written by: Donna Buenaventura•edited by: Bill Bunter•updated: 2/4/2011
We all know that anti-virus, anti-spyware or anti-malware is not enough to prevent infection and critical changes on our system. In this review, I’ll write about WinPatrol, a malware monitor program that will not put your system into its knees and never have problem with other anti-malware program.
slide 1 of 7
What is and why use WinPatrol?
If someone knocks on your door, you don’t simply open the door. It goes without saying that you will first check whose knocking and if we are expecting and trust the visitor, only then we will allow them in. We should be doing the same on any modifications in Windows with the help of WinPatrol. WinPatrol is also known as Scotty the Windows Watch Dog. It sits right on the notification area and quietly monitors unique areas and critical system in Windows. If any changes or addition is done on the system, Scotty will alert the user and provide information on the changes done by legitimate or malicious application. The user has the option to review the alert before making a decision on whether to allow or not the modification on the system.
If you think legitimate applications are good and to be trusted… think again! Because not all legitimate software are to be trusted in adding or modifying system without your consent or knowledge. You’ll never know if a good application is going to modify your preferred settings unless you have WinPatrol on your system.
If you believe your antivirus or antimalware’s real-time protection is enough to protect or secure your system, you are mistaken because WinPatrol is not a malware scanner but a security program that will detect violations on your computer by taking a snapshot of the critical areas of your system and alert you on changes. As you know already, malware will often attack critical areas on a system by disabling, adding or modifying your settings so the malware can do what it is programmed to do. WinPatrol can prevent malware because the real-time monitor of WinPatrol on critical areas on the system is fast enough before traditional anti-virus will add signatures or definitions to detect the malware.
slide 2 of 7
slide 3 of 7
WinPatrol will guard what others do not!
WinPatrol actively monitor many areas in Windows – the critical areas in which malware often attacks. It can guard unique areas on the system that others simply do not.
ActiveX – Most users have ActiveX components that will allow them to view contents or use a service. Some programs or services require ActiveX such as online malware scanners, Media Players, Shockwave or Flash players and others. WinPatrol will monitor additions of ActiveX components on your system and if unwanted or malicious ActiveX will try to install on Windows, you can prevent this infection or unwanted changes by allowing WinPatrol to block the changes. A unique feature of WinPatrol is you can prevent Zero day infection or attacks. How? If one of your ActiveX components is vulnerable and there’s zero day vulnerabilities (infection or attacks in the wild), you can use WinPatrol to set a Killbit for the affected ActiveX by disabling it until a security fix or patch is released for a particular ActiveX.
Automatic Updates settings – Some programs will change your Automatic Updates setting in Windows without your permission or silently change your AU settings. you if a change has been made in UAC and you have the option to restore the previous setting.
Cookies – WinPatrol can eat cookies and leave the ones you don’t it to eat! Another unique feature in WinPatrol is to automatically delete cookies in your filtered cookies. Just enter any part of the cookies’ name that WinPatrol will filter and you will never see those cookies stored on your Cookies folder. WinPatrol will also monitor added cookies in your system.
File Types – Some legitimate programs will try to override your file type associations in Windows. Example: Your default audio and video player is Windows Media Player and you recently installed another media player application that can play similar or some file types (e.g. MPG, MPEG, WAV, AVI etc). WinPatrol can monitor file types and will alert you if another program is trying to associate their program to a particular file extension. You don’t want also any malware to touch your file extensions so it’s best to allow WinPatrol to alert you on any changes with File types. For programs that are stubborn, you can configure WinPatrol to lock the File Types so that WinPatrol will restore the original file type settings without alerting you.
Hidden Files – If your system has been infiltrated, you will be able to view the module name, the path and the detection date using the Hidden Files tab. WinPatrol can monitor additions of Hidden Files on the system but it is disabled by default because there are legitimate programs which temporarily hide and delete files. If you need to delete a hidden file, you can use the option to "Delete on Reboot". It's best to check the "Info" which should give more details (if it's a suspect or legitimate program files). Anything you'll delete is placed in Windows Recycled folder.
slide 4 of 7
Other Useful Features of WinPatrol
WinPatrol 2009 can handle many things that others do not and it often provide unique features. Below are other features available in using WinPatrol 2009:
Alert Messages Manager – If you prefer to not to be alerted by WinPatrol for any changes in the computer, you can hide it. You have the option to select which action you would like WinPatrol to do – Prevent or allow the changes. This is useful if you have a guest using your computer or anyone that you do not allow to manage Windows or create a critical change without your consent.
Active Tasks – To view the currently running processes or tasks in Windows, select the Active Tasks tab in WinPatrol. You should be able to manage it. This feature is useful also if the Task Manager will not running due to malware infection.
Delayed Start – Some users prefer to boot the computer faster and removing the start-up program is not what they like. Good news because with WinPatrol, you can delay a start-up item so you don’t need to launch it manually and you don’t have to suffer from slow startup of Windows. You can configure how many minutes a particular program should load itself on Windows Startup.
Delete File on Reboot – WinPatrol have the option to delete a file on reboot. Some malware is so nasty that you cannot delete it because it’s running in the background or keep adding itself in the background.
Export and Restore WinPatrol settings – If you have more than one computer, you don’t have to manage them one by one! You can export and import the settings of WinPatrol or just use the exported setting as your backup in case you want to restore your previous settings.
WinPatrol Log – WinPatrol Log is another feature in WinPatrol to allow you to analyze your system logs (if you are familiar in analyzing a log or you want a friend to analyze your log). It’s similar to HijackThis log by Trend Micro.
Recent – Ever wonder what are the new programs or recent changes in your computer? WinPatrol records those changes and addition on your computer so you can delete or immediately resolve the infection by running a malware scanner.
View History of Events and WinPatrol Log in HTML or Spreadsheet file – For easy viewing of what occurred on your computer, WinPatrol provide an option and feature to view the log in HTML and excel format.
slide 5 of 7
Features of WinPatrol (Screenshots)
slide 6 of 7
WinPatrol Plus and WinPatrolToGo
The above is not the only stuff that you want to read about WinPatrol! There's WinPatrolToGo, for people on the go and WinPatrol PLUS that is offers great protection called Real-time Infiltration Detection. You'll see the rest of this review in WinPatrol 2009 Review - Part 2.
On this review, I will provide information about WinPatrol, WinPatrol Plus and WinPatrolToGo. WinPatrol is a malware monitor program that never conflict with other anti-malware application because it monitors what others do not.