Would you add the funtion:
Denied and killed the process;Improved log function
Just like:
2011-11-1 20:31:14 Write physical disk Denied and killed the process
Process: c:\documents and settings\administrator\桌面\assv.exe
Target: \Device\HarddiskVolume1
Rule: [App Group]秒杀过滤模式