Published Jun 29, 2016 | Updated Mar 16, 2018


Severe |Detected with Windows Defender Antivirus

Aliases: not-a-virus:RiskTool.Win64.BitCoinMiner.tb (Kaspersky) Generic PUP.u (McAfee) a variant of Win32/EpicScale.A potentially unwanted application (ESET) Bitcoin Miner (Sophos) TROJ_SPNR.35BH14 (Trend Micro) Malware.FakePIC@CV!1.6AB7 (Rising AV) Gen:Variant.Strictor.49187 (BitDefender) Trojan.ADH.2 (Symantec)


This application was stopped from running on your network because it has a poor reputation. This application can also affect the quality of your computing experience. For example, some potentially unwanted applications can:

  • Install additional bundled software
  • Modify your homepage
  • Modify your search provider
  • Perform other actions that you might not have intended

These applications are most commonly software bundlers or installers for applications such as toolbars, adware, or system optimizers. We have observed this application installing software that you might not have intended on your PC.

If you were trying to install an application, you might have downloaded it from a source other than the official product's website.

We usually see this application installed on PCs in the following countries. This list is sorted according to prevalence:

  • Russia
  • United States
  • Korea
  • Japan
  • Turkey

This detection is part of our extended Potentially Unwanted Application protection feature.

Learn more about this type of application: Invisible resource thieves: The increasing threat of cryptocurrency miners

You should contact your IT representative or network administrator to find how you can install legitimate programs while connected to your network.

Follow us