1. /
  2. Security Response/
  3. SONAR.PDF!gen1


May 4, 2010 10:49:09 PM
Risk Impact:
Systems Affected:
Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
Various versions of Acrobat Reader can be compromised through a variety of vulnerabilities embedded in potentially malicious .pdf files. Some examples of such vulnerabilities include:

Symantec’s antivirus products contain an highly sensitive detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers.

If one or more files on your computer have been classified as having a SONAR.PDF!gen1 threat, this indicates that the files have suspicious characteristics and therefore might contain a new or unknown threat. However, given the sensitive nature of this detection technology, it may occasionally identify non-malicious, legitimate software programs that also share these behavioral characteristics. Therefore, it is recommended that users manually check all files detected as SONAR.PDF!gen1 by Symantec antivirus products for potential misidentification, and submit any suspect files to Symantec Security Response for further analysis. For instructions on how to do this, read Submit Virus Samples.

In rare cases a legitimate file may be misidentified and subsequently quarantined. In such rare situations, you should open the Quarantine in your Symantec antivirus product. From here, you may review the list of all files detected as SONAR.PDF!gen1 and, if you identify a potential misidentification, restore the file from quarantine and allow it to run normally.
Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report