Jump to content

Lenovo caught installing adware on new computers


hazelnut

Recommended Posts

  • Moderators

http://www.pcworld.com/article/2886278/how-to-remove-the-dangerous-superfish-adware-presintalled-on-lenovo-pcs.html

 

 

Lenovo’s been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk. The company has been preloading Superfish, a "visual search" tool that includes adware that fakes the encryption certificates for every HTTPS-protected site you visit, on its PCs since at least the middle of 2014. Essentially, the software conducts a man-in-the-middle attack to fill the websites you visit with ads, and leaves you vulnerable to hackers in its wake.

 

 

The biggest problem with Superfish isn’t the adware itself so much as the way it hijacks legitimate SSL traffic. It does so by installing a self-generated root certificate in the Windows certificate store—a hallowed area usually reserved for trusted certificates from major companies like Microsoft and VeriSign—and then resigns all SSL certificates presented by HTTPS sites with its own certificate.

You can test here to see if your Lenovo has Superfish

 

https://filippo.io/Badfish/

 

Support contact

https://support.ccleaner.com/s/contact-form?language=en_US&form=general

or

support@ccleaner.com

 

Link to comment
Share on other sites

  • Moderators

More info here plus a list of possibly Superfish infected machines

 

http://www.theregister.co.uk/2015/02/20/lenovo_caves_in_face_of_public_firestorm_release_superfish_killer/

 

Support contact

https://support.ccleaner.com/s/contact-form?language=en_US&form=general

or

support@ccleaner.com

 

Link to comment
Share on other sites

I have just read they are denying installing adware into their laptops (obviously trying to cover their asses). That's what I hate the most about laptops and the kind... They come preloaded with all sort of bloatware. Another thing that I don't understand is why laptop bioses only have some options and not a full-fledged bios.

Link to comment
Share on other sites

  • Moderators

This was a pretty bad move by Lenovo. I usually like their hardware but this would honestly make me think twice about buying a laptop from them in the future. They make some of the best windows laptops on the market right now(thinkpad carbon, yoga) and they sell some pretty expensive machines. I know they are trying to find ways to make money on their cheaper(IE sub $300) computers but this is unacceptable.

 

If you ever want to buy a nice windows computer without the junkware, I suggest you get it from the microsoft store:

http://www.microsoftstore.com/store/msusa/en_US/home

 

I bought a dell off there a few weeks ago and it had pretty much noting installed except adobe reader. There was no antivirus trials, no adware filled games, ect. Really nice experience. They call it a microsoft signature version, which means you get the OS the way microsoft intended. In my mind this is one of the real advantages to a Mac, they don't come bogged down with junk software and now you can get the same experience on windows. 

Link to comment
Share on other sites

  • 5 months later...
  • Moderators

You would have thought after the last time lenovo would have learnt its lesson, but it seems not.

 

http://www.ghacks.net/2015/08/12/lenovo-once-again-in-hot-waters-over-lenovo-service-engine-bios/

 

 

Recent threads on Reddit and Hacker News indicate that Lenovo used a utility it called Lenovo Service Engine in the BIOS of some products that downloaded a program called OneKey Optimizer to user systems and sent "non-personally identifiable system data" to Lenovo servers.

 

Since the tool is based in the BIOS, it will do its work even if the Lenovo machine is formatted and Windows is installed cleanly afterwards.

 

Support contact

https://support.ccleaner.com/s/contact-form?language=en_US&form=general

or

support@ccleaner.com

 

Link to comment
Share on other sites

  • Moderators

Wow, so it's using methods the advanced viruses are now using (writing to the firmware on the bios chip).

 

ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION

DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF.

Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark)

ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T.

Support at https://support.ccleaner.com/s/?language=en_US

Pro users file a PRIORITY SUPPORT via email support@ccleaner.com

Link to comment
Share on other sites

  • Moderators

what's that old saying.

 

"Fool me once, shame on you but fool me twice, shame on me"

 

in other words, "I should have learnt the first time not to trust you"

Backup now & backup often.
It's your digital life - protect it with a backup.
Three things are certain; Birth, Death and loss of data. You control the last.

Link to comment
Share on other sites

  • Moderators
I wonder if Hillary's emails are in the root.

Please leave your and everybody else's politics about 2000 yards outside the door

 

ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION

DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF.

Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark)

ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T.

Support at https://support.ccleaner.com/s/?language=en_US

Pro users file a PRIORITY SUPPORT via email support@ccleaner.com

Link to comment
Share on other sites

  • Moderators

Lenovo have released a tool for this remove this disgraceful service from affected machines

 

 

 

This package will disable the Lenovo Service Engine (LSE) utilities from Windows on your Lenovo notebook

This package does four things:
Stops the LSE service
Deletes all files installed by the LSE module, which include
C:\windows\system32\wpbbin.exe
C:\windows\system32\LenovoUpdate.exe
C:\windows\system32\LenovoCheck.exe
Repairs the autocheck files in Windows
Disables the UEFI variable that enables LSE if the system is running Windows 8, 8.1 or 10 in UEFI mode

 

http://support.lenovo.com/us/en/downloads/ds104370

 

Support contact

https://support.ccleaner.com/s/contact-form?language=en_US&form=general

or

support@ccleaner.com

 

Link to comment
Share on other sites

  • 3 years later...
  • Moderators
Quote

Nearly four years after Lenovo's adware-installation practices were spotted - and curtailed - the company has reached a settlement agreement with consumers who bought one of the affected systems 

Quote

Anyone who purchased one of the affected Lenovo laptops - but not anyone who subsequently bought one second-hand - will be eligible to receive $40 as part of the settlement agreement.

https://www.inforisktoday.com/court-approves-lenovos-73-million-adware-settlement-a-11726

 

Support contact

https://support.ccleaner.com/s/contact-form?language=en_US&form=general

or

support@ccleaner.com

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.