Access to PDF files is blocked due to the files being incorrectly decomposed to contain a zero byte javascript file.

Article:TECH210613  |  Created: 2013-09-16  |  Updated: 2014-07-21  |  Article URL
Article Type
Technical Solution


You are configuring Symantec Protection Engine (SPE) to block javascript files.  

From the SPE console, under Policies --> Filtering --> Files, under the section "Blocking by File Name", the following settings are configured:

1. "Block files with the following names (one per line)" is checked.
2. "Block access to the file or message" is chosen and "*.js" is added.

When SPE scans PDF file, it blocks the file with the File policy violation triggered.

In addition, when using command line scanner to scan the PDF file, the following output can be observed:

File name: Actual PDF file name.pdf/javaScriptFile.js
Virus name: File policy violation File Name Blocked
Virus ID: -1
Unscannable: False
Disposition: Infected


 SPE 7.0.2 or lower


Decomposer from SPE extracts zero byte javascript file even though there is no javascript embedded in PDF file.


Symantec is aware of this issue. There is a patch available if you are experiencing this issue. Contact Technical Support for this download.

Supplemental Materials


Article URL

Terms of use for this information are found in Legal Notices