Lenovo caught installing adware on new computers
Another company trying to pilfer as much user data as possible & sell it to the highest bidder... all while potentially putting users at risk & patently denying it.
http://thenextweb.com/insider/2015/02/19/lenovo-caught-installing-adware-new-computers/
Other users are reporting that the adware actually installs its own self-signed certificate authority which effectively allows the software to snoop on secure connections, like banking websites as pictured...
This is a malicious technique commonly known as a man-in-the middle attack, where the certificate allows the software to decrypt secure requests, ...
http://www.theregister.co.uk/2015/02/19/superfish_lenovo_analysis/
Superfish reportedly intercepted users' traffic to sling ads at them even when they were visiting banking websites.
The adware-on-steroids installs its own self-signed root CA certificate in Windows before generating certificates on the fly for each attempted SSL connection. Superfish even served fake certs in order to MiTM banking websites, it has been reported.
http://www.pcworld.com/article/2886278/how-to-remove-the-dangerous-superfish-adware-presintalled-on-lenovo-pcs.html
Browsing to this website will quickly let you know if you have Superfish installed. Thanks, Filippo Valsorda! Lastpass also tossed up a website that can check for Superfish.
http://systemexplorer.net/file-database/file/visualdiscovery-exe
What is the "visualdiscovery.exe" ?
This was bundled with my new Lenovo...It injects itself into your browser session, offering "deals" similar to pictures you're looking at, and also suggests ads. To remove this, navigate to %programfiles%LenovoVisualDiscovery and run Uninstall.exe. Very shady.
https://forums.lenovo.com/t5/Lenovo-P-Y-and-Z-series/Lenovo-Pre-instaling-adware-spam-Superfish-powerd-by/td-p/1726839
First thing i done was download chrome and already noticed when i google search, adware adverts appear into the search results.
These are cleverly designed to fit into the search results to make them appear to look normal.
marym625
(17,997 posts)Thank you so much for this. I highly suspect my computer has something like this. I have had issues since I got it and Norton has been in there multiple times, always thinking they fixed the problem, only for it to reappear.
It's not a lenovo, it's a Asus. I am going to check as soon as I turn it on this morning.
Thanks again
Earth Bound Misfit
(3,554 posts)This particular instance applies to Lenovo consumer comps only... (ThinkPads not affected AFAICT). You may have other issues... not the least of which (IMHO) is running Norton... not a fan to say the least. YMMV.
marym625
(17,997 posts)Well, it's better than McAfee. And it has caught more than a few viruses. It also keeps me from clicking on unsafe sites.
Sorry, what's YMMV?
Earth Bound Misfit
(3,554 posts)"Poppy" Bush was a "better" President than St. Ronnie & Dumbya DimSon, but they all SUCKED, no?
marym625
(17,997 posts)Earth Bound Misfit
(3,554 posts)After playing a dead bat and attempting to push the perception that Superfish was not a security concern, Lenovo has admitted that it was caught napping on the security implications of preloading a piece of adware that installed its own self-signing man-in-the-middle proxy service that hijacked SSL/TLS connections.
"We did not know about this potential security vulnerability until yesterday," Lenovo said in a statement released Saturday, Sydney time. "We recognise that this was our miss, and we will do better in the future. Now we are focused on fixing it."
To that end, Lenovo has joined Microsoft in offering a removal tool to fix the Superfish issue
Lenovo Security advisory: http://support.lenovo.com/us/en/product_security/superfish
Earth Bound Misfit
(3,554 posts)"We did not know about this potential security vulnerability until yesterday"
hobbit709
(41,694 posts)marym625
(17,997 posts)hobbit709
(41,694 posts)marym625
(17,997 posts)Check my reply subthread.
hobbit709
(41,694 posts)Usually comes bundled with some crapware "helper" application.
Lenovo got caught putting it in brand new computers.
Malwarebytes Antimalware will also find and remove it.
And I agree with EBM, Norton is garbage. I consider it about as useful as a screen door on a submarine.
Over half the infected computers that are brought in for me to fix have Norton on them and it didn't do diddly squat for protection.
marym625
(17,997 posts)I will check when I get on my computer this morning.
What do you recommend? A screen door on a submarine isn't what I want
hobbit709
(41,694 posts)AVG, Avast, Bit Defender. Hell, even MSE or Windows Defender is better than Norton in my book. Norton was pretty good until they were bought out by Symantec-then it turned into crappy bloatware.
I just use MSE in conjunction with the paid for version of Malwarebytes on my computers.
marym625
(17,997 posts)I appreciate the information
Earth Bound Misfit
(3,554 posts)This particular instance applies to Lenovo... links worked on my Dell/Gateway boxes.
EDIT: hobbitt709's replies #9 & #11 about covers it.
marym625
(17,997 posts)I didn't mean to misquote or anything.
Earth Bound Misfit
(3,554 posts)We're all frenz here
marym625
(17,997 posts)You're my first and best frenz!
47of74
(18,470 posts)It's not perfect and takes some work. If I ever were to buy a PC and use Windows on it I think going forward I would wipe a computer and put a vanilla install of Windows on it before using it on a regular basis.
I use Mac Air for most of my daily stuff. I am thinking of getting a PC to use as a media server here at home. I'm thinking of going with a local company that does custom builds since they're willing to not install Windows (or any other OS). That's a big plus not having to pay for a copy of Windows that I wouldn't use anyways since I'd immediately put Ubuntu on it.
cntrygrl
(356 posts)want to thank you for these links. It appears I don't have the invading adware mentioned. Thank you again.