Mal/Generic-R + ErrorGuard Installer (PUA) removal instruction

The Mal/Generic-R + ErrorGuard Installer (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Mal/Generic-R + ErrorGuard Installer (PUA) virus can do?

Creates RWX memory
Dynamic (imported) function loading detected
Reads data out of its own binary image
Authenticode signature is invalid

How to determine Mal/Generic-R + ErrorGuard Installer (PUA)?


File Info:
name: 1150B61A03AA714EA5E1.mlw
path: /opt/CAPEv2/storage/binaries/e1f3a793b0f2aa6ee3561b0c57453d87ec2b407957c23ac9581f1c35ee426d98
crc32: 021B37FA
md5: 1150b61a03aa714ea5e12c46fd966359
sha1: 01dc4fb447407626411aab24f5ddcb6f6eff19e7
sha256: e1f3a793b0f2aa6ee3561b0c57453d87ec2b407957c23ac9581f1c35ee426d98
sha512: 3b623ddea8d2c3c7d32c5c9368aadb4ca47ac0bf073e51f346c542be256e57cf9069c4d813108acc01238d170a20895af5b524a31070a62c62a7abc98354b724
ssdeep: 3072:UgyjKBJrU4DKLh/6Q37icotDIauvYZYpv9qWRKPRfQ6d:UQEW0z7icoHuvqk9wl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T116F3022231D0C867D2A71572CA33EBB8E9B74F015121E71B27D5DF7B2D7128B9C29642
sha3_384: a13cba9eb458c9feb8b0f21363d83da87e019c7583baee307daa6bc52c234d6d472e0a1d853903ab6fec27501ab96b6d
ep_bytes: 83ec0c53555657c7442410e891400033
timestamp: 2004-02-07 17:26:28

Version Info:
0: [No Data]

Mal/Generic-R + ErrorGuard Installer (PUA) also known as:

Lionic	Trojan.Win32.ErrorGuar.4!c
Cylance	Unsafe
Sangfor	Trojan.Win32.Occamy.CE1
K7AntiVirus	Riskware ( 0040eff71 )
Alibaba	TrojanDownloader:Win32/ErrorGuar.071c397d
K7GW	Riskware ( 0040eff71 )
Cyren	W32/Risk.DLRS-0656
Symantec	Downloader.MisleadApp
TrendMicro-HouseCall	Freeloader_ErrorGuard
Paloalto	generic.ml
NANO-Antivirus	Trojan.Win32.ErrorGuar.cswvbn
Sophos	Mal/Generic-R + ErrorGuard Installer (PUA)
Comodo	Malware@#1m939t8b0nyzr
F-Secure	Rogue:W32/ErrorGuard.A
TrendMicro	Freeloader_ErrorGuard
McAfee-GW-Edition	BehavesLike.Win32.Dropper.cc
Avira	ADSPY/ErrorGuar.A.1
Antiy-AVL	GrayWare[Downloader]/Win32.Adload.gen
Kingsoft	Win32.TrojDownloader.Agent.(kcloud)
Microsoft	Trojan:Win32/Occamy.CE1
GData	Win32.Trojan.Agent.KX6SH2
McAfee	Artemis!1150B61A03AA
VBA32	suspected of Trojan.Downloader.gen
Malwarebytes	Rogue.ErrorGuard
MAX	malware (ai score=99)
Fortinet	W32/ErrorGuard.A!tr
Panda	Generic Malware

How to remove Mal/Generic-R + ErrorGuard Installer (PUA)?

Mal/Generic-R + ErrorGuard Installer (PUA) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X