Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
[Heilig Defense] RansomOff - The World's Most Advanced Anti-Ransomware Solution
Message
<blockquote data-quote="Evjl&#039;s Rain" data-source="post: 613876" data-attributes="member: 51905"><p>thank you for clarification <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p>I counted the memory usage of the 2 processes ~39-40Mb = 80Mb. If I had counted private bytes, it was around 40-50Mb => OK. Sorry, I'm not a coder/developer, I don't know much <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p>I was using Office 2007 portable (illegal) and RansomOff actually detected it once as ransomware before the VM froze and BSOD</p><p></p><p>There were 3 autorun entries I saw in Autoruns program so I'm not sure exactly which one caused BSOD</p><p>I can give the hash of 2 potential samples which caused BSOD (ransomware.exe and sure ransomware/screenlocker)</p><p></p><p>ransomware.exe</p><p><a href="https://www.virustotal.com/vi/file/fb061305a6af048ecee60f8588c641cd18f9cc1975f96ef2d3b7666b5d5345ad/analysis/1490244626/" target="_blank">Antivirus scan for fb061305a6af048ecee60f8588c641cd18f9cc1975f96ef2d3b7666b5d5345ad at 2017-03-23 04:50:26 UTC - VirusTotal</a></p><p></p><p>sure ransomware</p><p><a href="https://www.virustotal.com/vi/file/9182432e60ea007cbfae7eed92082e7ef0f2d00674dfe1b2ad956f7c9d494adb/analysis/1486011727/" target="_blank">Antivirus scan for 9182432e60ea007cbfae7eed92082e7ef0f2d00674dfe1b2ad956f7c9d494adb at 2017-02-02 05:02:07 UTC - VirusTotal</a></p><p></p><p>after the reboot, I think ransomoff intercepted the malwares but also blocked something which caused BSOD, but no popup was seen. Exact same situation happened to Office 2007 portable (detected as ransomware with a popup => froze => BSOD)</p><p></p><p>if you can't find them I can send it to you, no problem</p><p></p><p>I'm looking forward to the later versions as this program is very good <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p>I still have the snapshot of the tested VM. I may help</p></blockquote><p></p>
[QUOTE="Evjl's Rain, post: 613876, member: 51905"] thank you for clarification :) I counted the memory usage of the 2 processes ~39-40Mb = 80Mb. If I had counted private bytes, it was around 40-50Mb => OK. Sorry, I'm not a coder/developer, I don't know much :) I was using Office 2007 portable (illegal) and RansomOff actually detected it once as ransomware before the VM froze and BSOD There were 3 autorun entries I saw in Autoruns program so I'm not sure exactly which one caused BSOD I can give the hash of 2 potential samples which caused BSOD (ransomware.exe and sure ransomware/screenlocker) ransomware.exe [URL='https://www.virustotal.com/vi/file/fb061305a6af048ecee60f8588c641cd18f9cc1975f96ef2d3b7666b5d5345ad/analysis/1490244626/']Antivirus scan for fb061305a6af048ecee60f8588c641cd18f9cc1975f96ef2d3b7666b5d5345ad at 2017-03-23 04:50:26 UTC - VirusTotal[/URL] sure ransomware [URL='https://www.virustotal.com/vi/file/9182432e60ea007cbfae7eed92082e7ef0f2d00674dfe1b2ad956f7c9d494adb/analysis/1486011727/']Antivirus scan for 9182432e60ea007cbfae7eed92082e7ef0f2d00674dfe1b2ad956f7c9d494adb at 2017-02-02 05:02:07 UTC - VirusTotal[/URL] after the reboot, I think ransomoff intercepted the malwares but also blocked something which caused BSOD, but no popup was seen. Exact same situation happened to Office 2007 portable (detected as ransomware with a popup => froze => BSOD) if you can't find them I can send it to you, no problem I'm looking forward to the later versions as this program is very good :) I still have the snapshot of the tested VM. I may help [/QUOTE]
Insert quotes…
Verification
Post reply
Top
