Largest Directoty of Internet Security Software

Internet Security Threats

Home Software Threats Security
News		  

Trojan-Downloader.Win32.IstBar.ah

RISK LEVEL:2

This Trojan downloads files from the Internet to the victim machine and launchesthem for execution. The Trojan itself is a Windows PE EXE file. It is 16 896bytes in size, and packed using UPX. The unpacked file is approximately 44KBin size. It is written in C++.

Once launched, the Trojan causes the following dialogue box to be displayedon screen:

If the user clicks “Cancel”, the Trojan will cease running. Ifthe user clicks “OK”, the Trojan will download a file called “sexyscreen.exe”from the following link:

http://www.******.com/ist/softwares/addins/sexyscreen.exe

(At the time of writing the link was not working.)

The file is saved to the Trojan’s work directory as "sexyscreen.exe":

%WorkDir%/sexyscreen.exe

This file will then be launched for execution.

If your computer does not have an up-to-date antivirus, or does not have anantivirus solution at all, follow the instructions below to delete the maliciousprogram:

  1. Delete the original Trojan file (its location will depend onhow it penetrated the victim machine).
  2. Delete the file downloaded by the Trojan:
    %WorkDir%/sexyscreen.exe
  3. Update your antivirus databases and perform a full scan of thecomputer (download a trial version of Kaspersky Anti-Virus).


Printed From:http://www.viruslist.com/en/viruses/encyclopedia?virusid=39455

Similar Virus/Threat >>
  •   Trojan-Downloader.Win32.QDown.b
    • This Trojan downloads other malicious programs from the Internet and launchesthem on the victim machine. The program itself is a Windows PE EXE file. Itis 43008 bytes in size. It is not packed in...
  •   Trojan-Downloader.Win32.Nurech.at
    • This Trojan downloads files via the Internet without the knowledge or consentof the user. It is a Windows PE EXE file. The file is approximately 28KB insize. It is packed using UPX. The unpacked...
  •   Trojan-Downloader.Win32.Small.jk
    • This Trojan downloads other programs via the Internet without the knowledgeor consent of the user and launches them on the victim machine. The programitself is a Windows PE EXE file. It is 36,352...
  •   Trojan-Downloader.Win32.Small.ddp
    • This Trojan downloads other malicious programs. It is a Windows PE EXE file.It is written in Microsoft Visual C++. It is not packed in any way. The sizeof infected files may vary from 20KB to...
  •   Trojan-Downloader.Win32.IstBar.bo
    • This Trojan downloads other programs via the Internet and launches them on thevictim machine without the user’s knowledge or consent. The program itselfis a Windows PE EXE file. It is 8,704...
  •   Trojan-Downloader.Win32.Small.eqn
  •   Trojan-Downloader.Win32.Bagle.cu



  • Window Washer
    		•
  • symantec PCanywhere 12.0
    		•
  • Kaspersky Anti-Hacker
    		•
  • iSpyNOW
    		•
  • Diet Kaza
    		•

    Acronis Privacy Expert Suite 8.0
    (31,781KB - $29.99)
    AIM Spy Monitor 2007
    (3,145KB - $39.99)
    BlazingTools Secure Office
    (1,301KB - $54.95)
    Yahoo! Messenger Spy Monitor 2007
    (4,034KB - $39.99)
    Encrypt my Folder
    (1,530KB - $24.95)

    Cookie Cleaner   |    History Eraser   |    Popup Killer   |   Firewall   |   Antivirus   |   Security Encryption   |   UnInstaller   |   Security News
    eTrust Pestpatrol Anti-Spyware   PestPatrol 5   Ad-Aware SE Removal   Ad-Aware SE   Ad-Watch   SpyFighter Cleaner Pro   Free Adware Remover   Spy Sweeper  Webroot Spy Sweeper 
    Copyright © 2002-2007 Internet Security Software.All rights reserved.
    Directory of Internet Security Software - Cookie & Cache Cleaner, History & Evidence Eraser, Popup Killer, Firewall