Click to Skip Ad
Closing in...

How to find out if Superfish infected your computer – and what to do about it

Updated Dec 19th, 2018 8:56PM EST
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

If you follow anything having to do with tech on the Internet, you have undoubtedly read something about Superfish in the past 24 hours. In a nutshell, Lenovo sold tons of computers with software called Superfish Visual Discovery pre-installed. Lenovo has been selling computers preloaded with Superfish for the past two years, and the software is supposed to help serve alternative, image-heavy ads in Google search results.

As it turns out, however, Superfish is a pretty frightening piece of adware.

DON’T MISS: 12 great Amazon features you might not know about (but will wish you had)

Password management software maker LastPass explained Superfish quite well in a recent blog post:

It was discovered that the Superfish software was installing its own self-signed Root Certificate Authority so that the Superfish software always appears as a trusted party. The Superfish software would have the ability to then intercept supposedly-secure communications to websites via a man-in-the-middle attack. Researchers also confirmed that hackers on the same network, like an open WiFi hotspot at a coffee shop, can exploit Superfish to steal things like your banking login details or to read your emails.

Isn’t that great? You go out of your way to be safe while browsing the Internet and you’ve installed all sorts of protection against malware and adware, but Lenovo beats you to the punch by pre-installing adware on your PC.

Luckily, LastPass went beyond simply explaining what Superfish is, and the company created a tool that will instantly inform you if your computer is infected with Superfish.

It couldn’t be easier to use. Simply visit this page on the LastPass website and you’ll see a message at the top of the screen informing you of whether or not your computer is infected.

If you see this message, you’re good to go:

If you see a message saying Superfish is running on your computer, it’s relatively easy to remove.

Here are the removal instructions, also courtesy of LastPass:

If you’re affected by Superfish, you must first uninstall the program:

  1. Click the Windows Start button
  2. Search uninstall program
  3. Launch uninstall program
  4. Right-click on Superfish Inc VisualDiscovery and select Uninstall
  5. If prompted for administrator password, enter or provide confirmation

Then you must uninstall the certificates as well:

  1. Click the Windows Start button
  2. Type certmgr.msc into the Search box
  3. Click the certmgr.msc Program to launch it
  4. If prompted for administrator password, enter the password or provide confirmation
  5. Click on Trusted Root Certification Authorities
  6. Open Certificates
  7. Look for certificates mentioning Superfish Inc.
  8. Right-click on any Superfish Inc certificates and delete
  9. Restart your browser and return to this page to see you are safe
Zach Epstein Executive Editor

Zach Epstein has been the Executive Editor at BGR for more than 15 years. He manages BGR’s editorial team and ensures that best practices are adhered to. He also oversees the Ecommerce team and directs the daily flow of all content. Zach first joined BGR in 2007 as a Staff Writer covering business, technology, and entertainment.

His work has been quoted by countless top news organizations, and he was recently named one of the world's top 10 “power mobile influencers” by Forbes. Prior to BGR, Zach worked as an executive in marketing and business development with two private telcos.