Threat Center Threats Explained Threat Encyclopedia Threat Blog Security Tips Case Studies White Papers Newsletter Signup
 

Win32/Datom.A


Win32/Datom.A is a worm that uses shared network disks to spread.  The worm requires the operating system Windows 95 or newer for its operation.  Apart from replication the worm has no other forms of manifestation.  The worm code is divided into 3 files located in the directory where the operating system is installed on the attacked computer.  These are the files:

- msvxd.exe with length of 58368 bytes
- msvxd16.dll with length of 54784 bytes
- msvxd32.dll with length of 81408 bytes

The file msvxd.exe creates a new key "MSVXD" in the system registry under HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run\ pointing to the file msvxd.exe located in the directory containing the installation of the Windows operating system.  By that the worm ensures that it will be run at each start of the computer.  At the start of the computer the file msvxd.exe executes the DLL libraries msvxd16.dll and msvxd32.dll which contain the code necessary for spreading of the worm.



PROTECT YOUR COMPUTER!
ESETs NOD32 antivirus software provides comprehensive, easy-to-use, and affordable protection from todays and tomorrows threats. We put the malware expert inside the software, so you don’t have to become one.

DOWNLOAD ESET NOD32 ANTI VIRUS SOFTWARE

 

 
Top of Page Back One Page Print this Page