Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Lenovo ships laptops with Superfish adware

Share and discuss recent and important events about malware, privacy, or security. User contributed news. Please do not copy and paste full news stories. Please do quote the essential paragraph of the story. Provide a link to the source.

Lenovo ships laptops with Superfish adware

Unread postby Wingman » February 20th, 2015, 9:06 am

Courtesy of Quietman7, Microsoft MVP - Consumer Security 2007-2015

quietman7 wrote:Lenovo laptops ship with adware that hijacks HTTPS connections

How Lenovo's Superfish 'Malware' Works And What You Can Do To Kill It
To find out if youre affected, locate Windows list of trusted certificates by opening up the Control Panel and searching for certificates. This will bring up Administrative Tools and a manage computer certificates option. Click on the Trusted Root Certification Authorities option and then Certificates. This will bring up a list of certificates. If you see one with Superfish Inc attached to it, you may be vulnerable.

Even users who do find it, uninstalling the program does not get rid of the problem, as that will not remove the certificate. So for anyone concerned that Superfish is still swimming around their computer, the best option might be to back everything up on their systems and install a new operating system. It might be a good excuse to upgrade to a more secure OS anyway.


How to paint yourself into a corner (Lenovo edition)
The problem here is not just that this is a lousy idea. Its that Lenovo used the same certificate on every single Laptop it shipped with Superfish. And since the proxy software also requires the corresponding private key to decrypt and modify your web sessions, that private key was also shipped on every laptop. It took all of a day for a number of researchers to find that key and turn themselves into Lenovo-eating interception proxies. This sucks for Lenovo users.


Superfish CA test

Superfish removal guide
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14112
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA
Advertisement
Register to Remove

Re: Lenovo ships laptops with Superfish adware

Unread postby Gary R » February 20th, 2015, 6:01 pm

User avatar
Gary R
Administrator
Administrator
 
Posts: 21869
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Lenovo ships laptops with Superfish adware

Unread postby Wingman » February 21st, 2015, 1:18 pm

List of affected products and Lenovo's removal tools.

Lenovo Security Advisory Affected Products

Lenovo automatic Superfish removal tool

At the bottom of Lenovo's removal tool page:
NOTE: There are benign additional files and registry entries which will remain after this procedure. Although they are harmless, Lenovo will soon be releasing a utility to remove them which will be posted here as well.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14112
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA


  • Similar Topics
    Replies
    Views
    Last post

Return to Security News



Who is online

Users browsing this forum: No registered users and 1 guest

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware