New build has a big hole somewhere

[Gustavus]

Gunbuster

"Age of XP". I only left XP machines a few months ago -- three are still running XP. My Netgear NAS is incompatible with 8.1 so I am faced with either an expensive upgrade or else using USB thumb drives to move papers etc. between the machines that can "see" the NAS on the LAN and the 8.1 machines that can't. Like I said in an earlier post Ad Muncher is one of the places I suspect as the origin of the problem which prompted this thread. That is paranoia I know -- but since I don't know how the malware got to my machine I will not install Ad Muncher on this one. What is wrong with Your Uninstaller? I have used it for years with no problems. I haven't installed it -- or anything else except for ESET Smart Security on this machine. Is the Add or Remove Programs in Windows 8.1 equally good at removing a program and all of the registry detritus left behind from the installation?

 

[inachu]

If you are truly worried about a dirty registry leaving ghost entries behind you could try the free programs like C cleaner but the best registry cleaner that really gets the dirt out is system mechanic(SM).

I had a highly infected system once and using SM let me be able to get the files I needed then destroyed the hard drive.

If you think your tech skills are fairly safe you could run regedit and visit:
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\[app name]
Then inspect the app where it is pointing to on the c:\ then you can delete the sub folder on C: from there.

 

[silicon]

Personally I would do a fresh install. If you are already running cc cleaner and adjusting the registry then something is very messed up. I had this happen to me with windows 7, something went wrong and could not connect to the network. fresh instal and problems is solved.

 

[Gustavus]

silicon

Back in post #14 I said I did a fresh install and no problems thus far.

Just in case the information might be of use to someone else, I wanted to clean the harddisk infected by the malware, and being super cautious didn't want to connect it to any of the uninfected machines to do a format. There is a nice piece of software, EaseUS Partition Master that did just what I wanted. On an uninfected machine I made a WinPE bootable CD and booted the new machine from it. PM has all the expected drive functions so I could delete the sneak partition which one of the malware had created and repartition the disk to form a single partition with all the disk space in it. The nice thing is that PM allows you to choose the number of "wipes" to be made in clearing a partition. I did several. When finished I had a clean harddrive. I then rebooted from the Windows 8.1 installation DVD and all has been happiness and light from there.

It is conceivable that even though I was doing the original install to a new harddrive that the small partition with malware was already on the drive. Since the drive was new, I simply booted from the Windows 8.1 installation DVD and then started using the OS. There is no way to ever know if that was the source of the problems, but it is possible.

 

[Gunbuster]

The Windows 8.1 installer is not incompetent. You could have nuked all the partitions right from there. No need for winpe, easeUS, multiple wipes for hours on end and pearl clutching.

 

[gouvrit]

I have the same problem. New built. But I installed Chrome and at the same time avast started complaining chrome was doing something weird, opening websites. The funny thing is that Chrome was not open, but by default it "runs in the background"
I thought it was avast and that I had to exclude chrome from its list.

Unrelated to this, I checked in my router my logs, turns out that computer is constantly calling websites, non stop. I installed malwarebytes, no malwares!
BTW, Nothing in control panel/installed programs either

I uninstall chrome. everything is "almost" back. Chrome extensions have malwares that run from there. One (b.scorecardresearch.com) was gone when I uninstalled, but IDLECRAWLER stayed! I google it, found this thread and the suspicious folder.

Following the suspicious folder idea I went to the folder that malwarebytes refers as website blocked:
C\users\myname\AppData\Local\5B24F8AE-37A0-AFE1-7900-000000B100\ ---> AHA!!!! Inside this files:
-chrome-bin (folder)
-data (folder)
-modules (folder)
-msvcp110.dll
- runner.exe
- uninstall.exe <---- I run it aaaaand: "Welcome to Idle crawler uninstall"

and it says: please don't uninstall me I am harmless and I used your unused resources to crawl the web. the reason you are running it is that you installed a sponsor software, blahblah...

hope this helps for future idle crawl removal search!!

p.s. during the uninstall it also removed temp files from ...\AppData\Local\Temp. it was at least 4 gb collected in the 8 days I had chrome installed

 

[VirtualLarry]

Did that malware make IE page-turn "click" sounds in the background, without IE open in the "processes" tab in Task Manager? I seem to have two of those "click" noises shortly after boot on one of my PCs that I don't generally browse on.

I did recently install MSI AfterBurner on that PC. Malwarebytes turns up nothing.

 

[neelakurdinger]

If you have Idle Crawler installed on your PC, it can be removed simply through your Programs and Features located in Control Panel. However Idle Crawler is a useful tool for people who are in the field of SEO and who need the use of tools as such, but I hope that your problem is now solved. Read more about Idle Crawler from their official website.

 

[radeson]

Download and Install "REVO UNINSTALLER" it will search your entire system/subsystem/registry and it has eliminated similar problems and nuisances for me.
It has a freeware version that is pretty thorough already or a premium more advanced pay version..... Good Luck!!!