Home / malwarePDF  

SONAR.Sality!gen1


First posted on 15 April 2014.
Source: Symantec

Aliases :

There are no other names known for SONAR.Sality!gen1.

Explanation :

Symantec's antivirus products contain an highly sensitive detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers.

If one or more files on your computer have been classified as having a SONAR.Sality!gen1 threat, this indicates that the files have suspicious characteristics and therefore might contain a new or unknown threat. However, given the sensitive nature of this detection technology, it may occasionally identify non-malicious, legitimate software programs that also share these behavioral characteristics. Therefore, it is recommended that users manually check all files detected as SONAR.Sality!gen1 by Symantec antivirus products for potential misidentification, and submit any suspect files to Symantec Security Response for further analysis. For instructions on how to do this, read Submit Virus Samples.

In rare cases where a legitimate file has been misidentified and subsequently quarantined, your computer may behave abnormally or you may find that one or more applications no longer function as expected. In such rare situations, you should open the Quarantine in your Symantec antivirus product. From here, you may review the list of all files detected as SONAR.Sality!gen1 and, if you identify a potential misidentification, restore the file from quarantine and allow it to run normally.

REMOVING A FILE FROM QUARANTINE
It is possible to restore a file from quarantine to its previous location on your computer. This should only be done if you are certain that the file is not malicious. Symantec strongly recommend that you submit the file that was detected as SONAR.Sality!gen1 even if you choose to restore the file from quarantine.

Norton users
To learn how to restore a file from quarantine using Norton products, please read the following document:
Restoring an item from the Quarantine

Business users
To learn how to restore a file from quarantine using Symantec Endpoint Protection products, please read the following document:
Restoring a false positive from the Symantec Antivirus quarantine

Last update 15 April 2014

 

TOP

Malware :

Family: