vsdatant

Discussion in 'ProcessGuard' started by Tracccker178, Oct 14, 2005.

Thread Status:
Not open for further replies.
  1. Tracccker178

    Tracccker178 Registered Member

    Joined:
    May 16, 2005
    Posts:
    34
    SMC.EXE (Sygate) tried to modify an existing driver/service vsdatant and
    create a global GetMessage hook. Is it ok to allow these or do I need to
    dig out a rootkit trojan. Does Nortons AV 2005 have vsdatant in its
    programming because vsdatant belongs to zone alarm firewall. I tried to find
    vadatant and came up empty. It seems to be in stealth mode. If it is a trojan then somebody has found a way to use it to bypass other firewalls. I only
    know of two worms that use vsdatant and they have not been detected on
    this machine.o_O Thank You for your past support and I still think that
    your products are the best. They have the extras that nobody else has.
    Now if you could fit all those extras into one UI you would have an application
    that would blow everbody else out of the water.:eek:
     
  2. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Hi,

    As a general rule, any trusted application (SMC.EXE in this case) should be allowed to install or modify its driver. Your situation sounds very strange, however it could be that Sygate is checking for other filewalls to prevent conflicts.

    A general rule for this instance would be that if you downloaded the software from a TRUSTED source (the developer homepage) then you should allow it.

    Have you used ZoneAlarm before ? that might explain it. You could email Sygate support and see if they can explain..
     
  3. redwolfe_98

    redwolfe_98 Registered Member

    Joined:
    Feb 14, 2002
    Posts:
    581
    Location:
    South Carolina, USA
    i wouldn't worry about smc.exe if it is a legitimate sygate file, and would give it whatever priviledges it needs..

    i don't know about "vsdatant".. when you are using "windows'" "search", be sure to set the settings in "search" to search for hidden files..
     
  4. beetlejuice69

    beetlejuice69 Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    780
    vsdatant is a file used by ZAlarm in the Win Sys 32 folder.
     
  5. Tracccker178

    Tracccker178 Registered Member

    Joined:
    May 16, 2005
    Posts:
    34
    Thanks guys and no I did not install ZAlarm. Is Zalarm the only FW that
    uses the vsdatant driver. I cant seem to locate the file anywhere. I searched
    the hidden files & folders and came up empty handed. Does this mean I might
    have a new trojan that is exploiting other firewalls with that vsdatant file.
     
Thread Status:
Not open for further replies.