Question About Sygate Personal Firewall

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Important Announcement: We have two terrific contests running on the site that I wanted all our members and guests to know about.

The first contest is the HP Magic Giveaway, which is underway as of November 28th. More information can be found at this topic, which will be updated very soon with further information.

The second contests, is for the chance to win two Seagate FreeAgent external hard drives. More information about this contest can be found here.

These are both amazing contests and I suggest everyone submit an entry for them.

- BleepingComputer Management

BleepingComputer.com > Security > AntiVirus, Firewall and Privacy Products and Protection Methods

Question About Sygate Personal Firewall

Options

sommaw View Member Profile	Mar 29 2008, 04:38 AM Post #1
Member Group: Members Posts: 16 Joined: 29-March 08 Member No.: 199,541	Hello. I just dl Sygate personal firewall, as recommended by this site. Problem is, I'm not too computer savvy (to say the least) so when it asks about whether or not to allow some programs to access the Internet, I don't know whether to allow or refuse. For example filename m.exe. At risk of sounding like a computer bimbo, how the heck do I know what to allow?? So far I've only been allowing things I know (firefox, avast, etc.). Any suggestions? Thanks =) -------------------- "Where's the any key???" -Homer Simpson ;)

david28 View Member Profile	Mar 29 2008, 04:52 AM Post #2
Forum Member Group: Banned Posts: 1,614 Joined: 20-September 07 Member No.: 157,913	Usually the firewall pop-up will say weather it is legit (not all the time though, most times it will say unknown) One way to tell if it is legit it to look where the file is located and see if it is part of a program that is legit. Another way is to use Google or CastleCops. (Since you said your not too computer savy, CastleCops may be a bit to complicated for you so Google is your best shot . Do you have any other security programs installed and do those programs have real-time protection enabled? Regards, David. This post has been edited by david28: Mar 29 2008, 04:56 AM

Teenage.Zombiee View Member Profile	Mar 29 2008, 04:54 AM Post #3
Distinguished Member Group: Members Posts: 811 Joined: 25-October 07 From: Sydney, AUSTRALIA :] Member No.: 165,216	When I don't know what something is when my firewall pops up and asks me what action to take, I google it. -------------------- "People die of disease and accident. Death comes suddenly and there is no notion of good or bad. It leaves, not a dramatic feeling but great emptiness. When you lose someone you loved very much you feel this big empty space and think, 'If I had known this was coming I would have done things differently.' These are the feelings I wanted to arouse in the players with Aerith's death relatively early in the game. Feelings of reality and not Hollywood." - Yoshinori Kitase

sommaw View Member Profile	Mar 29 2008, 05:01 AM Post #4
Member Group: Members Posts: 16 Joined: 29-March 08 Member No.: 199,541	Thanks for the replies. I have Avast with real time protection. I tried googling, but nothing helpful came up. It seems the main apps trying to access the net are: C:\WINDOWS\system32\m.exe C:\WINDOWS\system32\DRIVERS\ndisuio.sys C:\WINDOWS\system32\ntoskrnl.exe Btw, I'm super paranoid cuz I have a virus and my computer has been giving me all sorts of grief lately =/ -------------------- "Where's the any key???" -Homer Simpson ;)

Teenage.Zombiee View Member Profile	Mar 29 2008, 05:05 AM Post #5
Distinguished Member Group: Members Posts: 811 Joined: 25-October 07 From: Sydney, AUSTRALIA :] Member No.: 165,216	C:\WINDOWS\system32\ntoskrnl.exe is a critical process in the boot up cycle but I have no idea why the heck it would want internet access C:\WINDOWS\system32\m.exe is a torjan file (from the google research I did) C:\WINDOWS\system32\DRIVERS\ndisuio.sys, a very mysterious system file is present in Windows XP and is a driver for wireless things such as wi-fi and bluetooth. ARe you by any chance infected with a downloader? -------------------- "People die of disease and accident. Death comes suddenly and there is no notion of good or bad. It leaves, not a dramatic feeling but great emptiness. When you lose someone you loved very much you feel this big empty space and think, 'If I had known this was coming I would have done things differently.' These are the feelings I wanted to arouse in the players with Aerith's death relatively early in the game. Feelings of reality and not Hollywood." - Yoshinori Kitase

sommaw View Member Profile	Mar 29 2008, 05:09 AM Post #6
Member Group: Members Posts: 16 Joined: 29-March 08 Member No.: 199,541	Thanks. I have no clue what I'm infected with. i uploaded my HJthis log on the site, so hopefully I'll find out soon. =P -------------------- "Where's the any key???" -Homer Simpson ;)

