Categories: CrackTrojan

Trojan.Win32.Patched.mf removal tips

The Trojan.Win32.Patched.mf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.Patched.mf virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Creates RWX memory
Guard pages use detected – possible anti-debugging.
Dynamic (imported) function loading detected
Enumerates the modules from a process (may be used to locate base addresses in process injection)
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan.Win32.Patched.mf?


File Info:
name: 0CC96C1B97EB68499DC0.mlwpath: /opt/CAPEv2/storage/binaries/b8362b23617d266edbafaa9877fb9f215a8f734ad39bbd3fc87e55e681190ad8crc32: D45B53BCmd5: 0cc96c1b97eb68499dc040fa85b0248fsha1: 09d27099ec475bd6d41be8a0b7488fe22259848esha256: b8362b23617d266edbafaa9877fb9f215a8f734ad39bbd3fc87e55e681190ad8sha512: fd9234b86502f2c8d447ac66e6ac31ae0c6ae206eb898a3f5dda75825870246d3e1dd80519dcfa3940cba9826231904dd5fe6060795c3e3e836223558e74c6c4ssdeep: 384:yNN7aCY8CtBcelBcowXeeYOvqMqyGmojWcGOB:yciqyGmeWEBtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T11E92C82173D4837AE8FA0B704C7653815272B9416935EB1E49C9020E7EB2E6ACF72773sha3_384: 5b0b76954372f4619affc32e7b58ca126b008c7bd82e937fda9da8d37d7c355bf9e025bcdf43b4ecc0e83abeca047493ep_bytes: 684e3e0011e934060000e80f00000043timestamp: 2007-09-05 16:53:46
Version Info:
Translation: 0x0000 0x04b0CompanyName: IntuitFileDescription: QuickBooks Company File Monitoring ServiceFileVersion: 2.0.2804.16013InternalName: QBCFMonitorService.exeLegalCopyright: © 2007 Intuit Inc. All rights reserved.LegalTrademarks: QuickBooks(TM) is a registered trademark of Intuit Inc.OriginalFilename: QBCFMonitorService.exeProductName: QuickBooks for WindowsProductVersion: 2.0.2804.16013Assembly Version: 2.0.2804.16013

Trojan.Win32.Patched.mf also known as:

Bkav	W32.PatchedZB.PE
Lionic	Trojan.Win32.Patched.lnqW
MicroWorld-eScan	Trojan.Patched.HE
CAT-QuickHeal	W32.Patchload.O
ALYac	Trojan.Patched.HE
Cylance	Unsafe
Zillya	Trojan.Patched.Win32.23985
K7AntiVirus	Trojan ( 0026f5d91 )
K7GW	Trojan ( 0026f5d91 )
Cybereason	malicious.b97eb6
Baidu	Win32.Virus.Loader.l
VirIT	Win32.Yoshi.E
Cyren	W32/Patched.G
Symantec	Trojan.Paccyn!inf
Elastic	malicious (high confidence)
ESET-NOD32	Win32/Patched.HN
APEX	Malicious
ClamAV	Win.Trojan.Patched-143
Kaspersky	Trojan.Win32.Patched.mf
BitDefender	Trojan.Patched.HE
NANO-Antivirus	Trojan.Win32.Patched.dwgwe
Avast	Win32:Patched-WQ [Trj]
Tencent	Virus.Win32.Patched.mf
Ad-Aware	Trojan.Patched.HE
Comodo	TrojWare.Win32.Patched.HN@3bsert
DrWeb	Trojan.Starter.1695
VIPRE	Trojan.Patched.HE
TrendMicro	PTCH_KATUSHA.W
McAfee-GW-Edition	W32/Katusha
FireEye	Trojan.Patched.HE
Sophos	W32/Patched-AL
GData	Trojan.Patched.HE
Jiangmin	TrojanSpy.Zbot.adxr
Avira	W32/Patchload.A
Antiy-AVL	Trojan/Generic.ASVirus.2BD
Arcabit	Trojan.Patched.HE
ViRobot	Win32.Patched.BE
Microsoft	Virus:Win32/Patchload.O
TACHYON	Virus/W32.Patched.Gen
AhnLab-V3	Win-Trojan/Patched.DD
McAfee	W32/Katusha
MAX	malware (ai score=87)
VBA32	Trojan-Spy.Zbot.gen
Zoner	Probably Heur.ExeHeaderL
TrendMicro-HouseCall	PTCH_KATUSHA.W
Rising	Virus.Loader!1.9B09 (CLASSIC)
Yandex	Win32.Katusha.Gen
Ikarus	Virus.Win32.Patchload
MaxSecure	Virus.W32.Patched.MF
Fortinet	W32/Patched.MF!tr
AVG	Win32:Patched-WQ [Trj]
Panda	W32/Katusha.BN