Your browser is obsolete!

The page may not load correctly.

Unexpected guests

Незваные гости

Other issues in this category (62)
  • add to favourites
    Add to Bookmarks

Enabled by accident

Read: 837 Comments: 7 Rating: 12

And as a follow-up to our recent post about BitTorrent, we have more to say about file downloads.

Let's take a look at the description of Trojan.LoadMoney, a rather common malicious downloader species.

Criminals designed this malicious installer to generate income from file downloads. When potential victims visit a rogue file-sharing site and attempt to download a file they've been looking for, they are instantly redirected to another site from which Trojan.LoadMoney.336 is downloaded to their machines. When launched, the Trojan gets in touch with another server to acquire an encrypted configuration file containing links to various referral programme applications that are also downloaded and launched on the compromised computers. The latter may include adware and other utterly malicious applications.

The solution appears to be a simple one: stay away from dubious websites, especially if your computer is not protected by an anti-virus. There’s nothing special to note here. Meanwhile, the malicious installer uses a couple of unusual tricks our readers should be aware of.

The Trojan tampers with the system to make its job easier and make sure that it won't easily be singled out among the running processes. Specifically, it makes sure that the computer can't be shut down. Should anyone try to do that, it will display the message "Downloading and installing updates".

So if you are trying to turn off your computer and see a message about updates being installed, it doesn't necessarily mean that the message is being displayed by Windows.

The second trick involves checkboxes.

By default, checkboxes that can be cleared to prevent certain components from being installed are unavailable, but hovering the cursor over a third checkbox suddenly makes those above it active.

#malware #Trojan #Windows

Dr.Web recommends

  1. Do not rush to tick boxes on sites and in application windows. Because checking one box can change other parameters as well.
  2. Pay attention to what you are doing, and don't forget to update your anti-virus!

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.


Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.