Sunbelt Personal Firewall & BSODs

Discussion in 'other firewalls' started by DV Dee, Mar 27, 2010.

Thread Status:
Not open for further replies.
  1. DV Dee

    DV Dee Registered Member

    Joined:
    Mar 27, 2010
    Posts:
    5
    My OS is Win XP Pro. Recently I've been getting some Blue Screens of Death (BSOD). The most recent gave me an error message (in part)that read:

    Sbhips.sys Address B81C9BB1 base at B81C8000, Datestamp 485a77cb

    Sbhips.sys is a system file associated with Sunbelt Personal Firewall, which is the firewall I use. (A Google search lead me to many other forums' postings complaining about SPF and associated BSODs. Some posters suggest disabling the system file Sbhips.sys, but I think that's an invitation to malicious intruders)

    I did post the associated minidump to another web forum, and their primary analysis did indeed point to Sunbelt PF as a major player, but not necessarily the only one; some drivers may have been also involved.o_O

    Since much of that initial minidump analysis is beyond my technical ken, would it be possible to post it here in the hope of further plain-spoken interpretation?

    Thanks!
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    sure, post it here.
     
  3. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,273
    SBhips.sys is the Sunbelt's host intrusion protection system driver (HIPS) bundled into the firewall product. Loads very early during system boot, IIRC.
    I've used it happily alone or even in conjunction with the classic HIPS monitor, SSM. I've had it enabled and disabled. No BSODs here. Using XP-home and XP-Pro SP2 and SP3.

    So, while you can turn it off in cmd window (sc config sbhips start= disabled), i'll first be looking at some conflict with existing other security program(s), regardless whether currently installed or uninstalled, since most uninstallations don't uninstall correctly and treat your computer like a garbage can.

    Finally, consider sending by email your mini-dumps directly to Sunbelt Support. They're likely to help.
     
  4. DV Dee

    DV Dee Registered Member

    Joined:
    Mar 27, 2010
    Posts:
    5
    I'm attaching a copy of my most recent Minidump, debugged by a tech on another forum. I was thankful for their debugging effort, but it's hard for me to translate the analysis, as I'm not a technician!

    My own security programs installed are: Sunbelt Personal Firewall;CounterSpy; Avast anti-virus and a trial version of Malwarebytes.

    Thanks for your efforts in helping me get to the bottom of the BSODs. (Sorry if the text in the attachment is all run together, but I can't include attachments in MS Word here, it seems.)
     

    Attached Files:

    Last edited: Mar 28, 2010
  5. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  6. DV Dee

    DV Dee Registered Member

    Joined:
    Mar 27, 2010
    Posts:
    5
    I'd be happy to post the next minidump file here, but you can't attach .dmp format files, according to the Forum rules....o_O

    I'm holding off on using Vipre Premium, because it seems to be causing a rash of re-boots.
     
  7. DV Dee

    DV Dee Registered Member

    Joined:
    Mar 27, 2010
    Posts:
    5
    When should I check in about explanations/analysis of the minidump debugging?

    Thanks.
     
  8. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    in essence your firewall does not agree with your config. now, you can indeed follow suggestion of disabling the .sys or maybe try some other firewall in case it works better on you machine.
     
  9. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,273
    Quoting from the other forum, I think there are conflicts with AVAST! drivers

    b41a7000 b41be000 aswMon2 \SystemRoot\System32\Drivers\aswMon2.SYS unavailable (00000000)
    Conflict
    b431a000 b431d280 ndisuio \SystemRoot\System32\DRIVERS\ndisuio.sys Wed Aug 04 07:03:10 2004 (41107C1E)
    b436a000 b436d000 aswFsBlk aswFsBlk.SYS unavailable (00000000)
    Conflict
    b4666000 b467d480 dump_atapi \SystemRoot\System32\Drivers\dump_atapi.sys Wed Aug 04 06:59:41 2004 (41107B4D)
    b46a6000 b46cd000 aswSP \SystemRoot\System32\Drivers\aswSP.SYS unavailable (00000000)
    Conflict
     
  10. DV Dee

    DV Dee Registered Member

    Joined:
    Mar 27, 2010
    Posts:
    5
    Thanks (both)...I wonder what combo of firewall & anti-virus wouldn't conflict (no BSODs) in a Win XP Pro environment--any suggestions?

    Meanwhile, would a BIOS flash update be of some benefit, even though I
    just installed my Asus P5Q Pro Turbo mobo in Feb.?
     
  11. goldrushtech

    goldrushtech Registered Member

    Joined:
    Jun 26, 2005
    Posts:
    59
    Location:
    Greensborough, VIC, Australia
    Obvious choice is Vipre Premium by Sunbelt which combines Vipre AV and the Sunbelt Personal Firewall. Not sure where you are but you can get it here www.vipre.com.au

    Just the disclaimer, this is a Gold Rush Technology website....

    Just make sure you completely remove Avast. Otherwise you will may get the issue with the sbhips
     
  12. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    I would stay with avast! and dump Sunbelt (IMHO this is the obvious choice ;) ). I'm using Malware Defender and Jetico Personal Firewall on Windows XP SP3 without any problems at all. Malware Defender is free now and has basic firewall capabilities if that is all you need. Also FWIW, my setup has been running trouble-free for many months now, so I'm not giving you advice based on only a few weeks experience.

    EDIT: Working link to the free version is here.
     
Loading...
Thread Status:
Not open for further replies.