WASHINGTON, February 25, 2015 – If you have any respect left for Lenovo after reading our previous article on the dangerous Superfish adware-garbageware the company loaded on certain of its machines, take heart: The company has, albeit only recently, provided a Superfish scrub of its own. We’ve collected and adapted additional solutions from reliable tech sources that can help you scrub Superfish forever (or until the next time) from your own machine.
To access Lenovo’s current solution, click here.
Given that its own OS is the one affected, Microsoft has understandably released one fix for the Superfish problem. The company’s own Windows Defender anti-virus software can be used to remove the evil certificate(s).
To assure yourself that Windows Defender can completely delete the offending Superfish package, make sure you have the latest update by manually downloading and installing it if necessary. All you have to do is go to “Windows Update” or open “Microsoft Security Software,” click or select the Update tab and click the Update button.
Once you’re done (or if you’ve already updated), simply launch the package and allow it to do what it does.
To handle the surgery yourself, perform the following actions in order:
First, whether you own a Lenovo or other PC and are using Internet Explorer or Google Chrome, click here for an easy diagnostic. (For whatever reason, the diagnostic apparently won’t work on Firefox.) In 10 seconds or less, you’ll discover whether Superfish is installed on your machine. If you get an answer of “Yes,” proceed with the steps below, which we’ve adapted from Lifehacker’s detailed articles.
Note: I’ve tested my own Macintosh desktop this way on Chrome and there doesn’t appear to be a problem. Macs apparently are not involved in this particular issue, but, unlike the old days, Macs can and do have their own issues.
- Open your “Windows Start” menu or Start screen.
- Search for “Uninstall a program” and launch it.
- Right-click on “Superfish Inc VisualDiscovery,” select “Uninstall,” and enter your administrator password.
- You now need to uninstall the offending certificate or certificates. Return to the Start menu and look for an item called “certmgr.msc.” When you find it, launch it.
- Click on “Trusted Root Certification Authorities,” then open “Certificates.”
- Search here for certificate names that include “Superfish Inc” and then right-click to delete them.
- Close and restart your browser.
- Once the browser is up and running, perform the diagnostic check you performed above by using the same link. You should be clear.
Note for Firefox or Thunderbird users: Go to this Ars Technica page for alternate instructions.
Removing other malware
Lifehacker suggests that while you’re scrubbing Superfish from your computer, you might want to take the opportunity to search and destroy other malware you might have inadvertently installed over time. While you take the above steps, as you look through the file lists you’ll access in step 6. If you see any entries with the following labels, you should also consider deleting these known malware files as well as filenames having anything to do with Superfish:
- DO_NOT_TRUSTFiddler_root (Fiddler is a legitimate developer tool but malware has hijacked their cert)
- Rocket Tab
- Super Fish
- System Alerts, LLC
If you’re majorly concerned with system security
While most geek sites and Microsoft itself believe that removing the offending certificate(s) solve the security issue, Lifehacker notes that if you want to do a complete and total scrub, “ you could always do a clean install of Windows without all the bloatware.”
Slate goes a step further, advising you to completely nuke your machine and start all over. That might be a bit much for most users. But if you work with your own or a company’s laptop at a secure site, that could very well be the best way to go.