RiskTool.Win32.BitCoinMiner.hzqq removal tips

The RiskTool.Win32.BitCoinMiner.hzqq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What RiskTool.Win32.BitCoinMiner.hzqq virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine RiskTool.Win32.BitCoinMiner.hzqq?


File Info:
name: FC3B5CE7BEFC36C4DDA3.mlw
path: /opt/CAPEv2/storage/binaries/c0b17d86b05fbf443817d47ef0566d4d6c9fbcfe65ed738a3bef9be2d42b5321
crc32: 170291C3
md5: fc3b5ce7befc36c4dda315953ed67d66
sha1: 65b46b17cda0fab088b069325416cd414afa1394
sha256: c0b17d86b05fbf443817d47ef0566d4d6c9fbcfe65ed738a3bef9be2d42b5321
sha512: 2804cf93e1d7ae55b7f32524b9b513a57b4ac3d9163ff80bc8d187b2989dd79c26f9e5b9afd2f7c6e1ca89d7198adf57c94fb79574a53c1efd6c44f07e6ab045
ssdeep: 768:f5jyb4NOjMaZPA9leSon70fB4+fd3/OquSdv5qvv+NzelWSLIK/Lab3jD9DfJOiB:f5y4NOruaWKKTpgEeh3+3jDhfJPnOC
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1E3536C83ABC118B2C7C245B0017236E3DB659767A3359EDBCB082843FF655E288750EE
sha3_384: 7beebe4af4538029454c6d0d497b2de7a8f8a37aacaf7267cffcfc8a3cc02694f62fe540af2951233cf587cdeae0dced
ep_bytes: 681c010000680000000068a0024100e8
timestamp: 2017-01-15 09:49:47

Version Info:
0: [No Data]

RiskTool.Win32.BitCoinMiner.hzqq also known as:

Bkav	W32.AIDetectMalware
Lionic	Riskware.Win32.BitCoinMiner.1!c
ClamAV	Win.Malware.0040eff-5877512-0
FireEye	Generic.mg.fc3b5ce7befc36c4
Cylance	unsafe
Sangfor	Riskware.Win32.Agent.V3kb
CrowdStrike	win/malicious_confidence_60% (W)
Alibaba	RiskWare:Win32/BitCoinMiner.ac7b4312
BitDefenderTheta	Gen:NN.ZexaF.36318.duW@aqK!Nrd
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Kaspersky	not-a-virus:RiskTool.Win32.BitCoinMiner.hzqq
NANO-Antivirus	Riskware.Win32.BitCoinMiner.elmtec
Avast	Win32:Malware-gen
Rising	Trojan.Generic@AI.100 (RDML:X4MQ0B5BGiYzUPMjI7pmkw)
Sophos	Generic Reputation PUA (PUA)
McAfee-GW-Edition	BehavesLike.Win32.RealProtect.kh
Trapmine	malicious.high.ml.score
SentinelOne	Static AI – Suspicious PE
Jiangmin	RiskTool.BitCoinMiner.hsa
ZoneAlarm	not-a-virus:RiskTool.Win32.BitCoinMiner.hzqq
Microsoft	Program:Win32/Wacapew.C!ml
Google	Detected
McAfee	Artemis!FC3B5CE7BEFC
Malwarebytes	Malware.Heuristic.1008
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002H0CGE23
Yandex	Trojan.GenAsa!MIBUa1gq2p8
Ikarus	Trojan.Agent
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/CoinMiner
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove RiskTool.Win32.BitCoinMiner.hzqq?

RiskTool.Win32.BitCoinMiner.hzqq removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X