Skip to main content

Lenovo Installed Malicious Adware on Customers' Computers – Here’s How to Remove it

How-to-Remove-ZenSearch.com_[1]When Sony was caught in 2005 using audio CDs to install rootkits on their customers' computers, they set a new standard for boneheaded attacks on the people who give you money.

This week Lenovo met the Sony rootkit standard, and exceeded it. The Chinese gadget maker has been caught installing adware in the laptops it has been selling in the US and elsewhere.

TNW reported early this morning that numerous users on the lenovo support forums were seeing spurious ads mixed into Google search results and other sites. The ads had shown up as early as June and September 2014, but the story didn’t break until this week.

To put it simply, Lenovo was doing to their customers what someone (my previous webhost, I think) did to my blog. In this case the adverts were being injected by a piece of adware called Superfish, which several victims identified as having been installed by Lenovo before they bought the laptops.

That’s the bad news; here’s the worse news.

According to security researchers, Superfish didn’t just inject ads into a user’s browsing sessions; it was "designed to intercept all encrypted connections, things it shouldn’t be able to see". Not only that, the adware was so poorly written that it introduced the same security hole on to all infected computers, thus giving enterprising and malicious hackers an easy opportunity to subvert millions of computers with a single trick.


And just to be clear folks, this security hole is the kind of thing which app developers and OS developers work strenuously to remove and repair – and Lenovo introduced one just so it could sell advertising.

After denying the severity and trying to talk around the problem, Lenovo finally admitted to the issue and posted instructions on how to remove the ap and repair the security hole.

They also shared a list of affected computers. Hopefully it is complete:

  • G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
  • U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
  • Y Series: Y430P, Y40-70, Y50-70
  • Z Series: Z40-75, Z50-75, Z40-70, Z50-70
  • S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
  • Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
  • MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
  • YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
  • E Series: E10-30

You can find the instructions to remove the adware in this PDF.

Luckily for me, my two-year-old Lenovo laptop was made before Lenovo started attacking its customers, so I don’t have to worry about about Superfish.

I also know my next laptop won’t be at risk, because it sure as hell won’t be made by Lenovo.


images via The TelegraphSpyware Removers

Similar Articles


R February 19, 2015 um 11:59 pm

I avoid all brands from China when I buy computers/tablets/mobile phones etc. I don’t want to increase my chance of being monitored.

Felipe Adan Lerma February 20, 2015 um 6:53 am

Wow, and I thought the TVs from Samsung that could hear what people watching it were saying, and reporting it back to the company, was bad enough.

Yep. No products from these guys for me either. Thanks!

fjtorres February 20, 2015 um 6:57 am

I’m starting to think the best PCs to buy are the Signature series from the Microsoft Store: clean, OS-only systems.
Either that or build your own, for desktops and servers.

Nate Hoffelder February 20, 2015 um 7:05 am

Dammit Lenovo, why’d you have to go and make Microsoft look good?

fjtorres February 20, 2015 um 10:50 am

MS has always been against crapware.
They only allow it because of the antitrust settlement forces them.

fjtorres February 20, 2015 um 10:54 am



Felipe Adan Lerma February 20, 2015 um 7:50 am


I’ll still stick w/Macs for now though.

anothername February 20, 2015 um 10:37 am

AFAIK Lenovo are the only company to still make decent keyboards with their laptops. As such, I’ll keep buying Lenovo. Spyware can be zapped. Keyboards like like rows of little rubber bubbles where te cursor keys have massive spaces around them or are too small cannot be replaced.

fjtorres February 20, 2015 um 10:49 am

Microsoft store carries some Lenovo models 😀

Nate Hoffelder February 20, 2015 um 10:57 am

I hated – and I mean hated – the KB on my lenovo u410. It was so horribly designed that it was unusable, and the trackpad was worse.

Paul Draker February 21, 2015 um 12:34 am

Mac. Just sayin'.

And if you’re a writer, there’s an added bonus: with a Mac, you can upload your books directly for sale on iBooks and avoid paying an aggregator like Direct2Digital or Smashmargins a % of every sale. Sell enough books on Apple, and that % you save will buy your next Mac for you. 🙂

Nate Hoffelder February 21, 2015 um 4:13 pm

Well, some of us can’t afford to pay the Apple tax. 😉

Security Software Found With Superfish-Style Security Holes ⋆ Ink, Bits, & Pixels February 23, 2015 um 2:16 pm

[…] Lenovo was caught last week in the process of corrupting its customers safety and security in the name of selling ads, I […]

Google Kills 200 Ad-Injecting Chrome Extensions, Says a Third Were Malware ⋆ Ink, Bits, & Pixels April 1, 2015 um 3:47 pm

[…] may have backtracked from using a dangerously unsafe ad injector to make a few extra dollars off of its customers, but they weren't the only bad actor out […]

Write a Comment