AV-TEST ATP Test: How easily Windows can be tricked by malware

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Divergent said:
ESET HIPS Smart Mode can effectively stop the problem if the custom rule is created I mentioned in my post.

The technical reason is that ESET’s HIPS logic is designed to honor all custom user rules, regardless of whether the system is in Automatic, Smart, or Learning mode. While Smart Mode is programmed to be "quiet" and only notify you of very suspicious events by default, adding a specific manual rule creates a mandatory check that overrides the standard automated filtering.

In HIPS, manually created rules are evaluated alongside pre-defined system rules. By explicitly creating a rule to monitor or block modifications to %SystemRoot%\System32\, you are instructing ESET to ignore its "Smart" reputation-based whitelist for that specific path.
Click to expand...
Sorry for any confusion I might have caused. You are absolutely right in what you said. I was just pointing out that ESET at default HIPS is just as ESET without HIPS. In default mode it does not block anything at all. 😭
 
  • Like
Reactions: ForgottenSeer 123960 and harlan4096
devjitdutta2025 said:
Sorry for any confusion I might have caused. You are absolutely right in what you said. I was just pointing out that ESET at default HIPS is just as ESET without HIPS. In default mode it does not block anything at all. 😭
Click to expand...
No worries at all, I totally see where you’re coming from! I think that’s the real divide here, ESET is definitely more of an advanced user's tool. It’s a bit like a professional camera versus a point-and-shoot, if you leave a pro camera on 'Auto,' you aren't really getting your money's worth.

For users who want the software to handle everything, the default Smart Mode is definitely going to feel like it's doing nothing. But for someone willing to manually calibrate their security, that 'useless' HIPS module is actually a blank canvas that lets you block things even the best AI might miss.
 
  • Like
Reactions: devjitdutta2025 and harlan4096
Divergent said:
No worries at all, I totally see where you’re coming from! I think that’s the real divide here, ESET is definitely more of an advanced user's tool. It’s a bit like a professional camera versus a point-and-shoot, if you leave a pro camera on 'Auto,' you aren't really getting your money's worth.

For users who want the software to handle everything, the default Smart Mode is definitely going to feel like it's doing nothing. But for someone willing to manually calibrate their security, that 'useless' HIPS module is actually a blank canvas that lets you block things even the best AI might miss.
Click to expand...
Exactly. I tried HIPS in interactive mode after putting it in learning mode for 15 days. All was well and I was using my PC normally. But whenever there’s an update to any software or games heck even windows update, the HIPS bombarded me with alerts and I had to revert back to Smart Mode. The Firewall on the other hand is awesome. Once I set it to learning mode for 15 days and switched to interactive, it never bombarded me with alerts and only alerts me for unknown apps.
 
  • Like
Reactions: Virtuoso and harlan4096

You may also like...