# PC-cillin Internet Security 2006



## lotuseclat79 (Sep 12, 2003)

Installation ran into a snag when I had to uninstall ZoneAlarm Free which I was able to run with PC-Cillin Internet Security 2005. However, now that ZoneAlarm has included AV in their firewall product suite, they are more of a competitor with Trend Micro than a collaborator just a few years ago.

It was impossible to either shutdown or disable ZoneAlarm Free due to the vmon.exe True Vector service used by Zonelabs. The only alternative was to uninstall it. This is a clear example of Zonelabs product protection versus following a standard feature set for installed services - to allow the user to make the decision.

What had happened was that after I backed up the installation of PC-cillin 2005, and did the full installation of PC-cillin 2006, the Personal Firewall service was set to Automatic, but detection of the ZoneAlarm Free firewall did not allow the Personal Firewall of PC-cillin 2006 to activate.

Ok, with ZoneAlarm Free uninstalled, I was then able to first record the default Personal Firewall configuration, and then set it up to my preferences.

After installation and configuration was complete, I then proceeded to test the firewall capabilities of:
1) port stealthing, and
2) outbound connection notification to the user of any attempts
two features that every firewall should not be without - Windows Firewall doesn't currently have this capabiltiy. I suppose M$ is saving it for Vista.

Glad to see that PC-cillin's Personal Firewall 2006
1) stealths all of the ports, (All grc.com and scan.sygate.com tests passed) and
2) notifies user of all outbound connection attempts that are not already on by default in the Exception list, i.e. when you either allow or deny a connection attempt, it is recorded as a rule in the Personal Firewall's Exception list. (N.B. The rules are prioritized in order and can be moved up or down.)

Those two capabilities were exactly why I was using ZoneAlarm Free to provide the protection. Looks like Trend Micro is moving in the right direction regarding its Personal Firewall. Now, if it can only pass all of the firewall leaktests at: http://www.firewallleaktester.com then it would really be better than its competition.

So, now I can wave goodby to ZoneAlarm Free, and when I find the time will attempt to run the tests from http://www.firewallleaktester.com against PC-cillin's 2006 Personal Firewall.

The very best firewall results are from Jetico's free firewall at:
http://www.jetico.com on the firewallleaktester.com website from the latest tests (recent). However, be forewarned, Jetico's firewall is not for beginner nor intermediate computer users. Earlier last year I ran Jetico and reported a bug which they fixed soon after it was reported. The fix allowed a conflict with PC-cillin to enable Jetico to run compatibly with PC-cillin. Perhaps I will try it again and report my review here when I get the time to disable PC-cillin's Personal Firewall to conduct the tests.

-- Tom

P.S. I also run Prevx1R, the research free HIPS from http://www.prevx.com. It protects against dll and process injection attempts by malware, i.e. a lot of the feature expansion now found in the best firewalls like Jetico.


----------



## lotuseclat79 (Sep 12, 2003)

Ok, now that I have had nearly a week with PC-cillin Internet Securiy (US version), it appears there is a resource problem with tmproxy.exe, the email and web scanner proxy service.

It uses a great deal of memory reported to be as high as just over 90MB, and in my computer just over 70MB. Other versions (non English) of this service use on the order of 2-3MB which is desirable.

It was reported on one website that in early Jan 2006 this problem was fixed, however, the release is from December, although I have the latest updates to program version: 14.10.1041.

-- Tom

P.S. I'm going to issue a support request with Trend Micro to see if the issue can be resolved, and will post back here when I have information on its status.


----------



## lotuseclat79 (Sep 12, 2003)

I posted a support request yesterday with Trend's PC-cillin support team and here is there advice with effects on the size of tmproxy.exe with the fix:

According to Trend's PC-cillin support team:
The amount of memory usage of tmproxy.exe depends on the applications loaded on your computer or as long as PC-cillin is running and it is utiliized the memory usage would increase.

As a corrective measure:
1) disable Anti-spam feature
2) disable other features not being used such as Web site Filter and Private Data Protection.

tmproxy.exe at 72,768 KB before disabling.
tmproxy.exe at 29,472 KB after disable anti-spam feature.
Note: ISP has anti-spam feature that works very well so this feature wasn't really necessary to engage in PC-cillin 2006.

