MSIL/Kryptik_AGen.GB removal instruction

The MSIL/Kryptik_AGen.GB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Kryptik_AGen.GB virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine MSIL/Kryptik_AGen.GB?


File Info:
name: DAAB149079FEAEF4B0D7.mlw
path: /opt/CAPEv2/storage/binaries/7c259d21e41a48bfdaa18657208f2765dd653b57a66067f0af61c4e42da34141
crc32: D6C7E59B
md5: daab149079feaef4b0d748dbc773eaa9
sha1: cf2b47095af6036953b2636945c5e3efa2f54cd6
sha256: 7c259d21e41a48bfdaa18657208f2765dd653b57a66067f0af61c4e42da34141
sha512: 41fe3c32982ec4934cb282f5caa266d4f8ab74093595b539edb89e942e37af1a80277dd2d72a68d15ae2f62064c0e52bc6157e59db486df92cd09d79eeecef28
ssdeep: 6144:3eHf3H9Jq0SuegVGJxyf18BPjO0flodz1h6qPYX6p+nXoEZaEPy4:3eHf3dbzVuUeOzdz1zwiW9a
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18BB49D2137891F12E839AF7800E18D6013F2EF29D7D2E71BBDE42596586EE814E62747
sha3_384: 65b0cb70ad208bc868ed3d4f54c2be42f355863bcae73e6aeb0adc78b018d34ae3b67261dc63b8277781f6db57c3f320
ep_bytes: ff250020400000000000000000000000
timestamp: 1999-07-08 13:37:32

Version Info:
Translation: 0x0000 0x04b0
Comments: 7?34C?6EB9?98AA84DD
CompanyName: C@>@EEE@HFIJ8;GE::2B?;
FileDescription: 27F5?E35FD:27HF7FIA
FileVersion: 7.11.14.18
InternalName: vbc.exe
LegalCopyright: Copyright © 2011 C@>@EEE@HFIJ8;GE::2B?;
OriginalFilename: vbc.exe
ProductName: 27F5?E35FD:27HF7FIA
ProductVersion: 7.11.14.18
Assembly Version: 1.0.0.0

MSIL/Kryptik_AGen.GB also known as:

Lionic	Trojan.MSIL.Agent.4!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.MSIL
McAfee	RDN/GenericAC
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058ba101 )
Alibaba	Trojan:MSIL/Kryptik_AGen.27e8eb88
K7GW	Trojan ( 0058ba101 )
Cyren	W32/MSIL_Kryptik.EQI.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of MSIL/Kryptik_AGen.GB
APEX	Malicious
Avast	Win32:TrojanX-gen [Trj]
Kaspersky	HEUR:Trojan.MSIL.Agent.gen
BitDefender	Trojan.GenericKD.47607001
ViRobot	Trojan.Win32.Z.Lazy.498688
MicroWorld-eScan	Trojan.GenericKD.47607001
Tencent	Msil.Trojan.Agent.Wtxj
Ad-Aware	Trojan.GenericKD.47607001
Comodo	TrojWare.Win32.Agent.eznpd@0
TrendMicro	TROJ_FRS.0NA103LA21
McAfee-GW-Edition	RDN/GenericAC
FireEye	Generic.mg.daab149079feaef4
Emsisoft	Trojan.Agent (A)
Ikarus	Trojan-Spy.FormBook
GData	Trojan.GenericKD.47607001
Jiangmin	Trojan.MSIL.alppb
Webroot	W32.Trojan.GenKD
Kingsoft	Win32.Troj.Undef.(kcloud)
Gridinsoft	Ransom.Win32.Sabsik.sa
Arcabit	Trojan.Generic.D2D66CD9
Microsoft	Trojan:Win32/Ymacco.AB7C
AhnLab-V3	Trojan/Win.Generic.C4830640
VBA32	TScope.Trojan.MSIL
ALYac	Trojan.GenericKD.47607001
MAX	malware (ai score=84)
Malwarebytes	Spyware.AgentTesla
TrendMicro-HouseCall	TROJ_FRS.0NA103LA21
Yandex	Trojan.Agent!v8D+pjYA2JM
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	PossibleThreat
BitDefenderTheta	Gen:NN.ZemsilF.34084.Em0@a8lwAVe
AVG	Win32:TrojanX-gen [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (W)

How to remove MSIL/Kryptik_AGen.GB?

MSIL/Kryptik_AGen.GB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X