Know Your Malware: Handle Removal

Handle is a dangerous virus that infects Microsoft Word documents. Once executed, it displays fake error messages ("You can't open this files!!", "Information for you") and installs itself to the system. Handle creates several infected documents and saves them in different places. On certain days the virus displays other fake error messages ("Files missing today!", "Warning", "Error Internet Explorer", "Internet Explorer Unable to load") and attempts to run a payload - delete all the executables and library files located in the Windows main folder and default system directory. Handle also alters the Windows registry and deletes a lot of critical registry keys. The virus automatically runs on every Windows startup.

Related files: ruden.vbs, adf.doc, bfdv.doc, nid.doc, readme.doc, rdcm.doc, roven.doc, scdl.doc

Handle properties:
Hides from the user
Stays resident in background Remove Handle, removal instructions

Linked by shanmuga Thursday, 24th November 2005 2:02AM