RiskTool.Win32.BitCoinMiner.odhv removal

The RiskTool.Win32.BitCoinMiner.odhv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What RiskTool.Win32.BitCoinMiner.odhv virus can do?

Unconventionial binary language: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX

How to determine RiskTool.Win32.BitCoinMiner.odhv?


File Info:
crc32: E1C1AF57
md5: 5f10b37d448b98457f2b84fd6a42ff60
name: upload_file
sha1: 02af58c0805b957c08333989cf1f5ca7519506a5
sha256: 3bd03544351cfb32edd39cea2e394ced790deb2ec660b3c2e90a6b0de9eae9f9
sha512: 1a9086829b473a93cecd15008cad34f96b2a6dedf9bcbe293688c39df0a69f46896f503bac4d8d278464707a3910f2583a4fb767671b86c035d223616555c200
ssdeep: 12288:Clek7VIjqS/AttnfMznf81aW56jmi4EAEKw46Ye/WOw6iuex082+ueN3RNJFsMw:QfKE8WHEm6Yjjduex082+VNh1sX
type: PE32+ executable (console) x86-64, for MS Windows

Version Info:
LegalCopyright: (C) 2015 China UnionPay copyright reserved.
FileVersion: 1.0.0.9
CompanyName: China UnionPay
ProductName: UnionPay Security Control
ProductVersion: 1.0.0.9
FileDescription: UnionPay Security Control
Translation: 0x0804 0x03a8

RiskTool.Win32.BitCoinMiner.odhv also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.65744
FireEye	Generic.mg.5f10b37d448b9845
CAT-QuickHeal	PUA.WacatacRI.S9539263
McAfee	GenericRXAA-AA!5F10B37D448B
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
BitDefender	Trojan.GenericKDZ.65744
Cybereason	malicious.0805b9
F-Prot	W64/S-3497c6af!Eldorado
APEX	Malicious
Avast	Win64:CoinminerX-gen [Trj]
Kaspersky	not-a-virus:RiskTool.Win32.BitCoinMiner.odhv
Rising	Trojan.Win32/64.XMR-Miner!1.ADCC (TFE:dGZlOgVsTxqL129xAg)
Ad-Aware	Trojan.GenericKDZ.65744
F-Secure	Heuristic.HEUR/AGEN.1135765
DrWeb	Tool.BtcMine.2239
Zillya	Trojan.CoinMiner.Win64.2724
Invincea	heuristic
Fortinet	W64/CoinMiner.X!tr
Sophos	Troj/Agent-BCPO
Ikarus	Trojan.Win64.CoinMiner
Cyren	W64/S-3497c6af!Eldorado
Jiangmin	RiskTool.Generic.pkx
Avira	HEUR/AGEN.1135765
MAX	malware (ai score=86)
Antiy-AVL	Trojan/Win32.Wacatac
Arcabit	Trojan.Generic.D100D0
ZoneAlarm	not-a-virus:RiskTool.Win32.BitCoinMiner.odhv
Microsoft	TrojanDownloader:Win32/Upatre
Cynet	Malicious (score: 100)
AhnLab-V3	Win-Trojan/Miner3.Exp
Acronis	suspicious
ALYac	Trojan.GenericKDZ.65744
Malwarebytes	RiskWare.BitCoinMiner
ESET-NOD32	a variant of Win64/CoinMiner.PQ potentially unwanted
GData	Trojan.GenericKDZ.65744
AVG	Win64:CoinminerX-gen [Trj]

How to remove RiskTool.Win32.BitCoinMiner.odhv?

RiskTool.Win32.BitCoinMiner.odhv removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X