The Superfish malware has been in news recently, with Lenovo pre-installing it on all their new computers. This post shows how to find out if your Lenovo computer has Superfish malware installed and offers instructions on how to uninstall it and remove it completely.
The Superfish malware replaces the advertisements on the website which the user visits, and replaces them with new advertisements which possibly benefit Lenovo and Superfish. This raises security concerns, since, when it intercepts HTTPS encrypted webpage to replace its own ads, it creates a mix of secure and insecure content, laying open the path for other hackers to potentially carry out its own attacks.
If you bought a Lenovo laptop recently, you may want to first check if you have Superfish malware installed on it. If you find out that you do, then here are the steps you need to take to completely remove it from your computer. Some of you may want to also try this free Root Certificate Scanner to scan Windows Root Certificates for untrusted one’s.
After issuing a statement and expressing regret about it, Lenovo has posted instructions on how to go about uninstalling the malware completely.
Remove Superfish malware completely
1] Open Control Panel > Program and Features.
Here you will see an entry Superfish Inc. VisualDiscovery. Select it and click on Uninstall. Once the uninstallation in completed, restart your computer.
2] Now open a command prompt windows and type certmgr.msc and hit Enter, to open the Certificate Manager.
Certificates are digital documents used to manage network authentication and the exchange of information. The Certificate Manager or Certmgr.msc in Windows lets you see details about your certificates, export, import, modify, delete or request new certificates.
3] Under Certificates – Local Computer, expand Trusted Root Certification Authorities. You will see Certificates. Select it.
Now in the right side, you will see Superfish, Inc. Right-click on it and select Delete.
4] Windows will prompt you to confirm deletion. Click Yes and restart your device.
5] If you use Firefox browser, there is one more step you will have to carry out. Open Firefox Options > Advanced > Certificates > View Certificates. If you see a listing for Superfish, click on it and select Delete.
6] Finally to be doubly safe, run a full-scan of your antivirus software and restart your computer. Incidentally, Microsoft has updated Windows Defender. It now removes Superfish along with the root CA certificate.
You will have now completely removed Superfish malware from your computer.
UPDATE: Lenovo has released SuperFish Removal Tool, which makes its removal, a matter of a click.
This post offers eDellRoot certificate removal instructions.