You're in: Panda Security > Home Users > security-info > about-malware > encyclopedia > overview
Active Scan. Scan your PC free
Panda Security Product Line 2012

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Datom

 
Threat LevelModerate threatDamageHighDistributionNot widespread

Effects 

Datom does not have any destructive effects. Its only aim is to infect other systems.

Infection strategy 

Datom follows the infection routine below:

It creates the following files in the Windows directory

  • MSVXD.EXE, which runs the file MSVXD16.DLL.
  • MSVXD16.DLL, which runs MSVXD32.DLL and inserts an entry in the Windows Registry.
  • MSVXD32.DLL, which sends these three files to any drive the worm can access

In addition, Datom modifies the WIN.INI file to ensure that it is run every time the computer is started up.

Datom inserts the following entry in the Windows Registry:

  • HKLM\ Software\ Microsoft\ Windows\ CurrentVersion\ Run=MSVXD "%windir%\ msvxd.exe 1632"
    Through this entry, the worm ensures that the file MSVXD.EXE is run every time Windows is started up.

Means of transmission 

Datom spreads through networks, especially across the systems in a corporate network.

In order to do this, the worm sends files to all the network drives it can access and spreads quickly through all networked computers.