This week Lenovo confirmed reports that it had been shipping computers with software called Superfish that intercepts internet traffic, injects third-party ads, and poses a potential security risk (although Lenovo denies that last part).
The company stopped loading Superfish on its computers in January and shut down the servers that enable the software… although that doesn’t actually stop SuperFish from running on affected PCs. So if you bought a Lenovo computer that rolled off the assembly line between September and December of 2014, there’s a chance you may be affected. In fact, there are probably still a fair number of those PCs on store shelves.
Here’s how to tell if your computer has Superfish installed, and what you can do to remove the software.
First, you may want to check Lenovo’s website to see if you have a model number that was affected. That includes a number of recent Lenovo Yoga, Flex, Miix, G, U, Y, Z, S, and E Series computers. But just having a PC model that’s on the list doesn’t necessarily mean you’ve got SuperFish.
So you may want to visit a website that checks to see if you’re impacted, like these pages from LastPass and filippo.io. Visit either in a web browser and you’ll see a message letting you know if your PC is affected.
Got Superfish? Lenovo’s got instructions for removing the software.
You may still want to follow the steps below if you want to be certain that Superfish is killed dead and isn’t still flopping around gasping for air. But as The Verge notes, it looks like the next version of Microsoft’s free Windows Defender software will detect and remove Superfish and the system certificate (but not the Firefox certificate).
Update 2: Lenovo has released its own automatic Superfish removal tool, and the company is also working with Microsoft and McAfee to make it easy for users to quarantine or remove the software using Windows Defender (see above), or McAfee security software. You can still follow the manual instructions below, but the automatic tools are not only easier to use, but the Microsoft and McAfee software will remove Superfish even from computers even if users aren’t aware that their systems are affected.
Manual steps for removing Superfish
Step 1 involves uninstalling the Superfish VisualDiscovery application using the Windows uninstall utility. But that’s just the start.
Step 2 is checking to see if the Superfish certificate is installed. Fire up the Windows “Manage computer certificates” utility by typing certmgr.msc into the Windows Search box, then do the following:
- Click trusted Root Certification Authorities.
- Click the Certificates folder.
- Look for any certificates that include the word Superfish.
- Right-click on those certificates and choose delete from the dialog box.
- Restart your computer and visit one of the websites again to make sure Superfish has been removed.
Step 3 might be necessary if you’re using Firefox as your web browser:
- Open Firefox.
- Open the Options menu.
- Click the Advanced tab.
- Click the Certificates tab.
- Click the button that says “View Certificates.”
- Look for Superfish and right-click and click the “delete or distrust” button for any mentions of it if you find it.
- Restart Firefox and visit one of the websites listed above to check for Superfish again.
Lenovo’s hardly the first PC maker to ship computers that come pre-loaded with apps you may not need or want, but Superfish is probably one of the worst examples of bloatware we’ve seen… since it’s also arguably malware (and undeniably adware).
Want to make sure that you’ve got a computer without any software you didn’t bargain for? You might want to consider buying a Windows Signature Edition PC from the Microsoft Store, since these systems come with Microsoft Windows software and little else. You can also try wiping your device and installing a clean version of Windows 8.1… or just scrapping Windows altogether and installing Ubuntu, Debian, Fedora, or another GNU/Linux operating system.