Unauthorized access blocked (Create File) "Cat.DB" Please Help

Norton Security | Norton Internet Security
1

Today when i turned on my computer and looked at norton history i had 7 messages saying that differnt programs have been trying to create a file under definitions called “Cat.DB” i was wondering if my computer is infected with something?

Message Edited by IanK on 08-28-2009 07:04 PM

2

I dont know if it is, anytime i open a program norton blocks another attempt at this file being created.

3

Today when i turned on my computer and looked at norton history i had 7 messages saying that differnt programs have been trying to create a file under definitions called “Cat.DB” i was wondering if my computer is infected with something?

Message Edited by IanK on 08-28-2009 07:04 PM

4

Just checked my NIS 2009 Tamper Protection log and I too see several entries where various programs were blocked from accessing this target to create a file.  So whatever this CatDB is, it seems to be related to a change in Norton and not the work of malware.  That benign programs are attempting to access it is not a concern, as this type of interaction between Norton’s Tamper Protection and programs running on one’s system is normal and occurs frequently.

5

Alright thank you very much.

6

I have been receiving these entries for about the past week, but in the past day they have increased twenty-fold.  It used to be one entry every 24 hours, now it is between 20-30.  Not sure what is going on, but my full system scans keep coming up clean.

7

Apologies everyone - these things should not be a mystery.

 

Symptoms:
A file has been created in the VirusDefs folder. The file has the .db extension. It may be seen as Cat.db or umcat_01.db.

Cause:
This file is from the core component SymVT. SymVT is designed to verify known trusted files. In order to do so it creates a catalog database for lookups for Microsoft signed files. The file is placed one directory up from the dated definitions folder so that definitions refresh wouldn’t result in requiring a re-creation of the entire database. The file was first introduced with definitions of August 26th, 2009. The umcat_01.db will only be generated if a user mode scan encountered a detection. The cat.db file is always generated.

 

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009082711190948 

 

JohnM

Message Edited by JohnM on 09-10-2009 05:44 PM