Advice Request Which Antivirus has no HTTP Scanning?

Please provide comments and solutions that are helpful to the author of this topic.

Spartan

Level 3
Thread author
Verified
Well-known
Apr 15, 2019
110
Other than Panda Free Antivirus, and Avast Free which you can choose to install without the web shield, which Antivirus is there that has no web protection/HTTP Scanning?

I don't want anything touching my internet connection just a file scanner.

I know you can disable HTTP scanning in a lot of them but then you get a warning in the antivirus to reenable it which I don't want to see (ie. ESET NOD32,)
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,458
Most major AVs even if you can disable/not install their own browser extension, usually have other modules and features that interacts with Windows firewall etc. Several AVs also have their own cloud services.
 

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,324
I know you can disable HTTP scanning in a lot of them but then you get a warning in the antivirus to reenable it which I don't want to see (ie. ESET NOD32,)
Kaspersky Free, there it's possible turn-off fully the web-protection component AND also the warnings can be disabled via "ignore" option available on mainpage of UI...
 

Spartan

Level 3
Thread author
Verified
Well-known
Apr 15, 2019
110
Most major AVs even if you can disable/not install their own browser extension, usually have other modules and features that interacts with Windows firewall etc. Several AVs also have their own cloud services.
and I'm guessing even Windows Defender does that due to Smar Screen Filter. So really I see only Panda Free and Avast (if you don't install is webshield) which don't affect anything with regards to the internet connection
 
  • Like
Reactions: Sorrento

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,821
and I'm guessing even Windows Defender does that due to Smar Screen Filter. So really I see only Panda Free and Avast (if you don't install is webshield) which don't affect anything with regards to the internet connection
Defender doesn't have any web protection by itself; it relies on Edge's integrated SmartScreen. (There is an optional feature that provides system-wide malicious URL blocking, but it's disabled by default.)

I believe Avira's free offering also doesn't have native web protection and relies on an extension.
 

Spartan

Level 3
Thread author
Verified
Well-known
Apr 15, 2019
110
Defender doesn't have any web protection by itself; it relies on Edge's integrated SmartScreen. (There is an optional feature that provides system-wide malicious URL blocking, but it's disabled by default.)

I believe Avira's free offering also doesn't have native web protection and relies on an extension.
Thanks for the clarification about Windows Defender. With Avast free, during installation, you can select custom then de-select the webshield.

I just tried Kaspersky Free and I was able to turn off web protection and network protection then ignore the warning so it doesn't keep popping up
 

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,658
Thanks for the clarification about Windows Defender. With Avast free, during installation, you can select custom then de-select the webshield.

I just tried Kaspersky Free and I was able to turn off web protection and network protection then ignore the warning so it doesn't keep popping up
Just keep in mind that Kaspersky (also ESET) have many signatures that are tied to their web protection engine only and won't get detected by their file based protection signatures. So if there's a malicious script that the browser run to attempt something malicious, they may not get detected by Kaspersky & ESET when HTTPS scanning is off. Some other AV products which don't have MITMing for HTTPS scanning but have file based signatures for those scripts may detect them on browser cache or some other ways, but Kaspersky and ESET won't. That's because they don't expect you to turn off HTTPS scanning. Their product wasn't designed to be used without it. They separate the file based and web based signatures to improve performance (Kaspersky analyst told me).
Also weirdly, I have seen Kaspersky not detecting some known malicious site and malware CnC server without HTTPS scanning. They were detected on Virustotal and Opentip, but not on their product when HTTPS scanning is off.
Avast and Bitdefender don't have separate signatures for file and web based protection, it seems. I can not guarantee with 100% certainty but haven't been able to find something to prove otherwise. HTTPS scanning can be turned off in Avast without losing too much of the protection, I think. In Bitdefender, disabling "Encrypted web scan" completely disable filtering of HTTPS traffic, so web protection becomes almost useless.
So, only turn off Kaspersky's HTTPS scanning if you are comfortable with losing a certain amount of protection.
Edit: HTTPS scanning can be replaced by Web scanning/Web shield/Web protection, etc. but the reasoning and explanation will remain the same.
 
Last edited:

Kuttz

Level 13
Verified
Top Poster
Well-known
May 9, 2015
625
Just use an Unsupported Browser that will result in web scanning dysfunctional. This was the case with NOD32 last time I played with. I noticed this phenomena while using Brave Browser and NOD32. NOD32 do not officially supported Brave browser back then when I tried. While running various AMTSO Security Features Check Tools, I noticed while running Brave browser, NOD32 fails to detect drive-by downloads, phishing pages etc in real time and only flags the file as malware if I actually download something to the PC and then it get detected by the NOD32s file scanner instead of its web scanning. The advantage with this approach is that you can normally use the AV without disabling any of its features. Not sure if this works with other Anti Virus products.
 

