You don't even have to press a button to install the application - a simple visit to the application's page (which is displayed in Croatian) will trigger a pop-up that will ask you to run the application which - unexplainably - masquerades as a “Sun Microsystems Java Security Update 6":
If this warning fails to arouse your suspicion and you run the application, the Java applet will download an .exe file from a URL passed as a parameter on the website.
"It then saves and executes it as “NortonAV.exe” from the local user profile folder," explains McAfee's expert. "The downloaded trojan payload is a password stealer which search for passwords stored on the user’s machine. It then sends a password log to an e-mail account on gmail.com over an encrypted SMTP/TLS connection."
netizens left a footprint.