Virus that causes lockups.

Ok to be fair I don't think I have a virus but...

Here's the situation.

If I don't touch this machine it will lock up about every half hour. If I am using the machine it may lock up, it may not. Yesterday I was able to go about 4 hours without a lockup. At the time I was posting in forums. Doing webdesign and listening to internet broadcast music. This machine also runs a web server, email server DNS server with 15 websites. PHP Mysql, cold Fusion. Oh it's on Win2k pro with AVG, Spyware Doctor and Adaware.

Things that have happened in the past. (previous lockups)
Previous locks ups were associated first
my sound card - replaced lock ups went away.
CPU Thermal - Replaced the CPU fan lock ups went away for awhile CPU heat stayed down for a bit, but seemed to creep back up, Now I have the side of the case off with a 7" fan blowing in Temps seem to be fine.

I have removed as many running processes as possible to see if it resolves the problem to no avail.

It doesn't appear to be a memory thing. I'm not getting hit with excessive network traffic.

I can run AVG, Spyware Doctor, Adaware, I've run online Anti-viruses and haven't detected a thing.

So I am down to this, I monitor the CPU with Task Manager. (you know the graph monitor). I will see CPU activity especially when I have a webpage open (I'll try to get a screen capture) then the activity will drop off to almost nothing then the system will lock up.

If it's not a virus then my guess is the CPU is about to die.

If this is a virus my quess it's something that hasn't been discovered yet. There for how would I pin it down? Has anyone seen a virus that will cause lockups about every half hour?

Locked up just after I posted and captured this window.



The window in the top right is monitoring my bandwidth. the Motherboard Monitor windows wouldn't capture but temps were all under 100 deg F. Voltages were normal and fan speed was constant.

hello,

you description and the results of various scans you have run indicate that you do not have a virus or malware. To be on the safe side, please download a freely available tool called hijackthis from here
http://www.majorgeeks.com/download3155.html
unzip it to a permanent location, scan and post the log here. well take a look at it, and let you know if you have any traces of malware.

you seem to be a reasonably proficient user, so i would suggest you get hold of a free tool called ProcessExplorer from here
http://www.sysinternals.com/Utiliti...ssExplorer.html
This will allow you to keep a much closer eye on what processes are running on your system, and what files and dll they are using, and exactly what resources have been used etc...This sort of like an advanced Taskmanger. It will help you diagnose your system state.
Cheers

Will do between reboots.

See attachment.

i'm posting the log you attached for others to be able to go through as well. Its just easier that way

