scbs29 Posted September 3, 2010 Hello I have set up my wifes laptop (NEC i_Select 5210) to dual boot with PCLinuxOS and Win XP Home, which is the original OS. The laptop was bought used with a single partition containing XP, and has no restore partition, so restoring the original XP is not an option. The XP partition has XP Home, fully updated, Avast anti-virus, MalwareBytes and SuperAntispyware (full paid for version) for malware detection, and Comodo firewall. Up until 2 days ago (after about 2 years) I have had no trouble with this XP setup at all, but suddenly I am experiencing problems. On booting I get a message from SAS that it has detected and blocked a potentially harmful application and gives me the option to find out more about this app or to scan the system. Selecting either of these has no effect, and SAS then stops running. If I then try to start SAS the same thing happens. Also a few seconds after SAS closes, so does Comodo. I have done a full system scan with Avast and Malwarebytes and downloaded the portable version of SAS and did a full scan with that. In all cases no problems were detected. Neither Firefox nor IE will run, just showing a corresponding process in task manager. Can you advise ? Share this post Link to post Share on other sites
Seth Posted September 3, 2010 I'm thinking a benign corruption in XP, or malware such as a rootkit. Have you tried a System Restore? If that doesn't work, I'd run ComboFix from Safe Mode. Share this post Link to post Share on other sites
SUPERAntiSpy Posted September 4, 2010 What numeric version of SAS are you running? Share this post Link to post Share on other sites
scbs29 Posted September 5, 2010 What numeric version of SAS are you running? 4.41.0.1000 I managed to get SAS to run in safe mode and it told me that I had Rogue.SecurityEssentials2010. After it reported 753 instances I closed SAS and logged off. After searching the internet for information about this rogue I was even more confused because none of the files, registry entries or processes associated with it were present on the laptop. In the SAS folder, the .exe icons had been changed, overlayed with a sign so that they resembled the Ghostbusters icon. I again did system checks with MalwareBytes, Portable SAS, GMER and Trojan_Killer and received a clean bill of health. I then uninstalled SAS and rebooted. This time all of the problems had disappeared. I then downloaded and installed SAS 4.42.0.1000, updated and again ran SAS, MalwareBytes, and Trojan_Killer. I received a clean bill of health from all of these. From this I can only assume that SAS itself had become corrupted in some way. Have there been any more reports of problems with 4.41.0.1000 ? Share this post Link to post Share on other sites
siliconman01 Posted September 6, 2010 Sounds like you got caught as per the link below. https://forums.superantispyware.com/index.php?/topic/4151-roguesecurityessentials2010-false-positive-issue/ Share this post Link to post Share on other sites