Watch my video blog about Ransomware


Sounds nasty. Must be quite frustrating to know that you still have the files, but are unable to access them.

very much so… its the new lucrative crime wave…


Very befitting title, Melih. :slight_smile: It is a pain, unable to access the data when it exists in the place where I put it, first.


I watched your video and I am very surprised. How can somebody invent such a thing? How can I be infected? Is there a chance to block this malware and access my data? Thank you very much.

Ofc you can prevent it. =) Just be careful, once the stuff is encrypted you will have big big issues getting the files back. Set CIS to proactive and if you experience any unknown file google it before allowing it. =)

If unsure, Deny and ask on the forum…
That should got you covered.

And like you don’t accept candy from strangers, do not accept files from strangers trying to become your friend either. =)

Use well known sites when DL’ing something… =) If its not there then its not worth having (IMO unless you got some rare interest)… =)

EDIT:: Infection can happen in many ways, one being you start a file on your own that is infected (common), or visit a infected homepage or opening a file in a mail that is infected… others ways can include software flaws (could be used by worms) and even directed attacks at you. MSN is a other place were many catch viruses they just open the file “sexyguy.pic.exe” that someone sent them believing it to be whatever the person on the other side said it was… but surely there are more ways.

People invent stuff all the time… =) encryption was probably meant to boost security and avoid unauthorized ppl to get hold on info but if something can be used for bad then its usually used for that as well…

Thank you Monke_Boy for such a quick and detailed answer. I try to think over, when I got an alert from CIS, but my sister and parents not (just allow and allow) and I have to tell them there is such thing like ransomware so for them t be careful when allowing :slight_smile: Thanks.

lol they are rare… But sure, Good luck… =) having a backup of important files could work otherwise… Since you will probably still be able to format the drive in worse case scenario. =)

It seems that sometimes the key to decrypt the files is embedded either in the file or somewhere on the system. Of course it’s not necessary for them to do that.

GpCode was a most ransomware in 2008.
Did Comodo can prevent it ?


Goodness, that’s shocking.

Thats some nasty shit.

  • if you pay you dont know if they install more Ransomware on your PC… and then you must pay in the eternalty :P.

Only solution if you are infected is a format of all your drives?? ???

How do you know and can be sure that you can detect all detections? How can you clean an infection that you don’t know that exist? Sure you can attempt to clean one or two basic infections but the reality is malware is getting nastier and there is no guarantee with cleaning :frowning:


This is a classic example of turning something that’s usually highly beneficial for security (data encryption) against the user.It’s so fiendishly simple,you almost have to admire their ingenuity.Once caught out with this it’s nigh on impossible for the user to decrypt their data without paying up given the inherent strength of many forms of encryption.

I remember reading about a pc repair tech a few years ago that used to install a time-bomb malware on systems he was repairing in order to guarantee repeat business so it doesn’t surprise me to see this kind of activity.In times gone by gangsters would offer ‘insurance’ to folks to avoid disaster so for high-tech criminals to operate cyber protection rackets is inevitable.

I guess thats why Comodo Time Machine and Comodo Backup are two very important products!


Without doubt they will be.The vast majority of users don’t utilise a good backup/disaster recovery solution,with Time Machine it’ll be right there in front of them.

Ransomware that some scary stuff. :frowning:

Make regular whole-disk images, and backup your data to multiple places. Problem solved. Catch “ransomware?” Reimage the drive to last known-good image, and get your data from the multiple backups. Backing up to media that’s not changeable after writing (e.g. DVD-R, DVD+R) is even better, since the malware can’t erase those backups, even if they’re inserted into the drive while the malware is active!

Comodo Time Machine should be highly useful as the imaging solution to this. One thing though… I REALLY wish it’d include the ability to boot from a bootable “rescue environment” (on a bootable DVD or bootable USB drive) that runs on the PC’s “bare metal” and can restore images without needing Windows at all. Without a “bare-metal bootable” recovery environment, CTM sounds like it’d be useless in any situation where Windows no longer boots, which is LOTS of situations.

DriveImage, Ghost, Acronis, etc. all have “bare metal” bootable recovery environments (on floppy, bootable CD, bootable USB, etc.). I sure hope CTM will have that ability too, otherwise you’d better hope that Windows still works if you need to restore your drive!

thanks Melih i never knew what it was its sad that people have to go through this