Endpoint Protection

I would like to know how you handle a case where no matter what you do, the malware will block whatever it is you are attempting to run. For example, I am suspicious of a bad file and I want to run NPE.EXE, but the Malware won't let me, it will block it and put up its own junk about paying for it or asking me "if I want to remain unprotected" Same thing with Malwarebytes, I attempt to run it, but the Malware blocks that process, pretty much anything that has a .exe process is cancelled out. The last time I had something like this I was fortunate, I was able to go into safe mode with networking, and run the clean up programs, BUT since it was in safe mode, the program was HUGE and for the moment, I was unable to resize or even see what I was doing due to the large size of the program. I must have hit the right button, because I was able to do the cleanup.

In this situation how would you handle this?

Rename NPE.exe to a cruicial Windows process such as explorer.exe or lsass.exe and run again. Some times malware notes this and won't kill what it thinks is a valid Windows name.

Also, you can just try moving the malicious window aside and see if it actually tried to kill the process you want to run.

or my personal favorite

svchost.exe

:-)

Yup, that *may* work

You can try winlogon.exe as well

Safe mode works fine as well :)

True, but I just hate it so much.