.
I hope you may find it useful.
Comments or/and translations are welcome.
TO INSTALL: extract the content of the tarball and copy the file f-prot_virus_scan.desktop into ~/.kde/share/apps/konqueror/servicemenus (just for your user) or in /usr/share/apps/konqueror/servicemenus, /opt/kde/share/apps/konqueror/servicemenus... etc, depending on your distro, to make it system-wide.
This is only the service-menu, you need to have F-Prot antivirus installed on your system.
Enhancements:
- Added Danish translation by Kefeus

Visual F-Prot is an F-Prot Antivirus for Linux Workstations graphical interface.

Visual F-Prot is graphical interface for F-Prot Antivirus(TM) for Linux Workstations for home use (available for free download) copyrighted by Frisk Software International (www.firsk.is). Before you install this program, you must install F-Prot Antivirus, because it wont work without it.

It works with F-Prot antivirus version 4.5.3 and above - its not tested with earlier versions,but it should also work with them.

Also, youll need "xterm" terminal emulator, provided by most, if not all linux distributions.

This program is built with GTKMM 2.4 C++ libraries, so youll also need those for it to work.

About AVG Anti-Virus:

• AVG Professional Single Edition is perfectly designed to give you the maximum antivirus protection for your single home PC or workstation.
• It is simple to install and operate. No IT expertise is required and it can run in the background, providing uninterrupted protection. All file and e-mail activity is checked automatically, allowing you to get on with your work without worrying about viruses.
• It is extremely fast, reliable and light on resources, so, no matter how demanding a user you are, it will not slow down your performance.

Enhancements: Added detection of new variants of trojans SHeur2.ANNO, BackDoor.Hupigon5.LCW, SHeur2.ANOR, Downloader.Generic8.AXOI, PSW.Banker5.ONF, Generic13.BPUS.

The Qmail virus scanner (QScan) is a mail filter for Qmail that scans incoming messages using the Sophos Antivirus engine, immediately rejecting infected content.

It is designed to be minimalistic, yet extremely fast and secure, and uses multiple pipes instead of the traditional temporary files and privilege separation. It works with non-native versions of the virus scanner like under OpenBSD with Linux or FreeBSD emulation.


You must create a temporary directory to extract MIME attachments, and replace Qmails original qmail-queue program with Qscan. Quick way to achieve this for the impatients :

mkdir /var/qmail/qscan
chmod 700 /var/qmail/qscan
chown qmaild:qmail /var/qmail/qscan
ln /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue-old

Now, lets compile and install Qscan :

./configure --help

./configure [your beloved flags]

make install-strip

The last step is to replace the original qmail-queue program with our filter :

rm /var/qmail/bin/qmail-queue
ln -s /usr/local/sbin/qscan /var/qmail/bin/qmail-queue

Depending on your local configuration, it may be needed or not, but start with doing it :

chown qmaild:qmail /usr/local/sbin/qscan
chmod 6711 /usr/local/sbin/qscan

After testing, if everythings ok for you, remove the setuid bit :

chown 0:0 /usr/local/sbin/qscan
chmod 711 /usr/local/sbin/qscan