Discovered: November 9, 2000
Updated: February 13, 2007 11:34:48 AM
Also Known As: Win32.ZHymn.a [KAV], W95/Zhymn.a [McAfee], W32/ZHymn [Sophos], PE_USSRHYMN.A [Trend], Win32.Zombie.19986 [CA]
Type: Virus
Systems Affected: Windows 95, Windows 98, Windows Me
W95.Ussrhymn infects files on Windows 95/98 systems.The virus is based heavily on W95.Bistro, but does not include the features that made W95.Bistro so difficult to detect.
The virus infects Portable Executable (PE) files, and it adds an infected executable into .zip and .rar archives files. It also alters Wsock32.dll and contains support for UUEncoded files.
W95.Ussrhymn got its name from the payload, which plays an old Soviet Republic hymn on January 1st.
Protection
-
Initial Rapid Release version November 13, 2000
-
Latest Rapid Release version August 20, 2008 revision 017
-
Initial Daily Certified version November 13, 2000
-
Latest Daily Certified version January 20, 2009 revision 048
-
Initial Weekly Certified release date November 13, 2000
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Peter Ferrie
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
