Few months ago I published two blogs around having additional layers of security for your home computers. You can read them here: part 1 and part 2. The goal of those two blogs were to first bring awareness – using my personal experience around how we simply cannot rely on anti-virus software to protect our personal computers. And second to demonstrate how effective some free browser extensions are in reducing unwanted and potentially malicious programs from downloading in the background without much of our knowledge or interaction.
This blog is not exactly a continuation of the other two but it is definitely related. While in the previous posts I focused on free extensions, however in this post I want to talk about an application that is though not free but definitely worth looking into.
The EXE Radar Pro application from NoVirusThanks group (besides this particular software this group has bunch of free and extremely useful online utilities that I have been using for sometime and you should check those out too!). As far as the EXE Radar Pro goes – it is for $19.99 with the option to try free for 30 days. They do a pretty straight forward job explaining what the software does so I won’t waste time repeating what is already there. Instead I will briefly explain my experience with this software; both the pros and cons.
First the pros: the software is easy to install and seems to get to work immediately. There isn’t a lot of configuration or overly complicated interface that you need to worry about; it simply sits in your windows tray and all of the management is done by selecting the tray icon. Some of the more specific features that I like about this software is that I think this is the closest that you can get to an enterprise level endpoint monitoring software for such a low price. The software pretty much tracks all the running system processes, the associated parent process and monitors as new processes start. You also have to ability to tag processes to either a blacklist or a whitelist based on what you think should be allowed or blocked. The software does prompt you when it thinks a suspicious/unknown process is trying to run. I believe some of the basic checks that it does to determine a good from a bad process it by simply checking if the process itself is digitally signed and if the process is making any specific/unusual command arguments. If fact it presents all this information on the prompt dialog:
From the dialog above you can simply choose to allow, block or use the drop down arrow to add the process to either the white/black list. While the above dialog box is well designed and self explanatory – I also experienced some annoying cons with this dialog. For example, when you are prompted with the dialog box you do not have the option to ignore it. You can move it around the screen to get it out of the way but you have to make the decision to either allow/block. In addition, until you make your selection – you will not be able to execute another process. For example, when the above prompt came up on my screen and I wanted to take the screenshot using the Microsoft built-in snipping tool – I was not able to because the snipping application would not execute until I made my selection on the dialog box (I was able to do it using the keyboard print screen key).
Second major con that I experienced is that on each boot of the system there would a half-dozen prompts that I had to go through before the system would be fully up and functional. I understand that there is some learning that is involved in the beginning for the software but even after two weeks and several whitelistings I would still receive numerous prompt during startup. And as you can imagine, when you are trying to get something done quickly – these prompt becoming irritating. In fact, one of the applications that EXE Radar Pro did not like in particular was Splunk. Well before I downloaded EXE Radar Pro – I had the Splunk Free installed on the computer to do basic log analysis. But when I installed EXE Radar Pro – I would constantly get prompts. Eventually, I became irritated and ended up uninstalling Splunk from the system. In fact, even during the uninstall process of Splunk, I had to hit Allow at least 8 times before the uninstall process completed.
Overall, EXE Radar Pro is a good software for personal use because it provides that additional layer of protection and control around what runs in your system. I would say that while the interface is simple and self explanatory – an average user may not appreciate the frequency of the prompts, the technical details and the decision making that would be required. On the other hand, if you like have such visibility and control of your system then for $19.99 you cannot go wrong with this software!