superfish?

[20redfire03]

Has anyone gotten a pup.optional.superfish.a virus recently? I have discovered it on my system and nothing I am doing will remove it the files. Malwarebytes, avast, junkware removal tool, and adwcleaner. Ive tried safe mode with no luck, which sucks trying to get to with windows 8.

Anyone have any suggestions to remove the virus?

A sample of what it does can be seen here: http://www.svtperformance.com/forums/showthread.php?1019698-Super-Shopping-ad-box

Thanks

 

[oldmodman]

Reload Windows after reformatting and erasing your entire hard drive.

You do have everything you need to save backed up don't you?

 

[20redfire03]

I don't, that I can think of but I also don't have a copy of windows 8 to reload either

*My only issue with reformatting is restoring my copy of Office and i think all i was given was a code and I no clue where that is currently.

**Well I found my code for office and its tied to my email account so I should be good in that respect.

***Will doing the restore back up process to a portable drive work despite having the infected files currently on the computer?

 

[CobraBob]

If you don't have a backup of your data (before the infection), that isn't good. Whether or not you can backup your data now likely depends on where the infected files are. I would be concerned about transferring the infected files to your backup drive. The last thing you want is to reformat your hard drive, re-install Windows and your programs, restore your data files, and then find you to inadvertently moved infected files back onto your hard drive. Hopefully someone more knowledgeable than me can confirm or disprove my concern for your newly backed up data.

 

[20redfire03]

Yea that is what I am fearing. The files I believe in the local\appdata for google chrome or at least that is where they keep getting found.

I think I may have a copy of Windows 7 I could install over the Windows 8 and then I'd just use the Windows 7 code of an older laptop.

 

[MovingZen]

Give Kaspersky rescue disk a try.. but the safest answer is reformat/reload.
http://support.kaspersky.com/us/viruses/rescuedisk/

 

[Satyr]

Your files are likely fine. Text and picture files are normally not an issue, while some multimedia (music, video) may be. When this happened to a friend of mine about 5 or so years ago, I took a 16 gb flash drive and loaded all the crap he wanted to save onto it, then put it on my laptop and scanned the drive. No virus found, so I reformatted it and he was good to go.

Other thing you can do is try uploading whatever crap you have to google drive. I believe I remember reading that drive auto-scans the files for viruses in the same way that gmail does...I could be wrong, though.

 

[jdoyle]

https://www.virustotal.com/ may be of use to you. it is owned by google.

 

[SonicDTR]

If you have an infected system do not compromise all your drives and backups!!

I do not recommend putting all your files onto another drive, plugging that drive into a clean computer to scan it!

I do not recommend plugging in a known good backup drive, with data on it, into a known infected computer!

Ideally, copy all your data onto a spare drive(flash drive or HDD), load up a live disk environment and scan the new "backup" drive with that. I cant look at the Kaspersky link right now, but I imagine that is what it does. If it comes out clean, then wipe the system, restore files, and run another scan of the system.

Modern virus, malware, worms, etc...anything malicious, can be VERY tricky and complex. Just do not risk your known good data and drives.

 

[20redfire03]

Malwarebytes shows the location of the files at:
C:Users\ME\AppData]Local\Google\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage
C:Users\ME\AppData]Local\Google\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal

Doesn't seem like its in anything important and from what a friend has looked up hes read its mostly harmless but either way I'm going to try and remove the files somehow and hopefully avoid reformatting and installing 8 again or 7.

 

[SVTContique]

Dont forget to delete System 32

 

[Outlaw99]

all of your virus belong to us!

 

[Outlaw99]

dont forget to delete system 32

dude!

 

[20redfire03]

Dont forget to delete System 32

Always thought that System32 folder was pointless anyways, consider it deleted.

 

[20redfire03]

Looking into windows 8, it has an option to remove everything and reinstall windows, says this if you want to recycle your pc or start over completely you can reset it to its factory settings. Would this correct my issue with the virus/PUP?

 

[20redfire03]

I believe I was able to get rid of the virus. The site Admin provided a link that mentioned it could be from an extension being corrupted. So I removed various extensions and scanned with malwarebytes which now finds nothing, adwcleaner finds nothing and JRT found nothing. I'm going to keep an eye out for the randon ads and if it comes back I'll do a reset.

 

[CobraBob]

I hope that you don't have any further issues. If so, it was a very easy fix for you, eliminating (for now at least) a time consuming disk wipe and re-install of Windows and applications.

 

[20redfire03]

I'm going to keep an eye on it for now. If anything else pops up I'll wipe it out and start over.

 

[Outlaw99]

i heard you can only get that from uber gay porm sites.

 

[20redfire03]

I love porm sites!