HTTP Acrobat PDF Suspicious File Download - False Positives
Categories: Berita, Share | December 10th, 2008 | by Felix J | 9 CommentsToday, like always, i surfed the internet for searching informations and found that something went wrong with my Norton 360 product. When i opened some websites that are using Prado Framework, Norton kept saying ” A recent attempt to attack your computer was blocked “. Then to find out what is the threat, i click the more details button and norton says that the risk was ” HTTP Acrobat PDF Suspicious File Download “.
This happens when i wanted to post this post too. Happened to my wordpress “Write post” page. Symantec detect the threat from these listed websites :
1. BNPC-HS (Login inside it)
2. Google Maps !
3. Google News !
4. GMail !
I think symantec blocks some javascript feature which make some things don’t work properly. (My wordpress WYSIWYG is gone… it’s cool… really 
).
I can say that websites i opened up, don’t harm my computer. because those websites are websites that i recently viewed. Is These the false positives?
Hope norton quick fix it up.
I’ve gotten it at least 3 times this morning as well, all from legitimate sites. Getting ready to run a LiveUpdate and see if that takes care of it.
Hey I just want to start my saying im not great with computers so I might sound a bit stupid but I am also getting this message. I spoke with someone on Norton chat this is what she told me ” We have consulted this with our technicians and found out that this attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening. So we have to remove the infection now”. THis is the stupid part so is this virus on my pc when the message saying its blocked.
[...] Vários blogs já relataram o problema, confirmado pela equipe de desenvolvimento do Norton. Se você não quiser aguardar a disponibilização da atualização que irá corrigir o problema, é possível desabilitar essa detecção manualmente, o que pode deixar seu computador vulnerável. [...]
I had a problem with ebay today. Same error message.
@CDC : I’m already getting that message for around 20 times already since yesterday. And today, i haven’t check whether norton has already patched this bug or not.
@dave : Yep… when i googled this risk name, one of them said that he was getting the same problem with eBay. So Not just you that had the same error message :).
@Nick_K : but in my case, i didn’t download anything on that website, yet i’m sure that sites are clean and won’t infect our computers. When i made this post yesterday, i’ve to deactivated my norton, so that i could post this problem on my blog.
I hope norton will soon patched this up.
Hello,
My name is Gunnar and I am working for an external Symantec-Support-Team. I am sorry to hear that you have experienced some problems caused by the False Positive condition. As Mike mentioned in his post above, the new update has corrected it, but I would still like to present you with the official statement from Symantec:
On December 10, Symantec posted a modification to an IPS signature that caused a False Positive condition with our customers. Customers may have experienced a virus warning or in some cases, partial loading of Web pages. The signature was released to all consumer products. On the enterprise side, only Symantec Client Security was impacted.
The specific signature at fault was the “HTTP Acrobat PDF Suspicious File Download” signature. This signature was triggered by generic JavaScript, which is used on certain Web sites. The signature was released around 1 a.m. PT on Wednesday, December 10. The signature was corrected and made available to Symantec customers at approximately 10 a.m. PT, 9 hours after the initial release.
Because the majority of our consumers receive updates automatically, they will already have been updated with the corrected signature. Any consumer customer that does not automatically download signatures, is unlikely to have experienced the False Positive. If they have, manually running Live Update will resolve the issue.
Symantec would like to apologise to any customers affected by this false positive for any inconvenience it may have caused.
Best Regards,
Gunnar
Norton Forum Assist Team
@Gunnar
my norton didn’t show up any false positives again 
Wowww… Thank you for the Norton quick response
Hello.
more links for that topic?
And Bye.
It was happened in the past
So, for the current time, norton has fixed that issue… 