ReinaKirisame

My opinion: on the hand, there are some problems with the product itself that deserve to be corrected. 9. 1.Ransom decoys (or HIPS to add end process option, I can write my own). Because the approach given by some users now is not simplified enough, I hope to provide similar functions. 2. HIPS improvements (wildcard, monitor reads, operation to add end process, etc.), the important thing is the wildcard and the ability to block the application's access to a specific folder. 3. Detection of specific threats can be enhanced, such as Flystudio, BlackMoon, etc. because threats written in these languages are still a factor that cannot be ignored. However, I noticed that only the non-Chinese version can detect and alert, the Chinese version has almost no alert except for the exact detection name. Rootkit detection and removal should need to be enhanced, as well as improving the vulnerability exploitation blocking component, which does little to nothing. On the other hand, I hear somebody say rarely see a reply when using email to report. Because the submission of no response will have a sense of no one to detect, which is not conducive to the use of the user. Please improve this question. Greeting.

😂Sorry Sir, I made a mistake: it's not that it can't be removed, it's that the antivirus can't detect the virus directly after it's been infected, because the antivirus can't read that driver file. (Thanks to the author for the correction🤣) P.S. : Why can't I edit a reply after a few minutes after posting it?

Thanks for your reply.🙂 I followed the whole testing process and as a viewer I would say the facingthesea himself followed the steps but unfortunately the antivirus did detect but could not remove the virus with SafeBoot and ELAM settings turned on, I don't want to be too blunt, but there may be a small problem with the software in terms of detection.🙂

Hello Sir. one thing to note about this test is that the process is to install the rootkit in PC first and then install the antivirus to detect it. But why this is a problem we do not know.😂

Yes, but you'd better tell us about the whole testing process, 😂 there seems to be some misunderstanding.

Hello, Sir. thanks you for your reply. I think you're right, the one month trial period provided by the software is sufficient for use, but I personally think that there could be some official campaigns to give away longer licenses (e.g. 90 days, 180 days, etc.), just like BitDefender' s products, they often release campaigns to give away licenses.

The official people have clearly said that there will be no free version, I think the officials could do a little more to give away trial versions to broaden the customer base.

Hello admin, I am a user who watched the whole test and there may not be enough clarity on facingthesea's question. What I want to ask is, does ekrn detect any driver (normal or not) before it is loaded?

EDIT: A block file operations rule 😂 I'm sorry to quote it again, because I can't find the EDIT button in my previous reply....😭

Hello, Marcos I try to create a block file operations， I can't find any " folder access only" switches in file operations options, like this picture. I checked the description of "Direct access to disk"（this switch is in the middle） and I don't think it's the same as the "only access to folders" feature I was thinking of, so I don't know if this option will do the job of blocking access. So I'm a little confused and feel that none of these options would fit my intended idea. Or there is no such options in HIPS? It is possible that there is a problem with my settings, too. I hope you can answer this in your busy schedule. Greeting.

😉Hi, I think you have a good idea, but for me, it's not a bad thing to add a similar feature like EDTD to the home version. Or rather, the home version should just include a bit of aggressive detection.(of course you can change it in advance settings) Because sometimes I'll suddenly find a low-propagation threat (livegrid no any data ) that scans with no alerts, so I try to upload it using the software's right-click menu, and I wait for ages without receiving a response The threat isn't detected either, this makes me a little sad. Greeting.

I think the new version could include a dark mode interface, or a customizable interface...I've seen a lot of people keep trying to say: they want a new interface, etc.😂