sas1 Posted January 23, 2009 I'm not too experienced with this type of thing, so could use some expert help. Some background information: My system is Windows XP Pro, SP3. Anti-malware tools are Eset Nod32 and SuperAntiSpyware (free). For browser protection I have Sandboxie and use it all the time when I'm on the internet. Here's my (potential?) problem. This evening I updated my SAS definition signatures to the most recent one - 3723. I typically do these updates once or twice a week. Then I ran a complete scan of my system with SAS. Again, that's something I do once or twice a week. Previous scans have been clean. But tonight, SAS notified me of 4 threats as follows: ************************** Rootkit.Agent/Gen-Local Files: C:\Program Files\Wireless Device\Wireless Mouse\MouseAP.EXE Memory Processes: C:\Program Files\Wireless Device\Wireless Mouse\MouseAP.EXE Registry keys: HKLM\Software\Microsoft3\Windows\Current Version\APP Paths\MouseAP.EXE HKLM\Software\Microsoft3\Windows\Current Version\APP Paths\MouseAP.EXE#Path ************************ I uploaded MouseAP.EXE from C:\Program Files to VirusTotal.com. Their scan result was 0 out of 38. I then ran a scan of my entire system with Nod32. Again, no hits. I opened Windows Explorer, located MouseAP.EXE, right clicked it, and opened up Properties. It shows a creation date of 11/2005, which makes sense since that's when I bought my pc and loaded my wireless mouse on it. SAS is asking me if I want to quarantine the 4 threats. But given the negative findings on VirusTotal.com and my Nod32 scan, I'm thinking this could be a false positive. Again, I'm not too experienced with this. Expert advice is most welcomed. Share this post Link to post Share on other sites
SUPERAntiSpy Posted January 24, 2009 I believe you submitted a support request as well, correct? We are working with you there. Share this post Link to post Share on other sites
sas1 Posted January 24, 2009 I believe you submitted a support request as well, correct? We are working with you there. I did. Sorry...it wasn't my intent to clutter up the forum. I made the preceding post before I read on your website that I should submit a support request. Share this post Link to post Share on other sites