Video RansomOff - First Look at New User Interface

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Do you like new GUI?


  • Total voters
    41

HeiDef

From HeiDef
Developer
Mar 27, 2017
87
#41
I have two windows 10 machines, and one gives me stern warnings when the drivers are not co-signed by MS, while the other machine is more lenient. I don't understand why.
But if it works, it works.
Drivers must be co-signed by Microsoft for Windows 10 in version 1607 or greater except in these three situations.
  • The PC was upgraded from an earlier release of Windows to Windows 10, version 1607.
  • Secure Boot is off.
  • Driver was signed with cross-signing certificate issued prior to July 29th 2015.
 

HeiDef

From HeiDef
Developer
Mar 27, 2017
87
#42
5.2017.306.5218 RC1 is now available for download. The updated UI and the HIPS are the major updates but we also did get the Windows 10 drivers co-signed by Microsoft which will take care of that pesky little secure boot issue. For all those that appreciate RansomOff, enjoy!
 

shmu26

Level 58
Jul 3, 2015
4,731
Operating System
Windows 10
Installed Antivirus
Microsoft
#43
5.2017.306.5218 RC1 is now available for download. The updated UI and the HIPS are the major updates but we also did get the Windows 10 drivers co-signed by Microsoft which will take care of that pesky little secure boot issue. For all those that appreciate RansomOff, enjoy!
Very cool. Thanks, dev!
 
Likes: Sunshine-boy
Oct 24, 2017
59
Operating System
Windows 10
Installed Antivirus
ESET
#44
Good Grief ! Release candidate Nov 2 needs work. Took 3 attempts to install and 6 attempts to uninstall. The installler does not work right on 4k display at 150%. After a clean installation of Ransomoff the program GUI is nowhere to be found, but the exe and driver is loaded on Windows 7-64. I will look for something else.
 
Last edited:
May 16, 2017
174
Operating System
Windows 10
#46
I don't care about GUI,I only care about stability and protection from new and advance Ransomwares.
Yeah I agree with you. At first I thought it was a joke that some guys were complaining about the GUI??? but then I realized they were serious about it... :unsure:
 

HeiDef

From HeiDef
Developer
Mar 27, 2017
87
#50
Good Grief ! Release candidate Nov 2 needs work. Took 3 attempts to install and 6 attempts to uninstall. The installler does not work right on 4k display at 150%. After a clean installation of Ransomoff the program GUI is nowhere to be found, but the exe and driver is loaded on Windows 7-64. I will look for something else.
Did the install/uninstall display any errors? What was the issue that made you need to retry again and again. Other than the look, unusual display setting shouldn't have any impact on the actual process of installing and uninstalling software. So if you could please define "does not work right" a little better it will help us fix the issue.

Are you also saying that no icon loaded into the system tray after reboot? The UI doesn't just display itself. You have to click icon but if no icon loaded then that's a problem. Did you check to make sure your other security software didn't block the loading?
 
Likes: XhenEd
Oct 24, 2017
59
Operating System
Windows 10
Installed Antivirus
ESET
#51
Did the install/uninstall display any errors? What was the issue that made you need to retry again and again. Other than the look, unusual display setting shouldn't have any impact on the actual process of installing and uninstalling software. So if you could please define "does not work right" a little better it will help us fix the issue.

Are you also saying that no icon loaded into the system tray after reboot? The UI doesn't just display itself. You have to click icon but if no icon loaded then that's a problem. Did you check to make sure your other security software didn't block the loading?
The 4k screen is enlarged 150% to make everything bigger. The installer window did not show full list of actions at bottom, so when it was done I did not know what to do next, there were no message popups. I reduced monitor to 100% and installed again and could see all messages. But before that I had to uninstall it in safemode and seen the driver sys was loaded. Anyway when installed correctly and rebooted there was no icon, no folder in start menu, nothing in tray, but task manager said the exe was running. I set AppGuard to "allow installs" and had eset nod32 in protected mode when installing. In previous attempts it was unprotected. I could look in program files for an exe gui to launch but did not do that. I would only suggest making the installer window large and at least a popup when finished. At 150% all main text of the installer was big and crunched together, no space left. I used "simple mode" option.
 
Likes: GonzitoVir

shmu26

Level 58
Jul 3, 2015
4,731
Operating System
Windows 10
Installed Antivirus
Microsoft
#52
I installed it again, in simple mode.
Seems to be working pretty well.
I wish the blocked list was easier to find, it is hidden pretty deep in the settings. If you need to unblock something, it can be a bit frustrating to discover where it is.
 

shmu26

Level 58
Jul 3, 2015
4,731
Operating System
Windows 10
Installed Antivirus
Microsoft
#53
@HeiDef, I see that process hollowing protection is turned off by default.
What are the potential issues with enabling it?
 
