Not sure how you feel it's partially bypassing anything when you allowed it to run...
That's exactly right, and more people need to understand the importance of that statement.
Remember how most people thought Malware Defender (MD) was bullet-proof? Well, 3 POCs were released recently that has caused Xiaolin to think about re-desgining MD!
If you let something unknown/untrusted run on your REAL system, there are many ways for malware to pounce. The only way to be truly "100%" is to deny execution at the gate. This is one big reason why I no longer use Classical HIPS in the everyday usage of my computer - there's just no need. A simple anti-executable program is the way to go, and there really isn't anything stronger (or cheaper or lighter) than (LUA) + SRP. Combine this with Sandboxie blocking/containing all your malware "threat-gates" and you have the strongest, lightest, (cheapest), and "set and forget" setup ever!
However, aigle does have a point here I think. Defense+ could probably be improved on to control the behaviour of files better (for whatever reason). I was just making the point of how to truly be "100%" haha. Cheers.
Author