TROJ_DROPPER.WSD

TROJ_DROPPER.WSD Description

TROJ_DROPPER.WSD is a Trojan that’s distributed as a fake Word document-based petition regarding China’s treatment of Taiwan in the Olympics. TROJ_DROPPER.WSD’s e-mail-distributed files are of minimal consequence if you delete suspicious spam habitually, but if allowed to launch, TROJ_DROPPER.WSD will install the Trojan TROJ_RUGENT.A onto your computer. Because e-mail messages that distribute TROJ_DROPPER.WSD Trojans also display decoy documents and related images during TROJ_DROPPER.WSD’s launch, victims may be unaware of TROJ_DROPPER.WSD’s attack – which, like TROJ_RUGENT.A, itself, doesn’t display direct symptoms. Given these facts, SpywareRemove.com malware experts remind all PC users that caution should be taken around suspicious file sources, including e-mail-distributed files from strangers, and encourage you use anti-malware software to scan files before opening them.

Turning Political Sympathies Into a Trojan Attack with TROJ_DROPPER.WSD

E-mail messages that distribute TROJ_DROPPER.WSD Trojans are very recognizable due to using Taiwanese political pressure as a social networking hook to encourage readers to sign a fake petition. These spam messages claim to represent a petition for encouraging the United Kingdom to pressure China into showing greater respect to Tibet, and, to this end, cite both recent and past Olympics events. Additional details supposedly are provided in the attached DOC file. While there is an actual Word document that’s attached to TROJ_DROPPER.WSD’s e-mail messages, this DOC is just one of several files that are compressed together. In addition to their decoy, these e-mail messages also launch two separate versions of TROJ_DROPPER.WSD, which uses a fake SCR extension (an extension reserved for screen savers) for both files.

Besides displaying another distraction in the form of a ‘Tibetan Olympics’ image, TROJ_DROPPER.WSD also installs a Trojan, TROJ_RUGENT.A. TROJ_RUGENT.A’s full functions haven’t been completely analyzed, although SpywareRemove.com malware experts note that TROJ_DROPPER.WSD does show some characteristics of including possible backdoor Trojan or Trojan downloader-related attacks. Since TROJ_DROPPER.WSD deletes itself after its payload is executed, there are minimal signs of the presence of malicious software on the affected computer.

Getting the Drop on a TROJ_DROPPER.WSD Trojan

If you delete TROJ_DROPPER.WSD’s distinctive Taiwanese-themed e-mails as soon as they arrive in your mailbox, vectors for infection by TROJ_DROPPER.WSD should remain low to nonexistent. Many anti-malware programs also should be able to detect TROJ_DROPPER.WSD prior to its launch, although the usage of file-packing technology may make this difficult for simplistic anti-malware scanners.

Even though it’s unnecessary to remove TROJ_DROPPER.WSD from your PC (given that TROJ_DROPPER.WSD is a self-deleting PC threat), TROJ_DROPPER.WSD’s payload, TROJ_RUGENT.A should always be removed as soon as possible after infection. SpywareRemove.com malware experts note that TROJ_RUGENT.A’s capabilities can be used to steal personal information, download other forms of malicious software or allow criminals to control your PC through botnets – all of which are not-insignificant security risks.

TROJ_DROPPER.WSD may also be detected as W32/Dorifel.GUS!tr, Mal/Behav-112, Trojan.Win32.Generic.pak!cobra or Trojan-Dropper.Win32.Dorifel.gus.

TROJ_DROPPER.WSD Automatic Detection Tool (Recommended)

Technical Details

Home Malware ProgramsTrojans TROJ_DROPPER.WSD