In news:i2o6tk$av2$1@news.albasani.net,
VanguardLH <V@nguard.LH> typed:
> Bob wrote:
>
>> WinPatrol's Host-based Intrusion Prevention System(HIPS)
>> takes snapshot of your critical system resources and
>> alerts you to any changes that may occur without your
>> knowledge.
>> http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/WinPatrol.shtml
>
> Yes, at POLLED intervals (1 minute minimum) for the *free*
> version. That is why it can NEVER identify what process
> made the change. You are told long after the fact that a
> change got made. In fact, if you leave the default
> (install-time) timer values for WinPatrol, it can be so
> long after the change was made when you get the alert that
> you won't have a clue what you were doing some 10 minutes
> ago, or longer.
To the contrary, a very good set of data is grabbed at the point where the
program gets isolated and much information is available there. It even gets
used should you decide to reverse your decision about changes you made.
You should get better real world experence than try to pull it all from
documentation so there are no mis-cues. I could easily take you on re the
pay-for version, which is VERY reasonably priced, but that's why I chose to
use URLs rather than leave some stuff out. The surfer can get to anythinig
avaiable about the program from that page if they wish to.
It captures a set of data for you which can be saved so no data is lost. The
vast majority of time, the message appears DURING the initial startup
routiines and does so IMMEDIATELY. It may take a few seconds for the message
to get thru prioritiies to get to the screen, but it still has the
attempting to run program stopped and held in abayance until the user
decides what to do.
>
> By the way, the Softpedia article you mentioned is listing
> features available only in the paid version, not in the
> freeware version. "Sniffs out Worms, Trojan horses,
> Cookies, Adware, Spyware and more". Nope, not in the free
> version.
Yesss, and that's what it says right there on the page, right? I didn't say
the "free" verson did or ddn't do any specific thing. For whatever reason
you are splitting hairs and attempting to put words in my mouth, almost like
a troll or miscreant might do; that doesn't help your crediblity very much.
You'll also find even the paid version very inexpensive should one like the
free version and wish to go paid. There's nothing new in the world about
that, and it has nada to do with the price of tea in China.
============ "
WinPatrol PLUS is a great investment!
One Time fee includes for ALL future WinPatrol versions.
No Hidden or Reoccurring Subscription Fees.
Single License valid on all your personal desktops and laptops!
No Toolbars or other unwanted software
WinPatrol PLUS is quicker and faster.
Upgrade Now with No Additional Download
============ "
Download WinPatrol 18.1
More info at bottom of post
>
> In the free version, you can:
> - List startup items. (*)
> o You can disable them (and keep them disabled should a
> program try to reinstate them later).
> o You can delete them. That doesn't stop them from
> reappearing later. - Move some items into a "Delayed Start"
> list. o You can specify how long after logging in (and
> after WinPatrol loads) for when some startup items get
> loaded.
> - List and remove IE helpers (BHOs, add-ons, COM plugins,
> etc). (*)
> - List and remove events defined in Task Scheduler. (*)
> - List NT services. (*)
> - List currently running processes.
> o Lets you kill them although it uses no hard-kill
> features available with other software so it offers
> nothing more than you can do more than with Task Manager.
> - Filter out some cookies. (*)
Filter out ANY cookie you can name and accepts wildcards.
> o This means you need to know what the cookie will
> contain. Cookie contents and even their field structure
> can change even at the same site.
But not often, and it if does, a new cooking listing is created that's easy
to identify if one suspects it came back. Many of the are already
pre-listed, in fact.
> o Most web browsers already have cookie management that
> obviates this feature.
> - Monitor the filetype associations. (*)
> o You can delete a filetype association. You cannot use
> WinPatrol to fix it (by assigning a different handler
> for a filetype).
> - List hidden files.
> - List recently accessed files.
> - Alerts you if the hosts file has been modified.
> - Resets the home page and search in IE if it gets changed
> (even if you're the one that made the change).
Good piece of advertising for Winpatrol, but I fail to find any reason for
your list. It's just mostly copied from the URL that was given by myself
which says that and a lot more too. But your list leaves some things to be
desired and should be complete if you're going to post it:
>
> (*) These have a monitoring function that POLLS for changes
> at the specified interval. Most intervals are way too long
> so by the time you get an alert you may not remember what
> was happening that long ago. I suggest you reduce all
> timers down to 1 minute. That's not super quick but it's
> the shortest interval they will allow.
That's silly. Most aspects of WP operate in real time and the only waits are
for cues/buffers to complete. But even if it were that long, the information
has still been trapped and logged, making the time it takes to get to read
the message pretty much moot. Even moreso when you consider the PLUS
features and so on that are provided with the program.
>
> NONE of the above has to do with *detecting* worms,
> trojans, adware, or spyware and cookie management in web
Neither the program nor I made any claims that it did. What it does do is
watch EXECUTABLES that start and if it's not already logged as OK, it'll
throw the error, asking the user whether they iinitiated that or not with
the capability to determine what to do about it.
> browsers is probably better than guessing at some text that
> may appear in some cookies.