Spartan

Level 3
Thread author
Verified
Well-known
Apr 15, 2019
110
Just keep in mind that Kaspersky (also ESET) have many signatures that are tied to their web protection engine only and won't get detected by their file based protection signatures. So if there's a malicious script that the browser run to attempt something malicious, they may not get detected by Kaspersky & ESET when HTTPS scanning is off. Some other AV products which don't have MITMing for HTTPS scanning but have file based signatures for those scripts may detect them on browser cache or some other ways, but Kaspersky and ESET won't. That's because they don't expect you to turn off HTTPS scanning. Their product wasn't designed to be used without it. They separate the file based and web based signatures to improve performance (Kaspersky analyst told me).
Also weirdly, I have seen Kaspersky not detecting some known malicious site and malware CnC server without HTTPS scanning. They were detected on Virustotal and Opentip, but not on their product when HTTPS scanning is off.
Avast and Bitdefender don't have separate signatures for file and web based protection, it seems. I can not guarantee with 100% certainty but haven't been able to find something to prove otherwise. HTTPS scanning can be turned off in Avast without losing too much of the protection, I think. In Bitdefender, disabling "Encrypted web scan" completely disable filtering of HTTPS traffic, so web protection becomes almost useless.
So, only turn off Kaspersky's HTTPS scanning if you are comfortable with losing a certain amount of protection.
Right, the reason for this thread to be honest is because I upload a lot of files and when I have ESET installed, upload speed takes a significant hit and takes ages compared to when I have Avast or F-Secure installed or no AV. I hate how if I disable HTTP Scanning in ESET the whole icon turns orange as if something is wrong with the system messing with my OCD.
I might just install Kaspersky Free or F-Secure Antivirus which I have a license for valid until 2027 (luckily extended my license before they announce that they will only be selling the full suite with the Firewall from now on)
 

Scirious

Level 2
Feb 22, 2022
91
Right, the reason for this thread to be honest is because I upload a lot of files and when I have ESET installed, upload speed takes a significant hit and takes ages compared to when I have Avast or F-Secure installed or no AV. I hate how if I disable HTTP Scanning in ESET the whole icon turns orange as if something is wrong with the system messing with my OCD.
I might just install Kaspersky Free or F-Secure Antivirus which I have a license for valid until 2027 (luckily extended my license before they announce that they will only be selling the full suite with the Firewall from now on)

There is no firewall in F-Secure. They use Windows Firewall.
 

a090

Level 2
Mar 26, 2023
67
There is no firewall in F-Secure. They use Windows Firewall.

Can confirm @Spartan. As a recent convert to F-Secure from Defender (and ESET before that), the following is true:

  1. The new F-Secure Internet Security (successor to F-Secure SAFE) has no firewall component. Supposedly it adds rules to the Windows Firewall to make it more resilent to attack and/or shutdown. But I can’t confirm that. @Shadowra will likely know the answer to this. I use Windows Firewall Control (WFC) and killed all the previous Windows Firewall rules so if F-Secure added any, I didn’t see them. All connections on my system have to ask permission manually to connect due to WFC. And yes, both F-Secure and WFC work amazingly well together. Big thanks to @piquiteco for helping set it up for me and answering all of my niche and out of the ordinary questions.
  2. F-Secure Total also does not include a firewall. The difference between Total and Internet Security mentioned above is Total bundles the F-Secure VPN and the Password Manager into Internet Security’s interface, and calls the whole thing Total. But no firewall.
  3. F-Secure does not install a root certificate for MITM your browser connections for HTTPS scanning. The way F-Secure checks HTTPS connections is via the browser extension. If you don’t want it, you can disable it. The only downside is you lose browsing protection as a whole (phishing / malware pages likely won’t be blocked) but the malware itself, should you encounter any, will be blocked by F-Secure’s active protection once you try to download it.
 

Spartan

Level 3
Thread author
Verified
Well-known
Apr 15, 2019
110
Can confirm @Spartan. As a recent convert to F-Secure from Defender (and ESET before that), the following is true:

  1. The new F-Secure Internet Security (successor to F-Secure SAFE) has no firewall component. Supposedly it adds rules to the Windows Firewall to make it more resilent to attack and/or shutdown. But I can’t confirm that. @Shadowra will likely know the answer to this. I use Windows Firewall Control (WFC) and killed all the previous Windows Firewall rules so if F-Secure added any, I didn’t see them. All connections on my system have to ask permission manually to connect due to WFC. And yes, both F-Secure and WFC work amazingly well together. Big thanks to @piquiteco for helping set it up for me and answering all of my niche and out of the ordinary questions.
  2. F-Secure Total also does not include a firewall. The difference between Total and Internet Security mentioned above is Total bundles the F-Secure VPN and the Password Manager into Internet Security’s interface, and calls the whole thing Total. But no firewall.
  3. F-Secure does not install a root certificate for MITM your browser connections for HTTPS scanning. The way F-Secure checks HTTPS connections is via the browser extension. If you don’t want it, you can disable it. The only downside is you lose browsing protection as a whole (phishing / malware pages likely won’t be blocked) but the malware itself, should you encounter any, will be blocked by F-Secure’s active protection once you try to download it.
Well that's good news, I actually have a 3 year license for F-Secure AntiVirus only
 
  • Like
Reactions: Sorrento and a090

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top