Author Topic: Trojan "Gendarmerie nationale" not detected  (Read 4604 times)

0 Members and 1 Guest are viewing this topic.

Offline naudgerard

  • Newbie
  • *
  • Posts: 5
Trojan "Gendarmerie nationale" not detected
« on: May 06, 2012, 03:20:17 PM »
hello,

my computer run with Avast free relaease, but yesterday i have been infected by a Trojan called "Gendarmerie nationale". I had a lot of difficulties to restore my computer, and i dont understand why Avast didnt detect this because it's look like an old Trojan in france.


Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Trojan "Gendarmerie nationale" not detected
« Reply #1 on: May 06, 2012, 10:29:43 PM »
Do you have the infected file yet? You can submit it to virus (at) avast {dot} com
How did you detect you're infected (which program)?
The best things in life are free.

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1053
  • Proud Community Member&Helper.
Re: Trojan "Gendarmerie nationale" not detected
« Reply #2 on: May 06, 2012, 10:38:59 PM »
hello,

my computer run with Avast free relaease, but yesterday i have been infected by a Trojan called "Gendarmerie nationale". I had a lot of difficulties to restore my computer, and i dont understand why Avast didnt detect this because it's look like an old Trojan in france.
It's a ransomware variant,these samples are getting re-packed every hour with custom packers,it is really hard to get detected.Just grab one sample and test it @ virustotal.com.
A useful video,you might want to check http://www.youtube.com/watch?v=_IRoI6FXotg .
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Offline naudgerard

  • Newbie
  • *
  • Posts: 5
Re: Trojan "Gendarmerie nationale" not detected
« Reply #3 on: May 08, 2012, 12:18:41 PM »
i detect the problem because i was unable to start computer. The virus take place of the explorer.exe and display an Warning screen. After some manipulations to take back control, i run Malwarebytes who found and restore it. Something called "disabled.cryptsvc".
After i check the computer and i was that the automatic update were disabled.
So i re select it and make the update of the computer (one day!!!).

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Trojan "Gendarmerie nationale" not detected
« Reply #4 on: May 08, 2012, 02:15:47 PM »
After i check the computer and i was that the automatic update were disabled.
Just a curiosity, was the auto defense module of avast enabled (Troubleshooting tab of settings).
The best things in life are free.

Offline naudgerard

  • Newbie
  • *
  • Posts: 5
Re: Trojan "Gendarmerie nationale" not detected
« Reply #5 on: May 08, 2012, 08:29:56 PM »
well i guess that the autodefence was activated. I have the french version, might you explain exactly what u mean?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Trojan "Gendarmerie nationale" not detected
« Reply #6 on: May 08, 2012, 09:10:33 PM »
well i guess that the autodefence was activated. I have the french version, might you explain exactly what u mean?
The best things in life are free.

Offline naudgerard

  • Newbie
  • *
  • Posts: 5
Re: Trojan "Gendarmerie nationale" not detected
« Reply #7 on: May 09, 2012, 10:23:24 AM »
yes it was activated.

Offline naudgerard

  • Newbie
  • *
  • Posts: 5
Re: Trojan "Gendarmerie nationale" not detected
« Reply #8 on: May 10, 2012, 09:15:13 PM »
i have a look on my computer and i detect that the automatic windows update was activated but never work. i dont understand why! I found something on internet and try it, and now all the updates are down (XP SP3 and all patches). now i guess that my computer is better protected.
Thx for all