How to Use nod32 HIPS to disable program startup)

CommentsAs you all know, version 5.0 has updated a powerful HIPS feature. There are two advanced HIPS settings that record all blocking operations, and NOD32 is not described much. I believe everyone knows that, version 5.0 updates a powerful HIPS feature. The HIPS advanced settings have two records for all blocking Operations respectively. You are allowed to change the registry section of the application when no blocking rule is configured. After passing the virus test, I felt that the interaction mode was the best. In this article, I am a little cautious about using HIPS and share it with you.
Today, I reloaded my computer and installed a QQ (Q +). As the name suggests, I added a QQ plus bundle. After QQ is started, QQ plus will be started. After ProcessMonitor determines that QQ is started, QQ plus will be started together.
 
Anti-virus software is also reinstalled after the system is reinstalled. Use nod32 ESET5.0 to find its HIPS function. You can also set automatic rules. I found it useful. It can be used to prohibit program execution. Of course, there are many other HIPS functions. This is only used to shield QQ from QPlus.
On nod32, select "Settings", "Enter Advanced Settings", and select "computer", "HIPS", and "Configure Rules"
 
QPlus was started on QQ. Select QQ For the source program (for example, E: \ ProgramFile \ QQ \ Bin \ QQ.exe) and select the QPlus (for example, E: \ ProgramFile \ QQ \ Bin \ QPlus.exe) to be started for the target application ), the action is optional.
 
Of course, the HIPS of nod32 also has many functions, such as reading and writing the target file. (This can prevent some applications from reading directories, such as the directories scanned by thunder. You can call other programs, there are many application scenarios, such as reading and writing the Registry)
Of course, windows's group policies can also be used well. Here, we will share some experience with a small experiment of one night.
Finally, let's take a look at the effect of the settings. QPlus is often started after QQ is started. The following prompt box is displayed because I have set "Ask. If this option is selected, QPlus will no longer run.