Quick question about Lenovo and Superfish

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

electroplid

Thread Starter
Joined
Apr 22, 2009
Messages
150
This is a quick question. I purchased a Lenovo laptop a few years ago with Windows 8 pre-installed.. it didn't work with any of my peripherals so I ended up doing a clean install of Windows 7... Am I right in assuming this would eliminate any Superfish issues with my computer? This is of course assuming that it was even installed on my Lenovo in the first place.

Thanks!

Frank
 

electroplid

Thread Starter
Joined
Apr 22, 2009
Messages
150
I think it's a 305n or something like that... It's at home, so I'll have to check it later tonight... it was set up for Windows 8 but as I said, it's been downgraded.
 

valis

Moderator
Joined
Sep 24, 2004
Messages
78,140
I'd say the odds are VERY high you have that exploit. The steps to remove it are on that link, pretty easy to follow.
 

valis

Moderator
Joined
Sep 24, 2004
Messages
78,140
yup. The exploit, to my understanding, works at a pretty low level. Besides, the check is cake. Click on the link with IE or Chrome (not FF), and it will say yes or no pretty much instantly. Yes, follow the half-dozen instructions to remove it. No, go about your merry day. :)
 
Joined
Apr 10, 2006
Messages
2,586
According to The Register, Microsoft issued a statement yesterday (2015-02-20) that Windows Defender is now programmed to remove SuperFish and more importantly the Root Certificate.

A check of W8.1 Lenovo computers that use WD as the AV software have shown that neither the software nor the Root Certificate are present on any of these machines.

T.
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
AdwCleaner is finding Superfish in Chrome user profile on a scan I did for someone today.
 

Phantom010

Retired Trusted Advisor
Joined
Mar 9, 2009
Messages
34,801
On a user's computer yesterday, I even found it in a Firefox extension... He was constantly being prompted by ESET while using Firefox, and not his other browsers. Neither AdwCleaner, nor MBAM ever saw anything! Simply removing the extension did it. Looks like Mozilla missed that one...

 
Joined
Apr 10, 2006
Messages
2,586
My understanding is that the single most important aspect of disabling access to Superfish was to remove the Root Certificate. If you don't remove the Root Certificate then Superfish is still a "Trusted" source.

Therefore "Tools" or AV software that block Superfish without removing the Root Certificate are not addressing the underlying cause.

Is my understanding correct..?

T.
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
On the computer I scanned with AdwCleaner as the first tool.....there were several items such as the search, start page, etc detected and cleaned by quarantine / setting changed to default.

However there was no certificate found.....this in windows 8.1 in the certificate store as the Lenovo directions for a manual removal have you follow.

If any one encounters Superfish whether they are on a Lenovo computer, or any other and use browsers they need to follow the advice and directions at the Lenovo site

http://support.lenovo.com/en/product_security/superfish_uninstall#ie

There are directions to use an automated or a manual removal - the certificate removal info is there and is not hard to understand or to do.

Mozilla /Firefox has directions...and the IE, Chrome, and several other browsers have a set of directions.

NOTE:

Then>> here is a detailed account of other adware containing apps, sites, very much doing the same certificate "changes" which has been ongoing.

http://www.howtogeek.com/210265/dow...bundle-superfish-style-https-breaking-adware/

The malware fighters here as well as worldwide always are updating their methods and "how-tos" to reflect the newest available information. It's becoming the usual in our directions when removing malware to carefully de-select some bundled adware when they download a tool..... This helps not only the one person>>> many others read and will heed these steps and take notice that adware is a possibility that must not be over looked when downloading anything. I know it's a bit awkward, but we are having to deal with it right now.

So, yes, it is very critical to check for the Certificate pointing to Superfish but you may not find one... which is odd.
 
Joined
Apr 10, 2006
Messages
2,586
Bill, thanks for your reply and for confirming that removing the Root Certificate is a critical part of the clean-up.

One further question.... you wrote : "...... If anyone encounters Superfish ..... "

I am wondering if there is a simple, easy method that non-technical users can employ to detect Superfish on their systems.... ??

I am trying to author a set of simple instructions for this purpose, but every time I end up with something that is far too involved for your average office or home-office user. So any input to facilitate simplicity would be appreciated.

T.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top