Windows Process Problem(s)

Okay, so I'm using my computer and it starts running like dirt.  Naturally, I boot up task manager and see explorer is taking up 50 percent of my CPU.  Then task manager, being the awesome feature it is, begins taking up 40.  Strange.  Then explorer decides to end process itself before booting back up right away without giving me any errors.  After doing so, it continues its CPU hogging.  I decide to manually end task explorer and it stops coming back.  One problem solved for now.

I go and fetch Process Explorer to fix the task manager problem.  That worked as a temporary fix as well.  Now, I scanned my computer with several different programs (SpyBot, AdAware, PCCillen, etc.) and didn't come up with anything that could point towards this problem.  I removed everything that did and I still have the problem.  On top of that, note pad takes up 50 percent of my CPU as well, leading me to believe it's a Windows problem.  Adding on the whole NT Authority Shut Down notice I got ("shutdown -a" for the win), I'm assuming I have a fairly large problem.  But nothing can find it.  Is this a known issue?

Check MS's knowledgebase for this. There are various things that can cause it. Like the stupid WinXP folder tasks.

I looked around the knowledge base and found problems similar to mine, but with key differences.  When my explorer crashes, it doesn't tell me anything.  I get a sound and then it's gone.  I've now added to the list of scans, which includes AVG Anti-Spyware, Avert-Stinger, and I even ran XP Smoker.  The only thing any of them found were a few tracking cookies.

LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX LINUX

You might have some variation of http://www.pchell.com/virus/sasser.shtml attacking you.  Could be something completely different.  I'll tell you right now, though, that notepad should never take 50% CPU on a modern machine.  (If you're hyperthreaded or dual core, btw, it's actually pinning a CPU, not just using 50%).

Format, reinstall, stop clicking "yes" to shit from the web, and stop using IE.

What's the deal with the NT Authority forced shutdown when you end that particular process?  I don't understand...  the machine seems to be running fine while it's doing that, so why can't it just run indefinately like that?

Or is it some microsoft "feature" they don't want you disabling?

lsass is the local security authority subsystem.  Failure of that process is considered to be catastrophic and results in a de facto unsecured state in the system.  The automatic shutdown policy is an attempt to minimize damage.

The reason it crashes w/Sasser is because the Sasser worm is attempting to exploit the process.  Interestingly, if the Sasser worm fails on an unpatched machine, it crashes lsass and results in an automatic reboot.  If the worm succeeds in rooting your box, the machine continues running and the user remains blissfully unaware.

That particular bug is really old, though.

lsass isn't the only process that can result in an automatic shutdown.  IIRC, bad things happen if winlogon is killed, e.g.  In this particular case, b/c of the machine's funky behavior, it's probably hosed enough to warrant a full, clean wipe/reinstall.  There's no way the OP will ever be able to know that his machine is clean, otherwise.  It's the nature of rootkits.

Unfortunately, I don't use IE.  Also, nothing has come up with anything.  I've even done some Sasser specific searches.  I'm thinking I'll just install Linux, then reinstall Windows at some undefined point in the future.

Also, I was wondering, does your computer come with a reinstall disc for Windows or do I need to download it?