Descripción completa

Nombre:	TR/Agent.AV.55296
Descubierto:	20/10/2010
Tipo:	Troyano
En circulación (ITW):	Sí
Número de infecciones comunicadas:	Bajo
Potencial de propagación:	Bajo
Potencial dañino:	Medio-bajo
Fichero estático:	Sí
Tamaño:	55.296 Bytes
Suma de control MD5:	4b3dcffbec9df40120ecf005928a97f7
Versión del VDF:	7.10.05.219
Versión del IVDF:	7.10.13.04 - miércoles, 20 de octubre de 2010

General Método de propagación:
   • Función de autoejecución

Alias:
   • Symantec: W32.Rontokbro@mm
   • Kaspersky: Trojan.Win32.VBKrypt.qcb
   • Sophos: Mal/SillyFDC-G

Plataformas / Sistemas operativos:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows 7

Efectos secundarios:
   • Bloquea el acceso a ciertos sitios web
   • Bloquea el acceso a portales de seguridad
   • Desactiva los programas de seguridad
   • Suelta ficheros
   • Modificaciones en el registro

Ficheros Se copia a sí mismo en la siguiente ubicación:
• %HOME%\%varios dígitos aleatorios%\winlogon.exe

Registro Añade uno de los siguientes valores a cada clave del registro, para ejecutar los procesos al reiniciar el sistema:

– [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
   • "NVIDIA Media Center Library "="%HOME%\%varios dígitos aleatorios%\winlogon.exe"

– [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   • "NVIDIA Media Center Library "="%HOME%\%varios dígitos aleatorios%\winlogon.exe"

Añade las siguientes claves al registro:

– [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]
   • "Local Page"="http://o-6-9-7-9-a-8-l-n-s-z-i-8-r-3-6-l-4-2-.u-l-c-6-e-p-a-a-0-z-m-s-m-00-v-2-i-7-5-f-l-7-7-l-t-j-h-h-9.**********"

– [HKLM\SOFTWARE\Microsoft\Security Center]
   • "UacDisableNotify"=dword:00000001

– [HKLM\SOFTWARE\Microsoft\Security Center\Svc]
   • "AntiVirusDisableNotify"=dword:00000001
   • "AntiVirusOverride"=dword:00000001
   • "FirewallDisableNotify"=dword:00000001
   • "FirewallOverride"=dword:00000001
   • "FirstRunDisabled"=dword:00000001
   • "UpdatesDisableNotify"=dword:00000001
   • "UacDisableNotify"=dword:00000001

– [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
   • "ConsentPromptBehaviorAdmin"=dword:00000000
   • "EnableLUA"=dword:00000000
   • "PromptOnSecureDesktop"=dword:00000001

– [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
   • "NoFolderOptions"=dword:00000001

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\avgcc32.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\avwsc.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\cfinet32.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\deputy.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\expert.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\fsave32.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\icmon.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\lockdown.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\mrflux.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\ncinst4.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\nupgrade.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\pccwin98.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\pspf.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\scrscan.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\symproxysvc.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\UI0Detect.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vscenu6.02d30.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wmias.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\xscan.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zonalarm.exe]
   • "Debugger"=""%HOME%\%varios dígitos aleatorios%\winlogon.exe""

– [HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
   • "NoAutoRebootWithLoggedOnUsers"=dword:00000001

– [HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
   • "EnableFirewall"=dword:00000000

– [HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
   • "EnableFirewall"=dword:00000000

– [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000\Control]
   • "ActiveService"="mchInjDrv"

– [HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\
   FirewallPolicy\StandardProfile\AuthorizedApplications\List\%HOME%\
   %varios dígitos aleatorios%]
   • "winlogon.exe"="%HOME%\%varios dígitos aleatorios%\winlogon.exe:*:Enabled:@xpsp2res.dll,-53342401"

– [HKLM\SYSTEM\ControlSet001\Services\mchInjDrv\Enum]
   • "0"="Root\LEGACY_MCHINJDRV\0000"
   • "Count"=dword:00000001
   • "NextInstance"=dword:00000001

– [HKLM\SYSTEM\ControlSet001\Services\mchInjDrv]
   • "Type"=dword:00000001
   • "ErrorControl"=dword:00000000
   • "Start"=dword:00000004
   • "ImagePath"="\??\%tempdir%\mc28.tmp"
   • "DeleteFlag"=dword:00000001

– [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000\
   Control]
   • "ActiveService"="mchInjDrv"

– [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\
   FirewallPolicy\StandardProfile\AuthorizedApplications\List\%HOME%\
   %varios dígitos aleatorios%]
   • "winlogon.exe"="%HOME%\%varios dígitos aleatorios%\winlogon.exe:*:Enabled:@xpsp2res.dll,-53342401"

– [HKLM\SYSTEM\CurrentControlSet\Services\mchInjDrv\Enum]
   • "0"="Root\LEGACY_MCHINJDRV\0000"
   • "Count"=dword:00000001
   • "NextInstance"=dword:00000001

– [HKLM\SYSTEM\CurrentControlSet\Services\mchInjDrv]
   • "Type"=dword:00000001
   • "ErrorControl"=dword:00000000
   • "Start"=dword:00000004
   • "ImagePath"="\??\%tempdir%\mc28.tmp"
   • "DeleteFlag"=dword:00000001

– [HKLM\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\
   FirewallPolicy\StandardProfile\AuthorizedApplications\List\%HOME%\
   %varios dígitos aleatorios%]
   • "winlogon.exe"="%HOME%\%varios dígitos aleatorios%\winlogon.exe:*:Enabled:@xpsp2res.dll,-57951861"

