Virus.BAT.Bomgen

Technical Details

This virus is a BAT file. The size of the virus varies in size from 3KB to 21KB.

Payload

The virus will copy its executable file under one of the following names (depending on the version of the virus):

%Windir%setupset.bat
%Windir%helpinit.vbs
%Windir%regsys.js
%Windir%SYSZAAcc.bat
%Windir%WinEffHj.vbs

The virus may also create one of the following folders:

%Windir%4ieny5iC
%Windir%2HVjzBPf

The virus ascribes ‘Hidden’ and ‘System’ attributes to this folder.

The virus also creates the following files:

• %Temp%wVbcg8IS.wj — 64 bytes in size;
• %Temp%FqvC2WD.vbs — 436 bytes in size;
• %Windir%jKmmOCFG.js — 3, 322 bytes in size.

Removal instructions

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

1. Delete the original virus file (the location will depend on how the program originally penetrated the victim machine).
2. If the following files are present on the computer, delete them:

   %Windir%setupset.bat
   %Windir%helpinit.vbs
   %Windir%regsys.js
   %Windir%SYSZAAcc.bat
   %Windir%WinEffHj.vbs
   %Temp%wVbcg8IS.wj
   %Temp%FqvC2WD.vbs
   %Windir%jKmmOCFG.js

3. If the following folders are present on the computer, delete them:

   %Windir%4ieny5iC
   %Windir%2HVjzBPf

4. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).