Crack Virus

How to remove “Virus:Win32/Patchload.O”?

Malware Removal

The Virus:Win32/Patchload.O is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Virus:Win32/Patchload.O virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Virus:Win32/Patchload.O?


File Info:

name: 7C0B6625F3B37B2E3164.mlw
path: /opt/CAPEv2/storage/binaries/002606a0aa6c462dcbbf3db26c8e50e6b781732d4d4adcdfd46c53f7444f307e
crc32: 79CE9EFA
md5: 7c0b6625f3b37b2e31640aa423f5fb7b
sha1: 1b880d46f3902d2164a11c8f899f4807b02e05da
sha256: 002606a0aa6c462dcbbf3db26c8e50e6b781732d4d4adcdfd46c53f7444f307e
sha512: 26e9eb2066fdc78f28a535330eb2f931815680548cea7e04a2f4d3a358c1686e408fa1e8976177b50d2f3a89763135cd8453e3a299bd5b0048818910db603c38
ssdeep: 3072:NnOklfANPcYO/zQTHY5KdAMN3bgYQ5OGIJ/AKC5Cw5ybuG9hhaYY1b:wkZAfC6rhbgBSGKdw5yB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T127645B1532E1C1BBDD6B45735CF7D10A2222BEA65F9980C73BA43BAE09721D10E3E356
sha3_384: 27d9f7963b1349bff393fa640f83f09bb6a45e9721d2ee4dee55a8672827ef548ee48d84dae18678cf4f184aac9ecfc9
ep_bytes: 68650b4100e934060000e80f00000043
timestamp: 2009-06-11 04:54:06

Version Info:

CompanyName: Sony Corporation
FileDescription: VAIO Smart Network
FileVersion: 2.3.0.12210
InternalName: NSUService.exe
LegalCopyright: Copyright 2007,2008 Sony Corporation
OriginalFilename: NSUService.exe
ProductName: NSUService.exe
ProductVersion: 2.3.0.12210
Translation: 0x0000 0x04e4

Virus:Win32/Patchload.O also known as:

BkavW32.PatchedZB.PE
LionicTrojan.Win32.Patched.lnqW
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Patched.HE
CAT-QuickHealW32.Patchload.O
ALYacTrojan.Patched.HE
CylanceUnsafe
K7GWTrojan ( 0026f5d91 )
K7AntiVirusTrojan ( 0026f5d91 )
BaiduWin32.Virus.Loader.l
VirITWin32.Yoshi.E
CyrenW32/Patched.G
SymantecTrojan.Paccyn!inf
ESET-NOD32Win32/Patched.HN
APEXMalicious
ClamAVWin.Trojan.Patched-143
KasperskyTrojan.Win32.Patched.mf
BitDefenderTrojan.Patched.HE
NANO-AntivirusTrojan.Win32.Patched.dwgwe
ViRobotWin32.Patched.BE
AvastWin32:Patched-WQ [Trj]
TencentVirus.Win32.Patched.mf
Ad-AwareTrojan.Patched.HE
EmsisoftTrojan.Patched.HE (B)
ComodoTrojWare.Win32.Patched.HN@3bsert
DrWebTrojan.Starter.1695
ZillyaTrojan.Patched.Win32.37651
TrendMicroPTCH_KATUSHA.W
McAfee-GW-EditionBehavesLike.Win32.Virut.fm
FireEyeTrojan.Patched.HE
SophosW32/Patched-AL
GDataTrojan.Patched.HE
JiangminTrojanSpy.Zbot.adxr
Webrootw32.malware.gen
AviraW32/Patchload.A
MAXmalware (ai score=80)
MicrosoftVirus:Win32/Patchload.O
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Patched.DD
McAfeeW32/Katusha
TACHYONVirus/W32.Patched.Gen
VBA32Trojan-Spy.Zbot.gen
MalwarebytesMalware.AI.471752596
TrendMicro-HouseCallPTCH_KATUSHA.W
RisingVirus.Loader!1.9B09 (CLOUD)
YandexWin32.Katusha.Gen
IkarusVirus.Win32.Patchload
MaxSecureVirus.W32.Patched.MF
FortinetW32/Patched.MF!tr
AVGWin32:Patched-WQ [Trj]
Cybereasonmalicious.5f3b37
PandaW32/Katusha.BN

How to remove Virus:Win32/Patchload.O?

Virus:Win32/Patchload.O removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment