MSIL/Agent.CB (file analysis)

The MSIL/Agent.CB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Agent.CB virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine MSIL/Agent.CB?


File Info:
name: 195EB26D43DD473543B2.mlw
path: /opt/CAPEv2/storage/binaries/a67643858f5e1c7c08e563d6c281f9644dff1dcf020eeb88f912cf368671381d
crc32: FEA5BB92
md5: 195eb26d43dd473543b2c943dce3f90a
sha1: 9c3db151a417f4abb13836e4d3cdeec7a8651987
sha256: a67643858f5e1c7c08e563d6c281f9644dff1dcf020eeb88f912cf368671381d
sha512: f171e6d12678a6fa360eb7ca8c4f959c0ae91421850836c038bfb6d75ffb7b91f0cf59e1f053ef73c928b21ab5485bf676fad7b4426618bed316a16bcfd10a68
ssdeep: 96:8nSUlDqlBqDRMcY1MUTuaFAyXL/htVM/oGOh4BpteXw7Gdxi:8f3VMT1MUCaFAWiTOh40Xw+
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T17F02B603D3904E63DD660B79B8E612433734E3515A83F71A2CE8456AF8A37250930BFB
sha3_384: 5509eb00a1b25c08a79556620d7f620e2073805969cf80191835b1c97e29947e1bc5e93bedf7b4fda65c777772853d5e
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-01-25 18:25:16

Version Info:
Translation: 0x0000 0x04b0
FileDescription: XPlugin
FileVersion: 1.0.0.0
InternalName: XPlugin.dll
LegalCopyright:  
OriginalFilename: XPlugin.dll
ProductName: XPlugin
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Agent.CB also known as:

Bkav	W32.Common.B0182D6D
Lionic	Trojan.Win32.Rogue.4!c
ClamAV	Win.Trojan.Agent-843526
Skyhigh	Artemis!Trojan
McAfee	Artemis!195EB26D43DD
Cylance	unsafe
K7AntiVirus	Trojan ( 00509bf71 )
Alibaba	Trojan:MSIL/Generic.a1604f20
K7GW	Trojan ( 00509bf71 )
CrowdStrike	win/malicious_confidence_100% (W)
VirIT	Trojan.Win32.Small.DBU
Symantec	Trojan.Gen.MBT
tehtris	Generic.Malware
ESET-NOD32	MSIL/Agent.CB
NANO-Antivirus	Trojan.Win32.RiskGen.zbztn
Avast	Win32:Malware-gen
Tencent	Win32.Trojan.Rogue.Iflw
F-Secure	Trojan.TR/Rogue.7482453
Zillya	Trojan.Agent.Win32.764879
TrendMicro	TROJ_FRS.VSNTAJ24
Sophos	Mal/Generic-S
Ikarus	Trojan.Small
GData	Win32.Trojan.Agent.3ZCMRW
Google	Detected
Avira	TR/Rogue.7482453
Antiy-AVL	Trojan/Win32.SGeneric
Xcitium	Malware@#1ctmo2afrehkb
Microsoft	Trojan:Win32/Occamy.AA
MAX	malware (ai score=97)
Malwarebytes	Generic.Trojan.MSIL.DDS
TrendMicro-HouseCall	TROJ_FRS.VSNTAJ24
Yandex	Trojan.Agent!LhMdNY/CHR4
Fortinet	MSIL/Agent.CB!tr
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove MSIL/Agent.CB?

MSIL/Agent.CB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X