Mal/Generic-R + Mal/FareitVB-AC removal tips

The Mal/Generic-R + Mal/FareitVB-AC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Mal/Generic-R + Mal/FareitVB-AC virus can do?

Executable code extraction
Creates RWX memory
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Mal/Generic-R + Mal/FareitVB-AC?


File Info:
crc32: FC209D9C
md5: 07ba89c0c4ec4246c56de23fd915dad2
name: 07BA89C0C4EC4246C56DE23FD915DAD2.mlw
sha1: 6c0d54fcb8aeeeaf65aa8f8ddc809455a9333cf1
sha256: 7b2fa24464fc816c21be4a7849f99eed1936a46ecd02fd2305ee61e9ac94799b
sha512: 4a27fe85df46e0bb5d6fcc84c065fe6e8c347d7749b36a46075e8b3a81f067a1793696c403249e8675b52066a8a82e83314976ccc9d366371e1b750c0a488afd
ssdeep: 384:KwcH/ceddYSf9XlVjuBMb8R6P10FMKZUf4mFeCvEABlayQo2HgHL4ilwNfb4dgu:KL/caKSf9XlUuSqf4mM4abfHSd7idXG
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
InternalName: endemia
FileVersion: 1.00
CompanyName: Tegnst
Comments: INSTRU
ProductName: Prvetbefle
ProductVersion: 1.00
FileDescription: Lanais7
OriginalFilename: endemia.exe

Mal/Generic-R + Mal/FareitVB-AC also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 005628bd1 )
Lionic	Trojan.Win32.Vebzenpak.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.PackedENT.133
Cynet	Malicious (score: 99)
CAT-QuickHeal	Trojan.Vebzenpak
ALYac	Trojan.Guloader.GenericKD.33763437
Cylance	Unsafe
Zillya	Trojan.Androm.Win32.898
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Trojan:Win32/Fareit.3b
K7GW	Trojan ( 005628bd1 )
Cybereason	malicious.0c4ec4
Cyren	W32/Kryptik.BCI.gen!Eldorado
Symantec	Infostealer
ESET-NOD32	a variant of Win32/Injector.EKPP
APEX	Malicious
Avast	Win32:Trojan-gen
ClamAV	Win.Packed.Generic-7591178-0
Kaspersky	HEUR:Trojan.Win32.Vebzenpak.vho
BitDefender	Trojan.Guloader.GenericKD.33763437
NANO-Antivirus	Trojan.Win32.Androm.hbfoec
MicroWorld-eScan	Trojan.Guloader.GenericKD.33763437
Tencent	Win32.Trojan.Inject.Auto
Ad-Aware	Trojan.Guloader.GenericKD.33763437
Sophos	Mal/Generic-R + Mal/FareitVB-AC
BitDefenderTheta	Gen:NN.ZevbaF.34170.dm0@aaKIVxpi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TrojanSpy.Win32.FAREIT.UHBAZCLIY
McAfee-GW-Edition	BehavesLike.Win32.Fareit.pt
FireEye	Generic.mg.07ba89c0c4ec4246
Emsisoft	Trojan.Guloader.GenericKD.33763437 (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Backdoor.Androm.atsb
Avira	HEUR/AGEN.1107771
eGambit	Unsafe.AI_Score_86%
Antiy-AVL	Trojan/Generic.ASMalwS.2FFED1D
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	TrojanSpy:Win32/FormBook.AR!MTB
GData	Trojan.Guloader.GenericKD.33763437
AhnLab-V3	Suspicious/Win.VBKrypt.X2058
McAfee	Fareit-FRM!07BA89C0C4EC
MAX	malware (ai score=80)
VBA32	BScope.Trojan.Wacatac
Malwarebytes	Trojan.MalPack.VB
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TrojanSpy.Win32.FAREIT.UHBAZCLIY
Rising	Downloader.Guloader!1.C586 (CLASSIC)
Yandex	Trojan.AvsArher.bTeQgn
Ikarus	Trojan.VB.Crypt
MaxSecure	Trojan.Malware.74841891.susgen
Fortinet	W32/GuLoader.VHHQ!tr
AVG	Win32:Trojan-gen
Paloalto	generic.ml

How to remove Mal/Generic-R + Mal/FareitVB-AC?

Mal/Generic-R + Mal/FareitVB-AC removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X