Early in the day I performed a backup using System Restore and ran CCleaner on temp file locations. Nothing was done to the registry or log files. I am somewhat of a junkie for the Photoshop contests at Fark.com and the posters use various imagehosts. Surely brokering all those ports is taxing, and the number is even greater since they're being filtered through the Avast webscanner and ZoneAlarm firewall.

Eventually one of the Firefox tabs broke the camel's back. The link started to open and my system went right to black, performing a hard reboot. The PC made it to the WinXP splash screen and just sat there for about 20 minutes with the hard drive light on but making no noise. Ctrl-Alt-Del doesn't work at that stage, so I hit the reset button, rebooted in safe mode, and performed a System Restore to earlier in the evening. Everything has been fine since then, but I am not sure how I should proceed.

MS AntiSpyware, Avast, and ZoneAlarm are always running on this machine, which is behind a Linksys router/firewall. My HTJ log looks just fine to me. I've attached it in case its useful to anyone. The 017 entries are set to point at my ISP's dns server. I ran tests with AdAware, SpyBot, Ewido, Avast and MWAV EScan, with nothing found. The only keyboard related UpperFilters in my registry have the value of "kbdclass" and the properties of kbdclass.sys indicate it's a true MS file. The tcpip.sys file looks good and consistent in all my archives too. Makes me think its hardware related.

Might this indicate that one of my sticks of ram is going bad? I've got a 512meg pc133 and a 256meg pc133. I'm wondering if the PC typically uses just one stick and moves on to the other when it requires more space, or throughput. OS is running on an ATA/66 drive, pagefile is on an ATA/100 on the secondary IDE channel. Seems to me that mismatch shouldn't be an issue, even though its about time to upgrade. Is there anything I should do other than see if it happens again?

Thanks a lot for any input.

************************************************** *******

Logfile of HijackThis v1.99.1
Scan saved at 4:55:43 AM, on 10/2/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\WCEFLMS.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\wuauclt.exe
E:\Applications\System Utils\Anti Spyware\hijackthis v1.99.1\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WCEFLMS] WCEFLMS.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{44C4C4EC-0207-4B53-BC25-8ADED67F6988}: NameServer = 64.192.96.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{44C4C4EC-0207-4B53-BC25-8ADED67F6988}: NameServer = 64.192.96.5
O17 - HKLM\System\CS3\Services\Tcpip\..\{44C4C4EC-0207-4B53-BC25-8ADED67F6988}: NameServer = 64.192.96.5
O17 - HKLM\System\CS4\Services\Tcpip\..\{44C4C4EC-0207-4B53-BC25-8ADED67F6988}: NameServer = 64.192.96.5
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ColdFusion MX Application Server - Macromedia Inc. - C:\CFusionMX\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion MX ODBC Agent - Unknown owner - C:\CFusionMX\db\slserver52\bin\swagent.exe
O23 - Service: ColdFusion MX ODBC Server - Unknown owner - C:\CFusionMX\db\slserver52\bin\swstrtr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ArGoSoft FTP Server (msFTPServerForm) - ArGo Software Design - c:\Program Files\ArGo Software Design\FTP Server\ftpsrvnt.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Looks like you had a Windows registry/configuration problem, Windows couldn't load and run, and you fixed it by going back to a good restore point.

What's to fix? "Everything has been fine since then". It ain't broke so don't fix it.
Beware of trying too hard. Just be prudent and keep your system in good repair.

Someone may find something in your HJT log that needs fixing, or perhaps not.
That [even if found] would probably be unconnected to this event.

I advise you to go further than using XP restore point.
Set up a system where you can [from outside of Windows] make [and restore] backup images of all your partitions [but especially a "lean & mean" C:].

I guess the main thing that concerned me was the crash, not Windows hanging. Not sure how often others experience a reboot like that, but I can't recall the last time it happened to me.

My post was rambling because I was trying to give too much background. Basically I am asking if overloading the network capabilities of XP could cause this behavior, or if it suggests hardware that is problematic.

Thanks for bearing with me.

Your log looks okay...

Overloading the network should not cause this problem, so I would suspect hardware and start running some tests for the RAM and other components... Blackouts are not as likely to be RAM as they are power supply, hard drive or even video card related... Could be heat too...