Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Tuesday, March 05, 2013

Hackers Steal WinPatrol Data Already Available

What was first thought to be a problem in last week’s Windows Update turned out to be a targeted hacker attack of WinPatrol data files.
The timing of the attack(Tuesday, Feb 26th at 17:44 PM EST)coincided with a new Windows Update. Many who experienced unusual behavior from WinPatrol had also just updated Java and/or Adobe Flash so they were also included in the list of usual suspects.

While the hackers may have been looking for user passwords, Email addresses or credit card numbers they were able to steal statistical data describing which programs remain popular or unpopular on Windows machines. The data is collected when a WinPatrol user decides to keep or remove a program which has been detected in a critical system location. 

The following is an example of data collected by WinPatrol based on decisions made when a particular file, “Adobe PDF Helper” is added to the list of programs loaded with Internet Explorer. The first number represents requests by WinPatrol PLUS members asking “What the heck is this file?”. The 2nd indicates users clicking “Yes, I’ll keep this” when notified the file was added. The 3rd larger number represents how many times WinPatrol users rejected this file and did not want it loaded when they browsed the Internet.  The remaining numbers result from an optional survey doesn’t appear to be a popular since it requires participation.
acroexampleThe goal of this statistical data is to help WinPatrol PLUS member make decisions on if they want to keep a program which in some cases may slow their system down. While this example is from an IE Helper or Brower Helper Object most data relates to programs which are set to always run after the computer starts.

This data is valuable as a whole but is just one feature available by upgrading to WinPatrol PLUS for only $29.95.  While the hackers didn’t find any valuable payload, they did cause the software to crash any time a change occurred worth sharing. While BillP Studios worked long hours providing an immediate solution to those who reported problems we carefully evaluated each report to confirm a permanent solution would be found. Today a new version, WinPatrol 27.0.2013 is now available.

Like many small companies BillP Studios uses 3rd party companies like PayPal who specialize in eCommerce. Even when credit card numbers are included, BillP Studios securely deletes personal data after 30 days. We are required to save some information for the IRS and reports of foreign sales. These files do not include individual data and are stored on a system not connected to the network.

We were prepared for this kind of attack and except for individual software failures our preparation worked.  At no time were any Email addresses, personal addresses or credit name numbers stolen or even at risk. It was still a wake up call and should be for anyone running a small business.

The new WinPatrol 27.0.2013 includes a few new features that were previously in the plans but I also trained  Scotty to behave even more gracefully in case of failure. Future development will continue this trend so in the case of a crash no other programs will be affected.

One long requested feature will come in handy if we have any problems in the future. While I’m not a fan of auto updating software WinPatrol users will now be notified when new versions are released.


For more information on the new WinPatrol go to


I’d especially like to thank everyone for their patience and to many who took the time to include screen shots and details with their Emails to  This information was critical in keeping me from being distracted by unlikely causes and helped me track down the root of this problem.

Share on Facebook


Blogger Brian (AKA The Dean) said...

Thanks Bill.

For those who installed the Enterprise Edition a few days ago, can we simply install this new version without installing the Enterprise version? Other than the update notification, is their any advantage to the new version, or for that matter, the Enterprise version. I am a Plus user.

6:53 PM  
Blogger Unknown said...

The Enterprise edition will continue to work safely but unless you have a subscription to Enterprise services it won't matter.
There will be a new Enterprise build tomorrow so everyone will have access to the new version notification feature.

8:37 PM  
Anonymous Aubree said...

Hmm, good job! This is really something!

7:38 AM  
Blogger Unknown said...

Hi Bill,
Where can I get support for your Win Patrol software? I am or was a Plus user

7:33 AM  
Blogger Unknown said...


I've responsed twice to your emails but the first one bounced back. So far my 2nd response didn't bounce back so hopefully it went through ok and you'll have your code.


8:01 PM  

Post a Comment

<< Home