0
1
For a while now, I have this weird malware program on my computer which keeps reinstalling itself every once in awhile. It shows up in the installed programs list as Shell&ServicesEngine 3.0.3
. It causes various problems on my computer such as hiding the buttons bar on StackExchange sites, blocking some applications from accessing the Internet and it also sometimes closes my Google Chrome. The later it might try to steal my passwords since it's required to close the browser before reading the passwords file. Due to Google's weak security, it's possible to retrieve the passwords programmatically on the same machine.
It can be uninstalled manually but surprise, it doesn't stay that way and keeps coming back. I already installed AVAST!, Avira and ran MalwareBytes but they didn't succeed in removing or detecting the malware. On the Internet I also didn't find anything useful regarding this junk application. What should I try to get rid of it? Just the weird problems and this weird application visible under Control Panel\Programs\Programs and Features
are a clear indication that something isn't right.
I think I figured out the location of the application:
C:\Windows\Shell&ServicesEngine_09122015182218
Also its task name is NetworkAnalyserService
. It also ran another process called Netman
. After terminating both, the issues causes are temporarily gone (the buttons bar for example loads again).
your Chrome password link is 2 years old and the problem was remedied – schroeder – 2015-12-09T17:49:32.270
2Unfortunately, we aren't tech support or a virus removal forum. I'm not sure who to direct you to. – schroeder – 2015-12-09T17:50:33.060
Are you sure that there is malware? This could al be explained by a faulty network driver. – schroeder – 2015-12-09T17:53:09.727
@schroeder: It comes with an uninstaller but odd enough but when I do uninstall it, it comes back later and only causes problems. This behavior is very virus-like. Serious programs shouldn't resist from being uninstalled. The Chrome issue still exists, external applications can view the passwords in Chrome. Check out ChromePass to see what I mean. – BullyWiiPlaza – 2015-12-09T17:56:57.567
The problem described in the link is no longer relevant, I did not say that there were no issues. Regardless, this is not the right forum for this question. – schroeder – 2015-12-09T18:04:53.180
1
Possible duplicate of How do I deal with a compromised server?
– None – 2015-12-10T07:17:05.517