I have checked and the HIPS setup in beta 6 appears to be the same as that in version 126.96.36.199. I tested with HIPS disabled (but self-defense still checked) and found that I could use the Task Manager to end egui.exe, though it would not remove ekrn.exe. I wonder if that is the way self-defense is intended to work? There is a difference in the way that beta 6 behaves when HIPS is disabled. Unlike version 188.8.131.52, beta 6 doesn't display a red icon and other flaky behavior, but simply indicates that HIPS is disabled. Also, if the egui.exe process is ended, the program can be restarted without issues. With version 184.108.40.206, the red icon and other complaints will follow when I attempt to restart the program after ending egui.exe. The behavior in beta 6 seems to be a definite improvement, but I continue to wonder about the fact that egui.exe can be ended even when self-defense is still enabled. I should add that I am running beta 6 on an old Dell 2350 with a Pentium 4 2GHz and 2GB of RAM. The OS is XP SP3 (Home Edition), fully patched. Other software is MalwareBytes (but real-time protection is disabled) and SuperAntiSpyware 5.0.1150 with live protection enabled. I already know about the conflict with MalwareBytes, having experienced it myself and reporting it previously, so that is why real-time protection is disabled. I have not experienced any conflict with SuperAntiSpyware. I also have Apache OpenOffice 3.4, but have the quick start of that suite disabled for other reasons not related to Eset NOD32. That OpenOffice quick start interferes with MacriumReflect backup (slows it down). MacriumReflect does not appear to conflict in any way with NOD32, though its service is loaded at startup. I am now re-enabling HIPS and will restart.