I have a user who has an XP machine w/ SP2 and has the most current updates installed on his computer. He has recently been having shut down issues.
He will receive a message box referencing "lsass.exe: 0x012e0178 referenced at 0x00000000 can't be written". He clicks on the OK button then will receive :
"System Shutdown: This system is shutting down. Please save all work in progress and log off. Any unsaved changes will be lost. This shutdown was initiated by NT AUTHORITY\SYSTEM, and gives a 60 second timer before it shuts down. The message in the System Shutdown box lists status code 1073741819.
When the computer restarts, and the user logs in, he will receive a Data Execution Prevention message citing LSA Shell (Export Version).
Thinking it was a virus issue, I did a full scan with Sophos, Microsoft Malicious Software Removal Tool, no virus was detected. In addition used Symantec's removal tool for Sasser and Blaster, and neither found anything.
Any thoughts on what I can do or what the issue might be.