BitDefender Antivirus
Contact Us | My BitDefender

Trojan.Downloader.Istbar.NN

( Trojan-Downloader.Win32.IstBar.nj, Win32/Istbar.BN!Trojan, W32/Istbar.NJ!dldr )
Spreading: low
Damage: low
Size: ~ 69kb
Discovered: 2005 Dec 13

SYMPTOMS:

Possible pressence of the IstBAR toolbar in Internet Explorer browser and/or other malware.

TECHNICAL DESCRIPTION:

This malware is an online installer created with NullSoft Installer.

Upon execution it announces the user that it will install a toolbar for "Internet Explorer" but no "Cancel" option is present, only one "Agree" button. If pressed, an executable file from http://www.ysbweb.com/ist/softwares/[removed] will be downloaded, saved as "gkey.dll" in the temporary folder, and executed as an ".exe".

In fact, the downloaded file could be either a toolbar, another trojan downloader or even other malware.

Removal instructions:

Please let BitDefender disinfect your files.

ANALYZED BY:

Marian RADU, virus researcher
©   2009 BITDEFENDER SiteMap | Legal Terms | Site Feedback | Global Sites | Privacy Policy