0

Hi

I am having this problems since around 5-6 days. My computer gets hang, mouse pointer gets lost (invisible), and key strokes work after a lag of 1 sec to 3-4 secs. After a few seconds (say from 3 secs to 10-12 secs), it will automatically get to normal state, like nothing weird has ever happened.

This mostly happens when I am playing AOE II, (Age of Empires TC, a game released in 2000 does not need much resources of computer, runs on 128 RAM). Then this also happens (with lesser frequency) while I use Google Chrome or Firefox. (I seldom use IE).

Also sometimes keyboard will work and I can see mouse pointer but cant move mouse pointer. This has happened only 3 times, and everytime i needed restart to fix it. (the problem above this has occured like atleast 30-40 times)

I downloaded and tried to fix it with CCleaner, though it freed up some space, but did not help me in getting rid of the problem.

Following are the config and settings of my computer.

windows xp pro, version 2002, SP2
computer: Intel P4, 2.40 GHz, 512 MB RAM, Gigabyte mother board, intel chipset 845.
pretty old but this is what I have.

I have uninstalled my antivirus -claimwin or something- 2 days ago, which anyways did not seem to do any work, in attempt to free up the load. So I have no antivirus installed as of now, but I never download trojans or virus from internet or pendrives.( I only use the computer so there is no risk that someone else could download; I use cmd prompt to delete virus from pendrives if any). I have my windows firewalled on, with few exceptions added like AOE, and few port forwarded like 2300-2400 and 47624. I dont know if this could get me in any kind of problems but mentioning just in case.

PS: Computer hanged four times while writing this post (in 10-15 mins). (Opened appication: MS word , Chrome -only this tab- , and google talk).

Please help
Thanks!

1
Contributor
1
Reply
2
Views
7 Years
Discussion Span
Last Post by grvs
0

Hi again...

While writing the above thread.... one thing came to my mind... may be I have virus on my computer (Desktop) as I did not have any other antivirus other than claimwin for last 6 months or so. No internet security software as well.

So i tried to go to kaspersky website and ... i could not open it. Bit defender... same thing.... mcafee same thing... pc celin same thing... I could not open any antivirus websites. Even microsoft website I could not open. So i had some doubt that i had virus. I tried opening these sites from my laptop and there they were opening without any problem (same modem). I checked DNS settings on my computer and laptop, they were different. I changed the dns settings of my computer but that did not help. I was sure there is virus but I was still in dark about whether this virus cause the hang problem or it was something else.
So I checked my hosts.txt file but it was OK. I knew the virus is beyond my scope of knowledge which is actually very less about computers and everything.

I downloaded kaspersky trial version using torrents, but then I couldn't activate even the trial version itself. (Ofcourse anything related to kaspersky was blocked). Then i tried ping, tracert etc for kaspersky.com but they could not resolve the name. Then I asked for IP address of kaspersky from a friend and bang !!! I could open kaspersky website from that IP. But then any link did not work as they change the full address to "karpersky.com/xyz" rather than making it "IP/xyz"

I scanned my comp without activating the antivirus. (there was an option activate later) and it found a virus within 3-4 mins and disinfected it.
The Kaspersky log for this virus was:

12/23/2009 11:25:25 PM Deleted virus Net-Worm.Win32.Kido.ih c:\WINDOWS\system32\vencfsax.dll High
12/23/2009 11:25:25 PM Deleted virus Net-Worm.Win32.Kido.ih c:\WINDOWS\system32\vencfsax.dll//PE_Patch.UPX High
12/23/2009 11:25:25 PM Deleted virus Net-Worm.Win32.Kido.ih c:\WINDOWS\system32\vencfsax.dll//PE_Patch.UPX//UPX High
12/23/2009 11:30:25 PM Deleted virus Net-Worm.Win32.Kido.ih C:\System Volume

And i was able to open all websites again. I activated trial version, updated datasets and scanned whole computer and it found like 100 files were infected from virus above and another virus named "Virus.Win32.Tenga.a". My hang problem was also solved. I have Written the full story as I thought it might help others. Also attached full kaspersky log so that people can know which kind of files get infected by these two virus.

