Computer wakes itself up from standby.

Dell Dimension 4600 with XP Home Edition SP2.

When I tell the computer to standby, it does, but it after two seconds, it wakes itself back up. (When I tell it to hibernate, it does so, but wakes back up immediately).

Googling suggested it might have to do with the network card's wake-on-LAN setting. It's an Intel PRO/100 VE card. In the Device Manager, I changed "Wake on Settings" from "Wake on Magic & Directed" to "Disabled." All that did was extend the standby period to about six seconds before it woke up. Under the card's Power Management tab, "Allow this device to bring the computer out of standby" was already unchecked. In fact, it's grayed out so I can't check it.

What else might the problem be?

 

Have you tried to set this in the BIOS ?
There is usually an area that deals with that.

As an aside,I had this happening to me a while ago.
In my case it was due to vibration,either from construction nearby
or a heavy truck driving by.
Even thunder would bring it out of standby.
I must have a very light touch keyboard,because touching a key
normally brings it back up.

Pete.

 

I'm sure it's not due to physically jostling the keyboard, since a keypress wouldn't wake it up from hibernation.

Dimension 4600i, BIOS revision A12.
Under Power Management, I changed Low Power Mode from disabled to enabled. But upon rebooting Windows, it still wouldn't stay in standby. Is the BIOS's low power mode even the same thing as Windows's standby?

The other options under Power Management are to change Suspend Mode from S3 to S1, or change AC Power Recovery from Off to On or Last.

But I wasn't going to fiddle with those last two options until I knew what they meant.

 

scan for virus, spyware, do the rounds in Safe Mode and see what comes up. and possibly post a HJT log? sorry if this doesnt help, just throwing out suggestions.

 

True enough for Hibernation,since that requires the powerbutton on the computer to bring it back,
but for Standby, both- a key press or a mouse jiggle ,
will bring it out of Standby again.
(That's where my vibration issue came in)

Here's a link that I saved,it's kind of old,but seems to be as relevant today,
as it was then.
However these days,the BIOS seems to have only 2 power states, S1 and S3
http://www.informationweek.com/story/IWK20020927S0028

I would say it is.If this is disabled,the computer can't assume a low power state,as is required for Standby and Hibernation.
BTW,in the BIOS, is ACPI set to enabled?

Sometimes the wrong video drivers interfere with these functions.
Updating them may help.
Also other hardware (drivers) may interfere, as do some programs.
Do you have WIFI on the machine?

 

"Sometimes the wrong video drivers interfere with these functions.
Updating them may help. "
Got the latest drivers from Nvidia's website today. Thanks for the tip, I probably should have done that regardless.

It's funny. I was so busy fussing around with spyware scans yesterday that I didn't even try putting the computer in Standby. I tried it just now, expecting it to bounce right back, but it stayed asleep! I went downstairs for five minutes to fix a snack, and it slept the whole time. I'll try it again tonight and see if it sleeps until morning. Updating Nvidia drivers and downloading several new spyware scanners are the only changes I've made, so one of those must have been the culprit.

But I'm still not free of malware. AVG found no viruses. I had complacently thought that SpyBot S&D was enough spyware protection, but SpyHunter 2.9 found Trojan.Vundo and Virtumonde (the free SpyHunter would not fix them). I found two threat-specific removal tools from Symantec's website, which did not work. Windows Defender found Virtumonde, removed it, and now claims my system is clean. Ad-Aware found nothing but a couple of MRUs.

Then I tried the instructions from http://www.bleepingcomputer.com/forums/topic18610.html.

VundoFix finds Vundo in c:\Windows\system32\pjvhgeun.dll, removes it, reboots. But on a new scan, Vundo is still there. VirtumundoBegone running in Safe Mode doesn't find anything. VundoFix only detects Vundo in regular mode, not Safe mode. Spybot finds nothing in regular mode, but detects and removes Virtumonde in Safe Mode. Then it claimed SpyHunter 2.9 was spyware, so it set itself to run on the next boot before anything else had loaded and removed SpyHunter. I don't know what to think of that.

Ever since I logged on, SpyBot Resident has been continually denying the same three attempts to alter the registry:ITBar7Layout (category User-specific browser toolbar; ddccbbb (category Winlogon Notifiers); and {2318C2B1-4965-11D4-9B18-009027ASCD4F} (category Global browser toolbar). I click Deny and Remember this Decision, but it just keeps trying to make the changes. My whole screen has been filled with the notifications from SpyBoy Resident for the last hour. It might be comical if it weren't trying to mess up my system.

I have the most recent version of Java.

The file C:\WINDOWS\system32\pjvhgeun.dll is not visible in Explorer, even when it's set to show all hidden and protected files. KillBox also claims it doesn't exist.

Here is an HJT log:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:26:43 PM, on 9/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C193FB1-EB43-4837-9C17-6DA24F95ECC2} - (no file)
O2 - BHO: (no name) - {0CE37BD2-3565-4F62-8190-5722EB307CE6} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} -

C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {513AC22F-EF3C-4D3C-86F7-16208F300F63} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {C3178C97-FE42-4A9F-8574-C9BF97524A17} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe "
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe "
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\pjvhgeun.dll ",setvm
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network

Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} -

C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7209 bytes

 

Also, when I run StartupList, it shows

Registry 'Run' Keys -> System Run ->
2chkdsk = rundll32.exe "c:\windows\system32\pjvhgeun.dll ",setvm

What do I do from here, simply delete this entry from the Registry?

I uncheck rundll32.exe "c:\windows\system32\pjvhgeun.dll ",setvm from Startup in msconfig, and it just turns itself right back on.