Trojan.gen activity, slower system?

[jtpetch]

Hi, I've been having a popup from Norton Antivirus (I know, I don't like it much either, but i got it free with comcast) saying "Trojan.gen activity blocked".
Now, I'm not a virus wiz, but I know what a trojan is, relatively. So, I had Norton do a FULL scan (took a few hours). The end result said it had detected 3 issues (All simply labelled "VIRUS"), and resolved two of them.
It said there was one that required my attention, it wanted me to restart. So I did. After restarting, I logged into my windows account again (I'm using 8.1, btw). About 15 seconds after it logged me in, i got the same popup. So I went into the norton security center, and looked at the security history. I found (what I believed to be) the details for the virus. This is what it said.
Now, I haven't been seeing any change (or any noticeable change) in my cpu, disk, and ram usages in task manager, nor do I see any processes that catch my eye as bad. What I have noticed though, is my system seems to be slower than it should be. I get MUCH lower fps in games (maxing out at ~250, to now maxing out at roughly 50-60, which isn't terrible, but in much more intensive games, it knocks it down to 25-30) then i did before this started happening, and even opening up webpages and files is slower.

So, what I'm wondering is, does anyone know what this is, how to fix it, and how to prevent this from happening again? (And BTW, I haven't downloaded ANY files that I didn't already know were not malicious.) Thanks all!

 

[jtpetch]

Its out of date its up to update 67. So I would uninstall 60 then install 67

Then use something like ccleaner to remove the temp files etc

Ok, I will. And the end results of the NPE scan were as disappointing. As all it located were a few .exe files on my desktop, that I put there myself, and got from trusted sources, HOWEVER, I have not had the popup yet. NPE.
NPE Not only did a quick scan of my pc in key areas, but it also said it did a regsistry scan. Now, it didn't tell me it removed anything there, but it may have.
I'll do the java thing, and monitor it for a while, to see what happens.

 

[jtpetch]

Spoke too soon, just got the popup again. -_-

 

[Paul NZ]

Download / extract Javara http/singularlabs.com/software/javara/

Run it then update java defs, then click on back. Then remove java runtime. Then next, click on perform removal routine. This will remove older entries.

You may have to close browser/s first. And disable system restore use ccleaner then turn it back on if you want to use it

 

[jtpetch]

Download / extract Javara http/singularlabs.com/software/javara/

Run it then update java defs, then click on back. Then remove java runtime. Then next, click on perform removal routine. This will remove older entries.

You may have to close browser/s first. And disable system restore use ccleaner then turn it back on if you want to use it

Done. Still getting the popup, but now that I look into it more, it does indeed look like it is just an attack from an external location, and Norton seems to be blocking it. I actually don't think there's anything I can do to stop this, as it is the hacker's end that keeps attacking. So, assuming it is indeed getting blocked, would it be safe to just disable notifications for it and continue as normal?

 

[jtpetch]

Actually, now that I think about it, i'm not finished here. Since about a month ago (around the time I saw the first notification, but thought nothing of it, dumb ol me) I've been having game problems. FPS Dropping, and only getting about 15 when recording. I searched around a bit more and found an article. This guy was having the same problems as me, with a very similar rig as mine. He finally found out it was actually a trojan horse virus making his gpu usage go to and stay at 100% most of the time for no reason. He said that after removing it (didn't specify how, though i found another article explaining a few ways) his recording fps shot back up to where it should be (100+). I'm going to try that, and I'll post back here when I'm done.

 

[Paul NZ]

Get trojan remover, update it then click on scan. See if it finds anything like a trojan

http/simplysup.com/

 

[jtpetch]

Get trojan remover, update it then click on scan. See if it finds anything like a trojan

http/simplysup.com/

I just tried Malwarebytes. It found and removed 19 items. Restarted. Still. Getting. Popup. I'll try the one you suggested now.

 

[jtpetch]

Well, I would try it, but simplysup.com seems to be down.

 

[Paul NZ]

Its not down I went there


Try a direct link then http/simplysup.co.uk/download/dl/trjsetup691.exe

Did you remove what malwarebytes found?

 

[jtpetch]

Its not down I went there


Try a direct link then http/simplysup.co.uk/download/dl/trjsetup691.exe

Did you remove what malwarebytes found?

Downloaded that, ran it, it didn't find anything.
I also tried a few things from bleepingcomputer.com, still nothing.
And yes, I had MWBytes remove what it found.
As of now, I also posted a thread about this on the Symantec forums, as I have seen similar problems there as well.
Just want to get maximum help, I suppose

 

[Paul NZ]

Run everything under utils in trojan remover. It'll reset everything just in case something is there

 

[jtpetch]

Done. Haven't got the popup again, yet, but it does come at random times. I'll post back if it does, and in an hour, if it hasn't, I'll assume it's finally gone, and I'll go on with life :|

 

[jtpetch]

Nope, nope, still happening -_-

 

[Paul NZ]

Well if u want chuck teamviewer on this www.teamviewer.com i could check it out from here..thats if you can get to the site

If you install this give me the ID and password in a PM. Dont worry you'll see what I'm doing

 

[jtpetch]

I just had an idea, and i believe it worked. I went into windows firewall, and directly blocked the ip that the attacks were coming from.