Trojan.gen activity, slower system?
Tags:
- Trojan
- Norton
- Antivirus
Last response: in Antivirus / Security / Privacy
jtpetch
October 7, 2014 2:19:23 PM
Hi, I've been having a popup from Norton Antivirus (I know, I don't like it much either, but i got it free with comcast) saying "Trojan.gen activity blocked".
Now, I'm not a virus wiz, but I know what a trojan is, relatively. So, I had Norton do a FULL scan (took a few hours). The end result said it had detected 3 issues (All simply labelled "VIRUS"), and resolved two of them.
It said there was one that required my attention, it wanted me to restart. So I did. After restarting, I logged into my windows account again (I'm using 8.1, btw). About 15 seconds after it logged me in, i got the same popup. So I went into the norton security center, and looked at the security history. I found (what I believed to be) the details for the virus. This is what it said.
Now, I haven't been seeing any change (or any noticeable change) in my cpu, disk, and ram usages in task manager, nor do I see any processes that catch my eye as bad. What I have noticed though, is my system seems to be slower than it should be. I get MUCH lower fps in games (maxing out at ~250, to now maxing out at roughly 50-60, which isn't terrible, but in much more intensive games, it knocks it down to 25-30) then i did before this started happening, and even opening up webpages and files is slower.
So, what I'm wondering is, does anyone know what this is, how to fix it, and how to prevent this from happening again? (And BTW, I haven't downloaded ANY files that I didn't already know were not malicious.) Thanks all!
Now, I'm not a virus wiz, but I know what a trojan is, relatively. So, I had Norton do a FULL scan (took a few hours). The end result said it had detected 3 issues (All simply labelled "VIRUS"), and resolved two of them.
It said there was one that required my attention, it wanted me to restart. So I did. After restarting, I logged into my windows account again (I'm using 8.1, btw). About 15 seconds after it logged me in, i got the same popup. So I went into the norton security center, and looked at the security history. I found (what I believed to be) the details for the virus. This is what it said.
Now, I haven't been seeing any change (or any noticeable change) in my cpu, disk, and ram usages in task manager, nor do I see any processes that catch my eye as bad. What I have noticed though, is my system seems to be slower than it should be. I get MUCH lower fps in games (maxing out at ~250, to now maxing out at roughly 50-60, which isn't terrible, but in much more intensive games, it knocks it down to 25-30) then i did before this started happening, and even opening up webpages and files is slower.
So, what I'm wondering is, does anyone know what this is, how to fix it, and how to prevent this from happening again? (And BTW, I haven't downloaded ANY files that I didn't already know were not malicious.) Thanks all!
More about : trojan gen activity slower system
-
Reply to jtpetch
Best solution
http://www.surfright.nl/en/hitmanpro
Run Hitman Pro to make sure Norton removed all of it.
Run Hitman Pro to make sure Norton removed all of it.
-
Reply to SR-71 Blackbird
Share
jtpetch
October 7, 2014 2:38:48 PM
SR-71 Blackbird said:
http://www.surfright.nl/en/hitmanproRun Hitman Pro to make sure Norton removed all of it.
(Whoops, accidentally already hit pick as best solution -_-)
Anyway, I'll go try that now. This had better not be adware, as I've never heard of it before :|
-
Reply to jtpetch
m
0
l
Related resources
- Why OS booting in Pentium 4 slower than Core 2 Duo system? - Forum
- Will adding a slower ram, slow down all the system, or just "add" will not create any downside? - Forum
- My system running slower than it should... - Forum
- System Link Failure with DVI to mini Displayport (Active) - Forum
- confused plugin active system - Forum
Paul NZ
October 7, 2014 2:38:58 PM
jtpetch
October 7, 2014 2:41:54 PM
Paul NZ said:
How many versions of java are installed?? If it's installed. You should have one. Or 2 if windows is 64 bit. And you install the 32 and 64 bit versionAnd it should ALWAYS be the latest version. If Java is installed and previous versions are still installed, uninstall them
Not entirely sure what Java has to do with anything, but I do have Win 8.1 64 bit. I have the latest Java 64 bit update installed (just did it yesterday actually, Minecraft started complaining
) I do also have Java 32 bit installed (I did that a while ago for a project of mine), but I'm not sure it's updated. Frankly, i'm not even sure how you can actually have both version installed. -
Reply to jtpetch
m
0
l
jtpetch
October 7, 2014 2:47:00 PM
jtpetch
October 7, 2014 3:00:26 PM
Ok, so, the scan completed, i saved the log, and restarted as it said to. Before I go any further, something interesting happened after rebooting. So, my PC went to the startup screen as normal (where you can access the BIOS and such), then it went to a screen I've never seen before. All I saw of it was something like "HITMAN PRO 3" in the top left corner of the screen. I know it said more, but I didn't have enough time to catch all of it, it was only on the screen for about 3 seconds. After that, it went to the normal windows startup thing as normal. I logged in, was taken to the desktop as normal, and was met by disappointment: I still got the popup.
