If your PC has been running unusually slowly because of a process called Altisik that can be seen in the Task Manager, this means there’s a Trojan miner on your computer that you need to get rid of. No need to panic – this malware, unpleasant as it is, will probably not cause damage to your files or attempt to steal your data. Instead, its main goal is to continuously drain your system’s resources (Memory and CPU) in order to generate crypto.
This type of crypto-mining Trojans is very common and there are many other malware programs similar to this one. Altisik is simply the most recent one, but it’s not much different from Alrucs or Alrisit. It does the same thing, behaves in the same way, and uses similar tactics to make itself more difficult to remove. But remove it you must and the next guide will show you how.
Altisik Virus Removal Guide
Removing the Altisik Trojan Horse from your computer requires a detailed, thorough approach. The Trojan Horse plants itself in various areas so it can stay operational even after attempts to remove it. Let’s get started and tackle this problem head-on.
SUMMARY:
Name | Altisik Service |
Type | Trojan |
Danger Level | High (Trojans are often used as a backdoor for Ransomware) |
Detection Tool |
Check the Task Scheduler
Trojan miners like Altisik will often create scheduled tasks in your system so that they will activate automatically under certain circumstances. Such tasks could also be in place to re-install the malware in case you manage to remove it. For this reason, it’s crucial that you start here or any progress you may make in the other steps could be lost if a scheduled tasks brings back the Trojan.
Use the Start Menu to search for the Task Scheduler and open it.
Click Task Scheduler Library in the top-left corner, then look at the list of tasks. We can’t tell you any specific task names to look for so use your own judgement to determine which ones seem suspicious.
What can help you here is to double-click each task and check the Actions tab. See what program or command the task is set to execute and if it is Altisik.exe, Altisik Service, or some unfamiliar program with a suspicious name, you should delete the respective task.
Simply right-click it, and select Delete. Make sure to check all tasks in the list because there might be other ones you need to eliminate.
How to Get Rid of the Altisik App
Time to investigate what’s running on your system. Press Ctrl + Shift + Esc to open the Task Manager. Expand the view by clicking “More Details”. Now you can see everything – a full list of processes.
Focus on the ones using the most memory or CPU. Obviously, look for a process named Altisik, but remember that Trojan miners like it will often change the names of their processes.
Other related names you might encounter in the Task Manager are Alrisit, Alrucs, Altruistics, and Aluc. If you see any of these or another similarly-named process, you can be pretty confident it’s linked to the malware and must be removed.
Right-click the process > select “Open file location”. This takes you to the folder housing the rogue executable and any other files linked to it.
Delete the contents of the folder you just found. Some files might resist deletion, and you may get an error that they are currently in use so you can’t remove it. Use Lock Hunter here – this free tool shows you what’s blocking the file and helps you remove it.
Install Lock Hunter, right-click the file or folder, select “What’s blocking it?”, then delete it from the Lock Hunter interface. Once removed, go back to the Task Manager to end the suspicious process.
Repeat these steps for any and all suspicious and unfamiliar processes that you find.
Uninstall Rogue Apps
Check your installed programs. Type “Apps & Features” in the Start Menu. Open the settings page. Sort the list by installation date.
See any recently installed, unfamiliar programs? Uninstall them. They might be tied to the Trojan. Select the program, click “Uninstall”, follow the prompts. Make sure to note the program’s name. You’ll need it for the next steps.
How to Delete Altisik Service Files
Hidden malware files should be your next target.
First, enable the viewing of these hidden files: Type “Folder Options” into the Start Menu. Open the resulting window. Navigate to the “View” tab.
Check “Show Hidden Files, Folders, and Drives”. Apply, then click OK. Now you can see anything that Altisik might be trying to hide from you.
Now go to the following folders: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup and C:\Users\YourUsername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup. Delete any suspicious files there.
Tappi.loc, xman6.exe are examples of rogue files you may find, but even if you don’t see them, there could be other rogue pieces of data. If you are not certain what to delete, just delete everything except for desktop.ini.
Head over to C:\Program Files. Look for folders related to the Altisik, such as AltisikApplication or AlrisitApplication, or any folders with unfamiliar names (Aluc, Alrucs, Altruistics, etc.). Try to delete them. If you are blocked from doing that, Let Lock Hunter help again. This tool becomes your go-to for stubborn files.
Do the same thing in the C:\Program Files (x86).
Type “%TEMP%” into the Start Menu. Press Enter. Select all files in the folder that opens and delete them. Temporary files often harbor remnants of malware. These could reinfect your system. Clear them out. You’re almost there. Just a bit more to do.
The final location you must visit is C:\Users\*YOUR USERNAME FOLDER*\AppData\Local\Programs and delete from there any questionable or unfamiliar folders. Aside from Altisik and the other names we already mentioned above, one other folder you may see here that you must delete is Pinaview.
Clean Your System Registry
The Trojan has likely altered the Windows Registry, so you must delete its records stored there.
Type “regedit” into the Start Menu. Right-click the result, run as administrator.
Search for entries linked to the malware. Do this by pressing Ctrl + F, type Altisik > Find Next.
Found anything? Delete it. Search again, delete again. Every trace must go. Imagine weeding a garden. Leave nothing behind.
Also search for registry items linked to any programs you uninstalled earlier in the guide and delete them too.
What Is Altisik Service?
The Altisik service is the rogue cryptomining process that this Trojan runs. The reason it often uses large amounts of CPU and Memory as shown in the Task Manager is because it uses these system resources to generate cryptocurrency like Monero or Bitcoin.
Though the process will normally not harm anything on the computer or jeopardize your privacy, it will often make the PC slow down to a crawl and make it nearly unusable.
Additionally, the fact that one rogue process is able to run freely in your system means that others can do the same. Anyway you look at it, your system is compromised if the Altisik service is running in it, hence why you ought to take immediate action to secure it.
Something important to note is the fact that Altisik almost certainly didn’t come to your PC on its own. Such Trojans are mainly distributed through file bundles, which means you’ve likely recently installed something that carried the malware in its installer.
The most common example of Trojan-carrying software is pirated games downloaded from sites like Steamunlocked.
However, other types of downloads could also have malware like Altisik hidden in them. For example, many users have reported getting this, or similar Trojan miners, after installing the Nova Project Fortnite mod. In general, third-party mods for popular games like Minecraft, Fortnite, or Roblox often carry unwanted extra installs or even malware like this Trojan miner.
Therefore, you must always be cautious with your downloads, even when you are getting something that isn’t pirated or otherwise illegal. It’s good practice to check the setup settings each time you are about to install something on your PC to ensure you aren’t allowing anything unwanted into your system alongside the software that you actually wish to install.
Leave a Comment