Peculiar Windows XP bug

Status
Not open for further replies.
C

Cool Joe

The Black Waltz
Sometimes, when I switch on my PC, I notice that refreshing it takes longer than normal. When I move windows around, they don't move smoothly. And I also noticed that the stand- by option gets grayed out. This happens only SOMETIMES. I did a full system scan with Kaspersky AV (updated), but it found nothing. Is this a bug in Windows or is it the work of something malicious? Should I post a hijack this log here?
 
iMav

iMav

The Devil's Advocate
Your system is getting strained. A background process that starts causes a system slow down.
 
OP
C

Cool Joe

The Black Waltz
My sys config-

AMD Athlon 64 3000+
1.81 GHz
512 MB RAM
NVIDIA geforce 6600 GT

I m running Windows XP Pro with SP 2.

HT log file-

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:58:59 PM, on 7/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
D:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = *go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = *go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = *go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = *go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: Shell=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5EDA658E-48C7-4D2E-8D31-C7942A6584AE}: NameServer = 218.248.240.23,218.248.240.135
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A82094C-3C97-435C-B1CB-488597FC4CD2}: NameServer = 218.248.255.146 218.248.255.139
O17 - HKLM\System\CS1\Services\Tcpip\..\{5EDA658E-48C7-4D2E-8D31-C7942A6584AE}: NameServer = 218.248.240.23,218.248.240.135
O17 - HKLM\System\CS2\Services\Tcpip\..\{5EDA658E-48C7-4D2E-8D31-C7942A6584AE}: NameServer = 218.248.240.23,218.248.240.135
O20 - AppInit_DLLs:
O20 - Winlogon Notify: gebayxw - gebayxw.dll (file missing)
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 1: (no name) - C:\Documents and Settings\shishir\Desktop\wall.html

--
End of file - 4378 bytes
Click to expand...
 
rhitwick

rhitwick

Democracy is a myth
Buddy u use KAV...........n its a resource hog.............I use it and I know..............every second it scans ur files, any action happening in ur OS........
every action u execute are scanned by it...............so it takes a bit time..........n in ur PC config it takes a bit more...................the behavior is good..........protective but sometimes frustrating...................:(
 
OP
C

Cool Joe

The Black Waltz
but that doesn't explain the prob completely. like i said b4, it happens only sometimes. and how can that explain the stand by option gettin grayed out? i m still not convinced.
 
iMav

iMav

The Devil's Advocate
Is only Stand By not working or Hibernate isn't either? If Hibernate isn't there too, then you need to update the graphics drivers. Another possibility is the ACPI functions of the mobo. This post will help you that:

*www.tnpcnewsletter.com/discuss/index.cgi?noframes;read=18919
 
Status
Not open for further replies.
Top Bottom