Logfile of HijackThis v1.99.1
Scan saved at 1:44:47 PM, on 06/08/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WIN2K\System32\smss.exe
E:\WIN2K\system32\winlogon.exe
E:\WIN2K\system32\services.exe
E:\WIN2K\system32\lsass.exe
D:\Program Files\Softex\OmniPass\Omniserv.exe
E:\WIN2K\system32\svchost.exe
E:\WIN2K\system32\spoolsv.exe
E:\WIN2K\system32\msdtc.exe
F:\1STCLA~1\inetmail.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
F:\CFUSION\bin\cfserver.exe
D:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
F:\CFUSION\bin\cfexec.exe
F:\CFUSION\bin\CFRDSService.exe
F:\Deerfield.com\DNS2Go\DNS2GoClient.exe
F:\dnsserv\DNSerSvc.exe
D:\WIN2K\System32\svchost.exe
E:\WIN2K\System32\kwService.exe
E:\WIN2K\System32\svchost.exe
F:\mysql\bin\mysqld-nt.exe
E:\WIN2K\system32\regsvc.exe
E:\WIN2K\system32\RioMSC.exe
E:\WIN2K\system32\R_SERVER.EXE
E:\WIN2K\system32\MSTask.exe
e:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
E:\WIN2K\System32\tcpsvcs.exe
E:\WIN2K\system32\stisvc.exe
E:\WIN2K\System32\WBEM\WinMgmt.exe
E:\WIN2K\System32\mspmspsv.exe
E:\WIN2K\system32\svchost.exe
E:\SHELLO~1\ShellON.exe
D:\Program Files\z2 Remote2PC\R2PCServ.exe
D:\WIN2K\explorer.exe
E:\WIN2K\system32\inetsrv\inetinfo.exe
E:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe
E:\WIN2K\System32\hphmon03.exe
E:\program files\KMaestro\KMaestro.exe
E:\WIN2K\System32\ndmonNT.exe
E:\Program Files\Simple DNS Plus\sdnsmain.exe
D:\Program Files\Common Files\XCPCMenu.exe
E:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe
E:\WIN2K\Mixer.exe
D:\Program Files\z2 Remote2PC\R2PCSH.exe
D:\Program Files\Motherboard Monitor 5\MBM5.EXE
E:\WIN2K\autorunusb.exe
D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
E:\Program Files\Simple DNS Plus\sdnsgui.exe
D:\Program Files\Vonage\Vonage Click-2-Call\click2call.exe
E:\Program Files\Sprint & FineReader 5.0 Office Try&Buy\Sprint\CAgent.exe
D:\Program Files\Softex\OmniPass\scureapp.exe
E:\WIN2K\system32\spool\drivers\w32x86\3\hpztsb04.exe
E:\Microsoft Programs\System\reminder.exe
E:\WIN2K\Plaxo\2.1.0.80\InstallStub.exe
D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
E:\Program Files\Cresotech PocketLANce\lancemon.exe
E:\PROGRA~1\CLIPBO~1\CLIPBO~1.EXE
E:\Program Files\Spyware Doctor\swdoctor.exe
D:\Program Files\G-Lock Software\G-Lock SpamCombat\gsc.exe
E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
E:\WIN2K\system32\ntvdm.exe
D:\Program Files\Common Files\efax\HotTray.exe
E:\WIN2K\System32\HPHipm09.exe
D:\Program Files\Common Files\efax\Dllcmd32.exe
D:\Program Files\Military.com\Hub.exe
D:\Program Files\Adaptec\USBControl\Ausbctrl.exe
E:\VstaScan\VsAccess.exe
E:\Program Files\ClipMate5\ClipMt53.exe
E:\Documents and Settings\Ron Ackerman\Desktop\netgraph\NetGraph.exe
E:\Program Files\POP Peeper\POPPeeper.exe
E:\Program Files\Radmin Viewer 3.0\radmin.exe
F:\Serv-U\SERV-U32.EXE
D:\Program Files\Common Files\Skyscape\smARTupdate.exe
E:\Program Files\Trillian\trillian.exe
E:\webcam2000\WebCam2000.exe
F:\wincron\WinCron.exe
F:\mysql\bin\winmysqladmin.exe
D:\WIN2K\explorer.exe
C:\DownLoad\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isdsc.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.search-explorer.net/search_page.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = E:\WIN2K\about.htm
F2 - REG:system.ini: Shell=E:\SHELLO~1\ShellON.exe
F2 - REG:system.ini: UserInit=D:\WIN2K\system32\userinit.exe,
N2 - Netscape 6: user_pref("browser.startup.homepage", "http://www.usaiway.net/"); (E:\Documents and Settings\Ron Ackerman\Application Data\Mozilla\Profiles\default\4fio1c4j.slt\prefs.js)
N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://E%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5Csearchplugins%5CSBWeb_01.src"); (E:\Documents and Settings\Ron Ackerman\Application Data\Mozilla\Profiles\default\4fio1c4j.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - E:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Military.com Toolbar Helper - {7D5FBE1D-F012-4f2a-8A1C-42E1037972B7} - E:\Documents and Settings\All Users\Application Data\Military.com\Helper.6.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - E:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - D:\Program Files\CoreStreet\SpoofStick\SpoofStickBHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WIN2K\System32\msdxm.ocx
O3 - Toolbar: (no name) - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - (no file)
O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - D:\Program Files\CoreStreet\SpoofStick\SpoofStick.dll
O3 - Toolbar: Military.com Toolbar - {1685C500-A1A8-4b18-91DD-B79D39A8A532} - E:\Documents and Settings\All Users\Application Data\Military.com\Toolbar.6.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [hpfsched] D:\d drive\WIN2K\hpfsched.exe
