Video RansomOff - First Look at New User Interface

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Do you like new GUI?


  • Total voters
    41

HeiDef

From HeiDef
Developer
Mar 27, 2017
87
#61
Thanks. No, the Chrome issue was not because of Office/PDF Security Bubble, apparently, because I enabled that protection, without problem.

Generally speaking, RO sometimes blocks the launching of apps such as dropbox desktop and chrome. Can also interfere with system shutdown and with installation of new programs. This behavior is intermittent.
What do the alerts say about the blocking of dropbox or chrome? There are a few different reasons why RO will block an app and the alert will list the reason.

Installations are tricky to deal with but we'll see if there's something we can improve. Do you have a particular installation that you had trouble with?

And what kind of interference with shutdown?
 
Likes: XhenEd

shmu26

Level 57
Jul 3, 2015
4,685
Operating System
Windows 10
Installed Antivirus
Microsoft
#62
What do the alerts say about the blocking of dropbox or chrome? There are a few different reasons why RO will block an app and the alert will list the reason.

Installations are tricky to deal with but we'll see if there's something we can improve. Do you have a particular installation that you had trouble with?

And what kind of interference with shutdown?
The interference with app launching and the other things was without alerts. It was silent. But exiting RO resolved the issues.
 
Likes: XhenEd
Oct 24, 2017
59
Operating System
Windows 10
Installed Antivirus
ESET
#64
What security apps do you have installed?
I did see the docs about getting error with the Agent. RO was installed again in Advanced mode, but same problem. I rebooted and did not run Agent manually, just waited. Then system was unresponsive and needed a reset.

The security apps are :
1. Eset Internet Security 11.0.144.0
2. AppGuard 4.4.6.1
3. HitMan Pro 3.7

As said before I restored all file/folder permissions to default levels using Windows Repair 2018. As suggested in RO Advanced, I white listed RO in AppGuard as "untouched". Eset does not have white listing.
The OS is Windows 7 Ultimate 64 bit with sp1 and all updates. However I did remove "Application Experience" service for privacy.

I will try restoring permissions again and give update...
Windows File permissions were restored to Default. But RO has same problem as before.
It restored permissions in:
all services
users\cimmay\
programdata
program files (x86)
program files
windows
I had messed up system32 folder with script, taking control of TrustedInstaller, but looking at it again it may have been reversed. I'm unsure if windows repair 2018 corrected it or not.
 
Last edited:
Likes: XhenEd

shmu26

Level 57
Jul 3, 2015
4,685
Operating System
Windows 10
Installed Antivirus
Microsoft
#65
I did see the docs about getting error with the Agent. RO was installed again in Advanced mode, but same problem. I rebooted and did not run Agent manually, just waited. Then system was unresponsive and needed a reset.

The security apps are :
1. Eset Internet Security 11.0.144.0
2. AppGuard 4.4.6.1
3. HitMan Pro 3.7

As said before I restored all file/folder permissions to default levels using Windows Repair 2018. As suggested in RO Advanced, I white listed RO in AppGuard as "untouched". Eset does not have white listing.
The OS is Windows 7 Ultimate 64 bit with sp1 and all updates. However I did remove "Application Experience" service for privacy.
Just for the record, I would try without HMPA, which is a known troublemaker, and is bound to conflict with the mitigations of RO.
 
Mar 27, 2017
158
Operating System
Windows 7
Installed Antivirus
Avast
#69
Hey @HeiDef I have 2 false positives to report.(both of them existed in previous rc also and hasn't been resolved yet).
Please test ransomoff's false detection with citra emulator and reboot restore Rx(both at the time of installation and uninstallation).
Hope this issue gets fixed soon.
Thanks.
Keep on improving this great stuff.
 

HeiDef

From HeiDef
Developer
Mar 27, 2017
87
#70
Hey @HeiDef I have 2 false positives to report.(both of them existed in previous rc also and hasn't been resolved yet).
Please test ransomoff's false detection with citra emulator and reboot restore Rx(both at the time of installation and uninstallation).
Hope this issue gets fixed soon.
Thanks.
Keep on improving this great stuff.
Thanks for the report. We'll take a look.