SMC.EXE (Sygate) tried to modify an existing driver/service vsdatant and create a global GetMessage hook. Is it ok to allow these or do I need to dig out a rootkit trojan. Does Nortons AV 2005 have vsdatant in its programming because vsdatant belongs to zone alarm firewall. I tried to find vadatant and came up empty. It seems to be in stealth mode. If it is a trojan then somebody has found a way to use it to bypass other firewalls. I only know of two worms that use vsdatant and they have not been detected on this machine. Thank You for your past support and I still think that your products are the best. They have the extras that nobody else has. Now if you could fit all those extras into one UI you would have an application that would blow everbody else out of the water.
Hi, As a general rule, any trusted application (SMC.EXE in this case) should be allowed to install or modify its driver. Your situation sounds very strange, however it could be that Sygate is checking for other filewalls to prevent conflicts. A general rule for this instance would be that if you downloaded the software from a TRUSTED source (the developer homepage) then you should allow it. Have you used ZoneAlarm before ? that might explain it. You could email Sygate support and see if they can explain..
i wouldn't worry about smc.exe if it is a legitimate sygate file, and would give it whatever priviledges it needs.. i don't know about "vsdatant".. when you are using "windows'" "search", be sure to set the settings in "search" to search for hidden files..
Thanks guys and no I did not install ZAlarm. Is Zalarm the only FW that uses the vsdatant driver. I cant seem to locate the file anywhere. I searched the hidden files & folders and came up empty handed. Does this mean I might have a new trojan that is exploiting other firewalls with that vsdatant file.
