WinPatrol v19

Gee I offer adverse comments about a program and I am called a liar and a troll.

shadek, these kind of personal insults are totally uncalled for. We are talking about PROGRAMS -- there is no need to attack someone's humanity and integrity. You should think twice about what you write. For you to try & start a flame war over a discussion of a program is totally inappropriate.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Two points, Kees old case:

1- Other than keylogger protection, any real-time security is of questionable value when properly using imaging or snapshots or VM et alia.

2- Have you noticed that nowadays every thread you post to gets diverted to a plug for LUA? {I run as Admin. Always! So shoot me. }

 

Read my signature

When you would convert to Windows7, you could run UAC in quiet mode with safe admin and still (the name says it all) be a safe admin. Sully for instance is also a notorious ADMIN runner. Now I ask you: would he put in so much effort when he did not see the benefits?

Thanks for the shameless plug opportunity

 

Now, now Bellgamin, don't try to hide from it. You 've been caught red-handed again, you old troll!

P.S: Previous version installed with only startup in realtime:

http://hotfile.com/dl/73858692/6f1369b/New_folder.zip.html

0%. Has a bug in 7x64 , but i 'd rather keep that.

 

Just for that I made a *slight change* in your user name. Happy birthday!

Well, yes, I DO troll at times.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Meanwhile back on-topic -- I have a WinPat Plus license purchased Nov 11, 2003. I ceased the regular use of WinPat when BillP summarily deserted his support forum at CastleCops.

I still test new versions of WinPat from time to time but it doesn't justify itself as something I would run in real-time anymore. But to each his own.

 

Off-topic here, good to see the fuzz-man is back. Welcome back after months away.

 

Well thanks, nice to see you too. I 've been busy and also had other activities, so had to put security aside. Besides, i haven't seen any infection, so why bother feeding my paranoia?

 

Well -- if you won't visit here to feed your paranoia, how about coming around more often just to visit the many friends you have here? Even though you deserted the Twister, you are still marginally okay in our eyes.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Meanwhile, back at the topic. . .
@Kees - you still haven't explained why running WinPat in real-time is essential when someone is making periodic clean images (or such) & doing on-demand integrity checks.

 

Right, i am visiting more often here. As for Twister, it abbandoned me, not releasing x64 version. I read some news that the next version will finally support x64, we 'll see. To be honest, right now i like Avast because it has virtually no I/O reads and CPU Time.

I think the same thing. I don't install dubbious stuff, if i get infected nontheless, probably Avast or MBAM will find out (or Winpatrol in the "light" configuration"). Then i will just install a clean image and that's it. I also hold Shadow Defender for "risky browsing", i could even add Sandboxie there... And they all eat less CPU time than Winpatrol and provide more security... I had once done the System shutdown simulator test and Winpatrol didn't understand what hit it. The pc rebooted before i Scotty could blink

 

Me neither. I bought the license years ago and keep it around for info purposes. It's the first place I scan if there's a hitch that I don't understand and that charming little woof is always a welcome sign that supplemental information is available on the actions that legitimate software installs are taking, authorized or not.

I do recall that some of the monitoring got aggressive a few years back and I took advantage of the monitoring frequency adjustments on some of my older machines. Other than that, I've never found it the least bit "heavy".

I definitely won't get into the debate about how effective a security tool it is because.... well, I simply don't consider it to hold a candle to any real HIPS/FW/AV specialized applications - it's an apple and the others are oranges.

 

@crofttk- a nicely balanced discussion.

 

that will depend on how you use it to protect for in my very case i use it to detect rouges malware

 

but at the end of the day they are all fruits nice post

 

FWIW...

IMO, WinPatrol Plus should be standard equipment for Windows. It fills a niche that few other products do. And if one has the Plus version, it can provide useful help to newbies, something many other products flat out don't do.

Is it iron clad protection? No and by my understanding, it doesn't claim to be. It does claim to be a good tool for monitoring, explaining (and potentially controlling) changes occurring to a PC.

As mentioned, sandboxing/virtualizing has become a gold standard for protection. But for most users, trying to run in a virtual environment is not an easy leap to make. I have been @ the PC game for a while now and only went with Sandboxie in the last couple of months. Most users don't understanding what it is, let alone start using it on a daily basis.

I run WinPatrol @ home and @ work. It gives me information on changes that I might otherwise overlook or just plain miss. One of the highest recommendations I can make for any product!

 

i completely agree HAN, i feel the same way

 

nice tool indeed

 

you bet

 

Does anyone have any information about custum registry protection I can add to WinPatrol other than those available on WinPatrol's site?

 

Yes you can manually add other values that you would like to protect.
I think that Bill will add soon in the website some new values or group of values that you will be able to import to winpatrol.

 

That's good, because I don't know what registry values worth to protect in the first place. If anyone here at Wilders have any recommendations, feel free to post them here or send me a PM!

 

Go to the second page of this thread ( post #29 by Kees1958 ) to find what you're looking for .

 

I tried it before and it didn't work. But I used a different method now and it works fine. Cheers!

 

Kees1958, all those registry custom rules you posted... there are no values specified. Isn't that necessary? I tried changing a registry key that was supposed to be protected (from what I can tell in WinPatrol) but WinPatrol didn't give me a warning about the change.

 

is it necessary? i am running COMODO FIREWALL also

 

I don't think so, but with winpatrol is very easy to see the changes that a new installer or app made in the system, a new service, a new process at the startup...
You can configure D+ to control all this and much more but you will not be alerted by apps in the local or cloud whitelist.