– [HKCU\Software\Microsoft\Internet Explorer\Main]
   • "Default_Search_URL"="http://i-g-7-9-2-6-q-y-1-.u-l-c-6-e-p-a-a-0-z-m-s-m-00-v-2-i-7-5-f-l-7-7-l-t-j-h-h-9.**********"
   • "Default_Page_URL"="http://s-v-7-0-5-9-a-7-s-h-m-c-k-f-8-q-x-.a-l-v-d-z-o0-n-x-6-v-0-q-q-m-7-g-d-z-7-7-o-b-m-7-z-4-a-q-0.**********"

– [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
   • "NoRun"=dword:00000001
   • "NoFile"=dword:00000001
   • "NoFolderOptions"=dword:00000001

– [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System]
   • "DisableRegistryTools"=dword:00000001
   • "DisableTaskMgr"=dword:00000001

– [HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel]
   • "HomePage"=dword:00000001

– [HKCU\Software\Policies\Microsoft\Windows\System]
   • "DisableCMD"=dword:00000001

Modifica las siguientes claves del registro:

– [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]
   Nuevo valor:
   • "Default_Page_URL"="http://o-6-9-7-9-a-8-l-n-s-z-i-8-r-3-6-l-4-2-.u-l-c-6-e-p-a-a-0-z-m-s-m-00-v-2-i-7-5-f-l-7-7-l-t-j-h-h-9.**********"
   • "Default_Search_URL"="http://n-l-3-7-u-5-v-8-o-4-0-4-0-3-j-m-x-i-r-.5-b-e-n-t-f-p-p-7-1-1-0-7-c-q-0-3-00-6-u-7-t-1-n-y-q-u-f-u.**********"
   • "Search Page"="http://t-9-v-0-p-6-c-1-l-4-9-g-1-6-m-l-e-1-8-3-2-p-o-6-9-v-a-6-7-6-.i-k-r-g-1-0-u-5-1-f-3-g-li-9-p-1-x-t-6-g-l-8-m-q-y-s-k-6-l.**********"
   • "Start Page"="http://s-0-r-5-.5-b-e-n-t-f-p-p-7-1-1-0-7-c-q-0-3-00-6-u-7-t-1-n-y-q-u-f-u.**********"

– [HKLM\SYSTEM\ControlSet001\Services\wscsvc]
   Nuevo valor:
   • "Start"=dword:00000004

– [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]
   Nuevo valor:
   • "Epoch"=dword:000000A1

– [HKCU\Control Panel\Sound]
   Nuevo valor:
   • "Beep"="yes"

– [HKCU\Software\Microsoft\Internet Explorer\Main]
   Nuevo valor:
   • "Local Page"="%SYSDIR%\blank.htm"
   • "Start Page"="http://x-i-5-8-m-0-2-4-i-f-i-f-0-s-.j-z-0-3-0-u-u-x-f-1l-3-l-h-w-b-q-z-u-5-n-l-l-m-s-5-v-s-z-g.**********"
   • "Search Page"="http://6-u-e-h-s-9-z-3-h-u-z-5-8-0-i-3-k-9-0-p-a-e-m-2-3-w-6-5-.i-k-r-g-1-0-u-5-1-f-3-g-li-9-p-1-x-t-6-g-l-8-m-q-y-s-k-6-l.**********"

– [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
   Nuevo valor:
   • "HideFileExt"=dword:00000000
   • "ShowSuperHidden"=dword:00000001

– [HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
   Connections]
   Nuevo valor:
   • "SavedLegacySettings"=3C 00 00 00 17 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 F0 6A 36 C5 6F E0 CA 01 01 00 00 00 C0 A8 7A 16 00 00 00 00 00 00 00 00

– [HKCU\SessionInformation]
   Nuevo valor:
   • "ProgramCount"=dword:0000000A

Ficheros host El fichero host es modificado de la siguiente manera:

