The browser start page is hijacked to laban.vn. The presence of a Registry value in the HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run that points to the malicious application.
Please let Bitdefender disinfect your computer
The computer user is shown an advertisement in the Yahoo Messenger chat window. If clicked, the user is prompted to download and execute a setup file that contains the payload. When executed, the file copies itself to %APPDATA%\\laban.exe and sets itself to run at every system boot. When running, it monitors to see whether the laban.vn page is set as default for every browser installed on the PC and, if it has been changed, it restores it back to laban.vn.