Several settings that affect the way HIPS monitors system operations are accessible in Advanced setup. You can access HIPS by following the step-by-step instructions below:
Press the F5 key to access Advanced setup.
Click Detection Engine → HIPS.
The following settings can be accessed in the Basic section of the HIPS module:
Enable HIPS—Click this slider bar to re-enable HIPS if it has been disabled.
Enable Self-Defense—The built-in Self-defense technology part of HIPS prevents malicious software from corrupting or disabling your antivirus and antispyware protection. Self-defense protects crucial system processes and ESET processes, registry keys and files from being tampered with.
When disabled, click to enable the HIPS Self-Defense mechanism.
Enable Protected Service—Enables kernel protection (this option is only available on Windows 8.1 and Windows 10).
Enable Advanced Memory Scanner—Works with Exploit Blocker to strengthen protection against malware that is designed to evade detection through the use of obfuscation or encryption. Advanced memory scanner is enabled by default.
Enable Exploit Blocker —Fortifies commonly exploited application types such as web browsers, PDF readers, email clients and Microsoft Office components. Exploit Blocker now supports Java and helps improve detection and protection from these kinds of vulnerabilities.
Enable Deep Behavioral Inspection—Additional layer of protection that works as a part of the HIPS module. This extension of HIPS analyzes the behavior of all programs running on the computer and warns you if the behavior of the process is malicious.
Exclusions—You can exclude processes from analysis. To ensure that all processes are scanned for possible threats, we recommend only creating exclusions when absolutely necessary.
Enable Ransomware Shield—Another layer of protection that works as a part of the HIPS module. It monitors the behavior of applications and processes that try to modify your personal data. If an application's behavior is considered malicious, or the reputation-based scanning shows an application to be suspicious, the application will be blocked or the user will be prompted to block or allow it.
Filtering Mode—There are five filtering modes you can select to change how HIPS filters system activity. The modes are:
Rules editor — Click Edit to add, modify, or remove HIPS rules.
Click Detection Engine and click HIPS → Advanced setup to access more settings for debugging and analyzing an application's behavior.