Classic signature-based antivirus solutions do not protect systems effectively. Even if you add heuristics to the signature-based protection, you end up with a system that is protected, but not against all possible threats. One alternative or lets say add-on to improve protection is whitelisting, which allows only whitelisted programs to run automatically on a system, while all other programs are either blocked automatically or displayed to the user before they are executed.
That's the general idea behind NoVirusThanks' Exe Radar Pro software. You can add all running processes to the whitelist automatically on start up, which may speed up configuration but should be handled with care as you may end up adding processes to the whitelist that may be malicious in nature.
The program is configured to allow a certain set of executables automatically, which includes Windows protected processes and all software that is started from the program files folder. You can uncheck both options under Settings > General in the program to get a dialog on first execution of all processes that are unknown to the program.
The main window displays various information in a tab-based interface. Here you see a list of all running processes with their names, process ID, path and threads. A right-click here displays a context menu that gives you options to research and manage selected processes. Processes can be added to the program's blacklist or whitelist, terminated, temporarily allowed until the system is rebooted, or password protected. Options to search for the process name or MD5 hash on Google are also available. The selection opens the search results in the default web browser.
The reaming tabs have the following functionality:
A dialog is displayed when a process launches - manually or automatically - that is not whitelisted or matching any of the other whitelisting options in the program settings.
The program lists the process name and path, command line parameters, the MD5 hash, publisher and whether the executable is signed or not. The menu provides you with the following options:
There are a couple of settings that you may want to consider changing to improve protection.You can for instance block the automatic execution of processes from USB Flash drives, CD-Rom drives and network drives. It is furthermore possible to enable lockdown mode, which blocks all processes but whitelisted onces from running on the system, or trust mode, which allows all processes but those that are blacklisted.
A stealth mode is available which hides the program from the system so that users do not notice it that easily on the system. This in combination with setting a master password can be useful to lock down the environments of regular users of a PC to block them from running programs that they should not be able to run.
You can configure the program to lock down the system and block everything from being run until you allow it to run, or be less forgiving and configure it to be more convenient to work with.
If there is one thing missing it is the option to research processes on the Internet when a process execution prompt is displayed. It would be useful if you could run a search on Internet search engines from here, and maybe even send it to a service like Virustotal as well to have it checked thoroughly before you make a decision.
A free version of the program is available that lacks some of the advanced features of the Pro version but gives you the same blacklisting and whitelisting capabilities as it.
NoVirusThanks Exe Radar Pro adds a new layer of protection to Windows systems that effectively protects the system by blocking the execution of processes automatically until you give your ok to run them on it. Experienced users can lock down the system so that nothing slips by without notification, while beginners can use it to be more forgiving but still effective.
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.