How to Get Rid of Superfish


If your PC includes a program called Superfish Visual Discovery, you have reason to be concerned. This program, which is newsworthy because it shipped on (and has compromised) many Lenovo computers, monitors your web browsing, inserts advertisements, and opens a gaping security hole on your computer. Superfish installs a “root certificate,” which performs a man-in-the-middle attack against every single encrypted website you visit. Attackers may be able to use it to impersonate any secure website. Even if you uninstall Superfish normally, the certificate remains on your system. Here's how to fix that problem.

See if You Have Superfish and Uninstall It

  • Visit the Superfish CA test website in Internet Explorer or Google Chrome. Don’t use Firefox for this -- if you’re a Firefox user, open Internet Explorer and visit the page that way. The website will test whether you have the Superfish root certificate installed. if you see an image with the word “YES,” you have Superfish installed.

  • Open the Control Panel and view your list of installed programs. To do that on Windows 8, right-click the Start button and select Control Panel. In Windows 7, click Start and then Control Panel.

    Click Uninstall a program (which you'll find under Programs).

  • Locate Superfish Inc VisualDiscovery in the list of installed programs, right-click it, and select Uninstall. This uninstalls the Superfish software itself, but the dangerous root certificate remains. if you don’t see Superfish in the list here, you may have previously uninstalled it, but not removed the root certificate.

Remove the Dangerous Root Certificate

  • Open the Certificate Manager application. To do that, press Windows Key + R on your keyboard, type certmgr.msc into the Run box, and press Enter.

  • Expand the Trusted Root Certification Authorities folder at the left side of the window and click the Certificates folder under it to view your installed root certificates.

  • Scroll down through the list of certificates and look for any certificate with the name Superfish in the Issued To or Issued By columns. Right-click any certificate mentioning Superfish and select Delete to remove it from your system.

  • Next, remove the certificate from Firefox. If you use the Firefox web browser, open it, click the menu button, and select Options. Click the Advanced icon, select the Certificates tab, and click the View Certificates button. Scroll through the list looking for any certificates named Superfish. If you see one, select it and click the Delete or Distrust button.

  • Check to make sure you’re safe. Close and reopen your web browser -- or restart your computer. Visit the Superfish CA test website again. It should say Superfish is no longer intercepting your connections.

Reinstall Windows, if You Prefer

  • Back up any important files on your computer before continuing. You don't have to reinstall Windows if you performed the above steps, but you can if you’d like to blow away every last little file related to Superfish and the other unwanted software that might be installed on your computer.

  • Create clean Windows installation media. If your PC came with Windows 8.1, use this official Microsoft tool to download Windows 8.1 from Microsoft and create untainted installation media. You should not use your computer’s recovery partition or any recovery discs you may have burned. Those will reset your computer to its “factory default” state, which might include the harmful Superfish software, depending upon what kind of computer you have (particularly if you have a Lenovo computer).

  • Reboot your computer and boot from the Windows installation USB drive or disc. Go through the installation wizard to reinstall a clean version of Windows on your system. On a modern Windows 8.1 computer like the computers that Lenovo infected with Superfish, you shouldn’t even have to insert a product key during the installation process. It’s all in your computer’s hardware. Just ensure you use the same edition of Windows your computer came with -- no Windows 8.1 Professional if your computer came with the standard version of Windows 8.1, for example.

  • Install the hardware drivers and other software your computer requires. You’ll find various hardware drivers and utilities on your computer maker's website. Locate the Downloads page for your exact model of PC. Of course, you may not need all of these utilities.

Related Searches

  • Photo Credit rafal_olechowski/iStock/Getty Images
Promoted By Zergnet


You May Also Like

  • How to Get a Virus Off a Computer for Free

    Viruses not only slow your computer down to a crawl, they steal private information and invade your privacy. Some viruses may destroy...

  • How to Remove Google Jump Virus

    A "jump" virus is one that attacks Internet Explorer, redirecting you to a separate page (often an ad) when you try to...

  • How to Remove Smart Shopper

    SmartShopper is a browser helper through Internet Explorer. The program monitors and keeps track of your searches and your web activity. SmartShopper...

Related Searches

Check It Out

Geek Vs Geek: Robot battles, hoverboard drag race, and more

Is DIY in your DNA? Become part of our maker community.
Submit Your Work!