How to Remove the Superfish Virus from Your Computer

March 1, 2024

Superfish is a program that displays ads while searching and is generally considered unwanted. The primary purpose of Superfish is to show users ads while they are shopping and redirect them to specific sites. These ads are typically associated with shopping sites like eBay, Best Buy, and Walmart. When the program enters your system, it can present users with price comparisons, discount notifications, and similar content.

However, the drawback of Superfish is its ability to redirect users to irrelevant sites, posing a potential security risk. It is crucial to be vigilant about these notifications and avoid clicking on them. If you encounter notifications from Superfish Window Shopper, it is advisable not to take them seriously and to scan your computer with an effective anti-malware program. Users should employ reliable security software to protect their computers and exercise caution against potential threats.

The root certificate of the Superfish advertising software has now been exposed to malicious attacks. This situation allows the certificate to be used for malicious purposes. Therefore, removing this certificate from your computer is crucial for security. Below, you will find step-by-step instructions on how to perform this process.

Follow these steps to remove untrusted root CA certificates:

  1. Go to the Start menu, type “Run” in the search box, and click on the appearing button.
  2. In the opened “Run” window, type “MMC” and click the “OK” button. This action will open the Microsoft Management Console.
  3. In the Management Console, go to the “File” menu and click on the “Add/Remove Snap-in” option.
  4. In the opened window, find the “Certificates” link and click the “Add” button.
  5. In the next step, in the “Add Certificates” window, select “Computer Account” and click the “Next” button.
  6. Now, in the “Select Computer” window, enter the name of the computer that the component will manage (usually, select “Local Computer” by default).
  7. Click “Finish” and then “OK” to close the window by clicking the respective buttons.
  8. Next, expand the “Certificates” node on the left menu.
  9. Expand the “Trusted Root Certification Authorities” option.
  10. Click on “Certificates” to open the details section and locate the untrusted root CA certificates. Also, find the Superfish certificate and delete it.

Note: Be cautious while performing this process and ensure not to accidentally delete other certificates.

2013download.com

Superfish has not been observed in all Lenovo laptops. It was only installed on certain Lenovo consumer laptop products between October and December, excluding ThinkPad PCs. Lenovo acknowledged the issue with the Superfish advertising software and ceased pre-installing the software in January. Since then, all server-side interactions have been completely disabled on all Lenovo products. Consequently, this virus has not been encountered on other computers.

To easily remove the Superfish Visual Discovery software from your Lenovo PC, follow these steps:
  • Go to the Control Panel.
  • Find the “Programs and Features” option.
  • Select “Visual Discovery.”
  • Click the “Uninstall” button to remove the software.

The Superfish malware, especially in 2015, came pre-installed on certain models of Lenovo laptops. This malware exposes users to a “Man in the Middle (MITM)” attack by injecting advertisements through the browser, posing serious security risks.

man in the middle connection

A Man in the Middle attack is a method that allows an attacker to eavesdrop on the traffic between the server and the client, potentially capturing user data. Typically, a few software tools running on Linux, Mac, or Windows are sufficient for an attacker to execute such an attack, requiring minimal high-level network knowledge.

certificate

The Superfish Visual Discovery malware inserts its self-generated root certificate into the Windows certificates and presents SSL certificates offered by HTTPS sites with its fake certificate. This is a classic man-in-the-middle attack tactic, providing attackers with the opportunity to capture sensitive user data.

tracert

To protect against such malicious software, users should exercise caution when entering secure sites using the HTTPS protocol. Additionally, they should regularly update their computers and use reliable antivirus programs. If Superfish or similar malware is detected, computers should be cleaned using security software, and security measures should be taken.

Below are the LENOVO laptop models on which the Superfish malware comes pre-installed:

  • G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
  • U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
  • Y Series: Y430P, Y40-70, Y50-70
  • Z Series: Z40-75, Z50-75, Z40-70, Z50-70
  • S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
  • Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
  • MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
  • YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
  • E Series: E10-30

The pre-installation of the Superfish malware on these models has exposed users of these devices to potential security risks. Lenovo users should check if this malicious software is installed on their computers and, if so, promptly perform cleaning procedures. In such cases, regularly scanning for malicious software using computer security programs is important for protection.

Superfish Removal Tool

Download and run the Automatic Removal Tool from the link above. In the opened window, you can complete the process by clicking the “Analyze and Remove Superfish” button. However, based on my personal preference, I must express that when I acquire a new laptop, I first back up the drivers and then clean all directories, including the system restore directory if present, to install a clean operating system. Factory settings are often filled with unnecessary software designed to boost software sales, slowing down the system. Even if you uninstall these programs, remnants may still exist in the system and registry. Therefore, ensuring a faster and more secure computer by installing a clean system is crucial.

Download Superfish Removal Tool

Which Antivirus software is the most effective in removing the Superfish virus?

Superfish was a pre-installed software on computers and was present on Lenovo laptops for a period. However, Superfish had the ability to inject advertisements and monitor HTTPS traffic, causing security concerns for users. Therefore, when users want to get rid of Superfish, it is recommended to use a powerful and reliable antivirus or security software.

The choice of the best antivirus program often depends on personal usage habits, device, and needs. However, among the reliable and popular antivirus programs are:

  1. Smadav
  2. Malwarebytes
  3. Avast
  4. AVG
  5. Kaspersky
  6. Norton
  7. Bitdefender
  8. ESET NOD32
  9. McAfee
  10. Windows Defender
  11. Trend Micro

To rid your computer of Superfish, it is important to first perform an up-to-date antivirus scan on your computer and remove any detected threats. Additionally, checking browser extensions and programs, and removing unnecessary or suspicious applications can also be beneficial.

Ashley McKinnel

I'm Ashley McKinnel. I was born in New York in 2000. I create websites and publish software-related articles as a profession. I have already written thousands of articles for three major sites, and these articles have been published on the most read and viewed pages in the USA. For this website I publish articles that provide information about computer programs. I have taught a lot of writing in New York, California, Nevada, Washington, Pennsylvania, and other states.

You may also like...