One day, while searching for an important document using the file manager, you came across a strange folder called Ethash. Files from it have suspicious names. It does not seem to be the directory of one of your standard programs. What to do if such "uninvited guests" are on the disk?

In Windows 10 and any other OS, this directory has no connection with system files and programs. If you enter the Task Manager, you will not find anything special - the executable files of malicious software are well disguised as regular programs. This is how a virus program, the so-called miner, masks itself.

Active Internet users have heard about cryptocurrencies and the methods of their “mining”. And so, Ethash is a folder of the Minner of Ethminer. In short, this is a malicious program that uses your PC with Windows 10 to generate virtual money. Of course, in favor of the person who created it. Because of this, your PC loses in performance, or even begins to "hang". Standard Windows 10 tools do not allow to protect against such a threat.

What is especially bad is that the catalog grows in size over time. It generates information to later send unique data to the attacker's computer. If a large number of computers are infected, this provides the creator of the miner with a considerable profit.

How does the threat manifest itself?

In Windows 10, the miner's folder is usually stored at the following address:

C: \ Users \ Username \ AppData \ Local \ Ethash \

• In the Task Manager, executable files from the Ethash folder can be disguised as svchost.exe system processes or as jusched.exe components of the Java language. They masked really well. A good way to “kill” a viral process is to compare the size of the running files. Usually, miner's cryptocurrency processes use a huge amount of memory - up to half the available RAM, and sometimes more.
• And also the miner creates tasks in the Windows 10 Scheduler. It is easiest to see all the active tasks using the CCleaner program (you can also delete them there). This can be the Java Update Schedule or Sidebar Execute. If you mistakenly cancel the "good" tasks - do not worry, these are just update files.
• If on a computer with Windows 10 operates a similar program, you may encounter other strange things. For example, folders will have names from non-standard characters, contain empty fields at the beginning of the name. However, their names are usually similar to those known, for example, Adobe or Oracle.

How to fight?

To counter the miners has not yet created a special software under Windows 10. But given the scale of distribution of cryptocurrency, it may soon appear. Today, the best way to "cure" - proven antivirus utilities. Some of them are so effective that sometimes thoughts creep in: are hackers and antivirus developers playing "for one team"?

• A good standard antivirus is Microsoft Security Essentials, also known as Windows Defender. Unfortunately, it can be blocked by Ethash's malicious actions.
  

  Microsoft Security Essentials window

• A good utility from Dr.Web for such purposes is Dr.Web CureIt! When installing, it replaces its name. So the miner installed in Windows 10 will not be able to identify his “killer”. When downloading, the program already has up-to-date anti-virus databases.
  

  Dr.Web CureIt window

• Another good way to remove a virus is Kaspersky Virus Removal Tool. There is no need to talk about the credibility of the developer, this is one of the world's largest security companies, with advanced technologies and the best bases.
  

  Kaspersky Virus Removal Tool window

• There are some more programs for those who are not satisfied with other options. For example, HitmanPro with a nice interface and fully automatic operation. Good for removing trojans and adware. And it will also help if you pick up an infection on your browser.
  

  HitmanPro window

  

  AdwCleaner window

  Or AdwCleaner, but this is rather against intrusive advertising.

Alternative solutions

Antivirus software is good, but every week new and new malicious programs appear for Windows. Updates for them are not always so quick. So if you are afraid of losing access to PC resources at the most unexpected moment, use the following methods.

1. Uninstall Tool program will help in time to respond to the installation of malware. It is equipped with a special Monitor, which will issue a warning about the bundling. Bundling is the embedding of third-party programs in downloadable files and applications. Most likely, this is how you picked Ethash up to the top ten.
   

   Uninstall Tool window

2. Find a program on the Internet that will help you to delete the “undeletable” folder. You can also try changing the permissions on folders using the "Properties".
3. Use the alternative Task Manager for Windows 10.

And if viruses, Trojans and aggressive advertising are constantly bothering you - try changing the operating system. For example, on the basis of virus-resistant Linux created a huge number of operating systems for every taste. Many of them are more than comfortable even for a beginner.

findings

We studied in detail the miner Ethash - what is he like, what can be dangerous and how to get rid of him. We hope your “meetings” with similar software will be a thing of the past. Always use caution when downloading files from unverified sources on the Internet.

Leave your comments under the material. You found another miner on your PC and you do not know what to do? Standard solutions do not help? Our administrators and users will always be able to give practical advice!