STEP 4: Delete The Cert

The magic of Superfish is also what makes it dangerous. In essence, the app creates a self-signed certificate, which deems it a trusted party. That gives it the authority to intercept and modify traffic, to decide which encrypted communications are trustworthy, and most importantly, to generate its own encryption certificates for sites that use secure HTTP. That's the part that could allow malicious actors to gain access to private data, communications or sites. The fastest way to determine the authenticity of the certificate on the system under repair is to run Superfish CA Test, a browser-based scanner with links to removal instructions for infected systems.