– El acceso a los siguientes dominios es redirigido a otras destinaciones:
   • 0.101.54.8 kb.bitdefender.de
   • 0.132.61.140 pandalabs.pandasecurity.com
   • 0.138.235.133 www.ealaddin.com
   • 1.227.61.47 vos.symantec.com
   • 1.228.18.67 viruschief.com
   • 1.58.74.147 www.f-secure.com
   • 1.95.135.83 usa.kaspersky.com
   • 10.148.57.143 support.rising-global.com
   • 101.145.148.140 www.beautybar.com
   • 101.40.87.203 buscalo.in
   • 101.40.87.203 www.manchester-offices.co.uk
   • 101.40.87.203 www.microsoft.com
   • 102.165.162.241 blog.trendmicro.com
   • 102.65.243.153 fortiwifi.com
   • 103.117.76.199 us.bitdefender.com
   • 103.154.69.68 mcafee.com
   • 103.154.69.68 www.emsisoft.es
   • 103.154.69.68 www.fimasys.com
   • 103.80.82.74 register.norman.com
   • 103.86.1.67 new-beta.drweb.com
   • 104.111.157.18 mx.mcafee.com
   • 104.242.83.237 securityrespons.symantec.com
   • 105.199.239.188 drwebinside.com
   • 106.120.79.202 cai.com
   • 106.157.4.70 encarta.msn.com
   • 106.220.254.33 apac.trendmicro.com
   • 106.251.4.165 tw.sophos.com
   • 107.208.161.115 www.comodoantispam.com
   • 107.239.236.59 avx.rob-have.net
   • 108.109.243.29 antivirus.sunbeltsoftware.com
   • 108.165.249.254 au.mcafee.com
   • 108.209.161.116 ccslaughterspdx.com
   • 108.209.161.116 hauri.net
   • 108.209.161.116 www.mamutu.com
   • 109.254.75.168 support.drweb.com
   • 11.100.159.101 biz.nprotect.com
   • 11.105.77.26 pda.drweb.com
   • 11.38.78.26 www.professorbeyer.com
   • 110.124.83.206 scanner2.novirusthanks.or
   • 110.174.171.250 www.fortinetuk.com
   • 110.211.96.118 descargas.eset.es
   • 110.255.8.168 www.phoenixtrikeworks.com
   • 110.29.82.111 bitdefenderusa.com
   • 111.44.178.32 iseclab.org
   • 112.7.253.164 backup.comodo.com
   • 112.8.185.164 anti-virus.by
   • 112.8.185.164 www.emsisoft.jp
   • 112.8.185.164 www.renningers.com
   • 113.158.161.152 virus.org
   • 114.121.168.28 aladdin.com
   • 114.121.168.28 etrr.co.uk
   • 114.121.168.28 www.emsisoft.com
   • 114.47.181.35 free.pandasecurity.com
   • 114.53.99.216 company.drweb.com
   • 116.130.89.212 www.bitdefender.de
   • 116.167.82.80 www.aks.com
   • 117.124.170.219 it.mcafee.com
   • 117.218.103.125 www.freerav.com
   • 117.36.89.118 shop.trendmicro.com
   • 117.87.177.162 f-secure.nlfsecure.com
   • 118.176.3.76 www.bitdefender.cl
   • 118.207.78.208 www.avast.com
   • 119.176.4.77 drweb.com
   • 119.176.4.77 www.peterhearnwaste.co.uk
   • 119.176.4.77 www.virusbuster.hu
   • 119.8.17.178 securityrespons.symantec.com
   • 12.163.153.64 www.hauri.net
   • 12.194.160.195 www.symantec.com
   • 12.26.241.108 www.secure-elements.com
   • 12.63.234.232 support.mcafee.com
   • 120.252.181.4 it.bitdefender.com
   • 121.122.0.42 servicenews.symantec.com
   • 121.142.13.143 www.fortinet-apac.com
   • 121.178.194.11 mcafeeretail.com
   • 121.215.255.203 nprobeta.norman.com
   • 121.222.106.129 baristamagazine.com
   • 121.91.181.167 virusscan.jotti.org
   • 123.231.96.57 iniciorapido.info
   • 123.231.96.57 www.buraka.tv
   • 123.231.96.57 www.kaspersky.com
   • 123.5.102.0 avast.com
   • 125.45.98.127 tr.mcafee.com
   • 125.51.17.52 store.bitdefender.com
   • 125.89.10.177 www.ca.com
   • 125.89.10.177 www.prdouglas.co.uk
   • 127.134.180.41 daniloff.net
   • 127.97.187.104 www.malwarecity.fr
   • 128.155.195.143 ru.trendmicro.com
   • 128.4.0.79 beta.anti-virus.by
   • 129.143.102.225 system-cleaner.comodo.com
   • 13.152.61.146 www.celticmerchant.com
   • 130.12.177.7 itw.trendmicro.com
   • 130.143.102.225 trendmicro.com
   • 130.143.102.225 www.collectedcurios.com
   • 130.143.102.225 www.emsisoft.at
   • 131.189.16.89 www.freedrweb.ru
   • 131.220.23.221 bitdefendertaiwan.com
   • 132.146.105.228 www.eset.es
   • 132.183.98.96 www.npin.co.kr
   • 132.21.98.3 tms.symantec.com
   • 132.58.24.59 virusbuster.hu
   • 133.234.119.141 www.avhide.com
   • 134.191.19.92 research.microsoft.com
   • 134.198.194.17 ahnlab.com
   • 134.198.194.17 cutlines.org
   • 134.198.194.17 www.pctools.com
   • 135.98.20.187 oem.sunbeltsoftware.com
   • 136.113.116.107 www.virusbuster.hu
   • 136.12.197.20 de.mcafee.com
   • 136.18.115.13 bitdefendermalaysia.com
   • 136.237.190.144 timeforyourbusi.pandasecurity.com
   • 136.243.108.69 customers.drweb.com
   • 136.56.109.138 comodo.com
   • 136.56.109.138 www.emeraldclassic.co.uk
   • 136.56.109.138 www.hauri.net
   • 137.144.190.239 www.hacksoft.pe
   • 138.101.23.190 news.drweb.com
   • 138.246.111.140 www.mcafee.at
   • 138.252.30.65 www.bitdefender.com.tw
   • 139.153.112.235 howsafeismypc.com
   • 139.227.98.228 channelpartner.trendmicro.com
   • 14.115.255.22 authentium.com
   • 14.115.255.22 welkam.co.jp
   • 14.115.255.22 www.sophos.com
   • 14.240.74.60 es.trendmicro.com
   • 14.71.155.228 www.fortinet.com
   • 140.110.200.185 www.whichssl.com
   • 140.110.201.186 download4.emsisoft.com
   • 140.110.201.186 www.antiy.net
   • 140.141.19.61 www.authentium.com.au
   • 141.199.214.31 hacksoft.pe
