Friday, February 20, 2015

News You Can Use - How to remove Superfish Spyware

It turns out that Lenovo shipped a number of PCs with a particularly heinous form of spyware installed.  

Known as Superfish, this spyware purposefully facilitates Man in the Middle attacks so that the advertising can be slipped into supposedly secure connections.  If you wondered why your bank was trying to sell you penis enlargement pills, well, now you know.
 
Fortunately there is a test to tell if you have Superfish installed - Browse here  or here
If either site indicates that you have Superfish installed move on to the next steps.

1.  Navigate to the Windows Control Panel
2.  Select Programs and Features
3. In the Uninstall or Change a Program pane look for "VisualDiscovery".  Select it and uninstall it.
4.  After you have completed the uninstall run a virus scan. (Actually I would do a virus scan and a Malwarebytes scan)
5.  Uninstall the compromised HTTPS root certificate:
     a.  Open Windows start (or use the WinKey +R) and enter certmgr.msc in the search box
     b. launch certmgr.msc
     c.  Click on "Trusted Root Certification Authorities"
     d.  Open the Certificates folder
     e. Look for Superfish.  There may be more than one instance.  
     f.  Right click on each instance and select delete
         
         But wait that's not all - If you use Firefox or Thunderbird you must also:
     g.  Open Firefox
     h.  Open the menu in the top right corner.  Select Options.  
     i.   Select the Advanced tab
     j.   Select View Certificates
     k.  Click on any instance of Superfish Inc.
     l.  Select Delete or Distrust.  Confirm the selection is correct and press OK.
6.  Restart all your installed browsers and navigate to one of the two pages I listed above to make sure you are now safe.
7.  Join any Class Action Lawsuits filed about this.  Make Lenovo reimburse you for the trouble.

                     

No comments: