Aliases
W32/Maddis.worm, W32/Aveng.A
Type
Win32 worm
Description
W32/Maddis-A is a worm which spreads via networks shares. The worm uses stealth techniques in an attempt to hide its presence on an infected computer.
When first run, W32/Maddis-A creates a copy of itself named usrinit.exe in the Windows system folder and a file named helper.dll in the Windows or Temp folder.
On Windows98 based operating systems the worm adds the registry entry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\WindowsUpdate
On Windows NT based operating systems usrinit.exe is registered as a service
More: http://www.sophos.com/virusinfo/analyses/w32maddisa.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic