08-12-2009 05:48 PM
08-12-2009 06:02 PM
"Monitoring 1383 signatures" means that your Norton program is actively protecting your computer with available number of intrusion detection/prevention signatures updated through LiveUpdate. If the Internet Explorer executable tries to write into any of the Norton program file, the Norton program will block it as "unauthorized access". The Internet Explorer may need to interact with certain Norton files such as CcSvcHst.exe, and eventhough it requires only read access, it may try togain write access to the Norton file. This is a common behavior of malware and considering the security risk, Norton blocks the access. This can happen with other files also, like ctfmon.exe in the following thread:
It doesn't mean that you are under attack. You may need to check only if it specifically tells that "an Intrusion attempt is blocked".
08-12-2009 06:02 PM
there is nothing wrong it is to do with files brushing up on the anti-tamper protection, from explorer.exe to mbam.exe etc
08-12-2009 06:34 PM
The "Unauthorized Access" alerts you see are part of the Norton Tamper Protection feature which prevents all other applications on your PC from accessing Norton files and processes. This is designed to prevent malware from interfering with Norton's protection, but occasionally (often, actually) benign programs will bump into Norton and cause the type of log entry you are seeing. As long as the actor is a legitimate program such as Internet Explorer and the action was either logged or blocked, there is nothing to worry about. If you check your Norton Tamper Protection logs you'll see that this type of thing goes on all the time.
Intrusion Prevention monitors for exploit code that attempts to install malware on your system using known vulnerabilities in software programs that you may be running. The current list of 1383 signatures is the number of security flaws that Norton knows to look after. When Intrusion Prevention is activated Norton will catch anything attempting to install itself via any of these 1383 holes. Most of these holes are patched by the software vendors through updates, so Intrusion Prevention's primary goal is to guard your PC until patches are released and installed on your computer.
So, good news, you can relax. You are only seeing Norton notifying you of the status of some of its protection features.