   • 141.36.214.193 mop.pandasecurity.com
   • 143.150.196.57 www.norman.com
   • 143.156.115.238 pvtc.org
   • 143.244.197.151 et.symantec.com
   • 143.25.122.20 feeds.trendmicro.com
   • 143.76.210.64 www.fortiid.com
   • 145.165.37.166 www.barder.com
   • 145.165.37.166 www.ikarus.at
   • 145.190.192.184 fortilog.com
   • 146.210.207.30 info.drweb.com
   • 147.204.32.105 cou85.com
   • 147.23.19.98 gdata.es
   • 147.23.19.98 www.emsisoft.it
   • 147.23.19.98 www.nottinghampoetryseries.com
   • 147.236.39.237 networkassociates.com
   • 147.241.213.161 sales.bitdefender.com
   • 148.43.33.200 investor.symantec.com
   • 149.213.210.33 www.microsoft.com
   • 149.68.121.150 new-www.drweb.com
   • 15.160.169.74 drweb-inside.com
   • 150.120.210.195 www.sophos.com
   • 150.89.135.252 la.trendmicro.com
   • 151.77.111.146 lists.clamav.net
   • 151.78.43.79 onlinecheck.emsisoft.net
   • 151.78.43.79 symantec.com
   • 151.78.43.79 trackingtheworld.com
   • 152.34.131.29 home.mcafee.com
   • 153.123.213.198 rover800.gaima.co.uk
   • 153.123.214.199 www.wellgousa.com
   • 154.12.46.81 eugrantsadvisor.de
   • 154.249.33.237 virobot.co.kr
   • 154.43.52.213 arwww.fortinet.cz
   • 155.132.135.126 wwws.clamav.net
   • 155.169.128.251 www.scan4you.net
   • 156.132.135.127 basetendencies.com
   • 156.132.135.127 onlinecheck.emsisoft.org
   • 156.132.135.127 sunbeltsoftware.com
   • 156.157.35.9 www.ikarus.at
   • 157.178.49.179 promotions.drweb.com
   • 158.172.131.254 pandasecurity.com
   • 158.209.56.122 www.antivirus-tools.com
   • 158.246.118.247 quickheal.com
   • 158.246.118.247 www.mtr-design.com
   • 158.246.118.247 www.trendmicro.com
   • 159.10.131.160 www.hacksoft.com.pe
   • 159.35.32.111 chickensroamfree.com
   • 16.117.70.24 www.entercept.com
   • 16.154.251.149 15660808.co.kr
   • 16.161.238.142 rising-global.com
   • 16.161.238.142 scan.anti-trojan.net
   • 16.161.238.142 www.2xlgames.com
   • 16.249.252.243 smallbiz.symantec.com
   • 16.30.245.112 training.trendmicro.com
   • 160.161.39.81 go.trendmicro.com
   • 160.186.226.174 www.bitdefender.com.au
   • 161.212.127.125 www.frisk.is
   • 161.87.53.88 shield.prevx.com
   • 162.45.141.39 bitdefender.com
   • 162.45.141.39 www.1stavenuelimousines.co.uk
   • 162.45.141.39 www.hacksoft.com.pe
   • 164.53.130.35 buy.bitdefender.de
   • 164.90.56.91 www.netegrity.com
   • 164.91.56.92 pineleafboys.com
   • 165.10.151.173 www.apsecure.com
   • 165.179.138.5 definitions.symantec.com
   • 165.216.131.129 virustotal.com
   • 165.84.137.166 vicentevirtual.com
   • 166.136.226.211 www.threatexpert.com
   • 167.130.52.219 bobbondart.com
   • 167.56.65.226 support.kaspersky.co
   • 167.99.233.87 halmapr.com
   • 167.99.233.87 www.fortinet.com
   • 168.145.148.139 cacomvip.ca.com
   • 169.170.48.90 msr.mcafee.com
   • 169.176.222.15 nl.bitdefender.com
   • 169.213.216.208 www.clamav.net
   • 169.213.216.208 www.indielisboa.com
   • 17.18.152.194 www.aladdin.com
   • 170.3.130.4 www.av-desk.com
   • 171.154.69.135 www.bitdefender.hk
   • 172.23.144.105 br.trendmicro.com
   • 173.11.51.255 lurker.clamav.net
   • 173.12.52.0 kimzimmer.net
   • 173.12.52.0 sophos.com
   • 173.12.52.0 www.trojaner.info
   • 173.231.246.63 neunet.orgnews.bitdefender.com
   • 173.236.65.132 pichincha.com
   • 173.236.65.132 produbanco.com
   • 173.236.65.132 www.pichincha.com
   • 173.236.65.132 www.produbanco.com
   • 173.236.65.132 wwwp1.pichincha.com
   • 173.236.65.132 wwwp2.pichincha.com
   • 173.236.65.132 wwwp3.pichincha.com
   • 173.236.65.132 wwwp4.pichincha.com
   • 173.236.65.132 wwww01.pichincha.com
   • 173.236.65.132 wwww02.pichincha.com
   • 173.236.65.132 wwww03.pichincha.com
   • 173.236.65.132 wwww04.pichincha.com
   • 173.236.69.68 interbank.com.pe
   • 173.236.69.68 www.interbank.com.pe
   • 174.137.59.226 housecall60.trendmicro.com
   • 175.51.48.127 sandbox.norman.com
   • 175.57.154.52 secure.av-desk.com
   • 176.146.236.222 go.symantec.com
   • 176.183.229.90 company.hauri.co.kr
   • 176.202.242.190 www.eugrantsadvisor.de
   • 177.103.69.104 www.virus.org
   • 178.223.226.217 sophos.com
   • 178.60.225.55 grv.microsoft.com
   • 178.67.76.236 saverssite.com
   • 178.67.76.236 www.buscalo.in
   • 178.67.76.236 www.eset.es
   • 179.112.246.100 products.drweb.com
   • 18.126.247.20 fsecure.nlwebyard.com
   • 18.163.172.77 www.exchangeyourcareer.com
   • 18.237.159.70 virusscanonline.net
   • 180.106.72.107 support.pandasecurity.com
   • 180.180.58.100 avg.com
   • 180.180.58.100 naturesimages.net
   • 180.180.58.100 www.symantec.com
   • 180.201.72.14 education.symantec.com
   • 180.238.65.70 mall.hauri.co.kr
   • 180.69.146.51 networkassociates.nai.com
   • 181.226.229.220 updates.drweb.com
   • 182.121.167.28 www.bitdefender.co.uk
   • 182.226.229.221 www.secondchanceboxer.com
   • 183.146.68.234 gdata.es
   • 183.22.250.198 spywarefiles.prevx.com
   • 183.246.243.66 store.trendmicro.com
   • 184.161.163.155 research.pandasecurity.com
   • 184.235.150.148 easy-vpn.comodo.com
