Welcome to the Virus Encyclopedia of Panda Security.
|Effects: ||It deletes files with the following extensions: EXE, MP3, DLL and DAT.
|Detection updated on:||May 16, 2002|
Hedong is a dangerous worm that spreads via e-mail and carries out destructive actions.
Hedong deletes all the files that it finds with the following extensions: EXE, MP3, DLL and DAT.
It also changes the home page of Internet Explorer to http://www.hziee.edu.cn
It is very easy to become infected by Hedong, as it is automatically run when the message carrying the worm is viewed through Outlook's Preview Pane.
It does this by exploiting a vulnerability in Internet Explorer (versions 5.01 and 5.5) that allows files attached to e-mail messages to be automatically run.
It is very easy to know if Hedong has infected a computer, as it changes the home page of Internet Explorer to http://www.hziee.edu.cn.
In addition, this virus reaches computers hidden in an e-mail message that always includes one of the following attachments: