Techguy
November 28, 2000, 06:35 pm
TROJ_USSRHYMN.A
Risk rating: low
Virus type: Trojan
Destructive: N
Aliases:
USSRHYMN.A, W95.Ussrhymn@m
Description:
This is the Trojan part of the PE virus, PE_USSRHYMN.A. The Trojan programs resides in memory and checks whether a debugger is present. If a debugger is found, the Trojan restarts the computer. If the current system date is January 1, an old Soviet Republic hymn is played. This Trojan may cause system instability on computers that have debuggers installed, such as SoftIce. It is also reported that it alters some antivirus programs.
Solution:
Click START|RUNType REGEDIT and hit ENTER key
In the left panel, click the "+" to the left of the following:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
CurrentVersion\Run
In the right panel, search for any of the registry key that contains the data value of
kernel="%WinDir\KERNEL.EXE"
In the right window, highlight the registry key that loads the file and press the DELETE key. Answer YES to delete the entry.
Exit the registry.
Restart computer.
Scan your system with your antivirus and delete all files detected as TROJ_USSRHYMN.A and PE_USSRHYMN.A.
------------------
Thank you for using Help From Techs Support Forums!
Please come again and remember to refer a friend to our site.
Risk rating: low
Virus type: Trojan
Destructive: N
Aliases:
USSRHYMN.A, W95.Ussrhymn@m
Description:
This is the Trojan part of the PE virus, PE_USSRHYMN.A. The Trojan programs resides in memory and checks whether a debugger is present. If a debugger is found, the Trojan restarts the computer. If the current system date is January 1, an old Soviet Republic hymn is played. This Trojan may cause system instability on computers that have debuggers installed, such as SoftIce. It is also reported that it alters some antivirus programs.
Solution:
Click START|RUNType REGEDIT and hit ENTER key
In the left panel, click the "+" to the left of the following:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
CurrentVersion\Run
In the right panel, search for any of the registry key that contains the data value of
kernel="%WinDir\KERNEL.EXE"
In the right window, highlight the registry key that loads the file and press the DELETE key. Answer YES to delete the entry.
Exit the registry.
Restart computer.
Scan your system with your antivirus and delete all files detected as TROJ_USSRHYMN.A and PE_USSRHYMN.A.
------------------
Thank you for using Help From Techs Support Forums!
Please come again and remember to refer a friend to our site.