   • 184.235.150.149 malwarescan.emsisoft.es
   • 184.235.150.149 virusbuster.hu
   • 184.235.150.149 www.briarhurst.com
   • 185.255.164.250 www4.symantec.com
   • 186.24.64.12 www.ca.com
   • 186.25.253.201 www.tomorrowsedge.net
   • 187.113.147.182 eval.symantec.com
   • 187.150.72.239 trial.trendmicro.com
   • 187.170.85.151 blogs.protegerse.com
   • 187.201.160.27 fortiprotect.com
   • 188.33.242.196 internetsecurity.comodo.com
   • 189.34.174.197 www.f-prot.com
   • 189.34.174.197 www.zarya.info
   • 19.2.173.239 antispyware.sunbeltsoftware.com
   • 190.79.88.249 training.drweb.com
   • 191.168.171.162 enterprisesecur.symantec.com
   • 191.36.245.199 www.mcafee.com
   • 191.42.163.192 malwarepedia.com
   • 192.193.71.113 new-forum.drweb.com
   • 193.82.159.252 tw.mcafee.com
   • 193.88.10.245 i-vault.comodo.com
   • 194.214.85.215 esupport.trendmicro.com
   • 194.245.92.158 www.rising-global.com
   • 195.202.248.109 www.clamav.net
   • 195.202.249.109 cowsmo.com
   • 195.202.249.109 prevx.com
   • 195.202.249.109 www.emsisoft.org
   • 196.91.81.247 images.kaspersky.com
   • 197.248.95.162 www.gokidding.com
   • 198.117.170.199 esecurity.livecall.co.kr
   • 198.137.183.44 www.engyro.com
   • 198.168.2.243 www.fortinet.ch
   • 198.43.184.206 antispam.sunbeltsoftware.com
   • 199.1.84.157 www.quickheal.com
   • 199.37.9.214 scanner.virus.org
   • 2.147.156.61 www.bitdefender.com
   • 20.21.155.197 eos.eset.es
   • 20.27.73.190 speedtest.comodo.com
   • 20.27.74.122 www.avg.com
   • 20.27.74.122 www.internationalservicecheck.com
   • 200.1.85.90 onlinecheck.emsisoft.de
   • 200.1.85.90 pctools.com
   • 200.1.85.90 www.handwritingforkids.com
   • 201.46.187.209 my.drweb.com
   • 201.9.6.85 store.de.bitdefender.com
   • 202.135.13.123 hostedmailsecur.symantec.com
   • 202.40.80.28 www.pandasecurity.com
   • 204.55.176.137 www.bitdefender.be
   • 205.212.2.51 info.prevx.com
   • 206.170.91.2 antiy.net
   • 206.170.91.2 ruben.bzin.net
   • 206.170.91.2 www.rising-global.com
   • 208.109.220.95 bcpzonasegura.viabcp.com
   • 208.109.220.95 viabcp.com
   • 208.109.220.95 www.viabcp.com
   • 208.178.12.253 bitdefenderuruguay.com
   • 208.215.5.122 www.safenet-inc.com
   • 208.215.6.54 www.stadiumpage.com
   • 209.11.26.99 www.prevx.com
   • 209.135.101.136 fortinet.co.at
   • 209.48.88.36 service1.symantec.com
   • 209.85.13.92 scanner.novirusthanks.org
   • 21.172.94.72 nai.com
   • 210.224.183.50 www.ccssforum.org
   • 210.5.108.174 anubis.iseclab.org
   • 211.181.15.188 jiangmin.com
   • 211.224.183.50 www.aladdin.com
   • 211.224.183.50 www.owen.org
   • 212.14.97.102 www.hasp.se
   • 212.233.104.46 malwarecity.com
   • 213.102.111.204 housecall.trendmicro.com
   • 213.14.30.103 roysephotos.com
   • 213.227.186.53 me.kaspersky.com
   • 213.8.179.177 cybercrime.pandasecurity.com
   • 214.22.19.98 www.bitdefender.com.vn
   • 215.148.26.136 it.trendmicro.com
   • 217.136.189.218 quickheal.com
   • 217.137.190.219 bestofewan.com
   • 217.137.190.219 onlinecheck.emsisoft.com
   • 217.137.190.219 pandasecurity.com
   • 217.31.196.26 linux.bitdefender.com
   • 217.6.9.0 housecall65.trendmicro.com
   • 219.108.117.22 grisoft.com
   • 219.182.104.15 drweb.net
   • 219.71.192.153 www.eugrantsadvisor.com
   • 22.36.251.118 jobs.bitdefender.com
   • 22.73.176.242 buy.drweb.com
   • 220.15.186.184 sfdoccentral.symantec.com
   • 220.234.193.60 go.sunbeltsoftware.com
   • 220.52.111.53 hauri.co.kr
   • 221.191.26.11 www.antivir.es
   • 221.191.26.11 www.jiangmin.com
   • 221.222.100.142 bitdefenderguatemala.com
   • 222.185.107.18 www.eugrantsadvisor.ie
   • 222.24.107.180 esp.sophos.com
   • 223.237.196.63 solutions.drweb.com
   • 224.106.203.101 shop.hauri.co.kr
   • 224.194.28.13 us.mcafee.com
   • 224.231.21.138 nprotect.seoul.go.kr
   • 224.69.22.232 sitedirector.symantec.com
   • 225.246.117.247 www.bitdefende.de
   • 226.115.124.29 uk.trendmicro.com
   • 226.15.17.9 www.fortinet.nl
   • 226.27.111.184 www.brightoctober.com
   • 227.103.100.179 bugs.clamav.net
   • 227.78.199.228 together.pctools.com
   • 228.104.32.111 blitzblank.com
   • 228.104.32.111 hacksoft.com.pe
   • 228.104.32.111 www.reviewsofbooks.com
   • 228.181.52.250 service.mcafee.com
   • 228.29.113.118 liveprotect.net
   • 229.124.46.25 liveupdate.symantec.com
   • 23.130.251.24 jotti.org
   • 23.30.76.193 forum.kaspersky.com
   • 230.112.21.107 www.bit-defender.de
   • 230.149.202.231 www.esafe.com
   • 230.38.35.114 eugrantsadvisor.cz
   • 230.75.216.238 www.authentium.com
   • 230.82.203.232 isotopecomics.com
   • 231.201.35.209 live.sunbeltsoftware.com
   • 231.238.28.145 security.symantec.com
   • 231.69.41.245 fortihero.com
   • 232.158.124.159 online-backup.comodo.com
   • 232.159.124.160 www.comodo.com
   • 232.159.124.160 www.latin-mass-society.org
   • 233.47.212.42 cn.mcafee.com
   • 234.167.45.155 latin.bitdefender.com
   • 234.204.38.23 network.drweb.com
   • 235.161.195.230 latam.kaspersky.com
   • 235.37.120.193 www.symantec.com
