Solved System Error lsass.exe Endpoint is invalid

Nana, have you tried to run CF in normal mode?

 

Juliet,
Because of the error message, I can't boot to normal mode. If I click on it, it reboots the system. Thanks!

 

Nana
Can you see the icons for the two antivirus on your desktop?

Can you open the program, and look for a disable tab?

If not we'll have to try something else.

 

I went to Help and disabled symantec. I don't even know what Authentium Antivirus is. When I click CF to run, Symantec still comes up even when I unchecked it in all areas, email, etc. I uninstalled AdAware, thinking it was Authentium. Still working!!

 

Go to Start > Search > All files and folders
Then type in the search box
Authentium

If it can be located we may have to uninstall it.

 

DUH!! My mind is void! Search didn't fine anything?? I would just run CF, but it stated that the machine could be damaged. Seems damaged enough now! I don't understand how Symantec still shows up when I have disabled the File System Auto Protect, email,Lotus notes, and MS exchange auto protect.

 

The below windows command might not run in safe mode, try this first then proceed to the scanner.

Start - Run - (type) cmd -then hit Enter
This will bring up a DOS style box with blinking cursor,

At the blinking cursor, type:
chkdsk /f /r then hit - Enter <--- notice the required space before the "/ "s.

CHECKDISK will inform you that it cannot be run because files are in use/locked, etc. and will invite you to allow CHECKDISK to run the next time you reboot your machine.

Type "Y" for yes, and then reboot.

The scans will take about 30-40 minutes, after which your machine will complete its boot into Windows.
You may be good-to-go after the CHKDSK, if it finds any bad-clusters and moves files to known good areas of your hard drive. However, if CHKDSK does find bad-clusters and moves files, it may be necessary to run CHKDSK a 2nd and even 3rd time, until all the bad-clusters are found and all of the affected files are safely moved.


Next:

Run System File Checker (to identify and replace any missing or corrupted Windows system files)

Start - Run - (type) sfc /scannow - Enter <-- notice the required space before the "/ "




Let's try this scan.


Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Your already in safe mode so you can skip this step:

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:
• http://www.pchell.com/support/safemode.shtml
•
Scan with DrWeb-CureIt as follows:

* Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
* Under "Start the Express Scan Now ", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.

* Once the short scan has finished, Click Options > Change settings
* Choose the "Scan tab" and UNcheck "Heuristic analysis "

* Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)
* Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.

* When done, a message will be displayed at the bottom advising if any viruses were found.
* Click "Yes to all" if it asks if you want to cure/move the file.

* When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable ".
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)

* Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
* Save the DrWeb.csv report to your desktop.
* Exit Dr.Web Cureit when done.

* Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
* After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

In your next reply post:
DrWeb.cvs report
New HJT log



Nana, it's getting late here I might not be back till morning.
If you can post your logs and I'll check them first thing.

 

Juliet,
Didn't see your note until late. I was far from posting! Hope you had a relaxing night!

I made it into what looked like Windows. I tried the sfc /scannow, got the red X messages as follow:1) This app has failed to start because the Vista DB.esx was not found. Reinstall the app may fix problem. 2)One or more system DLL's could not be loaded: EsApp.dll. 3) Could not boot the app. 4) System is low on virtual memory. Windows is increasing V mem paging file. Mem requests may be denied. 5) sfc.exe App Error The App failed to initalize properly (Oxc0000142) Click OK to terminate App.

Never got to DrWeb or New HJT!!

When I click an icon on the desktop, the icon pic disappears and the icon name becomes outlined in blue?? I did get a message that Symantec is disabled!!

To look at the screen, you would think the computer was working just fine. Very odd!
It's 10:30 here, so I'm heading out ~ talk to you tomorrow! I watch the grand kids so will be on later in the day. Thanks for all the help, I like looking at a Windows screen instead of an error box! Nana

 

This is odd, those error messages point to Esapp.dll may be related to Kodak Easy
Share software....
The below is information related to the error message.

