I recently ran into a problem that seems to affect many people: a hidden miner on your computer. I noticed that my laptop started to slow down significantly, the graphics card was buzzing like a fan on an airplane, and the CPU was constantly loaded at 70–80%. My first thought was— a virus. And it turned out that somewhere in the system, malware for crypto mining had gotten in.

These programs are dangerous because they work unnoticed. They infiltrate Windows like Trojans and begin using your resources to mine cryptocurrencies. Moreover, antivirus software doesn’t always catch them. Sometimes, the miner is embedded directly into a website as a JavaScript script—this kind of cryptojacking activates when you visit an infected page. Or it can be a regular file that gets installed without your knowledge and runs every time the PC boots.

The danger is that the malware doesn’t just steal your computing power. If it’s a full-fledged Trojan, it can steal passwords, delete data, or even transfer funds from your account. The hardware also wears out faster—especially laptops, which can fail literally after just a few hours of background mining.

When I realized I needed to remove the miner, I started with diagnosis. The signs of infection are quite obvious: constant graphics card overload (GPU-Z shows maximum values), slow system performance, high CPU load (above 60%), strange internet usage, and unexpected file deletions. In Task Manager, I found processes with meaningless names like asikadl.exe.

The first step is to run an antivirus. I used the standard Windows Defender, but for a deeper scan I installed Dr. Web. After scanning, you should run Ccleaner to clean the registry of leftovers. Then reboot.

But here’s the catch: some miners add themselves to the list of trusted programs, and the antivirus can’t see them. Others know how to detect Task Manager and shut down before it even starts. That’s why you have to search manually.

I opened the registry (Win+R, then regedit), used search (Ctrl+F), and looked for suspicious names. I also checked the task scheduler (Win+R, taskschd.msc). There, I found several strange processes that ran when the PC was turned on. I disabled them by right-clicking and selecting “Disable.” After that, the CPU load dropped. Then I deleted those tasks completely.

For a more thorough check of auto-start items, I used AnVir Task Manager—it helps identify all automatically launched programs. How to remove the miner for good: make sure all its components are removed from auto-start and the registry, and then reboot again.

To avoid dealing with this again, I started following basic rules. I installed an image of a clean Windows system and periodically restore it. I always scan downloaded files with antivirus before opening them. I keep the firewall enabled. I don’t visit suspicious websites without an SSL certificate (https). I block JavaScript in the browser to prevent browser-based mining. In Chrome, I enabled the built-in mining protection in the privacy settings.

I also added dangerous sites to the hosts file using lists from GitHub. On the router, I set a reliable password and disabled remote access. I don’t grant administrator rights to suspicious programs. I installed AdBlock and uBlock to filter malicious scripts.

Most importantly, regularly update the antivirus databases and don’t ignore the first signs of infection. If you notice your PC behaving strangely, it’s better to run a check right away. That way, you’ll protect both your equipment and your peace of mind.