   • 236.213.216.207 www.comodo.tv
   • 237.207.41.26 br.mcafee.com
   • 237.82.223.245 jp.trendmicro.com
   • 238.45.42.121 www.prevx1.com
   • 238.71.198.72 www.malwarecity.com
   • 239.128.137.42 newsletters.trendmicro.com
   • 239.216.218.210 brazil.kaspersky.com
   • 239.71.131.72 norman.com
   • 239.71.131.72 vivo-austin.com
   • 239.71.131.72 www.emsisoft.fr
   • 24.82.165.170 disk-encryption.comodo.com
   • 240.116.45.88 search.ca.com
   • 241.242.120.162 www.globalhauri.com
   • 241.49.45.124 www.mountainlakeslodge.com
   • 241.6.133.7 www.xmlsoap.org
   • 242.100.134.169 podcasts.sophos.com
   • 242.37.140.206 www.fortifed.com
   • 243.125.222.120 www.bitdefenderme.com
   • 243.126.222.120 eset.es
   • 243.126.222.120 qqjkw.net
   • 243.126.222.120 ww.emsisoft.com
   • 243.88.41.251 bitdefender.org
   • 245.104.137.173 www.residentphotography.com
   • 245.134.211.48 renewals.bitdefender.com
   • 245.171.137.172 drweb.com
   • 246.165.218.247 www.nprotect.com.br
   • 246.4.219.86 search.symantec.com
   • 246.91.232.254 www.gdata.es
   • 248.13.140.82 shop.pandasecurity.com
   • 248.143.133.44 bitdefender.com
   • 25.170.247.84 free.prevx.com
   • 25.207.173.208 us.trendmicro.com
   • 25.82.98.171 www.avast.com
   • 25.82.98.171 www.hackshields.com
   • 250.183.61.171 mcafeeb2b.com
   • 250.38.41.33 developmentdrums.org
   • 250.38.41.33 www.buscafacil.com
   • 250.38.41.33 www.nprotect.com
   • 250.95.236.2 ushousecall02.trendmicro.com
   • 251.84.143.85 www.ealaddin.com
   • 252.10.225.92 www.deborahshelton.net
   • 252.141.218.123 haurijapan.com
   • 253.4.50.99 www.fsecure.com
   • 253.67.232.62 cloudprotection.pandasecurity.com
   • 254.19.146.20 reg-int.nod32-es.com
   • 254.61.58.137 scan4you.net
   • 254.92.132.80 idauthority.com
   • 254.93.65.13 ixomodels.com
   • 254.93.65.13 www.quickheal.com
   • 26.127.12.34 new-company.drweb.com
   • 26.164.73.159 www.iseclab.org
   • 27.128.80.35 kaspersky.com
   • 27.128.80.35 mamutu.com
   • 27.128.80.35 www.flairweddings.co.uk
   • 27.253.87.5 wtc.trendmicro.com
   • 27.84.168.241 www.kaspersky.com
   • 28.173.250.155 www3.safenet-inc.com
   • 29.130.15.37 schemas.microsoft.com
   • 29.174.251.87 www.elvis-express.com
   • 29.43.2.125 www.bg.virusblokada.com
   • 29.93.90.169 fortinet.com
   • 3.141.238.136 pedidos.protegerse.com
   • 3.148.157.61 ca.com
   • 3.148.157.61 www.anti-trojan.net
   • 3.148.157.61 www.avoncourt.com
   • 3.17.232.99 emea.trendmicro.com
   • 30.225.15.132 cn.sophos.com
   • 31.176.185.90 fsc.norman.com
   • 31.183.172.83 ixostore.ixomodels.com
   • 31.183.172.83 jiangmin.com
   • 31.183.172.83 www.anti-trojan-software.net
   • 31.213.247.26 archive.bitdefender.com
   • 31.250.172.83 www.bitdefender.es
   • 33.228.19.135 hishomeforchildren.com
   • 33.3.93.78 malwarecity.netmalwarecity.org
   • 33.34.168.210 siren24.nprotect.com
   • 33.40.86.135 new-estore.drweb.com
   • 34.129.169.117 securitycheck.symantec.com
   • 34.148.181.217 www.fortinet.sg
   • 35.12.14.6 antivirus-tools.com
   • 36.49.8.131 antivir.es
   • 36.49.8.131 elblogdemanu.com
   • 36.49.8.131 www.prevx.com
   • 37.95.110.183 www.contentverification.com
   • 38.52.11.134 obscgi.mcafee.com
   • 38.95.179.252 www.dr-bull.com
   • 38.95.179.252 www.iniciorapido.info
   • 38.95.179.252 www.mcafee.com
   • 39.140.93.47 secureme.com
   • 4.5.139.181 www.bitdefender.us
   • 40.10.100.86 pg.hauri.net
   • 40.61.188.130 f-secure.frf-secure.hk
   • 41.186.7.100 www.viruschief.com
   • 42.150.15.44 global.ahnlab.com
   • 42.150.15.44 www.authentium.com
   • 42.217.14.43 www.trustix.com
   • 42.87.90.81 smbstore.trendmicro.com
   • 44.189.10.171 chollian.nprotect.co.kr
   • 44.195.185.96 ealaddin.orgeshop.aladdin.com
   • 44.220.17.46 www.jiangmin.com.cn
   • 44.226.192.227 futurenow.bitdefender.com
   • 45.115.24.110 f-secure.com
   • 45.65.192.134 www.virscan.org
   • 45.96.11.9 edm.symantec.com
   • 46.16.106.91 www.bitdefender-es.com
   • 46.16.107.24 clamav.net
   • 46.16.107.24 dev.depeuter.org
   • 46.16.107.24 www.anti-virus.by
   • 47.10.188.99 demos.eset.es
   • 47.142.114.62 www.trendmicro.com
   • 48.25.27.19 fr.bitdefender.com
   • 48.62.21.144 new-partners.drweb.com
   • 49.119.28.114 virscan.org
   • 49.62.21.144 ikarus.at
   • 49.62.21.144 www.emsisoft.de
   • 49.62.21.144 www.sheffieldmind.co.uk
   • 5.156.78.57 kb.bitdefender.com
   • 5.5.139.181 cohartuk.com
   • 5.5.139.181 malwarescan.emsisoft.de
   • 5.5.139.181 microsoft.com
   • 5.63.78.151 www.jotti.org
   • 50.108.191.8 store.drweb.com
   • 51.233.11.46 www.vba.com.by
   • 51.34.205.15 asap.authentium.com
   • 51.65.24.147 specs.xmlsoap.org
   • 52.159.24.241 feeds.sophos.com
   • 52.184.113.192 www.testmypcsecurity.com
   • 53.117.113.192 www.arpia.be
   • 53.117.113.192 www.drweb.com
   • 53.147.187.135 www.grisoft.com
   • 54.17.195.106 www.retento.com
   • 55.156.109.63 www.nprotect.co.kr
   • 55.162.27.56 www.nsclean.com
   • 55.163.28.245 blog.titanium-jewelry.com
