I recently downloaded a so called "file" not knowing it contained a RAT or anything like that, that can obviously give remote access to my computer, I ran the .exe file and nothing happened, for a while I was thinking "...meh, probably loading". Then It took more then usual to run a small file thats labeled "exe" because usually those take less then 20 seconds to run. Unfortunately my Norton 360 started leaving me some messages saying "SONAR has detected JTP.exe, JTR.Exe and JTQ.exe". Immediately I knew that it was a RAT or something that could probably let people from around the world remotely access my computer and files, thats basically what I was going to ask.
I swiftly got to my feet and deleted JTP.exe, JTR.exe and JTQ.exe, they we're named those files but when I searched them using the "search file" feature on my Windows Explorer it came up as JTP.exe.pt or something like that so I decided to delete those files.
But my real question is this, what are does JTP, JTR and JTQ files? are they bad for my computer? can they steal passwords? should I restore my computer to factory settings? should I...?
My second question. I've been looking at the history and what's been happening to my computer, what Norton has been doing and stuff like that, I've been noticing every 10-20 minutes I've been getting "Unused Port Blocking has blocked communications Inbound TCP connections". I've decided to check them out and noticed that I get different IPs trying to remotely access me. I'm not sure what it means or what they're trying to do or what Norton is doing to my computer and stuff like that.
Third, before all that stuff happened when I ran the file I downloaded I saw these listed aswell on my Norton Activity list, "Jtp.exe has made 2 modifications to your computer" and "jtr.exe accessed your network resources". I'm not sure what that specifically did to my computer or whats going to happen but I hope its not something serious.
It isn't a familiar issue apparently. Try restarting in safe mode and run a scan from there to see if anything is found when the drivers aren't loaded. You can also download, install the free version, update and run a full system scan with Malwarebytes for a cross-check. Malwarebytes works best in normal mode.
I recently downloaded a so called "file" not knowing it contained a RAT or anything like that, that can obviously give remote access to my computer, I ran the .exe file and nothing happened, for a while I was thinking "...meh, probably loading". Then It took more then usual to run a small file thats labeled "exe" because usually those take less then 20 seconds to run. Unfortunately my Norton 360 started leaving me some messages saying "SONAR has detected JTP.exe, JTR.Exe and JTQ.exe". Immediately I knew that it was a RAT or something that could probably let people from around the world remotely access my computer and files, thats basically what I was going to ask.
I swiftly got to my feet and deleted JTP.exe, JTR.exe and JTQ.exe, they we're named those files but when I searched them using the "search file" feature on my Windows Explorer it came up as JTP.exe.pt or something like that so I decided to delete those files.
But my real question is this, what are does JTP, JTR and JTQ files? are they bad for my computer? can they steal passwords? should I restore my computer to factory settings? should I...?
My second question. I've been looking at the history and what's been happening to my computer, what Norton has been doing and stuff like that, I've been noticing every 10-20 minutes I've been getting "Unused Port Blocking has blocked communications Inbound TCP connections". I've decided to check them out and noticed that I get different IPs trying to remotely access me. I'm not sure what it means or what they're trying to do or what Norton is doing to my computer and stuff like that.
Third, before all that stuff happened when I ran the file I downloaded I saw these listed aswell on my Norton Activity list, "Jtp.exe has made 2 modifications to your computer" and "jtr.exe accessed your network resources". I'm not sure what that specifically did to my computer or whats going to happen but I hope its not something serious.
I used Malware Bytes, it was a great help. I just got a few things when I scanned my computer.
1. Trojan.Agent
2. A Disabled thingy on my registry key with the firewall.
They've all been removed and fixed (I think) but I still get TCP Connection thingies every 4 hours or so, it decreased by a lot. I can't get my computer to safe mode even after restarting and doing incorrect turn offs. Is there anything else I can do?