It has been a few days i have been playing with a pretty old but dangerous malware…It is the ransom gpcode…dont worry it on my VM…it actually encrypts files on your computer…i found it bypasses comodo sandbox and defence+ :o…it is actually detected by avast as malware…though i am pretty ultra surprised it asks me to download a decrypter…thats no real but fake to get your money…i installed kaspersky on my VM and found that it removes the malware as any AV will do with this old piece of junk…but the files do not get decryted…any way out guys?,just curious…

thanks.

I’ve cross posted Comodo forum as I think you’re somehow wrong.
https://forums.comodo.com/other-security-products/user-saying-malware-bypassed-cis-t77790.0.html

Naa…i tried to get the seetings up comodo still allowing gpcode to encrypt the files…i am going to sit overnight with this malware…

a person did a same thing as i did…he has made a video…malware bypasses the defence+ and sandbox and not the AV…,i use comodo firewall with defence+ and sandbox myself…so pretty much curious and witless how is it possible… :

http://www.youtube.com/watch?v=fYM8f3HXAXk

Have fun. ;D

Well…thats it…i had enough of this gpcode…this is just a junk so far i have taken help of my computer science teacher to decode the encrytion but it so powerful…i just cant do it… :P…using system restore seems to be the only answer to this encryption…

Hi guys! ;D

found a way out at comodo forum we have to add a rule to comodo defence+ here:

computer security policy>protected files and folders>browse>\Device\KsecDD…Now comodo blocks it…yay!now protected against this malware