In the log, from what I could gather, it did quarantine a few things. Here is the log (I put it in pastebin): http://pastebin.com/jv0UYiy7
In the log, from what I could gather, it did quarantine a few things. Here is the log (I put it in pastebin): http://pastebin.com/jv0UYiy7
-
Reply to jtpetch
m
0
l
jtpetch
October 7, 2014 3:11:38 PM
To me, it looks like it may be a firewall alert, as it gives me an ip and such that are "attacking", though, it still says "Trojan", which is bothering me. If my knowledge of viruses is correct, then a Trojan is basically a modern day representation of the attack on Troy. The virus disguises itself as a legitimate file (the wooden horse), or with one, and "infiltrates" the computer (Troy). After which, the attacks can begin. So, yes, it does look like I am being attacked from outside my PC, but this still means that there is a file in my PC allowing them to do this, right?
-
Reply to jtpetch
m
0
l
Paul NZ
October 7, 2014 3:13:59 PM
You can get trojan.gen from outdated versions of Java, thats why I said it. And older versions of Java have vulnerabilities.
Even if you install later versions, you can get hacked with older versions of Java if theyre still installed
I dont use Java either. There are no programs on these that need it
You can have 32 and 64 bit Java if youre using a 32 and 64 bit browser. And 64 bit windows.
Since obviously 64 bit Java wont run on a 32 bit browser
Even if you install later versions, you can get hacked with older versions of Java if theyre still installed
I dont use Java either. There are no programs on these that need it
You can have 32 and 64 bit Java if youre using a 32 and 64 bit browser. And 64 bit windows.
Since obviously 64 bit Java wont run on a 32 bit browser
-
Reply to Paul NZ
m
0
l
jtpetch
October 7, 2014 3:27:31 PM
SR-71 Blackbird said:
Sometimes that's how it works , it's blocking the attack , that's why it states no action required.So, I need not do anything else?
Even though it appears like it's being blocked, i think either Norton having to constantly block it, or it itself attacking, is slowing down my pc. And Paul, I'll go make sure that both Java versions are updated.
-
Reply to jtpetch
m
0
l
Paul NZ
October 7, 2014 3:32:08 PM
jtpetch
October 7, 2014 3:34:35 PM
Paul NZ said:
And make sure any other / older version besides the latest versions have been uninstalledThe only version of Java i have is "Java7 (64 bit) Version 60
Apparently I uninstalled the 32 bit one a bit ago. I don't actually need it, my browser (Chrome) is 64 bit. (I'm using the beta, 64 bit version. Runs better than 32 for me)
-
Reply to jtpetch
m
0
l
jtpetch
October 7, 2014 3:36:41 PM
jtpetch
October 7, 2014 3:39:42 PM
Paul NZ
October 7, 2014 3:41:05 PM
jtpetch
October 7, 2014 3:54:11 PM
Paul NZ said:
Its out of date its up to update 67. So I would uninstall 60 then install 67Then use something like ccleaner to remove the temp files etc
Ok, I will. And the end results of the NPE scan were as disappointing. As all it located were a few .exe files on my desktop, that I put there myself, and got from trusted sources, HOWEVER, I have not had the popup yet. NPE.
NPE Not only did a quick scan of my pc in key areas, but it also said it did a regsistry scan. Now, it didn't tell me it removed anything there, but it may have.
I'll do the java thing, and monitor it for a while, to see what happens.
-
Reply to jtpetch
m
0
l
jtpetch
October 7, 2014 3:58:52 PM
Paul NZ
October 7, 2014 4:04:07 PM
Download / extract Javara http://singularlabs.com/software/javara/
Run it then update java defs, then click on back. Then remove java runtime. Then next, click on perform removal routine. This will remove older entries.
You may have to close browser/s first. And disable system restore use ccleaner then turn it back on if you want to use it
Run it then update java defs, then click on back. Then remove java runtime. Then next, click on perform removal routine. This will remove older entries.
