We actually got RansomOff, AppCheck and WinPatrol WAR all installed and running at the same time. While they all run together initially, long term it's tough to say how they may interact so caveat emptor. But interesting to see which product detected various ransomware samples first
By the same token, would RansomOff 'bump heads' with HmP.A's CryptoGuard component? Could you also test that?
Salutations/Greetings! What would Antiviruses or security software suggest using with RansomOff? For a layering effect! Just in case the other security software misses the malware? Kind Regards,
We noticed a few adverse effects with RansomOff and HMP.A. We tested both on a Win10 x64 VM. A few times at start up, it appeared as if HMP.A prevented RansomOff's service from loading which caused a system freeze. It didn't happen all the time but it's something we'll investigate more. We were only testing the trial version, but HMP.A's scanning would not run. It just simply said 'Failed.' We also noticed some third party application freezes which is likely due to the "head bumping" between the drivers. Obviously we want RansomOff to be compatible and complementary with other security solutions so users can create a layered defense so these are issues we'll look deeper into.
Hi @Moose World. The layering that you require really depends on your risk profile as a user. If you are "fast and loose" then you'll definitely want to layer up on various defensive products but if you are more disciplined then having a few tailored options to cover some of the more severe issues may be ok. RansomOff is strictly looking for ransomware, so if that's a primary concern for you then you should definitely use it or some other solution solely designed for ransomware. We obviously are a biased source of information so we'll leave it to the other smart folks on this forum to provide suggestions on other security options. But again, it really depends on you as a user to figure out what works best for you.
Thanks @HeiDef. Testing RansomOff 5.2017.116.7686 (Beta) on my secondary machine (no HmP.A, or other anti-ransomware softs). So far I have received two FP ransomware alerts for ccleaner64.exe and dropbox.exe, so I have exempted them. FWIW after initial install and reboot, Aduard and VoodooShield did not start. I could not start Adguard service in services.msc either (service not found or some such message, even though it was listed though), though I could manually start VoodooShield. I have subsequently reinstalled those programs and all seems OK, so it may be nothing to do with RansomOff, just coincidence, but you may want to check those.
Just a thought, I am wondering if I install Sandboxie, Shadow Defender would there be a conflict between RansomOff newest beta? Anybody? There is no conflict between Sandoxie and Shadow Defender period. You can run both at the same time!!!
I addition to the auto-update feature working fine, it was nice to see that RO did an improved job cleaning left over crap from ransomware. An example is RAA ransomware: It formerly stopped the encryption process fine, but did leave residual ransomware relics in various places. Now all of these things are detected and automatically deleted leaving the system totally clean. Isn't it pleasant when a developer makes constant improvements to a product?
The next update, which should be in a few days, will have registry clean up as well. Good for any ransomware that adds a start up entry or something like Kangaroo that adds a bogus legal notice to the winlogon section which is displayed on start.
Hi HeiDef Found what seems like a big overlook. I suspect there is a good reason for scanning what is the folders of security software. But you forget the stuff is not only installed in Program Files, but Program Files (X86)
The latest update improved compatibility with existing security software. We haven't fully tested with KIS yet but will try it out and post back if we notice any issues.
Thanks @Peter2150 The installer uses WMI to query Windows to tell it what security software is installed. Generally only third party AV and firewalls register with Windows for a few reasons. But RO will only automatically finds what Windows tells it. We could add some of the more popular security tools to search for but keeping lists like that is difficult and time consuming. So that's why it has a manual option to add other security product folders because the user knows best what's on their own system.
New beta-Release: RansomOff v5.2017.124.3598 (Beta) Now it is able to remove artifacts from the registry
Still on 5.2017.119.4637 but will await the auto-update. I have been giving them some feedback, to which they have always promptly responded, and as a result fixed some issues with Dropbox and LibreOffice. Some security apps, like Adguard, need to be added to exemptions. I think this is a promising product and it would be good if @cruelsister could review it again when it come out of beta. Edit: I am impressed at the rate they are working on this, and their responsiveness to suggestions.
Does this require a reboot to function? Version 5.2017.124.3598 (Beta Released 4 May 2017 Added registry artifact cleanup. Added ability to delete recent file or registry start up changes. Fix auto-update bug affecting Windows 8.1 systems. Modified installer to allow for over-the-top update without uninstalling first. Updated database update procedures to keep existing data. Published documentation to website.