Not what you were looking for? Ask our experts!
Reply
Newbie
Dave22
Posts: 7
Registered: ‎01-15-2013

HELP - Strongvault removal

During the installation of Freecorder 7, STRONGVAULT was (unknown to me) pushed to my PC, a Windows 7 64-bit system.  Strongvault pushes ads constantly and I have been unable to remove it.  I tried Revo Uninstall, as well as the Fixit application from Microsoft.  I also went to the System Configuration tool, Startup tab, and unchecked the box besided Strongvaultapp.exe to try to prevent it from loading.  When I Apply the change, the check magically reappears by the application, so I don't know how to even prevent it from loading.

 

It this application isn't a virus by a different name, I don't know what is.  Any help would be greatly appreciated.

 

 

peterweb
Posts: 9,153
Kudos: 1,456
Solutions: 364
Registered: ‎04-17-2008

Re: HELP - Strongvault removal

You could start with a full system scan with Norton in Safe Mode.

 

Then I would suggest a second opinion scan using the FREE version of Malwarebytes. You can find it here http://www.malwarebytes.org/products/malwarebytes_free/

 

Let us know if these scans find anything.

 

 

 

 


Things happen. Export/Backup your Identity Safe data.
Newbie
Dave22
Posts: 7
Registered: ‎01-15-2013

Re: HELP - Strongvault removal

I'll try both and let you know, thanks.

 

Newbie
Dave22
Posts: 7
Registered: ‎01-15-2013

Re: HELP - Strongvault removal

I think I've gotten rid of it, but I'm not completely sure.  I can't find any files with Strongvault in the file name, and the barrage of popups while I'm online has stopped.

 

It threw out many obstacles:  I tried to securely delete any file  associated with it, but I couldn't because some were already in use.  I tried to do a  System Restore, but there weren't any Restore Points (I know I had a bunch of them before this).  I tried to prevent it from loading in Administrative Tools/Startup, but every time I unchecked the box to prevent it from loading, the check reappeared when I applied the change.  Malwarebytes found no problems.  I ran Norton 360 in Safe Mode and it found 22 tracking cookies, but nothing else. 

So, I'm not sure exactly what combination of uninstalling/securely deleting/Safe Mode scanning helped, but it appears to be gone now.

 

I would suggest Norton consider looking into methods of getting rid of this really awful malware.  I realize that they can't do this for every piece of malware out there, but I think the problem with this one is pretty widespread.

peterweb
Posts: 9,153
Kudos: 1,456
Solutions: 364
Registered: ‎04-17-2008

Re: HELP - Strongvault removal

Malware often does everything it can to stop you from disabling and removing it.

 

I hope you did get it, so keep an eye on things for a few days. Please report back so we know you did get rid of it.

 

 

BTW System restore can mess up your Norton Product. If you do restore, you may have to reinstall Norton to straighten it out.

 

 

 


Things happen. Export/Backup your Identity Safe data.
Newbie
Dave22
Posts: 7
Registered: ‎01-15-2013

Re: HELP - Strongvault removal

I also decided to scan for remants of the host malware-loader, Freecorder.  I found several files and directories in a scan from a normal boot, but was not allowed to delete them because either they were in use or I did not have privileges.  I re-booted in Safe Mode and was able to securely delete all of them except for the following:

 

uninstall.php?product=Freecorder%206

Freecorder7.php

Freecorder Toolbar Unistall Log.txt

 

I haven't seen any signs of bad or odd behavior, do you think I'm in the clear? 

 

How can I be sure before I log into confidential web sites?

 

Thanks.

peterweb
Posts: 9,153
Kudos: 1,456
Solutions: 364
Registered: ‎04-17-2008

Re: HELP - Strongvault removal

There does not seem to be any security risk here. It is just an unwanted advertising pop up.

 

When in Safe Mode were you logged in from an administrator account? If not try that again. You may be able to do it now.

 

 

 


Things happen. Export/Backup your Identity Safe data.
Newbie
Dave22
Posts: 7
Registered: ‎01-15-2013

Re: HELP - Strongvault removal

I was logged in as an Administrator.  If fact, that's the only way I ever log in!  I was hoping that this whole deal was not more sinister than incredibly annoying popups, but it seems like applications can install really powerful and pernicious components.

 

Thanks for listening, and the help.

 

Dave

peterweb
Posts: 9,153
Kudos: 1,456
Solutions: 364
Registered: ‎04-17-2008

Re: HELP - Strongvault removal

We do not have a malware removal specialist at this time, so I would suggest you check out the links in Yank's post here.

 

http://community.norton.com/t5/Norton-Internet-Security-Norton/Should-Norton-get-rid-of-ib-adnxs/m-p...

 

 

Please come back and let us know how you make out.

 

 

 


Things happen. Export/Backup your Identity Safe data.
Newbie
Dave22
Posts: 7
Registered: ‎01-15-2013

Re: HELP - Strongvault removal

Thanks for the links, I may check them out, although I can't tell that I have any issues with the original malware at this time.