PG and Sygate

Discussion in 'ProcessGuard' started by jp10558, Jan 19, 2005.

Thread Status:
Not open for further replies.
  1. jp10558

    jp10558 Guest

    I'm having a problem with PG and Sygate firewall, ever since I installed PG, every time I run an application that connects to the internet Sygate thinks it has changed and pops up asking me if I want to allow it - but it has no details about the process, the details box is blank...
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi jp10558, Have you got Sygate's main .exe on your protection list?
    If so you may have to give it the "Read from protected application" allow.
    Hopefully another Sygate user can describe their PG settings to help you. :)

    Pilli
     
  3. jp10558

    jp10558 Guest

    I went in and checked all the boxes for smc.exe and now it seems to work. Oddly, read from protected applications was already checked.
     
  4. jp10558

    jp10558 Guest

    Although, i just got the same error for explorer.exe. And the logs no longer work in Sygate...?? They freeze on trying to update.. The log viewer keeps saying it is currently being updated, but the progress never continues and nothing shows up...

    Process explorer from sysinternals doesn't show smc.exe opening up a usermode process for either the firewall config screen, which seems to work ok, or the log viewer which isn't.
     
  5. jp10558

    jp10558 Guest

    Also, in the display of programs, most of the program's icons have been replaced by the blank window icon that windows defaults too.

    I don't know what is causing this, but process explorer seems to be breaking more than it might be fixing here.
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Proces Explorer needs to be on the process list and given the Allow driver /service install flag to work properly.
    I am wondering if Sygate uses more than one .exe to accomplish it's logging task and that this may need adding to the protection list.

    Pilli
     
  7. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Jp10558,

    Are you using Process Guard's Secure Message Handling (SMH) feature? This does modify processes it is applied to (adding procguard.dll to them) so may be detected as a process modification - try disabling it if you are using it.
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Good point P2K, In fact I remember that Sygate does not need Secure Message Handling as it is already well protected, as Is ZA as closing the GUI does not in fact stop the firewall service.
    In addition using a program's Pass Phrase function will also greatly enhance the program's ability to stop hijacking attempts.

    Pilli
     
Thread Status:
Not open for further replies.