Vulnerabilidades Portátiles Lenovo

emanuell00 · 16 Abril 2016, 17:01 PM

Buenas Tardes, hoy os traigo un log de un análisis realizado con MalwareBytes en un Lenovo Z50-70.
Podemos apreciar varios (casi todos) adware y robo de identidad bajo el Superfish y el Visual Discovery aunque creo que todo el software viene infectado.

Espero que este aporte sirva a la comunidad, en especial a los foreros de Seguridad y los usuarios de Lenovo. Saludos.

Malwarebytes Anti-Malware
www.malwarebytes.org

Fecha del análisis: 16/04/2016
Hora del análisis: 16:32
Archivo de registro: log1.txt
Administrador: Sí

Versión: 2.2.1.1043
Base de datos de malwares: v2016.04.16.03
Base de datos de rootkits: v2016.04.09.01
Licencia: Prueba
Protección contra el malware: Activado
Protección contra sitios web maliciosos: Activado
Autoprotección: Desactivado

SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: Manuel Jesús

Tipo de análisis: Análisis de amenazas
Resultado: Completado
Objetos analizados: 368012
Tiempo transcurrido: 14 min, 46 seg

Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Activado
PUM: Activado

Procesos: 0
(No hay elementos maliciosos detectados)

Módulos: 0
(No hay elementos maliciosos detectados)

Claves del registro: 5
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LenovoBrowserGuard, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard, HKLM\SOFTWARE\WOW6432NODE\LenovoBrowserGuard, , [4a39e9c6fb9e7abcd7e6d9ba33d154ac],
PUP.Optional.VisualDiscovery, HKLM\SOFTWARE\WOW6432NODE\Superfish Inc. VisualDiscovery, , [c1c2713e3069e74fde49c08d48bccc34],
PUP.Optional.VisualDiscovery, HKLM\SOFTWARE\WOW6432NODE\LENOVO\VisualDiscovery, , [6320307fafeab284a87eb6978084fe02],
PUP.Optional.ConduitSearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, , [8003a40b6633d066b3f0866a8281639d],

Valores del registro: 1
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LENOVOBROWSERGUARD|Publisher, ClientConnect LTD, , [443fb6f94e4b47ef00bf7d1683811de3]

Datos del registro: 0
(No hay elementos maliciosos detectados)

Carpetas: 21
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\rep, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\rep, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\bin, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\rep, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard, , [c1c20da2aced85b11b64b07e6e9549b7],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard, , [c1c20da2aced85b11b64b07e6e9549b7],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep, , [c1c20da2aced85b11b64b07e6e9549b7],

Archivos: 74
PUP.Optional.SuperFish, C:\$RECYCLE.BIN\S-1-5-21-2637225308-2933693809-2578943667-1002\$RJY1WU6\SuperfishCert.dll, , [e79cb8f7d6c352e463e169ebfd08728e],
PUP.Optional.SuperFish, C:\$RECYCLE.BIN\S-1-5-21-2637225308-2933693809-2578943667-1002\$RJY1WU6\VDWFP.sys, , [99ea1f90debbaa8ccd77b2a207fed828],
PUP.Optional.SuperFish, C:\$RECYCLE.BIN\S-1-5-21-2637225308-2933693809-2578943667-1002\$RJY1WU6\VDWFP64.sys, , [f88b0aa54e4b74c20f35e17384818c74],
PUP.Optional.SuperFish, C:\$RECYCLE.BIN\S-1-5-21-2637225308-2933693809-2578943667-1002\$RJY1WU6\VisualDiscovery.exe, , [067de2cda4f55dd94202c68e12f32cd4],
PUP.Optional.VisualDiscovery, C:\Windows\SysWOW64\VisualDiscovery.ini, , [1e65a807dfba40f668bb014c14f0fa06],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscovery.log, , [731096199900d85e4bd96edf60a4956b],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscoveryr.log, , [8cf7b8f702976accc65fc5881ee6ae52],
PUP.Optional.Winsock.WnskRST, C:\Windows\System32\VisualDiscoveryOff.ini, , [453ee7c8eeab082ea8456f074cb817e9],
PUP.Optional.Winsock.WnskRST, C:\Windows\SysWOW64\VisualDiscoveryOff.ini, , [a5de812ef5a4290d38b5e195a262ec14],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\EULA.txt, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\rep\SystemRepository.dat, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilverBig.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-default.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-onclick.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-Rollover.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bg-with-logo.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bg.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgNotif.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgSettings.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgUninstall.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnBlue.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnClose.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilver.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilverMed.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox_checked.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox_def.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\close-win-def.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\close-win-over-click.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\gray-bg.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez-def.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez-selected.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\icon-win.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\info-icon.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\menu-rollover.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\menu-selected.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button-def.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button-selected.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button2.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Settings-icon.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\text-field.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\v.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\x.png, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\dialogUtils.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\jquery.1.7.1.min.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\json2.min.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\main.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\SPDialogAPI.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\defaults.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.css, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.html, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.js, , [2b58a40bf8a182b436889201e321659b],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep\UserRepository.dat, , [c1c20da2aced85b11b64b07e6e9549b7],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Manuel Jesús\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep\UserSettings.dat, , [c1c20da2aced85b11b64b07e6e9549b7],

Sectores físicos: 0
(No hay elementos maliciosos detectados)

(end)

r32 · 20 Abril 2016, 17:25 PM

Hola, en si eso no es una vulnerabilidad, más bien una debilidad.
Algunos son programas que vienen de origen con casi todos los portátiles.

Saludos.

Test Foro de elhacker.net SMF 2.1

Vulnerabilidades Portátiles Lenovo

emanuell00

r32