Lenovo's Security-Killing Adware: How to Get Rid of It

Status
Not open for further replies.

Paul Wagenseil

Senior Editor
Apr 11, 2014
692
1
4,940
4
Isn't this basically spyware? GJ Lenova, pre-loading your products with spyware.
It doesn't seem to transmit information about the user back to any server, so no, it's not spyware. But breaking, and then faking, SSL encryption is arguably much worse.
 

pbike908

Estimable
Feb 16, 2015
1
0
4,510
0
Wow. This is an eye opener. Big question I have is how do I know if any other of my certificates are hijacked. I was always under the assumption that if the URL said HTTPS and I recognized the URL I was safe.

Will malwarebytes uncover this sort of stuff? I do regularly run the free version of Malwarebytes.
 

Xivilain

Estimable
Apr 16, 2014
12
0
4,570
1
Lenovo, we bought your laptops because they had the least amount of bloatware among HP, Dell, Gateway, and others. And they usually performed better. ---- Now look what you did. Clean this mess up. Give your customers a script to fix this, and take responsibility for your mistake.
 

Paul Wagenseil

Senior Editor
Apr 11, 2014
692
1
4,940
4
Wow. This is an eye opener. Big question I have is how do I know if any other of my certificates are hijacked. I was always under the assumption that if the URL said HTTPS and I recognized the URL I was safe.

Will malwarebytes uncover this sort of stuff? I do regularly run the free version of Malwarebytes.
I don't think you could know about similar situations, since the certificate and the software is pre-installed on the machine. But an Italian researcher has already created a page for Lenovo users to test their machines: https://filippo.io/Badfish/

As for Malwarebytes, it may not yet detect this, if this VirusTotal page is up to date: https://www.virustotal.com/en/file/dc937aec71daf6ebcb5876c3e9ba26846d6c4678cb95c60fc9dde6ff81b5323a/analysis/
 
G

Guest

Guest
Lenovo computers are used in most businesses, maybe because it used to be IBM, but also because they are supposed to be reliable and secure products. I hope large companies start dumping Lenovo over this.

A lot of these types of companies seem to be based in Israel, like Snap.Do and some other ones. Maybe they have specials laws in Israel that makes these companies not liable to damage?
 

Paul Wagenseil

Senior Editor
Apr 11, 2014
692
1
4,940
4
Lenovo computers are used in most businesses, maybe because it used to be IBM, but also because they are supposed to be reliable and secure products. I hope large companies start dumping Lenovo over this.

A lot of these types of companies seem to be based in Israel, like Snap.Do and some other ones. Maybe they have specials laws in Israel that makes these companies not liable to damage?
The Superfish adware appears to be only on consumer machines, not models destined for enterprise customers. As for adware liability, adware is entirely legal in the U.S. -- that's why some big U.S. media companies have subsidiaries that create and distribute it.
 

brandonclone1

Estimable
Mar 26, 2014
6
0
4,510
0
Not surprised. I set up hundreds of new PCs working at the Geek Squad and all Lenovo models were littered with bloatware. This just takes the cake!
 

nebun

Distinguished
Oct 20, 2008
1,160
0
19,240
2
china has done it again...lol...i pitty the people that trust the chinese, they will do anything and everything to steal as much info as they can...this is modern day espionage
 

nebun

Distinguished
Oct 20, 2008
1,160
0
19,240
2
almost forgot...on all machines that i've purchased i've performed a clean install, not restore...there is a big difference...i suggest everyone should do it, no matter who makes the machine
 

baldholio

Distinguished
Jan 25, 2007
2
0
18,510
0
I'm appalled. Losing customer info as a result of outside attack is bad enough, but deliberately infecting your customers' computers is inexcusable. I will not be purchasing or recommending Lenovo products.
 

hannibal

Distinguished
Apr 1, 2004
144
0
18,640
4
@bsteff... The problem is that you can not buy any machine... All of these are infested by bloatware...
The alternative is to buy new machine (any will do) and format it and make clean install from external program disk...
Not very handy though. If it only would be Lenovo, but no... all ready make computers suffers from bloatware these days...
 

velocityg4

Distinguished
Nov 21, 2006
499
0
19,260
98
I know some are saying to do a fresh install of Windows on a new computer. The problem is for the average user that is an impossible task. Heck with EFI replacing BIOS it has become very difficult for someone whom knows what they are doing.

First the computers aren't able to boot off any disk besides the boot drive by default. Instead you have to change the boot settings. Just getting into the settings is a chore now. The computers never say what key to push anymore so you have to keep rebooting until you hit the right keys.

Then you have to figure how to disable the idiotic secured EFI boot or whatever your manufacturer calls it. Then enable USB booting (possibly enable legacy boot) and change the boot order (if you can't find the boot selector key). Finally you can boot off your thumb drive and install a fresh copy of Windows.

What would be a much more practical solution is if Microsoft changed their rules for licensing. If a manufacturer wants a volume licensing discount they can only do a vanilla installation of Windows and necessary drivers (no utilities). Any other software installed must be specifically selected by the customer at time of purchase (no trials). Otherwise the manufacturer must pay full retail for each Windows license.
 

Mantaact

Estimable
Feb 20, 2015
2
0
4,510
0
After running Lenovo and IBM laptops for my entire career, l am due for a refresher laptop. After reading this I decided to move to a Mac Pro and permanently distance myself from Lenovo. I emailed this story to the 5000 plus employees in my company.
 
G

Guest

Guest
After running Lenovo and IBM laptops for my entire career, l am due for a refresher laptop. After reading this I decided to move to a Mac Pro and permanently distance myself from Lenovo. I emailed this story to the 5000 plus employees in my company.
Me too. My company is 60000+ employees. They aren't about to consider my proposal, but it will help during negotiations. Consumer vs business, it doesn't matter. You abuse people's certificates? That shows your commitement to your users.
 

ldun

Estimable
Aug 8, 2014
30
0
4,580
0
To all those saying this will seriously damage and hurt large businesses, I call shenanigans. All large companies that actually know anything about licensing, security, etc. have their own Windows MAK licensing in place, thus all machines are instantly wiped before coming anywhere near the business network.
I can see this as an issue for consumers, but large businesses are immune.
 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
S Antivirus / Security / Privacy 1
arimich Antivirus / Security / Privacy 1
E Antivirus / Security / Privacy 1
P Antivirus / Security / Privacy 2
Paul Wagenseil Antivirus / Security / Privacy 1
Paul Wagenseil Antivirus / Security / Privacy 1
Colif Antivirus / Security / Privacy 0
SHIRO-XIV Antivirus / Security / Privacy 1
T Antivirus / Security / Privacy 3
A Antivirus / Security / Privacy 8
T Antivirus / Security / Privacy 3
A Antivirus / Security / Privacy 2
K Antivirus / Security / Privacy 2
M Antivirus / Security / Privacy 5
M Antivirus / Security / Privacy 1
Marshall Honorof Antivirus / Security / Privacy 1
Marshall Honorof Antivirus / Security / Privacy 1
L Antivirus / Security / Privacy 3
M Antivirus / Security / Privacy 1
Paul Wagenseil Antivirus / Security / Privacy 4

ASK THE COMMUNITY