Virus Prevents Programs From Running

11,330 pts.
Tags:
Antivirus
malware
Viruses
Windows XP
Recently I got a bunch of viruses on my laptop. After removing most of them, I have encountered a serious problem: When I click on a program to run it, Kaspersky Anti-Virus, for example, a dialog box pops up and asks what I would like to run this with. It's an executable, it should run by itself. When I attempt to browse ANYTHING on the system...opening My Computer or Windows Explorer, I get another fake message "Attention computer name you are at risk blah blah blah" and IE opens (of course I have my internet turned off). Then the system freezes up and everything disappears except for my desktop picture. Of course Task Manager pops up when I hit ctrl+shift+esc, but as I mentioned if I try to run a new process it asks me what I should open it with.
ASKED: July 15, 2008  10:10 PM
UPDATED: January 30, 2012  8:31 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

You still have virus issues and until they are resolved you are going to continue to have issues. You admitted you had removed most, not all of the viruses. Either run additional virus programs to completely remove and repair all remains of all viruses, or you are facing a format reinstall of the OS. Backup data immediately and run virus scans agains the backups to ensure you aren’t backing up any viruses as well.

*******************************************
I think you have to look into the rule settings for your antivirus defined in your machine. Try disabling it for a while and then running the program you want to run, it should not ask for – “what you would like to run this with”! If it works then it means the antivirus is conflicting with all application you try on your PC.

Is your antivirus the latest version, getting updated regularly?

Other option is change your antivirus.

============
It is really possible that viruses could modify the way your program executes. That is why it is very important to perform regular system scans to make sure that the computer is safe from these viruses.

Discuss This Question: 9  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Schmidtw
    I appreciate your feedback, but it doesn't answer my question at all. I am familiar with what viruses do, I am familiar with the need to backup and run security utilities. As I mentioned in my question I CAN'T RUN ANYTHING! That is the problem. I know I need to run my anti-virus but I can't, that is the problem.
    11,330 pointsBadges:
    report
  • Schmidtw
    I found away around this. When I get to the file or the icon, I am right clicking and selecting Run As.... This has been working but is definitely not a solution I am content with. I have been able to run my anti-virus. I had to manually delete a file that Kaspersky told me I could not delete by using the command prompt because it is not visible in the folder (and yes the folder shows other hidden files). Does anyone know if there is a way for me to download an original "ctfmon.exe" that ISN'T infected with virus or corrupted?
    11,330 pointsBadges:
    report
  • Robert Stewart
    It sounds like you have a nasty virus. As far as downloading an original .exe that does not contain a virus I dont know if this is possible, you can check this link to a MS Knowledge Base on cfmon.exe http://support.microsoft.com/kb/282599 I believe this gets installed with the Office products and it runs individually for each office product that is installed on the computer. I think you probably should be able to uninstall the Office suite and then reinstall it. If cftmon.exe is the culprit maybe uninstalling Office will make this exe unavailable for the virus to use, not sure if this will be the case or not, as you stated "I am familiar with what viruses do", the virus might right to a different file if no office suite is available. I have never trusted any AV to completely remove a virus, if a machine is infected in our network there is no question it will be reformatted without exception prior to it connecting to our network again. Good luck and I hope this helps you out.
    1,810 pointsBadges:
    report
  • Schmidtw
    Uninstalling Microsoft Office Suite is not something I want to do, but will do if necessary. I am fairly certain that ctfmon.exe is the corrupted file that is being used to propagate other virus keys, programs, and files, but at the same time, I wonder if this can be true because I did previously delete the file using cmd, del C:\Documents and Settings\schmidtw\ctfmon.exe. I had to do it that way because it doesn't appear in that directory (even Kaspersky said it didn't exist their) but when I attempted del C:\Documents and Settings\schmidtw\ctfmon.exe a second time, cmd reported File Not Found indicated that it was in fact there and was in fact deleted. I want to know how to get to the bottom of this so that once I delete this problem, it doesn't return. Currently these are the tools I am using in conjunction to combat my problem: Wise Registry Cleaner CCleaner Spybot Search and Destroy Kaspersky Antivirus 7.x(?)
    11,330 pointsBadges:
    report
  • Schmidtw
    This was just crossing my mind as I was rereading the content: At this point, I am getting pretty sick of the virus situation and am strongly considering reimaging. With this in mind, I want to back up my computer. I also do NOT want to connect my external drive and have the data on that corrupted. What are the best procedures for backing up and making sure data is not infected?
    11,330 pointsBadges:
    report
  • Pressler2904
    Before you re-image, try running "Detect and repair" from within MS Office (if you have not already done so). If that has or does not work, I would back up your data (more on that later) and delete your profile on the system. My reasoning is that if you can perform a "run as" using alternate credentials, the OS itself may not be "broken", but your profile/account may indeed be (hey, it's worth a shot). If this does not work, it's time to re-image (and as discussed above, you probably want to skip right to this step because of the virus infection). First, boot from an external live CD source, such as a Knoppix CD, ERD Commander or the Ultimate Boot CD (either the Linux or Windows versions) and copy your data to a different location (CD-ROM - burning software is included with UBCD; network; flash drive; external drive). NOTE: if you data is infected, be sure to have some sort of A/V software running BEFORE the copy process starts. Start your system from your install source, perform a full format (do not choose a quick format or to leave the existing file system intact) and reinstall. Rebuild your system, and prior to transferring you backed up data to your new system, make sure you have A/V and firewall software (and anti-spyware) software installed.
    2,190 pointsBadges:
    report
  • Schmidtw
    Thanks for the info. At this point, I'm pretty sure that the re-image is the best and safest solution. Thanks again.
    11,330 pointsBadges:
    report
  • Schmidtw
    I have kaspersky...which is pretty much the best anti-virus I have ever tested and or used. I am more ingterested in knowing what changes were made to prevent me running a program. Why would double clicking a program pop up with "Open With...". It simply does not make sense to me.
    11,330 pointsBadges:
    report
  • Robert Stewart
    It could still possibly be the virus that is asking you to give the application some admin rights. When asked for "Run As", this is implying the user you are signed into does not have rights to run exe's, viruses can trap you by you submitting your admin userid and password, and then the virus has admin rights to your pc and all the access to system files. We have had a virus on our network before that manipulated Norton in a very similiar way, it was a keylogger. You might try uninstalling and reinstalling the offending application, but again I would image the machine. Hope this helps you out.
    1,810 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following