gudygv .swf Exploit Agent.je

[Laust]

Should this be in your data base?

My zonealarm keeps putting it in quarantine and my Malwarebyts doesn't.

[noknojon]

(From a very quick search) -Threat Description : Exploit:Java/Agent
Aliases:  Exploit:Java/Agent, Exploit.Java.Agent.F
Category:  Malware

 

Hello Laust -
It appears to be an infection that may have entered via your Java application (outdated maybe) ??

We are not permitted to work on possible malware-related issues here in this section of the forum.

So, for Expert assistance, I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help >>AND<< the suggested preliminary steps to expedite the process.
A malware analyst will assist you with looking into your issue and will walk you through the process, step by step.

 

Please allow the Experts to help you to remove this, and generally assist you......

 

Thank You -

[David H. Lipman]

Should this be in your data base?

My zonealarm keeps putting it in quarantine and my Malwarebyts doesn't.

 

Please don't split the subject matter of a query between the subject and the body.

 

The subject is a blurb of the concept and the body should be a fully explanation of the issue or query.  If it is simple, and the subject matter is just in the "Subject" repeat it in the body.

 

I presume that you are miffed that MBAM did not block or detect "gudygv .swf Exploit Agent.je" but you really don't identify what that is or provide any substantiating information.

 

However I will presume that we are discussing a malicious Flash file ( * .SWF ) using exploitation code.

 

If this is the case, then you need to understand what MBAM targets and does not target.

 

MBAM does not target script files. That means MBAM will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

Until MBAM, v1.75, MBAM could not access files in archives but with v1.75 came that ability so it can unarchive a Java Jar (which is a PKZip file) but it won't target the .CLASS files within. Same goes with CHM files (which is a PKZip file) but it doesn't target the HTML files within. MBAM v1.75 specifically will deal with; ZIP, RAR, 7z, CAB and MSI for archives. And self-Extracting; ZIP, 7z, RAR and NSIS executables (aka; SFX files).

MBAM specifically targets binaries that start with the first two characters being; MZ

They can be; EXE, CPL, SYS, DLL, SCR and OCX. Any of these files types can be renamed to be anything such as;  TXT, JPG, CMD and BAT and they will still be targeted just as long as the binary starts with 'MZ'.

The Malwarebytes' Anti-Exploit software (MBAE) is an application that monitors a given software and is designed to thwart exploitation attempts such as a malicious SWF using Exploit Code being viewed by a Browser ( IE, Firefox, Chrome, Safari, etc... ) by monitoring and protecting the Browser.

[Laust]

I want to say thanks for the help, it was just what I needed.

I have a good idea of where it's coming from now.

I have no problem getting rid of it, I just delete it.

As far as Identification, I thought "gudygv .swf Exploit Agent.je" was it.

I know nothing of how malwarebytes works but I have been using it for years and won't give it up.

Sorry I put this in the wrong place I don't have to come here that often.

Thanks