Mark Joseph Manahan
Exploit.Java.Agent.ic (Kaspersky), Java/Exploit.Agent.NEF trojan (Eset)
Windows 2000, Windows XP, Windows Server 2003
10 Jan 2013
11 Jan 2013
Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.
Remove the malware/grayware file that dropped/downloaded JAVA_EXPLOIT.RG
Restart in Safe Mode
Search and delete these files
Restart in normal mode and scan your computer with your Trend Micro product for files detected as JAVA_EXPLOIT.RG. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Download and apply this security patch Refrain from using these products until the appropriate patches have been installed. Trend Micro advises users to download critical patches upon release by vendors.