Upon applying the change to uncheck the Web site Filter to Filter access to Web sites (Phishing, Spyware, Adware/joke Program/Cookies were the Categories checked): got message window from PC-cillin 2006:
For changes to take effect, close and re-open the Web browser. Consult the Online Help > Learn About...section for the list of supported Web browsers.
tmproxy.exe at 27,912 KB before web browser closed and re-opened.
tmproxy.exe at 28,756 KB (seems to have increased)
tmproxy.exe at 27,924 KB after web browser closed and before re-opened
tmproxy.exe at 28,776 KB after web browser re-opened.

Privacy Protection was not checked prior to making any changes - I keep nothing really important (financial, identity, etc.) on my computer.

Real-time Spyware Protection is only item turned on under Antifraud Wizard and Antifraud toolbar in IE is unchecked (Firefox 1.5.0.1 is primary browser). Note: Grayware protection checked by real-time spyware feature:
spyware, adware, dialers, joke programs, hack tools, remote access tools, password cracking applications, others are all checked.
Note: I use other anti-fraud protection on IE and now only really use it to get Windows Updates on Update Tuesday from Microsoft anyway.

Since I have MS Anti-spyware Beta 2 real-time scanning turned on and Webroot Spy Sweeper, when I turn off the Real-time Spyware Protection of PC-cillin 2006:
tmproxy.exe at 27,932 KB after turning off real-time spyware protection

Decided to re-check real-time spyware protection with following configuration checked: (dialers, joke programs, hack tools, remote access tools, password cracking applications, others; and leaving spyware and adware unchecked).
tmproxy.exe at 27,932 KB after turning on new real-time spyware protection configuration.

PcCtlCom.exe at 7,900 KB
pccguide.exe at 6,892 KB
TmPfw.exe at 6,360 KB
Tmntsrv.exe at 3,832 KB
tmproxy.exe at 27,932 KB compared to 73,476 KB before changes
-------------------------
Total PC-cillin 52,916 KB <--- New PC-cillin 2006 size
compared to before changes
Total PC-cillin 98,460 KB

Improvement with changes is decrease of 45,544 KB in total size.

tmproxy.exe at 27, 928 KB as I write this message.

-- Tom

P.S. I will post another message detailing the applications I have running as this seems to be a variable on each different computer.


----------



## lotuseclat79 (Sep 12, 2003)

Applications I am running on startup:

SnoopFree Privacy Shield (UI at 2,892; Svc at 1,428)
PC-cillin IS 2006 (see below)
*FireFox Preloader at 3,248 KB
*Privoxy at 3,972 KB
Spy Sweeper at (14,464 KB, WRSSSDK at 14,804 KB)
*GhostSurf Pro at 13,864 KB
*SpeedFan at 6,240 KB
EarthLink Task Panel at 20,560 KB
EarthLink Accelerator at 13,240 KB
*EarthLink Email Client at 4888 KB
*EarthLink IPClient at 5,412 KB
Microsoft AntiSpyware Beta 2 at (gcasDtServ 13,452 KB, gcasServ 8,076 KB)
GIANTASConsole at 10,312 KB when opened, otherwise 0 KB closed)
Prevx1R HIPS at (PXAgent at 16,084; PXConsole at 5,160 KB)
Firefox 1.5.0.1 at 21,628 KB (minimized at 9,696 KB, postmax at 14,792)
*jusched at 2,632 KB (not necessary to run. i.e. Java related updater)

Other System level processes:
explorer at 18,812 KB (WinXP Pro SP2 process)
svchost at 25,092 KB (ditto)
ewidoctrl at 3,076 (when not running update window)

Note: tmproxy.exe at 26,616 as I write this message.
* can be shutdown to decrease? tmproxy size because not needed
Effect of shutdown of * marked applications running:
tmproxy.exe increased to 26,848; then decreased back down to 26,616 KB

Note: Since I have Firefox 1.5.0.1 tweaked to release memory on minimizing 

the window, the tmproxy rose to 27,472 and fell to 26,888 when I mined one 

of two windows and stabalized there when the 2nd window was maxed.
When ISP connection shutdown (EL TaskPanl), tmproxy decreased to 26,652 KB.

PC-cillin IS 2006:
pccguide 6,880
Tmntsrv 3,840
TmPfw 6,368
tmproxy 26,652
PcCtlCom 7,148
Total 50,888

-- Tom


----------

