Generic Anti-Virus Virus Defence Bureau News Articles On-line Real Time Protection
Multi-tiered Security Solution
Virus Defence Home Company Profile Support Downloads Solutions News Articles Enquiries Partners
Reduces legal liability
Blocks First Strike of Viruses

Datom Worm (MSVXD.EXE) 17/09/02
 


Datom is a network worm discovered early July. InVircible uses are inherently protected against Datom. It spreads to shared network resources. The worm consists of 3 files, they are:

MSVXD.EXE
MSVXD16.DLL
MSVXD32.DLL

MSVXD.EXE is the first component which loads the worm by loading the MSVXD16.DLL library. The MSVXD16.DLL then loads the MSVXD32.DLL component, which spreads the worm.

If there is file called "Win.ini" in Windows directory, Datom writes "MSVXD.EXE" string in the "Run" section of this file, otherwise it creates a link file pointing to MSVXD.exe and called "VxD Manager.lnk" in the common ("All users") Startup directory on the remote computer.


Back

Site Extras...
 

Sign up for our quarterly e-newsletter for helpful advice and product updates


Plain text HTML

 

to keep the Virus Defence Bureau near by
 
     

Home | Company Profile | Support | Downloads | Solutions | News Articles | Enquiries
© Virus Defence Bureau 2002   Email support@virusdefence.com.au   Tel +61 03 9569 8848