Anti-Ex and usage with other programs

Ok, want to make sure that I understand this correctly.

If I want to ran an on demand virus scan of my entire system, or scan with any anti-Spyware program, I should leave Anti-Executable turned on. But if I want to download the latest signatures for those scanners, I need to have AE turned off.

If I want to defrag my system I should leave AE turned off.

And of course, any operation with FirstDefense, leave AE turned off. Have had no compatibility problems with those two programs, just want to make sure about the scanners and defragger.

Have I got it right?

Thanks,
Acadia

 

I have less experience than others with AE but I'll add my $.02. I leave AE on and my definitions update with no problem (NOD32). I also leave AE on when defragging with JKDefrag with no problems. I have AE set to HIGH with Copy and Delete Protections disabled.

 

For AVG free you need to add a folder to the exclusion list so that it can update. I cannot remember which folder but try to update and wait for the AE alert. Then check the log and you now know which folder to exclude.

For defragging using windows, you need to add a couple of files to the trusted list. I cannot remember which files but try to defrag and wait for the AE alert. Then check the log and you will know which files to add.

I think this methodology is a good way to determine how to configure AE on your system.

 

Acadia,
I think you have to configure AE according your needs and which other softwares you use and that is different for each user. Any personal advice might not be valid for your total system.

My policy is to keep AE on maximum security (except Delete Prevention) and I had to make some adjustments of course to keep AE that way.
I turned off all automatic updates of all softwares, because AE can screw up such an automatic update, if there are changes in executables and those updates can occur at any moment of the day.
I only have program upgrades, not signature updates and if I have program upgrades, I have to turn off AE.
The only extra thing I did in AE was configuring FDISR as a Trusted Application.
The more you use Trusted Applications and Exempted Folders, the weaker AE will be in its protection.
It's the same in a frozen snapshot : the more you anchor objects, the weaker your frozen snapshot becomes.
That's why I didn't do any anchoring in my frozen snapshot, because I want my system back as it was after reboot, including AE and all the other softwares + registry.

 

ErikAlbert, curious, why not have delete prevention enabled ?

 

Because FDISR gives errors during copy/update between snapshots/archives, including the freeze function.
You can only freeze the current snapshot and my on-line snapshot is the current snapshot where AE is installed.

 

@Erik

You posted not long ago a list of ISR files that you exclude from AE. I can't seem to relocate that thread. If you run across it again i would appreciate the URL, AE while not a cure-all is certainly a very worthy addition, and teamed with my HIPS should complete the circle so-to-speak.

 

Read post #388 of this thread.
https://www.wilderssecurity.com/showthread.php?t=171576&page=16

 

Thanks

Anti-Executable tied into a FD-ISR snapshot covered by SandboxIE & Power Shadow plus my HIPS, EQSecure 3.4, makes for excellent coverage.

One thing i like about AE, it's easy as pie to adjust your whitelist to your needed preferences.

 

Yes, I'm certainly a man of whitelists, they are always COMPLETE and much easier to understand.
1. The freeze storage is a whitelist of ALL objects on my system partition, anything else is removed during reboot.
2. AE is a whitelist of ALL executable objects on my system partition, anything else is refused immediately.