fbpx

How to remove Superfish and its certificate from your Lenovo® PC

What is Superfish? Superfish is a piece of software that Lenovo has admitted to pre-installing on many of its laptops to "enhance the shopping experience" of its users.

However, the U.S. Computer Emergency Readiness Team calls Superfish a “man-in-the-middle attack” because of how it “intercepts users’ web traffic to provide targeted advertisements.”

Why is Superfish so dangerous?

Superfish snoops in on your web browsing and secretly slips ads into webpages. But the really dangerous part is that it’s pre-installed with root certificate authority, which allows it to impersonate any server’s security certificate.

If this certificate is compromised by hackers, you could be tricked into logging in to a fake website and giving hackers your password. Because of Superfish, any of your accounts—including encrypted bank accounts—could be easily compromised.

Which computers are affected?

According to Lenovo, Superfish may have been pre-installed on the following models:

laptop

E Series:

E10-30

G Series:

G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45, G40-80

S Series:

S310, S410, S40-70, S415, S415Touch, S435, S20-30, S20-30Touch

U Series:

U330P, U430P, U330Touch, U430Touch, U530Touch

Y Series:

Y430P, Y40-70, Y50-70, Y40-80, Y70-70

Z Series:

Z40-75, Z50-75, Z40-70, Z50-70, Z70-80

Edge Series:

Edge 15

Flex Series:

Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 Pro, Flex 10

MIIX Series:

MIIX2-8, MIIX2-10, MIIX2-11, MIIX 3 1030

YOGA Series:

YOGA2Pro-13, YOGA2-13, YOGA2-11, YOGA3 Pro

Source: Lenovo

Will restoring from a backup help?

Superfish has been pre-installed by Lenovo. Therefore, restoring your computer to factory condition from either a backup partition or a backup DVD will not solve the problem if Superfish is also part of your backup. Superfish would only be reinstalled, too.

So if you ever use a backup to restore your system, you may need to again remove Superfish and its root security certificate from your system.

Remove Superfish now

To remove the Superfish program and its certificate from your computer, please use this free tool from Lenovo:

DOWNLOAD Superfish Removal Tool:
https://www.us-cert.gov/ncas/alerts/TA15-051A

This tool will also remove any Superfish certificates from Mozilla Firefox® and Thunderbird®.

If you have purchased a Lenovo computer from itconnexion, Superfish will be removed (if it is detected) on the next patch management service. This service is free-of-charge if you are a client of itconnexion. For more information contact our friendly team of experts or send us an email at [email protected].

We can help you!

In case you’re still unsure about the process or if you need further assistance, feel free to give us a call or drop us an email. Our team of experts will be sure to offer a helping hand.