Jump to content
sas1

Hoping false positive, but not sure

Recommended Posts

I'm not too experienced with this type of thing, so could use some expert help.

Some background information: My system is Windows XP Pro, SP3. Anti-malware tools are Eset Nod32 and SuperAntiSpyware (free). For browser protection I have Sandboxie and use it all the time when I'm on the internet.

Here's my (potential?) problem. This evening I updated my SAS definition signatures to the most recent one - 3723. I typically do these updates once or twice a week. Then I ran a complete scan of my system with SAS. Again, that's something I do once or twice a week.

Previous scans have been clean. But tonight, SAS notified me of 4 threats as follows:

**************************

Rootkit.Agent/Gen-Local

Files: C:\Program Files\Wireless Device\Wireless Mouse\MouseAP.EXE

Memory Processes: C:\Program Files\Wireless Device\Wireless Mouse\MouseAP.EXE

Registry keys: HKLM\Software\Microsoft3\Windows\Current Version\APP Paths\MouseAP.EXE

HKLM\Software\Microsoft3\Windows\Current Version\APP Paths\MouseAP.EXE#Path

************************

I uploaded MouseAP.EXE from C:\Program Files to VirusTotal.com. Their scan result was 0 out of 38. I then ran a scan of my entire system with Nod32. Again, no hits. I opened Windows Explorer, located MouseAP.EXE, right clicked it, and opened up Properties. It shows a creation date of 11/2005, which makes sense since that's when I bought my pc and loaded my wireless mouse on it.

SAS is asking me if I want to quarantine the 4 threats. But given the negative findings on VirusTotal.com and my Nod32 scan, I'm thinking this could be a false positive. Again, I'm not too experienced with this. Expert advice is most welcomed.

Share this post


Link to post
Share on other sites
I believe you submitted a support request as well, correct? We are working with you there.

I did. Sorry...it wasn't my intent to clutter up the forum. I made the preceding post before I read on your website that I should submit a support request.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...