Buenas Tardes, hoy os traigo un log de un análisis realizado con MalwareBytes en un Lenovo Z50-70.
Podemos apreciar varios (casi todos) adware y robo de identidad bajo el Superfish y el Visual Discovery aunque creo que todo el software viene infectado.
Espero que este aporte sirva a la comunidad, en especial a los foreros de Seguridad y los usuarios de Lenovo. Saludos.
Malwarebytes Anti-Malware
www.malwarebytes.org
Fecha del análisis: 16/04/2016
Hora del análisis: 16:32
Archivo de registro: log1.txt
Administrador: Sí
Versión: 2.2.1.1043
Base de datos de malwares: v2016.04.16.03
Base de datos de rootkits: v2016.04.09.01
Licencia: Prueba
Protección contra el malware: Activado
Protección contra sitios web maliciosos: Activado
Autoprotección: Desactivado
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: Manuel Jesús
Tipo de análisis: Análisis de amenazas
Resultado: Completado
Objetos analizados: 368012
Tiempo transcurrido: 14 min, 46 seg
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Activado
PUM: Activado
Procesos: 0
(No hay elementos maliciosos detectados)
Módulos: 0
(No hay elementos maliciosos detectados)
Claves del registro: 5
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LenovoBrowserGuard, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard, HKLM\SOFTWARE\WOW6432NODE\LenovoBrowserGuard, , [4a39e9c6fb9e7abcd7e6d9ba33d154ac],
PUP.Optional.VisualDiscovery, HKLM\SOFTWARE\WOW6432NODE\Superfish Inc. VisualDiscovery, , [c1c2713e3069e74fde49c08d48bccc34],
PUP.Optional.VisualDiscovery, HKLM\SOFTWARE\WOW6432NODE\LENOVO\VisualDiscovery, , [6320307fafeab284a87eb6978084fe02],
PUP.Optional.ConduitSearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, , [8003a40b6633d066b3f0866a8281639d],
Valores del registro: 1
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LENOVOBROWSERGUARD|Publisher, ClientConnect LTD, , [443fb6f94e4b47ef00bf7d1683811de3]
Datos del registro: 0
(No hay elementos maliciosos detectados)
Carpetas: 21
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\rep, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\rep, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\bin, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\rep, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard, , [c1c20da2aced85b11b64b07e6e9549b7],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard, , [c1c20da2aced85b11b64b07e6e9549b7],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep, , [c1c20da2aced85b11b64b07e6e9549b7],
Archivos: 74
PUP.Optional.SuperFish, C:\$RECYCLE.BIN\S-1-5-21-2637225308-2933693809-2578943667-1002\$RJY1WU6\SuperfishCert.dll, , [e79cb8f7d6c352e463e169ebfd08728e],
PUP.Optional.SuperFish, C:\$RECYCLE.BIN\S-1-5-21-2637225308-2933693809-2578943667-1002\$RJY1WU6\VDWFP.sys, , [99ea1f90debbaa8ccd77b2a207fed828],
PUP.Optional.SuperFish, C:\$RECYCLE.BIN\S-1-5-21-2637225308-2933693809-2578943667-1002\$RJY1WU6\VDWFP64.sys, , [f88b0aa54e4b74c20f35e17384818c74],
PUP.Optional.SuperFish, C:\$RECYCLE.BIN\S-1-5-21-2637225308-2933693809-2578943667-1002\$RJY1WU6\VisualDiscovery.exe, , [067de2cda4f55dd94202c68e12f32cd4],
PUP.Optional.VisualDiscovery, C:\Windows\SysWOW64\VisualDiscovery.ini, , [1e65a807dfba40f668bb014c14f0fa06],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscovery.log, , [731096199900d85e4bd96edf60a4956b],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscoveryr.log, , [8cf7b8f702976accc65fc5881ee6ae52],
PUP.Optional.Winsock.WnskRST, C:\Windows\System32\VisualDiscoveryOff.ini, , [453ee7c8eeab082ea8456f074cb817e9],
PUP.Optional.Winsock.WnskRST, C:\Windows\SysWOW64\VisualDiscoveryOff.ini, , [a5de812ef5a4290d38b5e195a262ec14],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\EULA.txt, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\rep\SystemRepository.dat, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilverBig.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-default.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-onclick.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-Rollover.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bg-with-logo.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bg.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgNotif.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgSettings.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgUninstall.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnBlue.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnClose.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilver.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilverMed.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox_checked.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox_def.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\close-win-def.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\close-win-over-click.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\gray-bg.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez-def.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez-selected.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\icon-win.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\info-icon.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\menu-rollover.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\menu-selected.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button-def.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button-selected.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button2.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Settings-icon.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\text-field.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\v.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\x.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\dialogUtils.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\jquery.1.7.1.min.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\json2.min.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\main.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\SPDialogAPI.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep\UserRepository.dat, , [c1c20da2aced85b11b64b07e6e9549b7],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep\UserSettings.dat, , [c1c20da2aced85b11b64b07e6e9549b7],
Sectores físicos: 0
(No hay elementos maliciosos detectados)
(end)