application hijacking

I'm using windows XP SP2. I run sygate personal edition for my desktop firewall. It seems that every time I run a new executable, this executable tries to connect somewhere. It doesn't matter what the executable is - even if it is not network related.

When I say "no" to the firewall prompt for allowing connections, then sometimes the firewall says "application hijacking detected". Has anyone come across this problem?

I'd like to learn more about it because it means that my existing internet apps like my web browser are being used by this worm or whatever it is.

I'm also running ClamWin antivirus.

 

Hi spasmoid

This can be absolutly normal...

The firewall doesn't know if the program will connect or not to Internet and it checked for the signature of this executable (a way to identify it...)

Some programs do not connect to Internet but are used to launch other programs connecting to Internet like Windows Explorer.

and so on...

Give us some examples... Which program ?

Worms and other threats like this are detected by a specific program: an anti-virus...

That's the problem... There's no resident protection (On Access) with ClamAV under Windows... (only "On Demand"...)

Check this post:
https://www.wilderssecurity.com/showthread.php?t=180128

Check this AV FAQ:
http://www.claymania.com/anti-virus.html

 

Did you resolve the issue? I've started having a similar problem. I'm running NOD32, BOClean and Online Armour.