TROJ_DROPPER.WSD is a Trojan that’s distributed as a fake Word document-based petition regarding China’s treatment of Taiwan in the Olympics. TROJ_DROPPER.WSD’s e-mail-distributed files are of minimal consequence if you delete suspicious spam habitually, but if allowed to launch, TROJ_DROPPER.WSD will install the Trojan TROJ_RUGENT.A onto your computer. Because e-mail messages that distribute TROJ_DROPPER.WSD Trojans also display decoy documents and related images during TROJ_DROPPER.WSD’s launch, victims may be unaware of TROJ_DROPPER.WSD’s attack – which, like TROJ_RUGENT.A, itself, doesn’t display direct symptoms. Given these facts, SpywareRemove.com malware experts remind all PC users that caution should be taken around suspicious file sources, including e-mail-distributed files from strangers, and encourage you use anti-malware software to scan files before opening them.
Turning Political Sympathies Into a Trojan Attack with TROJ_DROPPER.WSD
E-mail messages that distribute TROJ_DROPPER.WSD Trojans are very recognizable due to using Taiwanese political pressure as a social networking hook to encourage readers to sign a fake petition. These spam messages claim to represent a petition for encouraging the United Kingdom to pressure China into showing greater respect to Tibet, and, to this end, cite both recent and past Olympics events. Additional details supposedly are provided in the attached DOC file.
Besides displaying another distraction in the form of a ‘Tibetan Olympics’ image, TROJ_DROPPER.WSD also installs a Trojan, TROJ_RUGENT.A. TROJ_RUGENT.A’s full functions haven’t been completely analyzed, although SpywareRemove.com malware experts note that TROJ_DROPPER.WSD does show some characteristics of including possible backdoor Trojan or Trojan downloader-related attacks. Since TROJ_DROPPER.WSD deletes itself after its payload is executed, there are minimal signs of the presence of malicious software on the affected computer.
Getting the Drop on a TROJ_DROPPER.WSD Trojan
If you delete TROJ_DROPPER.WSD’s distinctive Taiwanese-themed e-mails as soon as they arrive in your mailbox, vectors for infection by TROJ_DROPPER.WSD should remain low to nonexistent. Many anti-malware programs also should be able to detect TROJ_DROPPER.WSD prior to its launch, although the usage of file-packing technology may make this difficult for simplistic anti-malware scanners.
Even though it’s unnecessary to remove TROJ_DROPPER.WSD from your PC (given that TROJ_DROPPER.WSD is a self-deleting PC threat), TROJ_DROPPER.WSD’s payload, TROJ_RUGENT.A should always be removed as soon as possible after infection. SpywareRemove.com malware experts note that TROJ_RUGENT.A’s capabilities can be used to steal personal information, download other forms of malicious software or allow criminals to control your PC through botnets – all of which are not-insignificant security risks.
TROJ_DROPPER.WSD may also be detected as W32/Dorifel.GUS!tr, Mal/Behav-112, Trojan.Win32.Generic.pak!cobra or Trojan-Dropper.Win32.Dorifel.gus.
TROJ_DROPPER.WSD Automatic Detection Tool (Recommended)
Is your PC infected with TROJ_DROPPER.WSD? To safely & quickly detect TROJ_DROPPER.WSD, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect TROJ_DROPPER.WSD What happens if TROJ_DROPPER.WSD does not let you open SpyHunter or blocks the Internet?
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name 1 %System%\systimer.exe
Posted: August 14, 2012 | By SpywareRemove
Threat Level: 9/10
Rate this article:
Detection Count: 303