I'm having a problem with PG and Sygate firewall, ever since I installed PG, every time I run an application that connects to the internet Sygate thinks it has changed and pops up asking me if I want to allow it - but it has no details about the process, the details box is blank...
Hi jp10558, Have you got Sygate's main .exe on your protection list? If so you may have to give it the "Read from protected application" allow. Hopefully another Sygate user can describe their PG settings to help you. Pilli
I went in and checked all the boxes for smc.exe and now it seems to work. Oddly, read from protected applications was already checked.
Although, i just got the same error for explorer.exe. And the logs no longer work in Sygate...?? They freeze on trying to update.. The log viewer keeps saying it is currently being updated, but the progress never continues and nothing shows up... Process explorer from sysinternals doesn't show smc.exe opening up a usermode process for either the firewall config screen, which seems to work ok, or the log viewer which isn't.
Also, in the display of programs, most of the program's icons have been replaced by the blank window icon that windows defaults too. I don't know what is causing this, but process explorer seems to be breaking more than it might be fixing here.
Proces Explorer needs to be on the process list and given the Allow driver /service install flag to work properly. I am wondering if Sygate uses more than one .exe to accomplish it's logging task and that this may need adding to the protection list. Pilli
Jp10558, Are you using Process Guard's Secure Message Handling (SMH) feature? This does modify processes it is applied to (adding procguard.dll to them) so may be detected as a process modification - try disabling it if you are using it.
Good point P2K, In fact I remember that Sygate does not need Secure Message Handling as it is already well protected, as Is ZA as closing the GUI does not in fact stop the firewall service. In addition using a program's Pass Phrase function will also greatly enhance the program's ability to stop hijacking attempts. Pilli