Author Topic: Oh, Strongvault.exe, what ARE you up to?  (Read 7416 times)

0 Members and 1 Guest are viewing this topic.

ShadowSpirit

  • Guest
Oh, Strongvault.exe, what ARE you up to?
« on: December 30, 2012, 12:33:18 AM »
Hi:

Hope everyone's Channukah, Christmas, Kwanzaa, etc. was lovely, and wonderful.

As I type there is lovely snow falling in the Boston area.

Went to update my version of dvdvideosoft.
Something came down with it:  strongvault.exe.
Strongvault gave me an app, and a shortcut on my desktop.
It also downloaded a menu bar and promptly did a "antivirus scan" on my computer.
tried to do some work, computer is now "stuck" with a couple of error messages open from dvdvideosoft "Error! VideoCodec node does not found in xml presetName=Optimal Quality AAC (192 Kbps, 44.1 hKz, Stereo presetDescription=192 Kbps, 44.1 kHz Stereo.

And "Free studio free youtube to mp3 converter, loading components....
which is where I got this thing in the first place.

http://www.isthisfilesafe.com/sha1/3CC8CACE4CDE7885373C86029E407888EAC61E31_details.aspx
Did some digging, to find out what this thing was all about.

Run Malwarebytes. Didn't see it.

currently running avast free antivirus scan -- full.

Will share results when scan is finished.

A new thing?  I looked through the Forum, didn't find any other posts on this.

Wish me luck!

Shadow.


ShadowSpirit

  • Guest
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #1 on: December 30, 2012, 12:40:01 AM »
Hmmm... couldn't find a way to edit previous post.

So, found this url when the app was loading into FF:
http://search.conduit.com/?ctid=CT2269050&SearchSource=13&CUI=SB_CUI


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #2 on: December 30, 2012, 12:42:25 AM »
Quote
currently running avast free antivirus scan -- full.
quick scan is enough to detect anything running active...

some info here
https://www.google.no/#hl=no&tbo=d&spell=1&q=strong+vault.exe&sa=X&ei=Mn7fUIDOOtGN4gS3noHYCA&ved=0CC4QBSgA&bav=on.2,or.r_gc.r_pw.r_qf.&fp=8b2ffee583c3bf0&bpcl=40096503&biw=1611&bih=866


if this is some browser/toolbar crap  try run AdwCleaner and hit the delete button
you find it here  http://forum.avast.com/index.php?topic=53253.0

post the log here


ShadowSpirit

  • Guest
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #3 on: December 30, 2012, 04:01:11 AM »
Hi!  Thanks so much for responding so quickly.  :D

Ran the following scans, and have the appropriate reports to share with you.

Also have some screenshots.

The AdwCleaner was successful in removing the toolbar, BUT Strongvault is still there, still has shortcut on my desktop.


ShadowSpirit

  • Guest
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #4 on: December 30, 2012, 04:11:45 AM »
Okay. Apparently post submitted successfully, but attachments didn't work.

I'll try again, see if they work this time.


attachments.

ShadowSpirit

  • Guest
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #5 on: December 30, 2012, 04:29:14 AM »
Had intended to include some screenshots. Avast forum not responding  (?), but, I have both Strongvault.exe shortcut still on my desktop and in C:  ???  Apparently no matter what screenshot I try to attach, it's too large.  :(


s.

ShadowSpirit

  • Guest
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #6 on: December 31, 2012, 09:56:40 PM »
Argh.

Ran Iobit, thinking that that might clear some things up.

Well..... Iobit got rid of a heck of a lot of stuff in the Temp folder.

But, after I ran the disc check.... There was Strongvault.exe shortcut on desktop.

And, when I tried using FF: I got a rectangle with "browser alert" potential hijack, google.com.

It's inconvenient really. I can work around it. I'd rather not have it there at all. But, I agree that a New Year needs to be summonsed in with bubbly, good food, and the like. :)

 ;)

ShadowSpirit

  • Guest
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #7 on: December 31, 2012, 10:03:09 PM »
**sigh** THIS just popped up, with the "strongvault" icon to its' left:
http://affiliates.digitalriver.com/z/119506/CD122395/

;)  It's like the party guest who wouldn't leave!




Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #8 on: December 31, 2012, 11:21:16 PM »
A new one probably a variant of Sprotect

Download OTL  to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.


  • Select All Users
  • Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post  both logs
« Last Edit: December 31, 2012, 11:24:14 PM by essexboy »

ShadowSpirit

  • Guest
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #9 on: February 01, 2013, 04:20:32 PM »
Essexboy:

Was able to go to add/remove programs, after a little bit of finagling. The desktop icon has been removed, but, for some reason, a lot of folders have been changed from their previous locales to some weird different places.

Also, is "PC-Doctor. Inc." a familiar app to you?  Is it safe?  I just found it in my "add/remove programs" list.  I don't remember installing it.

Hope your New Year was good.

I feel as if I've been through the wringer.

Respects.

Shadow.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Oh, Strongvault.exe, what ARE you up to?
« Reply #10 on: February 01, 2013, 04:31:14 PM »
PC doctor is not something I would have on my system, it is mainly snake oil  ;D