Looking for a replacement for pctools (vista)

Discussion in 'other firewalls' started by argus tuft, Apr 5, 2009.

Thread Status:
Not open for further replies.
  1. argus tuft

    argus tuft Registered Member

    Joined:
    Sep 20, 2006
    Posts:
    280
    Location:
    Australia
    Hi all,
    I have been using PCTools fw for a while on my vista (32 bit) box, but recently it has started causing BSoDs when i run certain games, and there is also this somewhat worrying issue raised by Stem:
    who's accompanying thread in the pctools forum has been left to die...

    Anyway, I'm looking for a replacement firewall (free) that can run happily on vista, but that also limits HIPS-like functions to network facing apps and their parent / child programs, ala CPF v2. Does such a program even exist?

    Any recommendations, along with your experiences would be most welcome. :)
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hello,

    First of all. You say that you have recently started getting BSOD, so what as changed to cause that? Have you had updates for your games? I know some games security software can cause some firewalls problems (well, I have seen it reported in the past).

    For the problem with "Explorer", that can be worked around, the only draw back is that you will get a popup for "Explorer" to connect after each re-boot-> when you first connect out, it is just a case to untick the "remember" in the popup windows when you allow.

    As you are using Vista, have you not thought of using the inbuilt firewall?


    - Stem
     
  3. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi argus tuft :)

    The BSOD are being caused by just one setting in the Firewall - Enhanced Security Verification

    ESV .. For Short!

    Have You Tried Turning ESV Off?

    I've got PC Tools Firewall Plus on my Laptop and Desktop Computer ... But with ESV - OFF


    Note!
    Starting Since Version 4 ... PC Tools Firewall Plus .. Now Comes With - Enhanced Security Verification ( ESV )
    ESV .. Is a relatively new feature that PC Tools have added to their Firewall ... But It Has Problems
    :rolleyes:
    Can Cause.. High CPU Spikes, Manic Hard Drive, Freezes, Blue Screens :argh:
    So!
    Even though - PC Tools Firewall Plus .. Is a great little Firewall
    Enhanced Security Verification .. Is Best Left - OFF .. Till they get it right!
    ;)
     
  4. argus tuft

    argus tuft Registered Member

    Joined:
    Sep 20, 2006
    Posts:
    280
    Location:
    Australia
    Hi Stem,
    I honestly can't think of a single thing that changed, one day the game ran fine, the next a BSoD every single time I run it. I suppose that the securerom / punkbuster cr*p may have updated itself, but as the game itself, along with punkbuster A and B are supposedly blocked from connecting, i don't really see how o_O

    I haven't really looked into using the inbuilt Vista firewall, partly as I assumed that it would have hard coded exceptions, such as explorer built in. Looking at the configuration window for it, I must say that it doesn't seem particularly promising at first glance.

    @ Zeena, I already have had ESV disabled for a long time, so sadly the fix isn't that simple :(
     
  5. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi argus tuft,

    With PC tools adding the ESV just so they get better rating on the leak tests has not helped, certainly as the ESV does not work correctly, as it does lock up the system when certain applications start that dont have pre-defined rules.. but it may be direct conflicts with the network drivers.

    I have only just got around to installing Vista, so I have not had time to test any 3rd party firewalls yet on that OS.

    I do remember some mention that the windows system applications in Vista would be allowed direct internet access due to signatures, but I have not yet seen that. Going over to a "block outbound" policy with the default rules will actually give you problems connecting out, as the current rule only allow DHCP, the DNS client and some IGMP and ICMPv6, and there are specific rules to allow those, if you where to remove those rules, then all outbound would be blocked.
    I know the Vista firewall can be off putting as there are no popups to tell you what rues are needed, so if you do not know what rule are needed for an application, then there is a need to enable the firewall logging and check what is blocked and then create rules from that.

    I am in the middle of putting together a guide on setting up the vista firewall which I will be posting here (when time permits to finish it).
    I do not play on-line games, however, if there is an online game with a trial period, I will download and set up on Vista to see what rules are needed, and add the setup/rules needed to the guide.

    - Stem
     
  6. Zeena

    Zeena Registered Member

    Joined:
    Apr 25, 2008
    Posts:
    409
    Location:
    UK
    Hi argus tuft :)

    I'm Probably Wrong! :doubt:
    But please just check your PC Tools Firewall Plus ... To make sure ESV hasn't been automatically turned back ON.

    The Reason I Say This...
    About 3 months ago - There was an update to PC Tools Firewall Plus
    After that update...
    I noticed that my ESV had been automatically tuned back ON again.
    I left it ON for one week .. With No Problems! :D
    But then following another update to the Firewall ... 3 Blue Screens :argh:

    ESV - OFF .. Again! :rolleyes:
     
  7. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    hello argus tuft

    you can try comodo firewall

    or

    online armor free

    its run on vista 32 bit but not on vista 64 bit


    which vista version youre running home permium business ultimate......


    i am running one pc on vista home premium but its on outpost firewall life time license......


    :)
     
  8. zen_usuario

    zen_usuario Registered Member

    Joined:
    Dec 7, 2008
    Posts:
    153
    Hi,
    I'm using RISING Firewall (Free Edition), and perhaps can help you check the "Enable Module Rules" option, and uncheck the "Enable Trusted Application Recognition" from the "NetControl" tab for all you are searching, I don't know, but my own experience with this soft has got very friendly things and BSOD's free.

    Good luck with it! ;)
     
  9. Zom17

    Zom17 Registered Member

    Joined:
    May 15, 2006
    Posts:
    68
    argus tuft, when your system blue screens what error codes are you getting and do any of the BSODs also provide a driver as well?
     
  10. argus tuft

    argus tuft Registered Member

    Joined:
    Sep 20, 2006
    Posts:
    280
    Location:
    Australia
    Hi, the stop code is 0x0000008E (0xC0000005, 0xA1759C5C, 0xEFB7B5E0, 0x00000000)
    and the driver referenced is
    pctplfw.sys - ADDRESS A1759C5C base at A1747000, datestamp 493d93cc

    that was the only one i bothered writing down, but they always reference pctplfw.sys, and i think its the same stop error each time.
     
  11. Zom17

    Zom17 Registered Member

    Joined:
    May 15, 2006
    Posts:
    68
    0x8E errors are almost always caused by hardware and are particularly strong indicators of corrupted memory. However, they sometimes can be caused by faulty drivers.

    pctplfw.sys from what I can gather is a PC Tools driver. If this keeps showing up I would say either a) update or b) reinstall and see if you keep getting BSODs.
     
  12. tipstir

    tipstir Registered Member

    Joined:
    Jun 9, 2008
    Posts:
    830
    Location:
    SFL, USA
    None of the current crop from PCT FWP isn't as good as the 3.14 version with I use on Windows Server 2003R2 Enterprise Edition SP2, Windows XP Pro SP3 I had Vista Business SP1 running the 3.14 without any issues. But when you use 4, 5 and whatever they have now just crap.

    Other than FWP ArmorNet2 comes in second if you do P2P, but they haven't update it so other than that I can't stand Comodo, Outpost, Norton don't get me started.
     
  13. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Nope. 8E errors are coding errors as a rule.

    KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e)

    in this case it is enough to enclose a code into __try __except to avoid bugcheck.

    In most cases this bugcheck comes with subcode C0000005, which does mean "Access violation". Even if access to invalid or protected memory cannot be avoided this situation can be handled.
     
    Last edited: Apr 12, 2009
Thread Status:
Not open for further replies.