O4 - HKLM\..\Run: [Simple DNS Plus] E:\Program Files\Simple DNS Plus\sdnsplus.exe -s
O4 - HKLM\..\Run: [Pop-Up Stopper] "E:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"
O4 - HKLM\..\Run: [HPHmon03] E:\WIN2K\System32\hphmon03.exe
O4 - HKLM\..\Run: [KeyMaestro] e:\program files\KMaestro\KMaestro.exe
O4 - HKLM\..\Run: [Drive Monitoring Agent] E:\WIN2K\System32\ndmonNT.exe
O4 - HKLM\..\Run: [PDAsync - PocketPC] D:\Program Files\Common Files\XCPCSync\Translators\PocketPC\AutoDetect.exe
O4 - HKLM\..\Run: [PDAsync] D:\Program Files\Common Files\XCPCMenu.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Ma72Pan] Ma72Pan.Exe
O4 - HKLM\..\Run: [C-Media Echo Control] D:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [POPIt Mail Notifier PLUS!] E:\PROGRA~1\PRODUC~1\POPITM~1\POPIt.exe
O4 - HKLM\..\Run: [z2 R2PC Server Helper] "D:\Program Files\z2 Remote2PC\R2PCSH.exe"
O4 - HKLM\..\Run: [MBM 5] "D:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [WebServUSB] E:\WIN2K\autorunusb.exe
O4 - HKLM\..\Run: [xitami] S:\xigui32.exe
O4 - HKLM\..\Run: [ISUSPM Startup] D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [Vonage] D:\Program Files\Vonage\Vonage Click-2-Call\click2call.exe
O4 - HKLM\..\Run: [ABBYY Community Agent] E:\Program Files\Sprint & FineReader 5.0 Office Try&Buy\Sprint\CAgent.exe
O4 - HKLM\..\Run: [OmniPass] D:\Program Files\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] E:\WIN2K\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKCU\..\Run: [Reminder] E:\Microsoft Programs\System\reminder.exe
O4 - HKCU\..\Run: [PlaxoUpdate] E:\WIN2K\Plaxo\2.1.0.80\InstallStub.exe -a
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [lancemon] e:\Program Files\Cresotech PocketLANce\lancemon.lnk
O4 - HKCU\..\Run: [Clipboard Buddy] E:\PROGRA~1\CLIPBO~1\CLIPBO~1.EXE
O4 - HKCU\..\Run: [Spyware Doctor] "E:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [G-Lock SpamCombat] D:\Program Files\G-Lock Software\G-Lock SpamCombat\gsc.exe
O4 - Startup: ClipMate5.lnk = E:\Program Files\ClipMate5\ClipMt53.exe
O4 - Startup: NetGraph.exe.lnk = E:\Documents and Settings\Ron Ackerman\Desktop\netgraph\NetGraph.exe
O4 - Startup: POP Peeper.lnk = E:\Program Files\POP Peeper\POPPeeper.exe
O4 - Startup: Radmin Viewer 3.0.lnk = E:\Program Files\Radmin Viewer 3.0\radmin.exe
O4 - Startup: Shortcut to SERV-U32.EXE.lnk = F:\Serv-U\SERV-U32.EXE
O4 - Startup: Skyscape smARTupdate.lnk = D:\Program Files\Common Files\Skyscape\smARTupdate.exe
O4 - Startup: Trillian.lnk = E:\Program Files\Trillian\trillian.exe
O4 - Startup: WebCam2000.exe.lnk = E:\webcam2000\WebCam2000.exe
O4 - Startup: WinCron.exe.lnk = F:\wincron\WinCron.exe
O4 - Startup: WinMySQLadmin.lnk = F:\mysql\bin\winmysqladmin.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EasyPhoto Watch.lnk = E:\WIN2K\TWAIN\PHOTO\EZPWATCH.EXE
O4 - Global Startup: j2 Tray Menu.lnk = D:\Program Files\Common Files\efax\HotTray.exe
O4 - Global Startup: Live Menu.lnk = D:\Program Files\Common Files\efax\Dllcmd32.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Military.com Launcher.lnk = D:\Program Files\Military.com\Hub.exe
O4 - Global Startup: USBControl.lnk = D:\Program Files\Adaptec\USBControl\Ausbctrl.exe
O4 - Global Startup: VistaAccess.lnk = E:\VstaScan\VsAccess.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - E:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - E:\PROGRA~1\ICQ2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - E:\PROGRA~1\ICQ2\ICQ.exe
O9 - Extra button: AOL Instant Messenger (SM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\Program Files\AIM95\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WIN2K\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WIN2K\web\related.htm
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.truedoc.com/activex/tdserver.cab
O16 - DPF: {02BED220-FBC7-4392-93A2-3A50B056F78E} - http://down.plaxo.com/down/release/instub.cab
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.northeastmedical.org/CFIDE/classes/CFJava.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {0FF3E97F-433D-11D2-B31A-00A0C9B135DB} (CoDetectDigitalRiver Class) - http://ebot.digitalriver.com/v2.0-doc/dlwizard/wizard3.0.4.1.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://cs6.chat.sc5.yahoo.com/v43/yacscom.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.info.com.ph/~philbert/cult.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} (RdxIE Class) - http://207.188.7.150/15f3a8011a607594be00/netzip/RdxIE.cab
O16 - DPF: {466FE5FE-9B04-4BD8-9993-C4FBDAEB7122} (JMWiseCam Control) - http://max.tzo.com/JMWiseCam.cab
