I have been testing out the Sygate Personal Firewall 5.6 today and I have a question about one thing found in a report.

In the Sygate Security Log is this message:
Application Hijacking has been detected
The application: C:\Program Files\Alwil Software\Avast4\ashServ.exe try to launch another application: C:\Program Files\Alwil Software\Avast4\Setup\avast.setup to go to remote host download2.avast.com

Is http://download2.avast.com/ legit? I thought the Avast site is http://www.avast.com/

a61

download2 is just one of the servers used by Avast to get updates from. (as you can see in servers.def)

OK, Thanks Eddy
a61

PS: I see 14 of them buggers in the list!

You can find the valid set of download avast servers in the servers.def file in avast4\Setup directory

Pavel

a61
That’s a pretty scary message from Sygate. What do they use when there’s a real problem???

I don’t know about scary, but it made me wonder

Before I had SP2 I was using Outpost and loved it. Since the free version doesn’t work with SP2 I’ve been just using the router and the XP firewall. I guess ZA free doesn’t work with avast, or at least people are having problems with it, so I decided to try the Sygate Personal Firewall. So far it’s pretty good, just have to spend some time with the help files to learn more. I took it for a spin at the different scanning sites and it passes, but then I have to figure the router is on to.

a61

a61:

I guess ZA free doesn't work with avast, or at least people are having problems with it

From the post I have read in the Avast forum there is a problem with ZA and Avast. Maybe the Pro version is ok.

a61

a61
If what you have is working for you, keep it but, don’t believe everything you read in the funny papers. ;D ;D

I was trying to find the post made by VLK where he said there seems to be a problem with Avast and ZA and they would be checking on it , or someting on that order. I don’t remember when I read it.

I have used ZA about 3 years ago and had problems with it…but that was 3 years ago so it doesn’t mean much. I know ZA is recommended by many people, but I really did like Outpost the best of all the ones I tried, but the free version just doesn’t work with SP2. So now I’m just trying Sygate out to see if it’s going to work for me without causing problems (I’m still leary of ZA). So far it seems simple to setup and use. If it causes my problems then it’s gonna go bye bye ;D

a61

Odd, I never saw sygate telling me that they’ve upgraded to version 5.6

Running ZA and Avast for years on one of my systems, no problem at all.

Sygate gives the Application Hijacking message whenever an application is launched by another application without the direct request of the user (if the launches application tries to access the net). In almost every circumstance there is a legitimate reason for the situation as in this case, but I’d rather put up with these false warning messages than miss a real security risk.

a61
The only problem With ZA occurred when they first
came out with V5.0. But that was resolved and there’s
never been a problem since.

But it’s still hugest system hog of all software firewalls… like Norton is in antivirus world

ZA (pro) is not slowing down anything at all on my system. In the past I have tried Kerio and Outpost on the same system with the same things installed/running. No difference in speed at all. Not noticibly nor measured.

Sorry Sasha
I have to disagree with you on that statement.
Just take a look:

But Bob, I still don’t believe that’s the only one service ran by ZoneAlarm in your task manager. There must be few others in there. I’ve heard some vsmon.exe process is taking up a whopping 90% of processor usage sometime, and that process comes from ZoneAlarm, not from some other firewall…

Only zapro.exe and vsmon.exe running with my version of ZA. Both 0% cpu usage with vsmon.exe some times going to 2% when there is much traffic.

zapro.exe 3372Kb
vsmon.exe 5916Kb

Well, let’s count:

• 3916 Kb by zlclient.exe
• 3372 Kb by zapro.exe
• 5916 Kb by vsmon.exe

Total: 13204 Kb

Much more than initial 3916 by zlclient.exe that Bob mentioned…