Malware.Madangel
Malware.Madangel is a computer virus which poses a serious threat to computer security. Malware.Madangel makes use of a corrupt program that downloads malicious files to the local computer that presents a security risk as it is capable of modifying other files by infecting, prepending, or overwriting them with its own body. Use a reliable malware remover to make sure your PC is free from Malware.Madangel.
Aliases
Virus.Win32.Small.l (Kaspersky Lab)
PE_MADANGEL.A (Trend Micro)
W32/Madang-A (Sophos)
Virus:Win32/Madang.A (Microsoft)
Virus.Win32.Small (Ikarus)
Win32/MaDang (AhnLab)
PE_MADANGEL.A (Trend Micro)
W32/Madang-A (Sophos)
Virus:Win32/Madang.A (Microsoft)
Virus.Win32.Small (Ikarus)
Win32/MaDang (AhnLab)
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\Internet Explorer\Connection Wizard\icwconn1.exe 2 %ProgramFiles%\Internet Explorer\Connection Wizard\icwconn2.exe 3 %ProgramFiles%\Internet Explorer\Connection Wizard\icwrmind.exe 4 %ProgramFiles%\Internet Explorer\Connection Wizard\icwtutor.exe 5 %ProgramFiles%\Internet Explorer\Connection Wizard\inetwiz.exe 6 %ProgramFiles%\Internet Explorer\Connection Wizard\isignup.exe 7 %ProgramFiles%\Internet Explorer\iedw.exe 8 %ProgramFiles%\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe 9 %ProgramFiles%\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe 10 %ProgramFiles%\MSN\MSNCoreFiles\Install\msnsusii.exe 11 %ProgramFiles%\MSN\MSNIA\msniasvc.exe 12 %ProgramFiles%\MSN\MSNIA\prestp.exe 13 %ProgramFiles%\MSN\MsnInstaller\msninst.exe 14 %ProgramFiles%\NetMeeting\cb32.exe 15 %ProgramFiles%\NetMeeting\conf.exe 16 %ProgramFiles%\NetMeeting\wb32.exe 17 %ProgramFiles%\Outlook Express\msimn.exe 18 %ProgramFiles%\Outlook Express\oemig50.exe 19 %ProgramFiles%\Outlook Express\setup50.exe 20 %ProgramFiles%\Outlook Express\wab.exe 21 %ProgramFiles%\Outlook Express\wabmig.exe 22 %ProgramFiles%\Web Publish\WPWIZ.EXE 23 %ProgramFiles%\WinPcap\rpcapd.exe 24 %ProgramFiles%\WinPcap\Uninstall.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.