RiskTool.Win32.BitCoinMiner.odgg removal instruction

The RiskTool.Win32.BitCoinMiner.odgg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What RiskTool.Win32.BitCoinMiner.odgg virus can do?

Unconventionial binary language: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX

How to determine RiskTool.Win32.BitCoinMiner.odgg?


File Info:
crc32: AC76E24C
md5: c1cac164965a913c7df0dba26cc92c67
name: upload_file
sha1: f4ddda8753492129a1cb3a3c1b3a678ee1c75b0c
sha256: cd5dd6eafce0e31e9e1d797056dac3e9c65b5936d91fde20fb741aabd5a99420
sha512: d3e656001066d47ad09314f9850f35d3f3a1e2e9f156456786af4044085552a267faef675b54a1e9c73a9a6decae842fdf090e403ab78334d9ec782cf812054e
ssdeep: 12288:llek7VIjqS/AttnfMznf81aW56jmi4EAEKw46Ye/WOw6iuex082+ueN3RNJFsMw:jfKE8WHEm6Yjjduex082+VNh1sx
type: PE32+ executable (console) x86-64, for MS Windows

Version Info:
LegalCopyright: (C) 2015 China UnionPay copyright reserved.
FileVersion: 1.0.0.9
CompanyName: China UnionPay
ProductName: UnionPay Security Control
ProductVersion: 1.0.0.9
FileDescription: UnionPay Security Control
Translation: 0x0804 0x03a8

RiskTool.Win32.BitCoinMiner.odgg also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.65744
FireEye	Generic.mg.c1cac164965a913c
CAT-QuickHeal	PUA.WacatacRI.S9539263
McAfee	GenericRXAA-AA!C1CAC164965A
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
BitDefender	Trojan.GenericKDZ.65744
Cybereason	malicious.753492
Cyren	W64/S-3497c6af!Eldorado
ESET-NOD32	a variant of Win64/CoinMiner.PQ potentially unwanted
Paloalto	generic.ml
Kaspersky	not-a-virus:RiskTool.Win32.BitCoinMiner.odgg
Rising	Trojan.Win32/64.XMR-Miner!1.ADCC (TFE:5:cWlFX9xRAN)
Ad-Aware	Trojan.GenericKDZ.65744
F-Secure	Heuristic.HEUR/AGEN.1135765
DrWeb	Tool.BtcMine.2239
Zillya	Trojan.CoinMiner.Win64.2724
Invincea	heuristic
Sophos	Troj/Agent-BCPO
APEX	Malicious
Jiangmin	RiskTool.Generic.pkx
Avira	HEUR/AGEN.1135765
Antiy-AVL	Trojan/Win32.Wacatac
Microsoft	TrojanDownloader:Win32/Upatre
Arcabit	Trojan.Generic.D100D0
AhnLab-V3	Win-Trojan/Miner3.Exp
ZoneAlarm	not-a-virus:RiskTool.Win32.BitCoinMiner.odgg
GData	Trojan.GenericKDZ.65744
Cynet	Malicious (score: 100)
Acronis	suspicious
ALYac	Trojan.GenericKDZ.65744
MAX	malware (ai score=85)
Malwarebytes	RiskWare.BitCoinMiner
Fortinet	W64/CoinMiner.X!tr

How to remove RiskTool.Win32.BitCoinMiner.odgg?

RiskTool.Win32.BitCoinMiner.odgg removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X