O16 - DPF: {49DB1B20-4E35-4E2E-8C6F-765E238865D6} - http://militaryclient.tickle.com/download/client/Install%20Air%20Force%20Toolbar.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
O16 - DPF: {4EABBB94-847F-45CB-8C70-99AE8E88635A} (WebClient Control) - http://webcam.ilinksurveillance.com/WebCamX.cab
O16 - DPF: {50F65670-1729-11D2-A51F-0020AFE5D502} (ForumChat) - http://objects.compuserve.com/chat/RTCChat.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/178ac98e88a7f66ac701/netzip/RdxIE601.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {75565ED2-1560-4F15-B841-20358DE6A0D1} (ImageControl Class) - http://content.ancestry.com/asfiles/files/install/MFImgVwr.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://images.myfamily.net/isfiles/downloads/MrSIDI.cab
O16 - DPF: {8DAE7A62-4632-4691-805C-0338A5F26F9D} (Spam Arrest Email Configurator Download) - https://spamarrest.com/xcarab/10013/saclient.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://67.92.118.163/activex/AxisCamControl.cab
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com/broadcast/ActiveXWebCam.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
O16 - DPF: {D6016EE7-A8FF-11D1-B37E-A4759ECD7909} (AxPulse Class) - http://www.pulse3d.com/players/english/PulsePlayerAxWin.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://liveca06.custhelp.com/6006-b266h/rnl/java/RntX.cab
O16 - DPF: {E87A4CD6-BA5F-4552-BC4F-8EC240A2755C} (WebRecClient Control) - http://www.adome.net/dvrdemo2/webrec.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/zd/kdx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{52D8A8CB-EEAB-4419-80ED-944AE46F1BD1}: NameServer = 192.168.1.2,205.152.37.254
O20 - Winlogon Notify: MCPClient - D:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O23 - Service: 1st Class Mail Server (1cms) - Unknown owner - F:\1STCLA~1\\inetmail.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Cold Fusion Application Server - Allaire - F:\CFUSION\bin\cfserver.exe
O23 - Service: Cold Fusion Executive - Allaire - F:\CFUSION\bin\cfexec.exe
O23 - Service: Cold Fusion RDS - Allaire Corporation - F:\CFUSION\bin\CFRDSService.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - E:\WIN2K\System32\dmadmin.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - F:\Deerfield.com\DNS2Go\DNS2GoClient.exe
O23 - Service: Dynamic DNS Updater (DNSerSvc) - Access, Slovenia - F:\dnsserv\DNSerSvc.exe
O23 - Service: Printer Status Server (hpzstatn) - Unknown owner - D:\WIN2K\System32\spool\drivers\w32x86\hpzstatn.exe (file missing)
O23 - Service: INPro Service (INProService) - Unknown owner - E:\WIN2K\System32\kwService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LISTSERV (primary instance) (LISTSERV) - Unknown owner - F:\listserv\MAIN\LSV.EXE
O23 - Service: MySql - Unknown owner - F:/mysql/bin/mysqld-nt.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - D:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver - HP - E:\WIN2K\System32\HPHipm09.exe
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - E:\WIN2K\system32\RioMSC.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - E:\WIN2K\system32\R_SERVER.EXE" /service (file missing)
O23 - Service: ScsiAccess - Unknown owner - e:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
O23 - Service: Xitami Web Server (Xitami) - Unknown owner - f:\Xitami\xisrv32.exe
O23 - Service: z2 Remote2PC Server (z2 R2PC Server) - Unknown owner - D:\Program Files\z2 Remote2PC\R2PCServ.exe" -service (file missing)

will go over your log as best i can and post later.. cheers

After view the hijackthis file and watching the Systernals processExplorer at the time of lock up. I am convienced that it's not a software problem and not a virus. So I plan to go out and purchase a new Processor. I think that maybe my past problems with heat have done damage to the processor.

I glanced through your log.. there does not seem anything that is of concern in there.
keep checking the thread to see if some one else picks up something i have missed.

Goodluck with your solution I will close this thread after a few days if there are no updates or new posts... pm me if you need it re-opened after that, for any reason. Cheers

Ok thanks for all your help and the links to the great tools.

You may close this thread, turns out I changed out the Motherboard and Processor (memory too). New motherboard had onboard sound and ethernet. Problem is resolved and I can safely say that it was probably bad processor.

It also gave me a chance to upgrade to XP, Upgrade mySQL and a few other programs including MS Office 2003.

New set up is AMD Sempron 2800 on a uGURU motherboard, 1gb of fsb400 memory. It's much faster than before.

Thanks for all your assistance.
Ron