Veritor Posted March 20, 2013 Once in a "while" (maybe every 3-4 weeks) I get a Real-Time Protection warning popup from SAS that it has caught Trojan.Agent/Gen-FakeAlert[Hotfix].Process and quarantined the file. This file always appears to be connected to Norton 360 in some way. The most recent incident isolated 4 files all named as follows. This is what appears under SAS quarantine: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\LUE\DOWNLOADS\PATCH2943\HOTFIX.EXE The only difference in the 4 filenames is in the 4 digits following "PATCH". I also found a hotfix.exe reference in the Windows PREFETCH directory which remained even after the quarantine. I deleted it. What I'm wondering is this a "real" Norton patch release being caught as a false positive by SAS? I know Hotfix.exe is connected to a fake anti-virus program but I see no evidence of THAT program on my system. I run SAS Pro edition along with Norton 360 and Malwarebytes Pro and I keep them all updated and current. Share this post Link to post Share on other sites
SAS Customer Service Posted March 20, 2013 Please create a support ticket so we can issue a diagnostic: www.superantispyware.com/csr Share this post Link to post Share on other sites