1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ALERT: SONAR.module!gen3

Discussion in 'Electronics, Computers & Webpage Questions' started by Sean Osborne, Jan 16, 2013.

  1. Sean Osborne

    Sean Osborne Well-Known Member

    Heads up and get your computer securty updated immediately as the next thing you do today and run a full system scan.

    A brand new high-risk threat created less than a week ago is now infecting PC's, laptops and notepads through various websites.

    While using my Firefox web browser I was on a popular Bible prophecy website just looking at one of their webpages when a popup occurred when my just updated Norton 360 AntiVirus detected the maleware attempting to enter my machine. It was lightspeed fast! I'll send a note to the site owner privately, obviously the server his site is hosted on has this malmare setting up shop to infect others.

    The source file for this high risk executable file is rundll32.exe and the file it will create on another machine - if not stopped in its tracks - is skggx.dll, otherwise known as SONAR.Module!gen3.

    Update your antivirus and run a full scan on your machine. This virus appears to be bad juju and is nothing to mess with.
  2. mattfivefour

    mattfivefour Well-known Member

    Yes, it infects rundll32.exe which is a very necessary file in Windows. Thanks for the heads up, bro. I trust you submitted a sample to the Symantec folks. It sounds like a variation of the well-know SONAR.Injection trojan.

    The Norton and Kaspersky sites themselves seem to have no real information on it. The excellent Naked Security site has this to say about the SONAR threats: "If one or more files on your computer have been classified as having a SONAR.KillAV!gen3 threat, this indicates that the files have suspicious characteristics and therefore might contain a new or unknown threat. However, given the sensitive nature of this detection technology, it may occasionally identify non-malicious, legitimate software programs that also share these behavioral characteristics. You can also submit a sample of the file here."

    But better safe than sorry.
  3. Sean Osborne

    Sean Osborne Well-Known Member

    Yup, Norton and some other IT security vendors got the skinny on this bug and promptly updated their servers with the recognition and antidote update - which coincidentally i had just downloaded.
    I wasn't 15 seconds on that prophecy website when Norton 360 did its thing and slammed that bug hard. It's from a family of SONAR bugs and this variant appeared just last week according to the Norton bulletin that I read, meaning that they did good, quick work in coding the remedy.
  4. caligal

    caligal Well-Known Member

    :surprised Ok, for someone like me, yall are talking:alien: is my puter gonna:comp:?
  5. mattfivefour

    mattfivefour Well-known Member

    Nope, not if you have a good antivirus program and keep it updated.

Share This Page