Disabling HTTPS scanning programmatically

Discussion in 'ESET NOD32 Antivirus' started by ilcontepedro, Oct 10, 2010.

Thread Status:
Not open for further replies.
  1. ilcontepedro

    ilcontepedro Registered Member

    Oct 10, 2010

    we are developing a parental control software.

    We are encountering a problem with NOD32's HTTPS scanning, since NOD32 redirects all connections, HTTP and HTTPS to port 30606.

    Since we need to redirect TCP connections too, to our local proxy, and we can't deal with HTTPS connections, we would like to be able to disable NOD32's HTTPS scanning programmatically.

    We found that this registry key SOFTWARE\\ESET\\ESET Security\\CurrentVersion\\Plugins\\01000200\\Profiles\\@My profile\\HttpsScanMode should be put to 0, to disable HTTPS scanning, but of course the registry key is locked by ekrn.exe

    Is there a way to disable NOD32's HTTPS scanning programmatically, since I guess that stopping ekrn.exe is not an option...?
    Of course, if there is a legit way to stop ekrn.exe programmatically (letting the user know that NOD32 has been stopped temporarily), then change the registry key, that would be an option.

  2. Marcos

    Marcos Eset Staff Account

    Nov 22, 2002
    It is not possible. Self-defense protects the ESET registry keys from being tampered with malware or basically any 3rd party application.
    Since SSL checking is disabled by default, are you positive that it's actually SSL scanning that causes the problem?
  3. kerykeion

    kerykeion Registered Member

    Jun 30, 2010
  4. vtol

    vtol Registered Member

    Apr 8, 2010
    just around the next corner
    would be curious to know whether your https scanner works with Firefox or not, as NOD does not. also, if you are developing something like NetNanny you might be interested in the development of the Chromium 7 browser branch http://codereview.chromium.org/3723001, which will render https scanning obsolete in the future, at least for the https scanners models of NOD and NetNanny - seems they must have a similar approach.

    that is going to be interesting for the kids to know how to circumvent just by using https proxies
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.