Trend Micro PC Cillin 2006 vs. Norton Anti-Virus 2006??

Posted on 2006-03-25
Last Modified: 2012-08-14
Hello everyone,

I had been running the trial version of PC Cillin for about 60 days or however long the trial is. When the time came to buy it, I did because I always have nightmares with people installling NAV (any version) on their computer and me trying to fix it. I had a guy who I felt was really knowledgeable recomend Trend Micro PC Cillin to me, I was convinced NAV was an inferior product due to all of the problems Norton can cause. I was running Trend as my main virus auto-protection/auto-scan, firewall, etc

...and I had AVG free set to automatically update, but not auto protect or scan. I would manually scan with AVG every other week or so. I would run Adaware and Spybot regularly as well with little to no significant issues arising.

Neither AVG nor Trend would find viri. I did knowingly get a trojan ONCE from using P2P program (i know...tsk tsk). But Trend 's autoprotect spotted the problem and seemingly quarantined the files right away. This was some time ago though, an no threats have been found since.

Well, for shits and giggles I decided to run the online Norton Security and Anti-Virus checks. The Security check was clean, but the Virus check found 2 files associated with a trojan. LSSAS.EXE and MS32.DLL .

Now I'm questioning Trend. Any thoughts?
Question by:Tom-J-Lael
    LVL 3

    Author Comment


    Is it possible that those two files , LSSAS.EXE and MS32.DLL were just "schrapnel" if you will from the quarantined trojan? Because like I said, Trend and AVG never found any other issues after the fact, and the Symantec Online Virus Scan found those two files, but never found any memory resident viri.

    The only reason why I question is I was checking my System Logs in Event Viewer. Daily I'm getting the following Warning.

    *** Source:LSASRV
    Category: SPNEGO
    Event: 40961
    The Security System could not establish a secured connection with the server DNS/  No authentication protocol was available. ***

    I have no idea what that domain is.

    On 3/18 (still significantly after the infection) I had a couple warnings

    ***Source LSASRV
    Category: SPNEGO
    The Security System detected an attempted downgrade attack for server cifs/WGT634U.  The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
     (0xc000005e)". ***

    WGT634U is my default gateway.

    I've also had this error

    **Source: Dnsapi
    Category: None
    Event: 11165
    The system failed to register host (A) resource records (RRs) for network adapter
    with settings:

       Adapter Name : {1657F8BE-4574-43CB-BE2E-2E5ABB38BD37}
       Host Name : johnny5
       Primary Domain Suffix : TestEnterprise.local
       DNS server list :
       Sent update to server :***

    Why would it try to send an update to a server that is not my DNS server and is not on my subnet ??
    LVL 97

    Assisted Solution

    Greetings, Tom-J-Lael !

    Antivirus program check for virus, no adware.  So PC Cillin and AVG missed the adware trojan.  You need an anti-adware program, like BitDefender, to actively protect you from adware.

    Best wishes!
    LVL 15

    Accepted Solution

    If you're looking for a Security Suite (Antivirus/antispyware/firewall) you should look at this PC Magazine story,1895,1891834,00.asp

    though I'd make one comment regarding the trojan - if PC-Cillin was a trial version that was not being updated after the end of the trial, that could have caused it to miss the malware that wound up on your PC.  Otherwise, I'd recommend you go with the editor's choice in the category, ZoneAlarm Security Suite.

    LVL 13

    Assisted Solution

    Trend is very good.  NOD32 is good too, a little technical.  I use both for virus scanning.   Webroot Spysweeper and the Microsoft Anti Spyware + Spybot and Lavasoft's adaware are the way to go.  If no firewall is present i.e. not xp, use pccillin - it has a firewall too.  Your not done :-(  Now we scan for rootkits (rootkitrevealer at sysinternals) and panda's beta rootkit tester, and then for trojans, trojan hunter and ewido are good at that.

    LVL 3

    Author Comment

    tahnks to everyone for the input. I have been using PC-Cilling firewall, and even though it was a trial version, it was consistenly being updated with automatic updates. The same is true with AVG. I've used Sysinternals RootKitRevealer but never really understood the output. I'll take a look at the other things suggested.

    many thanks!
    LVL 3

    Author Comment

    PS. I tried to split the points between all three but couldn't apologies davidis99
    LVL 13

    Expert Comment

    Post here and ask for the split.  They will fix it.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    As more computers now shipped with 64-bit version of Windows, more users are now using this Operating System.  So it's important to be aware how some 32-bit diagnostic tool works on these systems, so we know what to expect when analyzing the logs an…
    PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    This video discusses moving either the default database or any database to a new volume.

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now