Rudelen
Rudelen, also known as Ruleden, is a dangerous macro virus that infects Microsoft Word documents. It infects the computer when the user opens an infected file. Then the virus runs a payload. It disables Microsoft Word essential security features, changes the computer time and copies infected documents to several folders. Rudelen attempts to corrupt installed software by removing its registry keys and severely damages the entire operating computer by deleting critical executables and library files located in default Windows and computer directories and in the root of the main hard disk. The virus automatically runs on every Windows startup. It may show the following messages:
File System Modifications
- The following files were created in the system:
# File Name 1 adf.doc 2 bfdv.doc 3 nid.doc 4 rdcm.doc 5 readme.doc 6 roven.doc 7 ruden.vbs 8 scdl.doc
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USERSoftwareRudelenHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunshowmeHKEY_LOCAL_MACHINESOFTWARERudelen
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.