Teenage.Zombiee View Member Profile	Mar 29 2008, 05:11 AM Post #7
Distinguished Member Group: Members Posts: 811 Joined: 25-October 07 From: Sydney, AUSTRALIA :] Member No.: 165,216	Well from what I've found m.exe is part of a downloader so I woud NOT let it access the internet. However, I wish you luck with your virus removal as I myself am having what could be virus issues. -------------------- "People die of disease and accident. Death comes suddenly and there is no notion of good or bad. It leaves, not a dramatic feeling but great emptiness. When you lose someone you loved very much you feel this big empty space and think, 'If I had known this was coming I would have done things differently.' These are the feelings I wanted to arouse in the players with Aerith's death relatively early in the game. Feelings of reality and not Hollywood." - Yoshinori Kitase

sommaw View Member Profile	Mar 29 2008, 05:24 AM Post #8
Member Group: Members Posts: 16 Joined: 29-March 08 Member No.: 199,541	Thanks so much =) I definitely will NOT be allowing m.exe to access the net. good luck with your virus problems. This site is awesome -------------------- "Where's the any key???" -Homer Simpson ;)

jgweed View Member Profile	Mar 29 2008, 08:53 AM Post #9
Forum Addict Group: Global Moderator Posts: 20,640 Joined: 11-April 04 From: Chicago, Il. Member No.: 113	In general, a good rule of the thumb about whether to allow internet access is to ask yourself: 1. Do I know that is requesting access? If you cannot identify the application, then do some research and teach Comodo whether to allow or not. 2. Does it make sense that the application would want access at that time? If you launch a IM , for example, it would need access; but if you did not launch it and it was not already open, then a sudden request would be suspicious. Hope this helps, John -------------------- Whereof one cannot speak, thereof one should be silent.

mommabear View Member Profile	Mar 29 2008, 03:03 PM Post #10
Senior Member Group: Members Posts: 488 Joined: 26-November 06 Member No.: 97,783	Several years ago when I went searching for a firewall, this was the question that was most confusing to me. How do I know when to allow or block something? I literally searched for weeks, installing this firewall and that firewall to read the complete help files. It was all so technical...the talk about ports, packets, TCP, UDP, special rules etc. Finally in Sygate's manual it said, if don't think you did anything (clicked to open a website or do something else online) then say "NO", at least temporarily. That automatically puts that action in "Ask" mode so if it ever comes up again and you realize yes, I did need this after all, you can say 'yes' the next time and tick the "remember this from now on button" Or... if it's something bad and keeps bugging the heck out of you, then you can say "no" and "remember". Sygate won't bother you about that one anymore, either way. It'll just do its job. You can also go in the Applications list and make changes there. And if you've totally forgotten why an application is in the Sygate list, you can always delete it. Sygate will catch it again the next time around (if there is one) so you can figure out what it was. That's particularly helpful if some Windows Services are a bit confusing, or you find yourself unable to do something online you know you should be able to do. This site might help clear up some things about how to use Sygate: http://www.kotiposti.net/string/SPF_eng/SPFGuide.html This post has been edited by mommabear: Mar 29 2008, 03:05 PM

sommaw View Member Profile	Mar 30 2008, 04:58 AM Post #11
Member Group: Members Posts: 16 Joined: 29-March 08 Member No.: 199,541	thank you all for your advice. it's been helpful =) -------------------- "Where's the any key???" -Homer Simpson ;)

« Next Oldest · AntiVirus, Firewall and Privacy Products and Protection Methods · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 2nd December 2008 - 02:12 AM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Malware Removal Guides