I sometimes find looking in cookies quite useful in determining whether it's
one I want to keep or not. You're crying about a capablity one doesn't have
to use if they have no use for it. YOU do not determine what others want or
may find useful.
WinPatrol lets you know when a
> change (that is being monitored)
Changes being monitored are clearly visible in the dialogs, and the user can
add/delete from those lists as they desire. Mine will now allow Spybot to
make changes to it without notifying me, but any other entity, includng
another user, gets the error thrown.
has occured but that could
> be made by yourself, by software you chose to install and
> even by very well-known and even well-behaved programs, or
> by malware. It is NOT the anti-malware tool the author
> likes to proclaim. It is an alert tool so *YOU* can decide
> if the change should be retained.
That has turned out to be a great feature in some instances here. A lot of
malware doesn't fire when it's download but waits for something specific to
happen on the machine. And if your AV/malware detectors didn't get them,
that's one more layer of protection. But now you've turned to criticizing
hype you found on some page instead of assuming that people can't read and
make their own decisions. Personally I find the extra layer of realtime
protection useful and it has been beneficial.
Notice I did not say if
> the change was allowed because that means you get to decide
> to allow or block the change while it is pending.
Exactly. That's a useful feature if you'll just think about it by viewing
the forest instead of a few trees.
> WinPatrol, like WinDefender, told you about the change long
> after it happened. If you choose to disallow the change,
> it *might* get changed back. If it is a simple change then
> the reversion is likely.
That's one of the tests I put Winpatrol thru before I started using it and
my results were just the opposite: even if I stopped a system file, it
remained stopped and couldn't boot.
Please provide an example I can use to prove that?
If a process is still running
> that establishes and maintains that change then WinPatrol,
> like WinDefender, will fail to revert to the prior state.
The ONLY time I've seen anything remotely similar to that, WP advised me it
couldn't be stopped. Again, please cite an example so I can make this happen
without knowing it occurred?
>
> WinPatrol is a good tool to let you know if some portion of
> the state of your host has changed. It tells you about the
> change but it is long after the change was made.
No, not "long" after, which to your definition is apparently minutes.
It cannot
> identify the culprit of who made the change.
It can, and does.
It cannot
> tell you if the change should be allowed or not. It does
> not detect malware.
It's not meant to.
It merely tells you the state got
> changed and that happens even with your use of the OS or by
> the apps that you install or as you use them.
>
> Think of WinPatrol as one of those chemically-activated
> monoxide warning stickers. It tells you the level of
> monoxide is too high. By the time the color changes to
> warn you, the level has already been high for awhile. It
> doesn't tell you the source that is producing the monoxide.
> But knowing late without knowing why *might* still be
> better than not knowing at all (I said "might" because it
> presumes the user can understand the change that was made
> upon which WinPatrol alerted).
Jeez, talk about apples and oranges! Resorting to analogies usually means
the writer is out of words but still wants to make more of an impression.
You have failed in any way to change any of my opinions because your
credibility was shot in the first few paras.
Not sure what you're on about here either, but the best use of Winpatrol for
me is being advised whenever some executable starts up that has never run
before. Then it allows the user to allow it run always, run once, not this
time, or never run. The program name and several other details about it are
listed, too, for help in identifying it.
If you've just installed something, it's expected for that to happen.
If not, then it's likely it's not something the user wanted and is worth
stalling untili it can be checked out. It halts it from running in that
case, I go to the PLUS features of Winpatrol, and see what that program is
and what it does and whether it's known to be malicious or malware or what.
If it's not recognized there, then it can be Googled for hints as to what it
might be which wll help decide whether it's wanted or not. If it is, next
time the message pops up, and you trust it, you react accodingly. Or not. It
hasn't failed me yet over several years so I am pretty satisfied with it,
really.
I'm guessing but it would appear to me that your real aversion to WP is that
it's basically a heuristics approach to maintaining the health of a system,
which means it's possible for it to catch unknown, unseen yet malware.
For the small amount of memory it uses, I'd say it's a pretty darned good
piece of code.
===========
WinPatrol PLUS allows you to efficiently monitor programs running on your
computer without slowing you down or hogging all your memory.
WinPatrol takes snapshot of your critical system resources and alerts you in
real-time to any changes that may occur without your knowledge. You'll be
notified of critical system changes and have access to over 30,000 easy to
understand program descriptions.
Must have addition to your current AV protection.
Single License $29.95 USD
Single User / Multiple Machines
Limited Time $10 off $19.95
Family Pack $49.95 USD
Unlimted Computers /
Immediate Family
Limited Time Now Only $39.95
More Info Task Catcher
Task Catcher is designed to restart programs which fail or may be blocked by
malware. If a program crashes Task Catcher will detect the failure and
relaunch your program automatically.
Task Catcher allows you to efficiently monitor programs running on your
computer without slowing you down or hogging all your memory.
Task Catcher will block unwanted programs from running and restarts your
favorite programs if they are disabled or crash. As always, our goal is to
put YOU back in control of your computer.
$12.95 USD
More Info