The Superfish malware has been in news recently, with Lenovo pre-installing it on all their new computers. This post shows how to find out if your Lenovo computer has Superfish malware installed and offers instructions on how to uninstall it and remove it completely.
The Superfish malware replaces the advertisements on the website which the user visits, and replaces them with new advertisements which possibly benefit Lenovo and Superfish. This raises security concerns, since, when it intercepts HTTPS encrypted webpage to replace its own ads, it creates a mix of secure and insecure content, laying open the path for other hackers to potentially carry out their own attacks.
If you bought a Lenovo laptop recently, you may want to first check if you have Superfish malware installed on it. If you find out that you do, then here are the steps you need to take to completely remove it from your computer. Some of you may want to also try this free Root Certificate Scanner to scan Windows Root Certificates for untrusted ones.
After issuing a statement and expressing regret about it, Lenovo has posted instructions on how to go about uninstalling the malware completely.
Remove Superfish malware completely
1] Open Control Panel > Program and Features.
Here you will see an entry Superfish Inc. VisualDiscovery. Select it and click on Uninstall. Once the uninstallation in completed, restart your computer.
2] Now open a command prompt windows and type certmgr.msc and hit Enter, to open the Certificate Manager.
Certificates are digital documents used to manage network authentication and the exchange of information. The Certificate Manager or Certmgr.msc in Windows lets you see details about your certificates, export, import, modify, delete or request new certificates.
3] Under Certificates – Local Computer, expand Trusted Root Certification Authorities. You will see Certificates. Select it.
Now on the right side, you will see Superfish, Inc. Right-click on it and select Delete.
4] Windows will prompt you to confirm the deletion. Click Yes and restart your device.
5] If you use the Firefox browser, there is one more step you will have to carry out. Open Firefox Options > Advanced > Certificates > View Certificates. If you see a listing for Superfish, click on it and select Delete.
6] Finally to be doubly safe, run a full scan of your antivirus software and restart your computer. Incidentally, Microsoft has updated Windows Defender. It now removes Superfish along with the root CA certificate.
You will have now completely removed Superfish malware from your computer.
Lenovo SuperFish Removal Tool
It is a simple portable executable file that does not require to be installed. Once you have downloaded it to your computer, close all your web browsers and run the tool.
Click on the Analyze and remove SuperFish now button. The tool will scan your system for SuperFish Registry entries, Root Certificates, and Program Files. It will also clean the Root Certificates for the Firefox browser if you have it installed on your PC. This scan is quick and takes around 10-15 seconds.
If SuperFish is found, it will remove the infection completely and ask you to reboot your computer.
If your computer is clear, you will be informed accordingly, with a Not found message.
If you bought a Lenovo laptop recently, you may want to first check if you have Superfish malware installed on it. If you find that you do have it installed, you can download this tool from Lenovo.
ESET Superfish Cleaner Tool
The Superfish malware replaces the advertisements on the website which the user visits, and replaces them with new advertisements which possibly benefit Lenovo and Superfish. This raises security concerns, since, when it intercepts HTTPS encrypted webpage to replace its own ads, it creates a mix of secure and insecure content, laying open the path for other hackers to potentially carry out their own attacks.
Eset Superfish Cleaner is a small 166KB sized portable tool that instantly tells you if you have Superfish installed on your Windows PC, and if found efficiently removes the Win32/Adware.SuperFish malware completely. If you bought a Lenovo laptop recently, you can also first check online if you have Superfish malware installed on it. If you do find something, you want to remove it asap.
Click here to download Eset Superfish Cleaner from their official website. The scan will run as soon as you start the tool. To exit, press any key.
Stay safe!
This post offers eDellRoot certificate removal instructions.
Does Lenovo still use Superfish?
No. According to the official statement from Lenevo, the software completely disabled server-side interactions on all Lenovo products. This made sure the software was not able to connect and spread malware. Apart from this, Lenevo deleted the preload from future products.