There is absolutely no need to panic! The Lenovo’s ‘Superfish’ adware can be removed eaily.
Lenovo has gone out a little bit too far in its quest for money. The quest has put its user’s at a huge risk. Superfish a ‘Visual Search’ tool has been pre loaded on the PCs. This blessed tool is known to fake the encryption certificates of every secure HTTPS protected website that you visit. This has been happening since the middle of 2014. ‘Superfish’ attacks using man-in-the-middle to fill the websites that you visit with advertisements posing vulnerability threats to you from hackers
The article provides an insight into helping you discover if your Lenovo is ‘Superfish’ infected. If it is then follow these steps so that it can be eradicated.
Is your Lenovo preinstalled with “Superfish”?
Well here is how you could possibly find out if your Lenovo PC comes to you handy with Superfish pre-installed. The adware is so designed that it projects to you price comparision advertisements into the web pages when you visit them. In case you are on a venture to find out a new product. The VisualDiscovery provides certain Visual Search Results, and if you are able to view such results on your own then you may be infected with the Superfish adware.
Steps to Check Superfish is Pre-installed
Although you may not be cent percent sure that you have the Superfish loaded on your PC, the following steps will let you confirm if this troublesome extra feature of Lenovo is present.
Go to Control Panel–> Programs–> Uninstall a Program–> Check for VisualDiscovery
If it is there then immediately Uninstall it. After uninstalling it run your antivirus and scan for viruses. It is possible that Superfish has been flagged as adware by some of the antivirus engines. By performing a manual initiated scan you can be for sure that this unwanted program that has been added is truly gone.
Superfish: The Hijacker
Superfish just captures the SSL traffic. How does it do so? A self-generated root certificate is installed in the Windows Certificate store that is reserved. This reserved location consists of certificates from Microsoft and Verisign. The adware resigns these SSL certificates that have been assigned by HTTPS sites with its own generated and signed certificates.
Superfish thereby conducts a man-in-the middle attack and breaks the security layer of HTTPS encryption. It is also believed that simply removing this adware does not remove this culprit completely. Microsoft has a Windows Defender Update that removes adwares. That certificate may be revoked manually.
Hers is how you can do it:
Press Windows key and R on you keyboard to bring the Run tool.
- Look for certmgr.msc and open your PC’s Certificate Manager
- Click on Trusted Root Certificate Authorities on the left hand pane
- Double click Certificates in the main pane
A llst of all trusted certificates will be generated. Find for Superfish and delete it.
That should do it for now. Superfish also worms into Firefox’s Certificate Manager.
Open the browser and Goto Options –> Advanced –> Certificates –> View Certificates.
If you see Superfish, Click on it and Select –> Delete or Distrust