Attachments
Status: Deleted   (events: 9)	
12/23/2009 11:25:25 PM	Deleted	virus Net-Worm.Win32.Kido.ih	c:\WINDOWS\system32\vencfsax.dll	High	
12/23/2009 11:25:25 PM	Deleted	virus Net-Worm.Win32.Kido.ih	c:\WINDOWS\system32\vencfsax.dll//PE_Patch.UPX	High	
12/23/2009 11:25:25 PM	Deleted	virus Net-Worm.Win32.Kido.ih	c:\WINDOWS\system32\vencfsax.dll//PE_Patch.UPX//UPX	High	
12/23/2009 11:30:25 PM	Deleted	virus Net-Worm.Win32.Kido.ih	C:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210067.dll	High	
12/23/2009 11:30:25 PM	Deleted	virus Net-Worm.Win32.Kido.ih	C:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210067.dll//PE_Patch.UPX	High	
12/23/2009 11:30:25 PM	Deleted	virus Net-Worm.Win32.Kido.ih	C:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210067.dll//PE_Patch.UPX//UPX	High	
12/23/2009 11:37:09 PM	Deleted	Trojan program Trojan-GameThief.Win32.OnLineGames.wec	D:\System Volume Information\_restore{1A550279-2A91-4C74-A25A-23BB6ADCA4E1}\RP138\A0039224.inf	High	
12/23/2009 11:41:55 PM	Deleted	Trojan program Trojan-GameThief.Win32.OnLineGames.wec	E:\System Volume Information\_restore{1A550279-2A91-4C74-A25A-23BB6ADCA4E1}\RP138\A0039226.inf	High	
12/23/2009 11:45:30 PM	Deleted	Trojan program Trojan-GameThief.Win32.OnLineGames.wec	F:\System Volume Information\_restore{1A550279-2A91-4C74-A25A-23BB6ADCA4E1}\RP138\A0039228.inf	High	
Status: Disinfected   (events: 94)	
12/24/2009 2:25:47 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\drivers new (gigabyte)\Graphics\Setup.exe	High	
12/24/2009 2:25:56 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\drivers new (gigabyte)\Graphics\Win2000\hkcmd.exe	High	
12/24/2009 2:26:07 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\drivers new (gigabyte)\Graphics\Win2000\igfxcfg.exe	High	
12/24/2009 2:26:15 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\drivers new (gigabyte)\Graphics\Win2000\igfxdiag.exe	High	
12/24/2009 2:26:19 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\drivers new (gigabyte)\Graphics\Win2000\igfxext.exe	High	
12/24/2009 2:26:31 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\drivers new (gigabyte)\Graphics\Win2000\igfxtray.exe	High	
12/24/2009 2:26:33 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\drivers new (gigabyte)\Graphics\Win2000\igfxzoom.exe	High	
12/24/2009 2:26:37 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\drivers new (gigabyte)\video driver update\INFUpdate\infinst_autol.exe	High	
12/24/2009 2:26:43 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\installers in D\proxifierv1.21crackheritage\Proxifier.exe	High	
12/24/2009 2:29:47 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\installers in D\Tally 9.2.1\install.exe	High	
12/24/2009 2:29:49 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\installers in D\Tally 9.2.1\tally72lic9xserver.exe	High	
12/24/2009 2:29:52 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\installers in D\Tally 9.2.1\tally72licserver.exe	High	
12/24/2009 2:30:48 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\installers in D\Tally 9.2.1\tally72migration.exe	High	
12/24/2009 2:30:59 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\Cleanup.exe	High	
12/24/2009 2:31:01 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\CmdAgent.exe	High	
12/24/2009 2:31:05 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\FramePkg.exe	High	
12/24/2009 2:36:01 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\FrameworkPackage.exe	High	
12/24/2009 2:36:06 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\FrameworkService.exe	High	
12/24/2009 2:36:11 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\FrmInst.exe	High	
12/24/2009 2:36:16 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\McScanCheck.exe	High	
12/24/2009 2:36:21 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\McScript.Exe	High	
12/24/2009 2:36:23 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\McTray.exe	High	
12/24/2009 2:36:30 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\naPrdMgr.exe	High	
12/24/2009 2:36:34 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\naPrdMgr64.exe	High	
12/24/2009 2:36:42 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\UdaterUI.exe	High	
12/24/2009 2:36:45 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\agent\WStub32.Exe	High	
12/24/2009 2:36:49 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\Mcafee Virusscan 8.5\ePOPolicyMigration.exe	High	
12/24/2009 2:37:00 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\Mcafee Virusscan 8.5\Setup.exe	High	
12/24/2009 2:37:04 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\Macfee\Mcafee Virusscan 8.5\FramePackage\FramePkg.exe	High	
12/24/2009 3:08:57 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210071.exe	High	
12/24/2009 3:08:58 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210072.exe	High	
12/24/2009 3:08:59 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210073.exe	High	
12/24/2009 3:09:01 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210074.exe	High	
12/24/2009 3:09:00 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210075.exe	High	
12/24/2009 3:09:02 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210076.exe	High	
12/24/2009 3:09:02 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210077.exe	High	
12/24/2009 3:09:04 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210078.exe	High	
12/24/2009 3:09:05 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210079.exe	High	
12/24/2009 3:09:07 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210080.exe	High	
12/24/2009 3:09:05 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210081.exe	High	
12/24/2009 3:09:08 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210082.exe	High	
12/24/2009 3:09:10 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210084.exe	High	
12/24/2009 3:09:11 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210085.exe	High	
12/24/2009 3:09:13 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210086.exe	High	
12/24/2009 3:09:14 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210087.exe	High	
12/24/2009 3:09:17 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210088.exe	High	
12/24/2009 3:09:19 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210089.exe	High	
12/24/2009 3:09:21 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210090.exe	High	
12/24/2009 3:09:24 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210091.Exe	High	
12/24/2009 3:09:26 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210092.exe	High	
12/24/2009 3:09:42 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210083.exe	High	
12/24/2009 3:09:43 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210093.exe	High	
12/24/2009 3:09:47 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210094.exe	High	
12/24/2009 3:09:51 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210095.exe	High	
12/24/2009 3:09:55 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210096.Exe	High	
12/24/2009 3:10:00 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210097.exe	High	
12/24/2009 3:10:02 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210098.exe	High	
12/24/2009 3:10:04 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\System Volume Information\_restore{3E717BE4-5549-4143-99C6-1F04FD3F2314}\RP159\A0210099.exe	High	
12/24/2009 3:11:37 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\AUTOCHK.EXE	High	
12/24/2009 3:11:42 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\AUTOFMT.EXE	High	
12/24/2009 3:14:57 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\EXPAND.EXE	High	
12/24/2009 3:14:58 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\FAXPATCH.EXE	High	
12/24/2009 3:18:49 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\NETSETUP.EXE	High	
12/24/2009 3:19:02 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\NTSD.EXE	High	
12/24/2009 3:19:53 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\REGEDIT.EXE	High	
12/24/2009 3:20:39 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\SPNPINST.EXE	High	
12/24/2009 3:21:00 AM	Disinfected	virus Virus.Win32.Tenga.a	D:\WINXP\I386\SYSPARSE.EXE	High	
12/24/2009 3:21:05 AM	D
This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.