Mark Joseph Manahan
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
Downloaded from the Internet
This Trojan may be downloaded unknowingly by a user when visiting malicious website(s).
10 Jan 2013
This Trojan may be downloaded unknowingly by a user when visiting the following malicious website(s):
This Trojan connects to the following URL(s) to download its component file(s):
This malware checks for vulnerable software (such as Java, Adobe Reader, and Adobe Flash) to download and execute a malicious file.
10 Jan 2013
11 Jan 2013
Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.
Remove malware/grayware files dropped/downloaded by HTML_EXPLOIT.RG
Close all opened browser windows
Scan your computer with your Trend Micro product to delete files detected as HTML_EXPLOIT.RG. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.