questions about new internet security suites (possibly replacing CIS)

Discussion in 'other firewalls' started by LMHmedchem, Feb 23, 2016.

  1. LMHmedchem

    LMHmedchem Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    28
    Sorry if this is the wrong forum, but I don't see a forum for security suites.

    For many years now I have used Comodo internet security pro (paid version). On the whole, I have been happy with it and I think that it provides excellent security. I also have a zone alarm firewall router that provides some additional hardware based security. My main problem is that I am still using CIS version 5 because I have found more recent versions to be almost un-usable. I have tried each update as it came out, but not only have they destroyed almost all the utility of the interface, my computer does nothing but hang and freeze with CIS using all of the CPU. Even when it isn't frozen, it is very slow. As a developer, I have many scripts and utilities that I run often and some of these take hours to finish when they take only minutes with version 5. Also, it appears the the Defense+ part of CIS has changes somewhat in newer versions and I cannot import my current D+ settings into newer versions. I have literally thousands of my own applications on my computer and I just don't feel like setting up all of those rules again by hand, I have installed CIS on a completely fresh install of the OS to make sure that the performance issues are not related to some unknown infection and I still get the same results.

    For the last several years, I have just bought a new code to keep it going for another year. One major problem is that it has been years since I was able to update my antivirus definitions. Comodo has had a long string of documented issues with its AV update system and even more annoying, Comodo tech support refuses to acknowledge any issues. They have sent messages like this,

    "We have tested thoroughly before release the latest version of Comodo Internet Security and found no issues with our update server. It is mostly like the update is getting blocked from your system itself so kindly provide the below details in-order to troubleshoot on the issue"

    These updates fully download and I see and verify the downloaded update file. The problem is when the update is "applied" it gets to the "finalizing" step and then quits. For Comodo to claim that there are "no issues with there update server" is just a plain lie. All you have to do is google the question and you find hundreds of complaints. To get updates, I have to manually download the updated database from their server, reboot into safe mode, and rename the existing file. Comodo doesn't seem to be able to recognize that an update has been applied and so keeps checking for an update every 3 minutes round the clock and fails every time. This uses significant resources, so I have to keep auto update off. Comodo version 5 doesn't have a manual update feature, which is moronic for an AV program that might need to be updated while there is an infection on the system blocking internet access.

    In the end, I think that Defense+ is probably a better AV tool that keeping a library of known threats. Since this particular computer is still running XP, I scan it regularly with the full set of scanning tools from major geeks and so far, it has never been infected. I also monitor my hardware firewall logs for any suspicious connections, especially when I am not using my computer.

    At any rate, I don't know how much longer I will still be able to pay to keep using version 5 or how much longer I want to put up with the AV issue and the refusal of Comodo to acknowledge the issues, let alone help. I have been looking at BitDefender ISS 2016 and am wondering if what the folks here think about it. I think that Kaspersky is also a good product, but it doesn't seem to support XP anymore.

    I am most interested in having some kind of execution prevention feature like CIS Defense+ to whitelist known applications and require permission for everything else to run. I also use whitelist for all internet access and typically allow only about 4 applications to connect without permission. I like being able to call up a list of all current connections (in a reasonable number of clicks) and to be able to kill individual connections. I also like to be able to kill all internet access as I never have my computers connected unless I am there.

    Can anyone here let me know if BitDefender might fit the bill or if there is some other suite I should consider. I like having all of the functionality in a single suite, but that is not a dealbreaker if there are other options that might work better.

    Thanks,

    LMH
     
  2. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    NVT exeradar as a standalone anti executable.

    Voodooshield does that also with added AV cloud scanning
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Install Defence Plus without AV and use any decent anti virus with it.
     
  4. LMHmedchem

    LMHmedchem Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    28
    I'm not sure that is an option. I don't remember being able to install without the AV. At any rate, a little while ago I tried to fix the AV update issue by completely uninstalling CIS. I thought that I could install it from scratch and possibly the AV updater would work. The result of this was that after installing CIS, the computer reboots and a window would popup for me to enter my confirmation code. The computer would immediately reboot before I could do anything as far as entering my code. The computer stayed in a constant reboot cycle and would never let me activate CIS or do anything else for that matter.

    I found this very odd and suspected that there must be some underlying infection. I again ran a full suite of scanning tools and found nothing. I also tried again starting with a known clean image, but the same thing happened. I am left to conclude that this is intentional behavior by CIS, meaning CIS isn't going to let you install an older version. Perhaps this is not the case, but I'm not sure what else explains the behavior.

    As far as I know, there is no way to uninstall part of CIS, so I am left with adding a new code to keep it going as is for another year or trying something else. I do like D+, so I am reluctant to leave it for another suite that doesn't have something similar.

    I will look into NVT exeradar and Voodooshield as suggested by trott3r.

    LMH
     
    Last edited: Feb 23, 2016
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    If I can't uninstall it I will anyway do a fresh OS install and in future will use an imaging software to solve this issue.

    Sure you can install only firewall component with defence plus( I am alaways doing it). Use comodo free version( defence plus). You can combine it with any AV, even a free one like Avast.

    Another option is KIS( kaspersky). It has builtin HIPS that are good.
     
    Last edited: Feb 24, 2016
  6. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,081
    Location:
    Netherlands
    360 Internet security free, see other AV section in this Forum
     
  7. LMHmedchem

    LMHmedchem Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    28
    This produce doesn't appear to have a firewall or execution prevention. Is this correct or am I missing something?

    LMH
     
  8. LMHmedchem

    LMHmedchem Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    28
    I do use imaging for all of my computers. I always have an image that was made in the following manner,
    1. install windows offline (no internet connection)
    2. install hardware drivers offline
    3. install security software (comodo in this case)
    4. make basic user preference configurations, create user accounts, etc
    5. activate internet connection and update windows (most updates were already slip-streamed into the installer)
    6. update security software
    7. take an image with clonezilla

    I then start installing other applications like, email, browser, printer software, etc and take a final image when everything is done.

    In my attempted repair of Comodo update, I uninstalled Comodo, completely cleaned the file system and registry of anything related to Comodo, and re-installed Comodo. This is when the system went into continuous reboot. I needed to repair the OS, so I restored to my last good image and tried again with the same result. I also tried going back to my original image described above and still had the same result of continuous reboot. I can't think of any reason why I can't reinstall Comodo on my older images unless Comodo itself if preventing it.

    This would be a current version of Comodo, correct? I haven't been able to use the newer versions of Comodo for all the reasons I described in my post. Perhaps it would work better without the AV, but I still hate the new interface, loss of functionality, and their complete lack of support even for a paid version.

    I would like to try Kaspersky, but I don't think it supports XP anymore.

    LMH
     
  9. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    You can do selective install in older versions too, even in version 4.
     
  10. LMHmedchem

    LMHmedchem Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    28
    My problem at the moment is that when I try do to a fresh install of version 5, which I would need to do to install just part of the suite, my computer goes into a continuous reboot cycle. It boots, I log into my account, a window appears for me to activate Comodo, and then the computer reboots. This loop is endless and I have to restore from an image to get my OS back. I can only conclude that Comodo is set up to prevent new installations of old versions. I guess I may have some hidden rootkit that wouldn't be fixed by restoring from a clean image, but that kind of thing is extremely rare and I have run every scanner I can think of and don't see any sign of it. Besides, why would malware let Comodo run with no issues but just not let me re-install it?

    If someone thinks this sounds familiar and that I have an underlying infection, I would be happy to hear about it.

    Otherwise, my only option it to re-activate my current completion installation.

    LMH
     
Loading...