   • 55.187.184.7 kaspersky.com
   • 55.32.35.26 bg.virusblokada.com
   • 56.63.109.226 marian.symantec.com
   • 56.82.122.70 www.fortinet.net
   • 57.172.205.241 emsisoft.com
   • 57.172.205.241 www.imddomains.co.uk
   • 57.172.205.241 www.pandasecurity.com
   • 57.21.198.109 bhsbees.com
   • 58.109.212.22 de.trendmicro.com
   • 58.196.105.191 www.fortimail.com
   • 59.248.126.236 www.avx.ro
   • 59.29.119.36 new-solutions.drweb.com
   • 59.29.120.105 nprotect.com
   • 59.29.120.105 www.emsisoft.nl
   • 59.29.120.105 www.freeality.com
   • 6.51.54.45 cureit.ru
   • 60.118.201.206 sun.symantec.com
   • 60.211.201.112 global.nprotect.com
   • 60.242.208.243 uk.mcafee.com
   • 61.106.108.100 square.bitdefender.com
   • 61.75.34.157 ealaddin.net
   • 62.251.129.239 www.frisk-software.com
   • 62.32.122.107 www.eugrantsadvisor.se
   • 63.126.123.202 www.sunbeltsoftware.com
   • 63.152.211.153 www.livepcsupport.com
   • 64.115.30.28 bitdefenderchina.com
   • 64.41.43.35 fr.mcafee.com
   • 64.84.212.153 download1.emsisoft.com
   • 64.84.212.153 www.antivir.es
   • 64.84.212.153 www.garryowen.com
   • 65.129.126.205 vms.drweb.com
   • 65.240.37.66 firewall.sunbeltsoftware.com
   • 66.130.126.205 woottonfootball.com
   • 66.155.26.156 jiangmin.com.cn
   • 66.160.200.148 de.bitdefender.com
   • 66.255.133.243 www.virustotal.com
   • 67.50.221.31 ikarus.at
   • 68.139.47.133 download5.emsisoft.com
   • 68.139.47.133 ribbonwarehouse.com
   • 68.139.47.133 www.ahnlab.com
   • 68.206.47.201 ztl.comodo.com
   • 69.162.96.136 bn.com.pe
   • 69.162.96.136 www.bn.com.pe
   • 69.162.96.136 www.zonasegura1.bn.com.pe
   • 69.162.96.136 zonasegura1.bn.com.pe
   • 69.39.129.114 soporte.pandasecurity.com
   • 7.108.61.15 www.hauri.co.kr
   • 7.196.74.184 www.sysinternals.com
   • 7.233.67.240 files.avast.com
   • 70.184.218.253 free.drweb.com
   • 70.253.30.66 fortinet.com
   • 70.253.30.66 natsko.com
   • 70.253.30.66 www.emsisoft.net
   • 70.33.211.122 avhide.com
   • 71.209.50.204 global.jiangmin.com
   • 71.54.225.35 subwiz.trendmicro.com
   • 72.42.132.117 auwww.ealaddin.nl
   • 72.42.133.118 45pounds.com
   • 73.168.208.156 www.anti-virus.by
   • 73.218.39.132 www.virus.fi
   • 73.255.221.0 schemas.xmlsoap.org
   • 73.94.221.95 superboy2010.com.au
   • 74.119.122.113 www.bitdefender.com.sg
   • 75.45.135.52 reg.eset.es
   • 75.51.54.46 f-secure.com
   • 75.51.54.46 forum.emsisoft.com
   • 75.51.54.46 www.ixomodels.com
   • 75.82.128.245 www.avg.com
   • 76.97.224.166 timestamp.wosign.com
   • 77.128.43.41 kb.bitdefender.us
   • 77.91.50.173 www.nprotect.com
   • 77.97.225.98 www.hxproduction.com
   • 78.17.63.180 www.fortinet.com
   • 78.253.50.79 dell.symantec.com
   • 79.106.146.94 buscafacil.com
   • 79.106.146.94 canada.karuna-shechen.org
   • 79.106.146.94 www.norman.com
   • 79.137.220.37 avg.com
   • 8.139.136.215 symantec.com
   • 8.35.75.23 kr.sophos.com
   • 81.151.60.146 secure-email.comodo.com
   • 81.182.67.89 wedoantivirus.com
   • 81.220.128.214 karuna-shechen.org
   • 81.220.128.214 www.gdata.es
   • 82.176.216.164 go.mcafee.com
   • 83.228.237.142 cgi.clamav.net
   • 83.9.43.78 alladdin.ru
   • 84.135.50.48 company.hauri.net
   • 84.185.138.92 frisk-software.com
   • 85.86.220.6 www.trustlogo.com
   • 86.144.227.44 tw.trendmicro.com
   • 86.175.46.176 shop.sunbeltsoftware.com
   • 86.18.152.6 www.emsisoft.com
   • 86.18.152.6 www.mamutu.de
   • 86.18.152.6 www.smf.org
   • 87.64.67.58 aladdin.com
   • 88.189.142.96 www.novirusthanks.org
   • 88.58.148.133 nprotect.net
   • 88.95.141.2 buy.bitdefender.com
   • 89.110.237.111 threatexpert.com
   • 89.220.149.228 visualtracking.symantec.com
   • 89.240.162.140 www.f-prot.com
   • 9.23.238.105 b-have.orgbitdefender-ar.com
   • 9.54.56.48 tempuri.org
   • 9.60.163.230 www.f-secure.com
   • 9.60.163.230 www.willsee.com
   • 9.60.231.229 www.comodopartners.com
   • 90.135.137.129 exchangeyourcareer.net
   • 90.73.244.55 avast.com
   • 90.73.244.55 www.cambridge-steiner-school.co.uk
   • 90.73.244.55 www.sunbeltsoftware.com
   • 91.229.70.224 sunbeltsoftware.com
   • 92.118.158.107 license.drweb.com
   • 92.150.233.238 buy.bitdefender-es.com
   • 92.187.227.175 f-prot.com
   • 92.187.227.175 malwarescan.emsisoft.com
   • 92.187.227.175 sarahmcconnellphotography.net
   • 93.144.59.57 jp.mcafee.com
   • 93.244.166.145 novirusthanks.org
   • 94.195.80.102 www.bitdefender.fr
   • 94.232.141.227 new-support.drweb.com
   • 95.102.148.9 threatinfo.trendmicro.com
   • 95.189.161.109 privacy.microsoft.com
   • 95.28.162.16 www.risingav.com.au
   • 96.241.62.223 www.contentverification.com
   • 97.142.145.136 spywaredlls.prevx.com
   • 97.16.69.98 download535.avast.com
   • 97.242.63.155 www.bitdefender.com
   • 97.242.63.155 www.irangoals.com
   • 98.31.165.19 timestamp.comodoca.com
   • 99.157.240.57 fr.trendmicro.com
   • 99.188.247.189 sea.symantec.com
   • 99.207.72.33 www.fortinet.co.il
   • 99.25.59.94 webadmin.norman.no
   • 99.31.165.19 defalcos.com

