App Review RansomOff - First Look at New User Interface

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

Do you like new GUI?


  • Total voters
    41

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
What do the alerts say about the blocking of dropbox or chrome? There are a few different reasons why RO will block an app and the alert will list the reason.

Installations are tricky to deal with but we'll see if there's something we can improve. Do you have a particular installation that you had trouble with?

And what kind of interference with shutdown?
The interference with app launching and the other things was without alerts. It was silent. But exiting RO resolved the issues.
 
  • Like
Reactions: XhenEd

cimmay

Level 2
Verified
Oct 24, 2017
58
What security apps do you have installed?

I did see the docs about getting error with the Agent. RO was installed again in Advanced mode, but same problem. I rebooted and did not run Agent manually, just waited. Then system was unresponsive and needed a reset.

The security apps are :
1. Eset Internet Security 11.0.144.0
2. AppGuard 4.4.6.1
3. HitMan Pro 3.7

As said before I restored all file/folder permissions to default levels using Windows Repair 2018. As suggested in RO Advanced, I white listed RO in AppGuard as "untouched". Eset does not have white listing.
The OS is Windows 7 Ultimate 64 bit with sp1 and all updates. However I did remove "Application Experience" service for privacy.

I will try restoring permissions again and give update...
Windows File permissions were restored to Default. But RO has same problem as before.
It restored permissions in:
all services
users\cimmay\
programdata
program files (x86)
program files
windows
I had messed up system32 folder with script, taking control of TrustedInstaller, but looking at it again it may have been reversed. I'm unsure if windows repair 2018 corrected it or not.
 
Last edited:
  • Like
Reactions: XhenEd

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I did see the docs about getting error with the Agent. RO was installed again in Advanced mode, but same problem. I rebooted and did not run Agent manually, just waited. Then system was unresponsive and needed a reset.

The security apps are :
1. Eset Internet Security 11.0.144.0
2. AppGuard 4.4.6.1
3. HitMan Pro 3.7

As said before I restored all file/folder permissions to default levels using Windows Repair 2018. As suggested in RO Advanced, I white listed RO in AppGuard as "untouched". Eset does not have white listing.
The OS is Windows 7 Ultimate 64 bit with sp1 and all updates. However I did remove "Application Experience" service for privacy.
Just for the record, I would try without HMPA, which is a known troublemaker, and is bound to conflict with the mitigations of RO.
 

Prayag

Level 4
Verified
Well-known
Mar 27, 2017
160
Hey @HeiDef I have 2 false positives to report.(both of them existed in previous rc also and hasn't been resolved yet).
Please test ransomoff's false detection with citra emulator and reboot restore Rx(both at the time of installation and uninstallation).
Hope this issue gets fixed soon.
Thanks.
Keep on improving this great stuff.
 

HeiDef

From HeiDef
Verified
Developer
Mar 27, 2017
94
Hey @HeiDef I have 2 false positives to report.(both of them existed in previous rc also and hasn't been resolved yet).
Please test ransomoff's false detection with citra emulator and reboot restore Rx(both at the time of installation and uninstallation).
Hope this issue gets fixed soon.
Thanks.
Keep on improving this great stuff.

Thanks for the report. We'll take a look.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top