Description complète

Nom:	WORM/VBNA.B.370
La date de la découverte:	28/06/2010
Type:	Ver
En circulation:	Oui
Infections signalées	Moyen
Potentiel de distribution:	Faible
Potentiel de destruction:	Faible
Fichier statique:	Oui
Taille du fichier:	69.632 Octets
Somme de contrôle MD5:	fc5845e43fd492b43fdd39e53f615823
Version VDF:	7.10.03.191
Version IVDF:	7.10.08.209 - lundi 28 juin 2010

Général Les alias:
   • Kaspersky: Worm.Win32.VBNA.b
   • TrendMicro: WORM_VBNA.ABZ
   • Microsoft: Trojan:Win32/VB.AAG
   • AVG: VB.ADYE
   • Panda: W32/Autorun.JXY
   • VirusBuster: Worm.VBNA.TCJ
   • Eset: Win32/TrojanClicker.VB.NPD
   • AhnLab: Win32/Vbna.worm.69632.ARD
   • DrWeb: Trojan.MulDrop1.39253
   • Fortinet: W32/VBNA.B!worm
   • Ikarus: Worm.Win32.VBNA

Plateformes / Systèmes d'exploitation:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows 7

Effets secondaires:
   • Il diminue les réglages de sécurité
   • Il modifie des registres

Registre Les clés de registre suivantes sont changées:

– [HKLM\SOFTWARE\Microsoft\Security Center]
   L'ancienne valeur:
   • "UACDisableNotify"=dword:00000000
   La nouvelle valeur:
   • "UACDisableNotify"=dword:00000001

– [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
   L'ancienne valeur:
   • "EnableLUA"=dword:00000001
   La nouvelle valeur:
   • "EnableLUA"=dword:00000000

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   L'ancienne valeur:
   • "DisableSR"=dword:00000000
   La nouvelle valeur:
   • "DisableSR"=dword:00000001

– [HKLM\SYSTEM\ControlSet001\Services\sr]
   La nouvelle valeur:
   • "Start"=dword:00000004

– [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
   La nouvelle valeur:
   • "ShowSuperHidden"=dword:00000000
   • "SuperHidden"=dword:00000001
   • "Hidden"=dword:00000002
   • "HideFileExt"=dword:00000003

– [HKCU\Software\Microsoft\Internet Explorer\Main]
   La nouvelle valeur:
   • "Start Page"="http://www.nuevaq.fm"
   • "Local Page"="http://www.nuevaq.fm"
   • "Search Page"="http://www.nuevaq.fm"
   • "Default_Search_URL"="http://www.nuevaq.fm"
   • "Default_Page_URL"="http://www.nuevaq.fm"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Netscape.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Safari.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\opera.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\chrome.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\helper.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\updater.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\crashreporter.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\firefox.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Filemon.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Procmon.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\procexp.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\portmon.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\prckiller.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\gpedit.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\boot.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zlh.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Regmon.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\fslaunch.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\cclaw.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\ndntspst.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\nd98spst.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\kis8.0.0.506latam.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\kav8.0.0.357es.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\WS2Fix.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\UCCLSID.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\VACFix.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\unzip.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\swsc.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\swxcacls.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Diskmon.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\SrchSTS.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\SmitfraudFix.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\IEDFix.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\HostsChk.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\GenericRenosFix.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\exit.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\dumphive.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Restart.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Process.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\ntdetect.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\HJTInstall.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\ChromeSetup.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Opera_964_int_Setup.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\
   GoogleToolbarInstaller_download_signed.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\fa-setup.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zonealarm.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zonalm2601.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zonalarm.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zauinst.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zatutorzauinst.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zatutor.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zapsetup3001.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zapro.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\xscan.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\xpf202en.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wyvernworksfirewall.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wsbgate.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wrctrl.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wradmin.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wnt.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wmiav.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wmias.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winsfcm.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winservices.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winroute.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winrecon.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winppr32.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winmgm32.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe\""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wink.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winhlpp32.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wingate.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wimmun32.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\whoswatchingme.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wgfe95.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wfindv32.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\webtrap.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\webscanx.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\webscan.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\watchdog.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\w9x.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\w32dsm89.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vvstat.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vswinperse.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vswinntse.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vswin9xe.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsstat.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsscan40.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsmon.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsmain.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsisetup.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vshwin32.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsecomr.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsched.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vscenu6.02d30.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vscan40.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vscan.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vptray.exe]
   La nouvelle valeur:
   • "Debugger"="%WINDIR%\twunk_16.exe"

Détails de fichier Langage de programmation:
Le fichier a été écrit en Visual Basic.

Description insérée par Alexandru Dinu le jeudi 12 août 2010
Description mise à jour par Alexandru Dinu le lundi 23 août 2010

Retour . . . .

Protection avancée pour votre PC

Produits gratuits

Les plus populaires

Tous les produits

Offres groupées

Stations de travail

Server

Offres groupées

Mail Gateways

Web Gateways

Plateformes collaboratives

Particuliers

Entreprises

Virus Lab

Support avancé

Programme Avira Partner

Particuliers

Entreprises

Une simple évaluation vous suffit ?

Manuels et outils