Lenovo Bloatware Called Malware – Remove ‘Superfish’ From Your Laptop

By Nathan Kirsch

lenovo-yoga-2

Lenovo, the world’s largest PC maker, has been busted by having a pre-installed bloatware program that was found to be very virus-like. The software was made by a company called “Superfish” and is basically an Internet browser add-on that injects ads onto websites you visit. This software also opens security holes that make your laptop more vulnerable to hacking as it tampers with website certificates and that is never good. It appears that Superfish only worked on Internet Explorer and Google Chrome users as Mozilla Firefox uses its own SSL certificate system.

superfish

Lenovo issued a statement on Thursday that it stopped shipping computers with the Superfish adware sometime in January 2015. It appears that Lenovo pre-loaded Superfish onto consumer notebooks between September 2014 and Decemeber 2014, so if you got a Lenovo notebook this holiday season you should be on the alert.

“Superfish technology is purely based on contextual/image and not behavioral. It does not profile nor monitor user behavior. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted. Every session is independent. When using Superfish for the first time, the user is presented the Terms of User and Privacy Policy, and has option not to accept these terms, i.e., Superfish is then disabled.”

Lenovo claims that Superfish has been disabled on the server side, but we highly suggest to our readers that they should remove the program just in case someone down the road turns something back on by accident. Lenovo says that they didn’t monitor user behavior, but we all know that they got paid to install the bloatware. Trust in Lenovo has certainly been lost and hopefully they will do away with all bloatware as a result of this unfortunate incident. Lenovo shipped over 100 million computers in Q4 2014, so this situation could impact a fair number of people around the world.

Superfish may have appeared on these 43 different Lenovo Consumer notebook models:

G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
Y Series: Y430P, Y40-70, Y50-70
Z Series: Z40-75, Z50-75, Z40-70, Z50-70
S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
E Series: E10-30

There is also a website that has been created to tell you if you are impacted by the root security certificate issue caused by Superfish and the site also ffers suggestions on how to fix if your system has been compromised. You can even find tutorial videos on how to disable VisualDiscovery ads in Lenovo notebooks on YouTube like the one below.