You may have to close browser/s first. And disable system restore use ccleaner then turn it back on if you want to use it
-
Reply to Paul NZ
m
0
l
jtpetch
October 7, 2014 4:23:41 PM
Paul NZ said:
Download / extract Javara http://singularlabs.com/software/javara/Run it then update java defs, then click on back. Then remove java runtime. Then next, click on perform removal routine. This will remove older entries.
You may have to close browser/s first. And disable system restore use ccleaner then turn it back on if you want to use it
Done. Still getting the popup, but now that I look into it more, it does indeed look like it is just an attack from an external location, and Norton seems to be blocking it. I actually don't think there's anything I can do to stop this, as it is the hacker's end that keeps attacking. So, assuming it is indeed getting blocked, would it be safe to just disable notifications for it and continue as normal?
-
Reply to jtpetch
m
0
l
jtpetch
October 7, 2014 4:33:31 PM
Actually, now that I think about it, i'm not finished here. Since about a month ago (around the time I saw the first notification, but thought nothing of it, dumb ol me) I've been having game problems. FPS Dropping, and only getting about 15 when recording. I searched around a bit more and found an article. This guy was having the same problems as me, with a very similar rig as mine. He finally found out it was actually a trojan horse virus making his gpu usage go to and stay at 100% most of the time for no reason. He said that after removing it (didn't specify how, though i found another article explaining a few ways) his recording fps shot back up to where it should be (100+). I'm going to try that, and I'll post back here when I'm done.
-
Reply to jtpetch
m
0
l
Paul NZ
October 7, 2014 4:38:57 PM
Get trojan remover, update it then click on scan. See if it finds anything like a trojan
http://simplysup.com/
http://simplysup.com/
-
Reply to Paul NZ
m
0
l
jtpetch
October 7, 2014 5:14:01 PM
Paul NZ said:
Get trojan remover, update it then click on scan. See if it finds anything like a trojanhttp://simplysup.com/
I just tried Malwarebytes. It found and removed 19 items. Restarted. Still. Getting. Popup. I'll try the one you suggested now.
-
Reply to jtpetch
m
0
l
jtpetch
October 7, 2014 5:16:55 PM
Paul NZ
October 7, 2014 5:21:16 PM
Its not down I went there
Try a direct link then http://simplysup.co.uk/download/dl/trjsetup691.exe
Did you remove what malwarebytes found?
Try a direct link then http://simplysup.co.uk/download/dl/trjsetup691.exe
Did you remove what malwarebytes found?
-
Reply to Paul NZ
m
0
l
jtpetch
October 7, 2014 5:46:31 PM
Paul NZ said:
Its not down I went thereTry a direct link then http://simplysup.co.uk/download/dl/trjsetup691.exe
Did you remove what malwarebytes found?
Downloaded that, ran it, it didn't find anything.
I also tried a few things from bleepingcomputer.com, still nothing.
And yes, I had MWBytes remove what it found.
As of now, I also posted a thread about this on the Symantec forums, as I have seen similar problems there as well.
Just want to get maximum help, I suppose
-
Reply to jtpetch
m
0
l
Paul NZ
October 7, 2014 5:48:13 PM
jtpetch
October 7, 2014 6:01:42 PM
jtpetch
October 7, 2014 6:27:25 PM
Paul NZ
October 7, 2014 6:36:26 PM
Well if u want chuck teamviewer on this www.teamviewer.com i could check it out from here..thats if you can get to the site
If you install this give me the ID and password in a PM. Dont worry you'll see what I'm doing
If you install this give me the ID and password in a PM. Dont worry you'll see what I'm doing
-
Reply to Paul NZ
m
0
l
jtpetch
October 7, 2014 6:43:59 PM
Related resources
- High Disk Activity caused by System PID4! Forum
- Memory upgrade makes my system slower Forum
- Constant SSD activity when system idle Forum
- Total system lag. Very little drive activity. Forum
- Why would a Vista system Run slower than an XP system? Forum
- Solvedcan i install a new operating system in my lap top that needs activation Forum
- Computer is drastically slower, after a random system error. Forum
- HDD activity lagging the system Forum
- HDD activity lagging the system Forum
- my system is slower than before Forum
- System upgrade = slower? Forum
- Doom 3 or Far Cry - Slower System Forum
- system gradually runs slower...and.....slower........a.n.... Forum
- Upgraded to PC3200 RAM, now system is slower??? Forum
- Can System Config make hardware slower? Forum
- More resources
!