PC Virus Help

PC Virus Help

Postby Plane And Simple » 20 Jan 2019, 22:30

So my brother's PC has this idlemonitor.exe thing that keeps popping up from the Temp folder and mining using his system. Normally I'd locate the file and ditch it but this, being at the temp folder, means whenever I delete it it re-creates itself again and comes back.

Any ideas on what causes it/how to get rid of it?

Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
User avatar
Plane And Simple
Hello Ladies And Gentleman, From The Flightdeck

Re: PC Virus Help

Postby CDMC » 21 Jan 2019, 02:49

check startup settings for everything. check registry startup sections(RUN thing). also check even browser autorun crap. you can try to install ccleaner and go to the Tools/Startup thing, it will show all the stuff that's starts up with your PC. Check all the tabs and what it starts up carefully. try disabling strange or suspicious crap and see if it still comes back.

i had to deal with stuff like this quite a few times when fixing PC's. its actually fun to track the bastard down :D

Good luck, tell me if you find anything

PS. i was talking about this section in ccleaner
Image

you can find all the stuff that starts up. don't forget to check ALL those tabs like scheduled and so on
Image
isonline.CDMC.gif

Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
User avatar
CDMC
Admin

Re: PC Virus Help

Postby Maxidyne » 21 Jan 2019, 10:18

Download Avira Free or Malwarebytes Free. It will remove it.
Image

Pig Pen: boy, these lonely long highways sure grind the souls of us cowboys. Eat bulldog dust!

Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
User avatar
Maxidyne
Where few survive, Mack Bulldogs thrive

Re: PC Virus Help

Postby Plane And Simple » 21 Jan 2019, 16:47

Thanks guys. Gave the CCleaner option a go and found some tasks that worked on the registry and deleted them so they didn't start or run when pc powered up so I think that did it. These also caught my eye and I don't really know if it's bad, any clues?

Image

Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
User avatar
Plane And Simple
Hello Ladies And Gentleman, From The Flightdeck

Re: PC Virus Help

Postby Maxidyne » 21 Jan 2019, 16:50

Image

Pig Pen: boy, these lonely long highways sure grind the souls of us cowboys. Eat bulldog dust!

Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
User avatar
Maxidyne
Where few survive, Mack Bulldogs thrive

Re: PC Virus Help

Postby CDMC » 21 Jan 2019, 17:09

when you deleted those first ones, does it went away after restart? if so, you can leave the google ones. it looks like they are for google chrome autoupdate thing.

Maxidyne, when you have a virus like that that always comes back after reboot, you need to check the startup programs and tasks. cause yes, malwarebytes can remove it, but after restart it will be back and malwarebytes will have to remove it again, its a non ending loop. removing it from start up should eliminate it coming back and then you can use something like malwarebytes to delete it :)
Image
isonline.CDMC.gif

Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
User avatar
CDMC
Admin

Re: PC Virus Help

Postby Plane And Simple » 21 Jan 2019, 21:40

CDMC wrote:when you deleted those first ones, does it went away after restart? if so, you can leave the google ones. it looks like they are for google chrome autoupdate thing.

Maxidyne, when you have a virus like that that always comes back after reboot, you need to check the startup programs and tasks. cause yes, malwarebytes can remove it, but after restart it will be back and malwarebytes will have to remove it again, its a non ending loop. removing it from start up should eliminate it coming back and then you can use something like malwarebytes to delete it :)


I'll see if they come back. There was a remanent antivirus warning but I think it was from before so we'll see how it does. Thanks guys

Click the icon to see the image in fullscreen mode  
1 pcs.
Click the icon to see the image in fullscreen mode  
1 pcs.
User avatar
Plane And Simple
Hello Ladies And Gentleman, From The Flightdeck

Re: PC Virus Help

Postby Alex » 21 Jan 2019, 22:22

Like C I quite like the challenge of finding where it's hidden itself! But +1 for malwarebytes. Hope you get it sorted!
Image
-Alex
User avatar
Alex
On a mission from God


Return to Questions/Tutorials

cron