W32.HLLW.Cydog@mm is a mass-mailing worm that spreads by email. This worm uses Microsoft Outlook to send itself to the contacts in the Outlook Address Book:
- The email will have a random subject chosen from a predetermined selection.
- The attachment will have a random file name chosen from a predetermined selection, with a file extension of .exe or .scr.
W32.HLLW.Cydog@mm also attempts to spread using the KaZaA, eDonkey2000, Bearshare, Grokster, and Morpheus file-sharing networks. The worm attempts to terminate the active processes of various antivirus programs and system utilities.
W32.HLLW.Cydog@mm also attempts to delete:
- Program files that Norton AntiVirus products use
- Files shared by various Symantec programs, including the virus definition files
W32.HLLW.Cydog@mm is a Visual Basic application that is packed with UPX 1.24.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.