sas1 Report post Posted January 23, 2009 I'm not too experienced with this type of thing, so could use some expert help. Some background information: My system is Windows XP Pro, SP3. Anti-malware tools are Eset Nod32 and SuperAntiSpyware (free). For browser protection I have Sandboxie and use it all the time when I'm on the internet. Here's my (potential?) problem. This evening I updated my SAS definition signatures to the most recent one - 3723. I typically do these updates once or twice a week. Then I ran a complete scan of my system with SAS. Again, that's something I do once or twice a week. Previous scans have been clean. But tonight, SAS notified me of 4 threats as follows: ************************** Rootkit.Agent/Gen-Local Files: C:\Program Files\Wireless Device\Wireless Mouse\MouseAP.EXE Memory Processes: C:\Program Files\Wireless Device\Wireless Mouse\MouseAP.EXE Registry keys: HKLM\Software\Microsoft3\Windows\Current Version\APP Paths\MouseAP.EXE HKLM\Software\Microsoft3\Windows\Current Version\APP Paths\MouseAP.EXE#Path ************************ I uploaded MouseAP.EXE from C:\Program Files to VirusTotal.com. Their scan result was 0 out of 38. I then ran a scan of my entire system with Nod32. Again, no hits. I opened Windows Explorer, located MouseAP.EXE, right clicked it, and opened up Properties. It shows a creation date of 11/2005, which makes sense since that's when I bought my pc and loaded my wireless mouse on it. SAS is asking me if I want to quarantine the 4 threats. But given the negative findings on VirusTotal.com and my Nod32 scan, I'm thinking this could be a false positive. Again, I'm not too experienced with this. Expert advice is most welcomed. Share this post Link to post Share on other sites
SUPERAntiSpy Report post Posted January 24, 2009 I believe you submitted a support request as well, correct? We are working with you there. Share this post Link to post Share on other sites
sas1 Report post Posted January 24, 2009 I believe you submitted a support request as well, correct? We are working with you there. I did. Sorry...it wasn't my intent to clutter up the forum. I made the preceding post before I read on your website that I should submit a support request. Share this post Link to post Share on other sites
