Comments (6)
dlescos
commented on June 2, 2024
Hi,
We did not test it on windows 7 but it might work.
Could you check the properties of C:\Windows\System32\drivers\OwlyshieldRansomFilter.sys ? In the "Digital Signatures" section, you should see something like this:
Is seems Microsoft issued this root certificate in 2014. Is your instance last update older?
from owlyshield.
solderzzc
commented on June 2, 2024
It's same as the screen you captured, the windows 7 is a sandbox system we have for ransomware analysis, I'll apply updates to the machine for the CA cert expire issue.
from owlyshield.
solderzzc
commented on June 2, 2024
I upgraded the windows 7 with latest patches, then I uninstalled Owlyshield and rebooted windows 7. I installed Owlyshield again, there was no driver error message this time, but when I load owlyshield_ransom.exe, there was another 'could not connect to the service controller`.
from owlyshield.
solderzzc
commented on June 2, 2024
I also tried to run it on Windows 10, it also had the same error Error: Winapi(OS code: 1063, kind: Uncategorized, Message:" The service process could not connect to the service controller."})
from owlyshield.
dlescos
commented on June 2, 2024
Hi,
It's a service (unless you explicitly compile it with particular flags). Try to start the "Owlyshield Service".
from owlyshield.
dlescos
commented on June 2, 2024
I close it due to inactivity. Feel free to reopen it if necessary.
from owlyshield.
Related Issues (20)
- HelloKitty ransomware reported undetected HOT 2
- Xdata reported as undetected
- Pony reported as undetected
- Ishtar reported undetected
- Sage reported undetected
- A few diskwipers and MBR lockers reported undetected HOT 2
- crash during the day with non understable reason (for me) HOT 6
- false positive
- backgroundTaskHost.exe false positive
- Crash when detecting false positive
- Error message in Windows 11 event viewer HOT 1
- Wazuh integration
- Linux installation scripts HOT 1
- Novelty detection with embedded training
- Code duplication in drivers modules
- Process names are used to split GIDs, which is not precise enough for launchers
- Add full path of exe file in white list
- Safe processes are not detected like expected
- OwlyShield detect taskhostw.exe or svchost.exe like Ransomware activity during Windows Update execution HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from owlyshield.