Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Anti-malware/spyware/etc hijacking malware removal?

Sep 17, 2015 3:21AM PDT

Hi,

So as it happens I somehow managed to contact an exceptionally annoying malware that seems to block the running of any anti-malware executables, regedit, or any conventional means of removal, even in safe mode, with most services turned off in msconfig. On startup it also opens the website "gangnamgaming.net", but doesn't seem to affect the computer in any other ways than these.

In general, I use Malwarebytes to scan for threats, but - as mentioned above - the current threat doesn't even allow starting up such a software (neither CCleaner). Also, I'm using Avast Antivirus, which - as usual - didn't find any threats, not even with multiple deep scans.

Do you have any tips on how to remove such a malware, or at least how to find out what exactly it is?

Thanks in advance,
Ben

Discussion is locked

- Collapse -
Answer
UPDATE 1
Sep 17, 2015 3:37AM PDT

Dug deeper, and found out the following:
Renaming the .exe of the programs in question allows them to be executed, but they cannot find a single threat in the system, while the problem still exists.

- Collapse -
Answer
Run an emergency kit portable malware cleaner
Sep 17, 2015 4:14AM PDT

Pity to hear that you got that one. Looks lie your real-time protection failed and it may eventually crush your operating system. The first thing that I would do is test whether the ability to install any software seems to be gone forever trying to install a piece if software. This would give an idea of how bad it is.

Then I'd go and try to run an emergency kit portable malware cleaner. I'm more than happy with the kit that I have and it happened to cure me when I got infected a while ago. Since it's portable the emergency kit does not need to be installed. It can be run straight from a USB flash drive, a CD/DVD, local or network attached hard drive. There's high chance your malware will let it run. Else it has a Commandline Scanner if you know how to use it.

One last thing - remember to update its database after you open it before you run the check. Good luck!

- Collapse -
Answer
Please Try This...
Sep 21, 2015 10:21AM PDT