Sunday, May 25, 2008

WinPatrol Flash - Feeding the Scotty

WinPatrolFlash

The other day I was tooling through my RSS feeds at work and caught a new post from Bill Pytlovany.

As frequent GSD Blog readers will recall, I am a big fan of his WinPatrol software.  Simply put, this real-time tool monitors your Windows system and alerts you to changes made by applications (good/bad) to said system.  Besides the monitoring features, you can view and manage start-up items, browser toolbars, scheduled tasks, Windows services, cookies, the HOST file, log when programs are first detected on your system, and a number of other elements all useful for the advanced user.  Great program and incredible that Bill offers it in both free and $ versions.

Bill's latest post immediately caught my eye.

Bits from Bill: Help Friends/Family with WinPatrol FLASH

This has just convinced me that Bill must be one of the most crazily kind guys in the world.

See, what Bill has done, is to bundle up at least eight of his WinPatrol product's most powerful features and released them in a singularly USB portable EXE file.

WinPatrol Flash provides geeks an almost all-in-one solution for dealing with pc-cleaning and optimization of a home-user's system.

Oh my!

Behind the Bark

Get this free application from the BillP Studios: WinPatrol USB Flash Edition download link.  It supports Windows 9x - Vista builds.

Nothing at all to install. Download the single file and click to run.

You will be greeted with the familiar bark of "Scotty" the watch-dog.

Once up you have a number of tabs to explore.  I noticed right-away that it loads the contents very fast.

  • Startup Program - This tab shows a list of all the times set to run at system startup.  You can click on an item to get more information about the entry or you can remove the item.  There is also an "advanced" mode which shows some additional launch-points.
  • ActiveX - This tab shows which ActiveX items are installed and enabled on your system. You can disable the ones you wish selectively, as well as list ALL ActiveX controls or only non-Microsoft ones.  Malware sometimes tries to insert itself into Internet Explorer by use of ActiveX controls.
  • IE Helpers - These are additional toolbars or "features" that are plugged into IE by the system or other applications. Again, you can get more info on them or remove them.
  • Scheduled Tasks - Provides a view of which items have been scheduled to run by the Windows Task Manager.
  • Services - Shows all the services that are installed on your Windows machine, as well as the status state and if they are set to run at startup. You can "filter" the list for non-Microsoft services if you wish.  More information is available for individual items.
  • Active Tasks - Yep. You get a quick-view of running tasks/processes on the system. Name, description, and company. Select one and click the "Info" button and you will get a bit more info along with the full path location.  You can attempt to kill task as well.
  • Hidden Files - This provides a list of files that were found to be marked with a "hidden" property attribute.  Just because a file is marked this way doesn't necessarily mean it is "evil"  So don't freak out just because you see something listed here.
  • Plus - This tab allows you to cross-link your WinPatrol Flash edition to your WinPatrol Plus registration information.  This allows you to have access to the lookup database for items that is possible under the "Info" button usage on other tabs.  If you are a subscriber, you now have access to additional details about these tasks, processes, files and other items.  This is a great feature, especially for home-users who fall somewhere in beginning to advanced range of computer knowledge.  It's a great way to check if something is safe or not before you go deleting stuff.
  • Options - Few more neat things...and to me the best; log files!  The WinPatrol Log gives you a HTML formatted list of running processes and other found items. The Spreadsheet report outputs the information into a spreadsheet document. On my system it auto-launched Excel. I personally liked the Hijack Log format the best. A text file was generated with tons of great data. There is also a button to view the HOSTS file in notepad. Finally there is a History keeper and a button to export your settings.

Thoughts

As I alluded to earlier, I would recommend this wonderful tool to home-users who are just starting to get their feet wet into understand what is running and going on with their system.  It's also valuable to the geeks who need to carry a singular utility around to quickly assess a system.

By itself it offers no real-time "protection" to a system like the full-featured WinPatrol installation does.

The log files generated are quite detailed and alone make this a great program to keep handy on a USB stick.

However, advanced Windows geeks and system-administrators probably have a number of more sophisticated "power-toy" utilities at their disposal that would provide better resources for more in-depth system assessment and response: Process Explorer, Autoruns, Process Monitor. OpenedFilesView, CurrPorts, VStat, UNLOCKER, Advanced Process Termination, RegASSASSIN, and FileASSASSIN.

Unfortunately, using these effectively requires a significantly deeper understanding of Windows systems and you have to flip between them as you are working on a system.

So hat's off to Bill for stripping out his WinPatrol Explorer component from WinPatrol proper and releasing it for us to drop into our USB toolbox.

Definitely a keeper!

--Claus

No comments: