Know Your Malware: Rudelen Removal


Rudelen, also known as Ruleden, is a dangerous macro virus that infects Microsoft Word documents. It infects the system when the user opens an infected file. Then the virus runs a payload. It disables Microsoft Word essential security features, changes the system time and copies infected documents to several folders. Rudelen attempts to corrupt installed software by removing its registry keys and severely damages the entire operating system by deleting critical executables and library files located in default Windows and system directories and in the root of the main hard disk. The virus automatically runs on every Windows startup. It may display the following messages:
"Warning!
Files missing today!"

"Information for you
You can't open the files!!"

Related files: ruden.vbs, adf.doc, bfdv.doc, nid.doc, rdcm.doc, readme.doc, roven.doc, scdl.doc

Rudelen properties:
Hides from the user
Stays resident in background Remove Rudelen, removal instructions

Linked by shanmuga Saturday, 24th December 2005 9:32PM