Discussion in 'other anti-malware software' started by co22, Mar 28, 2017.
That's the magic
Let s see if the next version will remain as a permanent installed item
I have also observed that events/alerts are logged in advanced mode sometimes , but no pop-up shows up to block or allow , it just reports some suspect behaviour in relation to benign files , like Screamer for example.Maybe more interactivity with the user is required for the HIPS component ?
Ummm! Look over thoughts and opinions?Details?
PS. The above was taken from Youtube and Malwaretips.....
Thanks for pointing to the MT discussion. We made some changes in the last release to clean up better. One of the samples ran in that video messes with registry settings that changes default file actions for a bunch of file types. That's why all the links on the desktop turned blank. RO stops the encryption of that sample but the registry changes occurred before that happens. So the new update adds additional registry checks to mitigate that kind of damage. Doesn't cover everything but should be enough to help get the system back to a better state.
Recommended Realtek HD Audio Driver 220.127.116.1169 update for my Dell XPS 13 via Dell SupportAssist triggered a ransomware alert.
Temporarily disabled RO, no problem.
Do you have a time period for the next update/release, ect...?
Always close your Security Software when updating Drivers!!!!
For example, RO...ect. Be protactived...
Then restart/reboot your PC. Waiting, until your PC fully boot
up. Then restart your Security Software, if it did not already
start on it own....
Could you make sure that RO will stop, Scorpion 3.1 and/or Ransomware scorpion?
Please! Thank you!...
Always the best,
Hi Moose. No idea what Scorpion is or what it does so hard to develop counter measures. It's awfully easy to break Windows and many of those cases are outside of RO's purpose of stopping ransomware. Good backups are your friend in situations where the malware just trashes everything.
Published on Nov 25, 2018
Test Scorpion Virus Version 3 in Windows7/Windows10 Using Virtual Machine (Oracle BOX) - Most Powerfull Virus Ever !
Scorpion is a Ransomware which affects Microsoft Windows systems. This ransomware was sent to the FMV (fan-made virus) series of the popular malware YouTuber Siam Alam. it actually was made by Arab TEC, a YouTube channel from Jordan and made videos about Visual Basic, the file is compressed by a ZIP file, for extracting it, the user needs a password, when its extracted it will have a Readme text file and the executable.
Version 3 completely change Scorpion vírus instead of reseting computer upon activation the screen cuts to a citamatic screen first it cuts to a broken/updated T.V. screen then it cuts to the scorpion logo going down then it finally stops and is greeted with:
welcome to scorpion virus
Your computer is dead
after restarting the windows user can not use it again !.
رابط القناة : http://www.youtube.com/ArabTEC2010
صفحتنا على الفيس بوك : http://www.facebook.com/ch.ArabTEC
I remember few months ago I also ran that Scorpion 3.1 against KIS in a VM. But we had slightly different results though, unlike the video, instead it shows the desktop, mine was it went immediately to BSOD. After the result, I immediately sent the sample to their virusdesk. I'm surprised that until this day they didn't still add this malware to their databases.
Always the best,
Examples of Good Backups, when windows will not start?
That you would suggest?
Sorry, I will delink all links in future posts.
Could you please, delink and /or remove
https: www from the above posts. Just
wanting to make sure....
I would apppreciate your help and thanks
for letting me know!!!!
it's so laggy on my pentium dual core after few hours it make chrome and brave browsers disconnecting from the internet
That's unusual behavior. It's likely not Chrome or Brave related. What other security software do you have on your system?
Next update/release, ect...? of RO....
I have observed similar behavior to what jaght reports while using Screamer Radio as this one is starting also from a non Program Files location maybe.Maybe it s location related.I think i have reported it in this thread.
No planned release right now. We will try to figure out what is possibly causing connectivity issues and if we can identify it then we will put out an update.
Just checking in, Salutations/Greetings.......
* Have you been working on any new updates with any new fixes ec..., for RansomOff.?
* Last was Released 5 Dec 2018
* It has been a while and/or have you stopped development? Ect....?
* 7 months with a words.......
Alway the best,
We have not abandoned RansomOff but just have had to focus on higher priority projects at the moment. We have a few things on our update list but no timeline of when we will be able to get around to releasing a new version. Thanks for checking in though.
Appreciation to @Moose World for raising the question IF any further releases of Ransom0ff might be coming through the pipe anytime soon. You take care of those high priorities and know that we're sitting on ready if a new release pops out of the cooker.
Outstanding killer and crusher of Ransomware ever!! Have A Nice Weekend and Continued Success!
Appreciate the answer to my question....Because, I was getting scared that RansonOff was being abandoned.
Or not being keep up to date....ect. Again, thank's for letting us know what has been going on.....
Questions, does anybody know if there any kind of a conflicts between RansomOff and Comodo Cloud Antivirus (ccav),
or VodooShield? Latest Versions?
It has been awhile but we should finally be close to releasing an update for anyone interested. There are a bunch of bug fixes as well as a few new features. We have updated the docs awhile to discuss some of them. Hopefully by the weekend we will get it out. Cheers.
Interesting note that since Heilig Defense first boarded this forum with this awesome Ransom0ff that ransomwares intensity tapered off steadily and consistently, postings and dire attacks reported are sporadic at best.
No, not because of or the contribution of this product in particular but it is noteworthy the timing of it all. Always tracking trends specifically to this type of unique computer threat serves some measure that certain entities in the security community have ramped up and put a bite into matters with defenses against such problems
Dare say I that your attendance and introduction to this splendid product was no coincidence!
Dave, so you found time . Will be interesting to see the change log.
Will it have been tested against Win 10 19H2 update? I uninstalled in mid-September after having 0x80070006 errors with Windows Updates, after re-trialing RO on a relatively vanilla machine after a Win 10 1903 clean install.
Haven't tested against 19H2. 19H2 is only an optional, cumulative update which isn't anything like the past major updates like 1803 or 1903. We'll test against it eventually but right now 1903 is the most recent we tested against.
I believe we are at a good point to finally release the update. Haven't posted to the site yet so this is like a pre-release update that hopefully folks that take it for a spin can provide some feedback on while we finish a few other things up.
It's not a complete re-write but we heavily modified the core protection code with the goal to make it more stable and efficient. Obviously also a lot of bug fixes as well along with a few new features like extension filtering.
Hi Dave, have to say that is way cool. Will be installing and hiving this new version a spin shortly.
Separate names with a comma.