Likes: Sunshine-boy
Oct 24, 2017
59
Operating System
Windows 10
Installed Antivirus
ESET
#54
Are you also saying that no icon loaded into the system tray after reboot? The UI doesn't just display itself. You have to click icon but if no icon loaded then that's a problem. Did you check to make sure your other security software didn't block the loading?
I did run utility from tweakings.com and the Windows 7 desktop has these options in System Properties: "performance", "visual effects", "Custom:" 1. Smooth edges of screen fonts. 2. Use drop shadows for icon labels on the desktop. 3. Use visual styles on windows and buttons. Everything else is disabled.
 

HeiDef

From HeiDef
Developer
Mar 27, 2017
87
#55
I did run utility from tweakings.com and the Windows 7 desktop has these options in System Properties: "performance", "visual effects", "Custom:" 1. Smooth edges of screen fonts. 2. Use drop shadows for icon labels on the desktop. 3. Use visual styles on windows and buttons. Everything else is disabled.
Thanks for the info. We'll take a look to see how to fix your problems. Might just give us a reason to go buy a 4k display :)
 
Likes: XhenEd

HeiDef

From HeiDef
Developer
Mar 27, 2017
87
#56
@HeiDef, I see that process hollowing protection is turned off by default.
What are the potential issues with enabling it?
The process hollowing detection, like the top most detection, can be sensitive. So while it may cause a few FPs, there is no issue with having it on.

As for your Chrome problem you mentioned above, do you have "Office/PDF Security Bubble" enabled? Chrome registers itself as a PDF reader so RO may be silently killing any apps or plugins started by Chrome which would probably cause the behavior you saw. Just disable Chrome from the list of apps and everything should work fine.
 

shmu26

Level 58
Jul 3, 2015
4,731
Operating System
Windows 10
Installed Antivirus
Microsoft
#57
The process hollowing detection, like the top most detection, can be sensitive. So while it may cause a few FPs, there is no issue with having it on.

As for your Chrome problem you mentioned above, do you have "Office/PDF Security Bubble" enabled? Chrome registers itself as a PDF reader so RO may be silently killing any apps or plugins started by Chrome which would probably cause the behavior you saw. Just disable Chrome from the list of apps and everything should work fine.
Thanks. No, the Chrome issue was not because of Office/PDF Security Bubble, apparently, because I enabled that protection, without problem.

Generally speaking, RO sometimes blocks the launching of apps such as dropbox desktop and chrome. Can also interfere with system shutdown and with installation of new programs. This behavior is intermittent.
 
Likes: XhenEd
Oct 24, 2017
59
Operating System
Windows 10
Installed Antivirus
ESET
#58
Regarding the installation of RansomOff (Nov 2) on win7-64. It was installed clean several times but no icon in tray. HDROAgent.exe was launched manually, the icon appeared in the main tray list and when it was clicked or right clicked for menu the popup said "THERE WAS AN ERROR OPENING THE DATABASE." I also got that popup just waiting a few seconds and not clicking. Then depending on how many windows were open the system became so unresponsive it needed a reset.

I also tried this routine with security apps disabled. On a side note I seen the demo video at site and would like to see the "ALLOW" button removed, or a password required to use it when malware is launched.
 
Last edited:
Likes: XhenEd

Node

Level 2
Aug 6, 2017
98
Operating System
Windows 10
Installed Antivirus
Microsoft
#59
This is really interesting! It appears to offer more protection vectors over other products (and for free!) - I'm looking forward to trying this out. I do agree with other that the UI (user interface) could be updated just a bit.
 

HeiDef

From HeiDef
Developer
Mar 27, 2017
87
#60
Regarding the installation of RansomOff (Nov 2) on win7-64. It was installed clean several times but no icon in tray. HDROAgent.exe was launched manually, the icon appeared in the main tray list and when it was clicked or right clicked for menu the popup said "THERE WAS AN ERROR OPENING THE DATABASE." I also got that popup just waiting a few seconds and not clicking. Then depending on how many windows were open the system became so unresponsive it needed a reset.

I also tried this routine with security apps disabled. On a side note I seen the demo video at site and would like to see the "ALLOW" button removed, or a password required to use it when malware is launched.
The agent is not designed to be run manually. That's why you'll notice there is no icon on the desktop or start menu and why you get the database error when trying to run it. However, you should not be getting that error when it loads at start up unless there is a permissions error where RO is being blocked from accessing its databases. What security apps do you have installed?

'Allow' is not going to be removed because FPs happen but you are already able to set a password. This is all explained in the docs (RansomOff Documentation)
 
Likes: XhenEd