Remove certificates from malicious adware from Lenovo
Recently, the blatant behavior of Lenovo, pre-installed on their laptops, adware was made public . It not only inserts advertisements into pages, but also injects an SSL certificate into the system, which allows scanning encrypted traffic. Of course, this certificate has been cracked and now the security of all users of Lenovo laptops is at risk.
The company posted instructions on how to remove the program, but unfortunately, they lost sight of the issue of deleting the certificate itself, which does not disappear from the system. Here is a guide for those who do not want to reinstall the system from scratch.
The certificate is placed in the Windows certificate store. Some programs, such as Mozilla Firefox and Mozilla Thunderbird, use their repositories, where it can also be embedded. To ensure security, you must remove the certificate from anywhere.
The first step in getting rid of annoying adware is to remove the program itself. This is done through the usual "Add or Remove Programs." The program is called "Superfish Inc. VisualDiscovery.
')
Then you must remove the certificate from the Windows store. To do this, run the certmgr.msc program (via Start or command line). In the window that opens, on the left, select Trusted Root Certification Authorities / Certificates. Then on the right, find the certificate of Superfish, Inc. andburn it to remove it.
If you use Mozilla products, this is not all. In Firefox, go to the advanced settings and select the "Certificates" tab.
Find Superfish in the list of certificates and delete it (Delete or Distrust button).
In Thunderburd, the actions are the same. Go to settings.
Select Advanced.
View certificates and remove Superfish.
Now your system is clean of a malicious program and from now on you will be fine.
To check the success of the removal, send your browser to a special test site .
The company posted instructions on how to remove the program, but unfortunately, they lost sight of the issue of deleting the certificate itself, which does not disappear from the system. Here is a guide for those who do not want to reinstall the system from scratch.
The certificate is placed in the Windows certificate store. Some programs, such as Mozilla Firefox and Mozilla Thunderbird, use their repositories, where it can also be embedded. To ensure security, you must remove the certificate from anywhere.
The first step in getting rid of annoying adware is to remove the program itself. This is done through the usual "Add or Remove Programs." The program is called "Superfish Inc. VisualDiscovery.
')
Then you must remove the certificate from the Windows store. To do this, run the certmgr.msc program (via Start or command line). In the window that opens, on the left, select Trusted Root Certification Authorities / Certificates. Then on the right, find the certificate of Superfish, Inc. and
If you use Mozilla products, this is not all. In Firefox, go to the advanced settings and select the "Certificates" tab.
Find Superfish in the list of certificates and delete it (Delete or Distrust button).
In Thunderburd, the actions are the same. Go to settings.
Select Advanced.
View certificates and remove Superfish.
Now your system is clean of a malicious program and from now on you will be fine.
To check the success of the removal, send your browser to a special test site .
Source: https://habr.com/ru/post/356670/
All Articles