01-15-2013 06:40 AM
During the installation of Freecorder 7, STRONGVAULT was (unknown to me) pushed to my PC, a Windows 7 64-bit system. Strongvault pushes ads constantly and I have been unable to remove it. I tried Revo Uninstall, as well as the Fixit application from Microsoft. I also went to the System Configuration tool, Startup tab, and unchecked the box besided Strongvaultapp.exe to try to prevent it from loading. When I Apply the change, the check magically reappears by the application, so I don't know how to even prevent it from loading.
It this application isn't a virus by a different name, I don't know what is. Any help would be greatly appreciated.
01-15-2013 07:01 AM
You could start with a full system scan with Norton in Safe Mode.
Then I would suggest a second opinion scan using the FREE version of Malwarebytes. You can find it here http://www.malwarebytes.org/products/malwarebytes_
Let us know if these scans find anything.
01-16-2013 08:49 AM
I think I've gotten rid of it, but I'm not completely sure. I can't find any files with Strongvault in the file name, and the barrage of popups while I'm online has stopped.
It threw out many obstacles: I tried to securely delete any file associated with it, but I couldn't because some were already in use. I tried to do a System Restore, but there weren't any Restore Points (I know I had a bunch of them before this). I tried to prevent it from loading in Administrative Tools/Startup, but every time I unchecked the box to prevent it from loading, the check reappeared when I applied the change. Malwarebytes found no problems. I ran Norton 360 in Safe Mode and it found 22 tracking cookies, but nothing else.
So, I'm not sure exactly what combination of uninstalling/securely deleting/Safe Mode scanning helped, but it appears to be gone now.
I would suggest Norton consider looking into methods of getting rid of this really awful malware. I realize that they can't do this for every piece of malware out there, but I think the problem with this one is pretty widespread.
01-16-2013 06:18 PM
Malware often does everything it can to stop you from disabling and removing it.
I hope you did get it, so keep an eye on things for a few days. Please report back so we know you did get rid of it.
BTW System restore can mess up your Norton Product. If you do restore, you may have to reinstall Norton to straighten it out.
01-17-2013 05:54 AM
I also decided to scan for remants of the host malware-loader, Freecorder. I found several files and directories in a scan from a normal boot, but was not allowed to delete them because either they were in use or I did not have privileges. I re-booted in Safe Mode and was able to securely delete all of them except for the following:
Freecorder Toolbar Unistall Log.txt
I haven't seen any signs of bad or odd behavior, do you think I'm in the clear?
How can I be sure before I log into confidential web sites?
01-17-2013 06:40 AM
There does not seem to be any security risk here. It is just an unwanted advertising pop up.
When in Safe Mode were you logged in from an administrator account? If not try that again. You may be able to do it now.
01-17-2013 11:00 AM
I was logged in as an Administrator. If fact, that's the only way I ever log in! I was hoping that this whole deal was not more sinister than incredibly annoying popups, but it seems like applications can install really powerful and pernicious components.
Thanks for listening, and the help.
01-17-2013 07:10 PM
We do not have a malware removal specialist at this time, so I would suggest you check out the links in Yank's post here.
Please come back and let us know how you make out.