Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: ShadowSpirit on December 30, 2012, 12:33:18 AM

Title: Oh, Strongvault.exe, what ARE you up to?
Post by: ShadowSpirit on December 30, 2012, 12:33:18 AM
Hi:

Hope everyone's Channukah, Christmas, Kwanzaa, etc. was lovely, and wonderful.

As I type there is lovely snow falling in the Boston area.

Went to update my version of dvdvideosoft.
Something came down with it:  strongvault.exe.
Strongvault gave me an app, and a shortcut on my desktop.
It also downloaded a menu bar and promptly did a "antivirus scan" on my computer.
tried to do some work, computer is now "stuck" with a couple of error messages open from dvdvideosoft "Error! VideoCodec node does not found in xml presetName=Optimal Quality AAC (192 Kbps, 44.1 hKz, Stereo presetDescription=192 Kbps, 44.1 kHz Stereo.

And "Free studio free youtube to mp3 converter, loading components....
which is where I got this thing in the first place.

http://www.isthisfilesafe.com/sha1/3CC8CACE4CDE7885373C86029E407888EAC61E31_details.aspx (http://www.isthisfilesafe.com/sha1/3CC8CACE4CDE7885373C86029E407888EAC61E31_details.aspx)
Did some digging, to find out what this thing was all about.

Run Malwarebytes. Didn't see it.

currently running avast free antivirus scan -- full.

Will share results when scan is finished.

A new thing?  I looked through the Forum, didn't find any other posts on this.

Wish me luck!

Shadow.

Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: ShadowSpirit on December 30, 2012, 12:40:01 AM
Hmmm... couldn't find a way to edit previous post.

So, found this url when the app was loading into FF:
http://search.conduit.com/?ctid=CT2269050&SearchSource=13&CUI=SB_CUI (http://search.conduit.com/?ctid=CT2269050&SearchSource=13&CUI=SB_CUI)

Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: Pondus on December 30, 2012, 12:42:25 AM
Quote
currently running avast free antivirus scan -- full.
quick scan is enough to detect anything running active...

some info here
https://www.google.no/#hl=no&tbo=d&spell=1&q=strong+vault.exe&sa=X&ei=Mn7fUIDOOtGN4gS3noHYCA&ved=0CC4QBSgA&bav=on.2,or.r_gc.r_pw.r_qf.&fp=8b2ffee583c3bf0&bpcl=40096503&biw=1611&bih=866


if this is some browser/toolbar crap  try run AdwCleaner and hit the delete button
you find it here  http://forum.avast.com/index.php?topic=53253.0

post the log here

Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: ShadowSpirit on December 30, 2012, 04:01:11 AM
Hi!  Thanks so much for responding so quickly.  :D

Ran the following scans, and have the appropriate reports to share with you.

Also have some screenshots.

The AdwCleaner was successful in removing the toolbar, BUT Strongvault is still there, still has shortcut on my desktop.

Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: ShadowSpirit on December 30, 2012, 04:11:45 AM
Okay. Apparently post submitted successfully, but attachments didn't work.

I'll try again, see if they work this time.


attachments.
Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: ShadowSpirit on December 30, 2012, 04:29:14 AM
Had intended to include some screenshots. Avast forum not responding  (?), but, I have both Strongvault.exe shortcut still on my desktop and in C:  ???  Apparently no matter what screenshot I try to attach, it's too large.  :(


s.
Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: ShadowSpirit on December 31, 2012, 09:56:40 PM
Argh.

Ran Iobit, thinking that that might clear some things up.

Well..... Iobit got rid of a heck of a lot of stuff in the Temp folder.

But, after I ran the disc check.... There was Strongvault.exe shortcut on desktop.

And, when I tried using FF: I got a rectangle with "browser alert" potential hijack, google.com.

It's inconvenient really. I can work around it. I'd rather not have it there at all. But, I agree that a New Year needs to be summonsed in with bubbly, good food, and the like. :)

 ;)
Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: ShadowSpirit on December 31, 2012, 10:03:09 PM
**sigh** THIS just popped up, with the "strongvault" icon to its' left:
http://affiliates.digitalriver.com/z/119506/CD122395/

;)  It's like the party guest who wouldn't leave!

(http://nicedeb.files.wordpress.com/2010/01/thing.jpg?w=780)

Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: essexboy on December 31, 2012, 11:21:16 PM
A new one probably a variant of Sprotect

Download OTL (http://oldtimer.geekstogo.com/OTL.exe)  to your Desktop
Secondary link  (http://www.itxassociates.com/OT-Tools/OTL.exe)
(https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif)

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT


Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: ShadowSpirit on February 01, 2013, 04:20:32 PM
Essexboy:

Was able to go to add/remove programs, after a little bit of finagling. The desktop icon has been removed, but, for some reason, a lot of folders have been changed from their previous locales to some weird different places.

Also, is "PC-Doctor. Inc." a familiar app to you?  Is it safe?  I just found it in my "add/remove programs" list.  I don't remember installing it.

Hope your New Year was good.

I feel as if I've been through the wringer.

Respects.

Shadow.
Title: Re: Oh, Strongvault.exe, what ARE you up to?
Post by: essexboy on February 01, 2013, 04:31:14 PM
PC doctor is not something I would have on my system, it is mainly snake oil  ;D