WinGate Forums

[dlcole]

Hi,

I have an apparent conflict between Windows Defender (Beta 2) version 1051 from Microsoft and Wingate Client v6.1.1

When you first install it's alright, but after a automatic scan is run by Windows Defender you can no longer access the Internet. The only way I've found to fix the problem is to uninstall Defender and Wingate reboot and install Wingate first then Defender. This seems to work on most machines but on a few it happens again when Defender does its next scan.

It seems like Defender thinks that Wingate is Adware and blocks it from accessing the Internet.

Any ideas would be appreciated.

Thanks,

Dave

[Pascal]

Thanks for bringing that to our attention David. I'm not experienced with Defender, but can you add custom rules to it / view it's rules to override that behavior? (Will give it a shot in the Lab, was just wondering if you knew offhand)

[dlcole]

I haven't been able to find anything. What's strange is it's not happening on every machine.

Thanks,

Thanks for bringing that to our attention David. I'm not experienced with Defender, but can you add custom rules to it / view it's rules to override that behavior? (Will give it a shot in the Lab, was just wondering if you knew offhand)

[tomm]

Hi Dave,

I attempted to reproduce your problem and was unable to. Just to clarify, it is the WGIC (internet client) that is being blocked, correct? The machine I tested on was running XP service pack 2, and had both the WGIC (6.1.1) and Defender (1051). Even after repeated scans and auto-scans I found the client was still able to connect to the WG server and access the internet.

If you could give us as much configuration information (hardware and software) as possible about the client machines that experience this problem that would be great.

Another thing, I found that Defender was unable to download its latest virus files after I installed it yesterday, so I continued with the out-of-the-box virus files only. Is this the case with your setup?

cheers

T

[dlcole]

Your assumuptions about the software versions and that WGIC is being blocked are correct. I haven't had any problem downloading the update files, but I don't think that's the problem. I'm having this happen on 5 out of 50 machines and many of the machines are identical hardware configuration (some of these experience the problem, others don't).

All 5 machines with the problem plus all of those that had it and were cleared up with a reinstall had originally had Microsoft AntiSpyWare (the previous version of Defender) and were upgraded. But not all of the machines that had AntiSpyWare installed experienced the problem. I don't know if that has anything to do with it or not.

One thing I found today is that Defender has the ability to be configured not to scan certain folders or files, I don't know if this will help or not. I looked for a log file of files installed with WGIC but couldn't find one. I'm going to install WGIC on a new machine and get a list of files and enter that into Defenders do not scan list.

I'll let you know the results.

Hi Dave,

I attempted to reproduce your problem and was unable to. Just to clarify, it is the WGIC (internet client) that is being blocked, correct? The machine I tested on was running XP service pack 2, and had both the WGIC (6.1.1) and Defender (1051). Even after repeated scans and auto-scans I found the client was still able to connect to the WG server and access the internet.

If you could give us as much configuration information (hardware and software) as possible about the client machines that experience this problem that would be great.

Another thing, I found that Defender was unable to download its latest virus files after I installed it yesterday, so I continued with the out-of-the-box virus files only. Is this the case with your setup?

cheers

T

[dlcole]

Addendum to message below, not sure why no other files were shown as created when I installed Wingat, but did find the list of files in the readme file and I'm going to try and block scanning of wglsp.dll and see what happens. Will update with results.

Tried blocking the scan of the following files:

inetwh32.dll
roboex32.dll
wgsrvins.dll

That's the only three that were created when I installed WGIC. This did not change the results. Will be trying some additional items, but I noticed that it doesn't happen when I scan it manually, just when the automatic scan runs, not sure if that has anything to do with it or not. I'm going to try and find a machine I can use as a test machine and see what I can find out.

Your assumuptions about the software versions and that WGIC is being blocked are correct. I haven't had any problem downloading the update files, but I don't think that's the problem. I'm having this happen on 5 out of 50 machines and many of the machines are identical hardware configuration (some of these experience the problem, others don't).

All 5 machines with the problem plus all of those that had it and were cleared up with a reinstall had originally had Microsoft AntiSpyWare (the previous version of Defender) and were upgraded. But not all of the machines that had AntiSpyWare installed experienced the problem. I don't know if that has anything to do with it or not.

One thing I found today is that Defender has the ability to be configured not to scan certain folders or files, I don't know if this will help or not. I looked for a log file of files installed with WGIC but couldn't find one. I'm going to install WGIC on a new machine and get a list of files and enter that into Defenders do not scan list.

I'll let you know the results.

Hi Dave,

I attempted to reproduce your problem and was unable to. Just to clarify, it is the WGIC (internet client) that is being blocked, correct? The machine I tested on was running XP service pack 2, and had both the WGIC (6.1.1) and Defender (1051). Even after repeated scans and auto-scans I found the client was still able to connect to the WG server and access the internet.

If you could give us as much configuration information (hardware and software) as possible about the client machines that experience this problem that would be great.

Another thing, I found that Defender was unable to download its latest virus files after I installed it yesterday, so I continued with the out-of-the-box virus files only. Is this the case with your setup?

cheers

T

[tomm]

Hi Dave,

Thanks for that info. I'll try to repro the problem in our labs with it.

Also, in addition to the files you listed here are the other ones that are installed with the WGIC. You might want to allow these ones for your test :-

* WGLSP.DLL (The WinGate Internet Client Layered Service Provider DLL)
* WGClient.CPL (The WinGate Internet Client Control Panel Applet)
* Sporder.dll (Utility DLL)
* WGDM.EXE (The WinGate Dialup Monitor)
* wgclins.DLL (Utility DLL - in System directory)
* WGRC.EXE (uninstallation utility)
* WGICToggle.exe (used to enable and disable the internet client)

cheers

T

[jrscs]

I've got a similar problem with Defender. After a while the Wingate Client will not launch to authenticate the user. The wingate server can still see the client machine, but without authenticating the client is dead. If I try to reinstall the Wingate client the install stops on the install query screen looking for the network.

If I uninstall Defender then everything is back to normal and works.

[dlcole]

I'm running a test with the latest version of Defender, so far it seems to be working. I'm not sure however, since it has sometimes been a week before the problem appeared.

Dave

I've got a similar problem with Defender. After a while the Wingate Client will not launch to authenticate the user. The wingate server can still see the client machine, but without authenticating the client is dead. If I try to reinstall the Wingate client the install stops on the install query screen looking for the network.

If I uninstall Defender then everything is back to normal and works.