Jump to content

SSL scanning conflicts with Adguard


Recommended Posts

Hello, I am having problems accessing some sites, e.g. microsoft.com, probably due to a conflict with my Adguard client which filters HTTPS/SSL also. I know it's Adguard because the sites work when I disconnect it. It doesn't affect most sites though.  I've tried adding the Adguard CA certificate to ESET, and my browser. Doesn't help. It's already in the Windows store. Reinstalled it just for good measure. I'm trying to avoid having to disable ESET's protocol filtering for the browser, but that's what I'll have to do if I can't resolve it. Adguard being able to filter the ads and trackers out of the HTTPS traffic is more important to me than having antivirus scanning on it. Any help would be appreciated.

Link to comment
Share on other sites

I'm using Waterfox which is based on Gecko 91. There is no error message actually, just a blank page. No error in the console or anything. It's working at the moment, I think because I set ESET to ignore Github and Microsoft's certificates. So those sites aren't protected I guess.

Or it may be that Waterfox isn't a "known browser" so ESET didn't add the root certificate automatically, and I may have needed to reboot after I added it myself. That's probably it, because I just turned scanning back on for the Microsoft certificate and it is still working. 

I honestly don't really know the point of SSL filtering anyway...makes sense for content blocking, but for an anti-virus the real-time scanner should be picking up everything being accessed anyway, regardless of where it came from. Plus Firefox already comes safe browsing blocklists from Google and Mozilla.

Link to comment
Share on other sites

  • Administrators
2 hours ago, j_mo said:

I honestly don't really know the point of SSL filtering anyway...makes sense for content blocking, but for an anti-virus the real-time scanner should be picking up everything being accessed anyway, regardless of where it came from. Plus Firefox already comes safe browsing blocklists from Google and Mozilla.

There used to be issues installing AdGuard alongside with ESET, e.g. https://forum.eset.com/topic/25171-running-adguard-with-eset-internet-security/

Also it is not true that real-time protection can detect 100% of threats that would be otherwise detected by Web access protection:
1, Real-time protection doesn't scan inside of archives
2, Web access protection uses stronger sensitivity. For instance, it can detect javascript malware on websites before a browser saves it to the cache which can be too late to prevent execution.

Link to comment
Share on other sites

The problem is the installed version of Adguard by default uses the Windows Filtering Platform to filter SSL network traffic. Eset also uses the Windows Filtering Platform to filter SSL network traffic. This will cause a conflict in the browser.

You need to disable Adguard's use of the Windows Filtering Platform as shown in the article: https://kb.adguard.com/en/windows/solving-problems/wfp-driver . Note: Adguard will still filter SSL network traffic but it will do so using a network adapter mini-port filter driver thereby eliminating the  Windows Filtering Platform conflict.

Edited by itman
Link to comment
Share on other sites

18 hours ago, itman said:

The problem is the installed version of Adguard by default uses the Windows Filtering Platform to filter SSL network traffic. Eset also uses the Windows Filtering Platform to filter SSL network traffic. This will cause a conflict in the browser.

So is this caused by low end hardware? 

As the two seem to run together fine for me. I would have thought it would just cause pages to load a lot slower if there was a conflict. But on lower end hardware the processes might time out and just result in pages not loading.

Link to comment
Share on other sites

4 hours ago, TheStill said:

So is this caused by low end hardware? 

I would think it is a process conflict issue akin to running two AV real-time products at the same time.

Link to comment
Share on other sites

  • ESET Insiders
5 hours ago, TheStill said:

So is this caused by low end hardware? 

As the two seem to run together fine for me. I would have thought it would just cause pages to load a lot slower if there was a conflict. But on lower end hardware the processes might time out and just result in pages not loading.

I doubt it. I'm using an old AMD A6 from 2011 and I don't have any issues with ssl scanning. Video playback with ssl scanning and even parental control scanning enabled is still smooth. Normal non video web browsing is also not affected, pages load fin,e just as they do with ssl scanning disabled. 

Edited by NewbyUser
Link to comment
Share on other sites

MalwareBytes has an article that elaborates on what happens when two security apps try to use WFP at the same time:

Quote

When Web Protection and a third-party application that uses the Windows Filtering Platform (WFP) are enabled on your device, the following issues may occur:

  • blue screen of death (BSoD)
  • loss of Internet
  • loss of the third-party application's functions

These issues occur because both applications are using the WFP. You must either disable your third-party application or the Web Protection feature.

https://support.malwarebytes.com/hc/en-us/articles/360051090194-Issues-running-other-security-applications-and-Malwarebytes-for-Windows

Edited by itman
Link to comment
Share on other sites

  • ESET Insiders
1 hour ago, itman said:

MalwareBytes has an article that elaborates on what happens when two security apps try to use WFP at the same time:

https://support.malwarebytes.com/hc/en-us/articles/360051090194-Issues-running-other-security-applications-and-Malwarebytes-for-Windows

Interestingly Eset isn't mentioned as a product causing conflicts. Which is my experience as well, it causes no problems for me, where as Emsisoft causes stuttering videoes and page load issues. 

Link to comment
Share on other sites

I don't seem to be having any more issues now. I added the entire ESET directory to the advanced settings of Adguard so all the programs in that path are excluded entirely from Adguard's BFE filters. I also took the Adguard service off of ESET's SSL/TLS filtering list, and set ESET to ignore Adguard's certificate.

I did not need to revert to the legacy drivers but I will do that if I encounter any more issues.

Link to comment
Share on other sites

On 12/21/2021 at 3:22 PM, itman said:

I would think it is a process conflict issue akin to running two AV real-time products at the same time.

Adguard has no antivirus function. It's not even a firewall really. Just adblocking, some cookie/script modification and a local DNS resolver. It has a 'Browser Security' module but I have never had it do anything. Just malware blocklists akin to what is already in the browser I think.

I have always had less issues with networking applications that utilize the BFE as opposed to those with their own drivers. A major reason for its existence is to increase compatibility and prevent driver conflicts. Some of those third-party driver firewalls are a nightmare on Windows 10/11.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...