Finalización de los procesos Han finalizado los procesos que contienen el siguiente nombre de clase de ventana:
• %Procesos con ventanas visibles%

Inyectar el código viral en otros procesos – Se inyecta en un proceso.

Nombre del proceso:
• svchost.exe

Informaciones diversas Accede a recursos de Internet:
• whos.amung.us/swidget/**********
• www.whatismyip.org/

Simula ser un fichero de confianza:
Su proceso finge ser el proceso de confianza siguiente: svchost.exe

Datos del fichero Programa de compresión de ejecutables:
Para agravar la detección y reducir el tamaño del fichero, emplea el siguiente programa de compresión de ejecutables:
• Upx

Descripción insertada por Andrei Ilie el martes, 8 de febrero de 2011
Descripción actualizada por Andrei Ivanes el miércoles, 2 de marzo de 2011

Volver . . . .

¿Necesita arreglar su PC?

Productos destacados

Más productos

Más populares

Todos los productos

Particulares

Empresas

Laboratorio de virus

Más soporte

Hágase socio de Avira

Particulares

Empresas

?Solo quiere evaluar un producto?

Manuales y herramientas

Productos destacados

Más productos

Más populares

Todos los productos

Particulares

Empresas

Laboratorio de virus

Más soporte

Hágase socio de Avira

Particulares

Empresas

?Solo quiere evaluar un producto?

Manuales y herramientas