ESApp.dll and LocESApp.dll are files that goes with Kodak Easy Share
Software. You do not mention if you are using Kodak Software. If you do, a
simple Kodak Software Repair should fix the problem. At worse you would
have to to a re-install.

To do a repair, go to:

Control Panel
Add Remove Program
Kodak Easy Share Software
Click on Change
Click on Next
Click on Reppair
Next



has failed to start because the Vista DB.esx was not found
http://forums.techguy.org/windows-vista-7/588354-vistadb-esx.html
http://forums.techguy.org/digital-photography-imaging/467357-solved-windows-xp-home-sp2.html
vistadb.esx
Directory: C:\Program Files\Kodak\Kodak EasyShare software\bin\


http://selfservice.kodak.com/servic...windowType=SAME&highlightInfo=&isRecord=false
http://www.kodak.com/eknec/PageQuerier.jhtml?pq-path=130&pq-locale=en_US


Below is information I found related to
Authentium It might be installed or offered by your ISP?
Also, might be found under the names listed below.
Check again and see if this is on your computer.
Can you run the DRWeb scan today?

AV: Authentium Antivirus
AV: PeoplePC Antivirus
FW: PeoplePC Firewall
PeoplePC Internet Security Pack "

 

Juliet,
I got home to reinstall the Kodak Easy Share and the screen has an unlock computer box. I entered the password, tried to click the OK with no response. Tried Enter, no response. The cursor disappears under the box. I don't know how to move on and stay in Windows to reinstall Kodak and perform the tasks to fix the computer.

To reinstall Kodak seemed so simple ~ now this! Thanks, Nana

 

Hi Nana

At this point I would think now the only option would be to do a hard boot.
Hold down the power button and I think count to 5?

How old is your computer?
It may boil down to having do a windows reinstall or a reformat. These problems just seem to keep mounting and they are not malware related.

 

Juliet,

I'm not sure of the age, I'd guess 5-7 years old. Will do the hard boot and pray it's OK. If necessary, I wipe it and do reinstalls. I know it will be lots of work, will give me something to do. It may not be worth saving?? I really wanted to rescue it for the grand kids. Thanks, Nana

 

Nana
Do the hard reboot and let's see what we get.

 

Juliet,

Sorry, I started a Windows reinstall. If the computer goes down, it goes. The kids will live on! The reinstall seems to be going well, it's at 87%. Thanks for all your effort and the patience you had with me. Nana

 

Nana
I appreciate you returning the news.
I think the computer had to many corrupt windows files to allow us to continue.
I didn't mind helping you a bit.

 

Juliet,

I agree with the many corrupt files. If I could have solved the issue without making more problems, that would be one thing. It seemed to keep adding error notices when I would think things were looking up. A fresh install will have no corrupt files.

I tried to install the Kodak Share and it came up with an error and wouldn't install. That made me realize things were more of a mess than I wanted to deal with.

You were wonderful and I so appreciate all you did for me yesterday. You do great work helping people like me recover their systems ~ be proud!! Nana

 

Thank you Nana


Please take the time to read over a few of my preventive tips.


Please navigate to Microsoft Windows Updates and download all the "Critical Updates " for Windows.


Firefox 3
The award-winning Web browser is now faster, more secure, and fully customizable to your online life. With Firefox 2, added powerful new features that make your online experience even better. It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
*NoScript - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

How to prevent Malware: Created by Miekiemoes

Here are some additional utilities that will further enhance your safety.
# http://www.trillian.cc → Trillian or http://www.miranda-im.com → Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)


Read this article 'Safe Computing Practices'.
So how did I get infected in the first place.

Secure My Computer: A Layered Approach

Strong passwords: How to create and use them

Free Antivirus-AntiSpyware-Firewall Software
Slow Computer May Not Be Malware Related, Help! My computer is slow!
http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html


PC Safety and Security--What Do I Need?
http://www.techsupportforum.com/sec...115548-pc-safety-security-what-do-i-need.html

Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!
This site offers people who have been (or are) victims of malware the opportunity to document their story.

Extra note:
Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan. http://secunia.com/software_inspector/

 

I will follow your instructions to the letter!
Thanks, and all the best to you! Nana