Nvidia Firewall

[Will Rickards]

Is the nvidia firewall any good?
Any reason I should use that over the windows firewall? Which is how I have it setup right now.
Do I need to use their software to get the benefits of the hardware?

And I'm not sure but I think it is conflicting with NOD32.
I installed NOD32 and on reboot and every subsequent reboot I get a data security breach with svchost. Then things like windows update don't work.
So I uninstalled NOD32 and my problems went away. I'm going to try again now and see if there is any difference.

 

[Santilli]

I'm running Nod32 and using the Windows firewall, in XP, no problems.

Greg

 

[Will Rickards]

So I reinstalled NOD32 this time making sure not to enable the http part of IMON right from the start. But I couldn't install it from my machine. When I would download it and then extract it the crc would fail. So I downloaded it from my laptop extracted it and then brought the files over and installed.
It is still preventing microsoft update/windows update from working because it kills svchost.

I ran memtest86 on it a couple of days ago overnight so I don't think that is the problem. I'm thinking the CRC thing just doesn't like dual cores?

 

[time]

I don't see how dual cores would affect a CRC calculation.

It sounds bad, but I don't know what to suggest, Will. Which OS?

If in doubt, disable the firewall and see if things stop corrupting.

 

[Gilbo]

The nVidia firewall is apparently hardware accelerated. Considering how little CPU a firewall uses that isn't at all consequential I suppose. However, one advantage of the nVidia firewall is that it is active throughout nearly the entire startup. I don't know if that adds any meaningful security though. Lastly, from what I understand, it is more customizeable than the Windows firewall. I have no personal experience with it though so I can't comment specifically.

You can read more about the features of nVidia's firewall implementation here at the Techreport and here at Anandtech. Unfortunately, they don't compare it directly, feature-wise, with the Windows firewall so I have no idea how many of those features are important.

 

[Will Rickards]

Well somethings screwy with this system.
That is what I liked about my old system, I knew all its quirks and had solved them all. New computer, new quirks.

Anyway, I'm thinking the nvidia lan port is corrupting my downloads. My laptop can download the NOD32 install and extract just fine over wireless. In fact before the machine was put in it's current location I was using a wireless adapter, not the lan port. So how do you test if a lan port is corrupting the data? I was getting weird screens of text when browsing the internet but I don't remember if that was on the wireless or on the wired network. All I know right now is that every single time I download that file it gives me the same CRC error. And if I use the mirror to download it, I get two CRC errors.

I thought it might be the memory but I've been running memtest86 for a few hours via a bootable cdrom and no errors.

I turned off the nvidia firewall and turned on the windows firewall.
I uninstalled nod32. I think I'm going to turn off folding at home till I can figure out all this.

My next steps are:
1) hook this laptop up to the same cable on the router to see if it gets crc errors. This should eliminate the router/router's port as problematic.
2) try the other lan port and see if I get the same errors.


There is another problem I thought was related to NOD32 because it showed itself when I installed that. But now it happened when nod32 was uninstalled. There are these Data Execution Prevention errors regarding svchost.exe. I'll post screenshots in a couple minutes.

 

[sechs]

I ended up turning off the nVidia firewall on my system because I couldn't ever get it to work correctly. No matter what settings I used, it managed to jack something up so that I couldn't use my computer properly.

 

[Will Rickards]

So the laptop can download fine hooked up to that port.
But hooking the computer up to the other lan port (marvell yukon) still gives the crc errors. I wonder if this is some sort of auto-sense issue with the router/ports since these are gigabit ports?

 

[Will Rickards]

screenshots as promised
First the Data Execution Prevention screenshots about svchost.exe

Now the nod32 CRC errors. Note the last image is from trying to run setup manually after the extract reported the errors.

 

[mubs]

Try forcing your new computer's NIC to 100 mbit instead of leaving it at autonegotiate.

Data Execution sounds like bad memory to me. Have you run memtest at its most exhaustive level? It might have to run overnight.

One other word of warning: the RAM may be ok in and of itself, but may not be compatible. I wrestled with this problem for days on a Compcrap (no wisecracks please). It came with one 256 MB DIMM. The owner bought and installed a Corsair 512MB DIMM in slot 2. There were random errors (for him, never happened to me.) I ran Memtest till the cows came home, swapped memory slots, ran with both DIMMs, ran with one DIMM at a time, and there was not a single error. Eventually, we replaced the 256MB DIMM with another 512, and voila, all the errors went away. According to the manual, the original combo we had (256MB + 512 MB) was valid, but in reality it was not. These kinds of insidious erros are a real pain in the butt - where things are supposed to work but don't.

 

[Will Rickards]

The RAM sticks are identical... well nearly so. I'll post about that later.

So the CRC errors went away when I downloaded with IE. So I cleared the firefox cache and they went away in firefox. I thought the downloads were happening awful fast. It must have been just giving me some cached version. Looking at the two files in beyond compare I see that all the data is there but two sections are swapped which caused the corruption.

After thinking about it for a while, I figured that if the corruption was from the lan port, all my traffic would be corrupted. Especially since these are http downloads not ftp downloads. So one problem solved.

 

[Will Rickards]

Here are the ram pics. Note the missing item in one.
This missing piece was on the back of the mwave sticker.
But my picture of that isn't very clear.

Ram With chip

Ram Without chip

 

[Handruin]

Give the prime95 torture test a run. That might work up some errors with the memory. I can't really tell what is missing from the pic, but I think I get what you're trying to show.

Are there any hints in the event log?

 

[i]

Not that I'm an electronics expert (where is jtr?), but it looks like it's a surface-mount resistor - not a chip - that's missing.

Obviously the other RAM module could be an equivalent model, but slightly differently wired (and hey, it is working for you).

I know that 0 ohm surface-mount resistors are occasionally used instead of plain shunt-style connections. I guess they're easier for the assembly machinery to work with, as everything knows how to handle another surface-mount resistor (it makes no difference to an assembly machine if it's 0 ohms or 1000 ohms), but a shunt of some type or an extra blob of connecting solder might be more tricky to handle.

As a result, I have to ask ... is it possible that there are infinite ohm resistors out there (and I don't mean broken ones)? Because that's basically what you've got on the RAM module that's missing the resistor (assuming that's what it is) ... it's the same thing as if an infinite ohm resistor was sitting there. But for the life of me I can't imagine why they would produce something like that. Makes much more sense just to leave a gap.

Can you read anything off the resistor (or whatever it is) that's present on the other module? If there's a number or something there, it's gonna be tiny!

 

[Will Rickards]

It is all working now!
No svchost errors on startup and microsoft update works!

I noticed after one of the svchost dying that the windows firewall service was stopped with an access denied message in the event log. So I re-enabled the nvidia firewall and disabled the windows firewall for that lan port.

I also ran this command which I'm not sure if it did anything?
netsh Winsock reset

But some combination of voodoo is making it work right now so I'm not touching it anymore.

 

[Santilli]

OK. So the F5 bios works, and recognizes the dual core?

s

 

[Santilli]

Wrong thread. What bios are you using?
s

 

[Will Rickards]

Me? F4

Anyway my screwed up webpage problem resurfaces.
So far I haven't reproduced it with IE but that doesn't mean it doesn't happen with IE. It is sporadic, though it seems to happen the very first time I start firefox. The problem is that instead of a web page I get text, like javascript or something. And sometimes I get most of the page but some of it is missing. So I'm thinking somewhere it is actually swapping bytes or something.

Is there something I can use that will test it?