RansomOff

Discussion in 'other anti-malware software' started by co22, Mar 28, 2017.

  1. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    It's not only with Ransim, I also run some ransomware but didn't see any pop-up window?
    OS: Win 10x64
     
  2. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    Once we are confident there are no more major stability or compatibility issues, we will drop the beta. We are gauging that based on our own testing as well as the feedback we've been receiving from this community and others. So no firm timeline but based on what we have been seeing hopefully not too much longer.
     
  3. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    Thanks!
     
  4. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    is there gonna be free & paid versions?
     
  5. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    Can you provide some hashes of the samples that are not alerting?
     
  6. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    Once we are out of beta, we plan to license RansomOff as 'free for non-commercial use.' So free for personal use with no feature restrictions.
     
  7. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,462
    Location:
    Under a bushel ...
    That is very generous. :)

    TBH I'd be prepared to pay for RO, given its features, and level of support.
     
  8. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    I'm not at home know until 22h CET, maybe then (if not forgot).
    But most staff are from Malware Hub at MalwareTips forum.
     
  9. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,632
    Thank you very much for your reply, @HeiDef . Looking forward to hearing from you. Can't wait to give RO a try.:thumb:
     
  10. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    Hey @Djigi

    Still not sure why you didn't receive any alerts but we just put a quick video together of RansomOff vs RanSim and it definitely does alert.

    https://youtu.be/0-IjrYNUvxk

    Do you have any other security software running?
     
  11. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    Tnx, i don't have any other security software.
    I will try it again (I tested in VirtualBox).

    Should I leave all on default or should I change some settings (for notifications)?
     
  12. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    The settings that are available for notifications won't make any difference in this case. Because RanSim does not run in session 0 that won't have any effect. So you can leave them as default or as you showed in the earlier picture.
     
  13. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    Just try it now and results are the same - no pop-up window.
    How is it with other users?
    Does anyone else have a similar situation?
     
  14. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,462
    Location:
    Under a bushel ...
    I do get pop-ups.

    But no notification of new versions unless I open the main window.
     
  15. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    I change to new virtual machine and now is working OK.
    Clipboard01.png Clipboard02.png

    Tnx :)

    EDIT:
    How to add some staff to exclude list so RansomOff don't alert me about them?
    1.png

    Found it...
    2.png

    The time of Alert is not the same as it is on system tray.
    Clipboard01.png
     
    Last edited: May 16, 2017
  16. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    I added all stuff but still get pop-up Alerts?

    2.png 1.png

    Just see that I add x64 version and pop-up is for x32...will check that later...sorry
     
    Last edited: May 16, 2017
  17. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA

    @Djigi

    Glad it's working for you now. Curious though what was going on with your other VM.

    The time stamp is UTC time which, if your profile location is correct (Croatia), is two hours behind your local time which is what that shows.

    The startup change notification is not currently tied in with the exemptions list so anything you add will not effect that. We will make that change though. The exemption list also does not check against registry keys.
     
  18. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    With the last release, we made some changes to the update notifications so when the next version is released you should be more aware that it has updated.
     
  19. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,462
    Location:
    Under a bushel ...
    Thanks for that clarification.
    Also good.
     
  20. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    Yes Croatia, in summer is 2h and in winter is 1h difference from CET.
    So, there is nothing (for now) i can do to stop that pop-up (this programs was just for test, on real PC there will be some GPU driver/software, mouse driver/software, sound driver/software...and it will show a lot Alerts)?

    Can you add Clean Up options for Alert Log, because after some time place will be pretty tight in there and very hard to find what is new detected?

    TNX :thumb:
     
  21. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    Right on Hei!!
     
  22. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    This sounds and looks and feels real nice..but does not ransomeware come through the e-mail program one uses?
    and happens when a link is clicked on?
     
  23. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    Unfortunately no there is nothing that can stop the Windows start up change pop-up in the current release. Next release it will be taken care of.

    We'll also add a cleanup and filtering option for the alerts. Good suggestions.
     
  24. HeiDef

    HeiDef Developer

    Joined:
    Apr 6, 2017
    Posts:
    388
    Location:
    Arlington, VA
    Thanks @hayc59

    Ransomware, like any other malware, can be delivered from a variety of methods. However, RansomOff doesn't care how the threat was delivered to your system. It monitors program behaviors system wide to detect the malicious activity. So regardless of how it got on your system, RansomOff will still monitor, assess and alert if necessary.
     
  25. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    Hello Hei! So it scans incoming mail? I use Outlook and g.mail
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.