Sygate also has a flaw (localhost loopback) in that it can't detect what is using a localhost proxy, it only detects the proxy, so you give permission to the proxy e.g. web shield or internet mail local proxy, by default anything that uses the proxy will slip right past without challenge. Not to mention it is no longer being developed.
How to disable transparent web shield proxy and allow only those browsers you want use it:
In avast! go to Web Shield provider, Customize..., Basic tab, blank the redirected HTTP port field (remove the 80). Now no browser can use web shield unless you manually configure it to use Web Shield.
The web shield also has an approved programs/browsers list (not available for inspection to users), this should reduce the possibility of an unauthorised program being able to use the proxy but not impossible.
However, none of that will stop something like a trojan spambot using the internet mail proxy unchallenged by Sygate.
Yes Jetico Personal is freeware
http://www.jetico.com/jpfirewall.htm