Worried about Lenovo's pre-installed spyware? Here's how to remove Superfish from PCs

Anyone who owns a new Lenovo computer has likely been subjected to hidden adware.

Computer maker Lenovo has been called out by angry customers for pre-installing the software on their machines, and now it is being forced to remove the adware as well as answers questions about whether it compromised their security.

If you want to know more about this adware being described as "malicious" software, including how to promptly remove it from your machine, continue reading.

What is Superfish?

Superfish is adware that injects adverts on to browsers in a manner somewhat similar to malware. Lenovo has been pre-installing the hidden software, which is labelled as Visual Discovery under Programs in Control Panel, on select laptops and PCs since at least last autumn and then shipping those machines to unwitting customers.

Why did Lenovo use Superfish?

Lenovo said it only shipped Superfish during a short window from October to December, with the purpose of helping customers potentially learn about new and interesting products while shopping. More specifically, Superfish was designed to help customers discover new products by visually analysing images on the web to find the cheapest ones.

Did Superfish collect information or issue certificates?

Superfish is similar to a form of malware because of the way it interacts with a customer's computer. Alan Woodward, a security expert from Surrey University, told the BBC that it "pops up adverts that you never asked for" and is very much like "Google on steroids". But what's even worse is that Superfish likely had permission to issue certificates.

Lenovo appears to have given Superfish permission to issue its own certificates, which allows the software to collect data over secure web connections. In other words, if you went to your bank's website, Superfish would promptly issue its own certificate pretending to be your bank and intercept whatever you are sending back and forth.

If Lenovo installed its own self-signed certificates, it quite possibly put customers at increased risk. The whole issue also raises concerns about computer manufacturers' ability to collect and store consumer data without explicit permission, their deals with third party companies, and the amount of hidden software pre-installed on machines.

When did consumers first notice Superfish?

Customers first began complaining about Superfish in Lenovo's forums last autumn, which led forum administrator Mark Hopkins to announce in January that "due to some issues (browser pop up behaviour, for example)", the company had temporarily removed Superfish from consumer systems until it could provide a new software build with fixes.

How has Lenovo responded?

Due to negative feedback, and that Superfish didn't enhance users' experience, Lenovo has completely disabled Superfish's server side interactions on all Lenovo products since January. That means the software is no longer active. Lenovo also stopped pre-installing Superfish in January and doesn't plan to pre-install the software in the future.

Lenovo further posted instructions for customers interested in removing Superfish from their computers. The company also specified that the software did not profile nor monitor user behavior. It also did not record information. Customers were apparently also given a choice to use the product, though according to forums, many were not aware of that.

"The relationship with Superfish is not financially significant; our goal was to enhance the experience for users. We recognize that the software did not meet that goal and have acted quickly and decisively," Lenovo explained.

Is Superfish on your computer?

Use this test site to determine if your PC has the bug. Make sure to run the test with every browser installed on your computer. That same site also provides thorough Superfish removal instructions.

How do you get rid of Superfish?

Although Superfish is no longer active on existing machines, you can take further action by uninstalling the software. Alternatively, you could use the latest version of Microsoft's antispyware and antivirus product to root out Superfish.

Uninstalling Superfish/Visual Discovery

Go to Control Panel > Uninstall a Program
Select Visual Discovery > Uninstall

Keep in mind that uninstalling Superfish will remove it from Program Files and Program Data directories, causing the Superfish service to stop working following a reboot, but files in user directory will stay intact for privacy reasons, according to Lenovo. Registry entry and root certificate will remain as well.

Remove certificates

Follow directions on this site to remove all the remaining certificates.

Windows Defender

Windows Defender is Microsoft's onboard software product that helps combat malware on Windows machines. Microsoft has announced that the software is now actively removing Superfish and resetting SSL certificates, thus restoring your computer. All you have to do is update to the latest version of Windows Defender and then scan.