What is the .db File in the VirusDefs Folder?
|Article:TECH95798|||||Created: 2009-01-27|||||Updated: 2010-01-19|||||Article URL http://www.symantec.com/docs/TECH95798|
This file is from the core component SymVT. SymVT is designed to verify known trusted files. In order to do so it creates a catalog database for lookups of known signed files. The file is placed one directory up from the dated definitions folder so that definitions refresh wouldn’t result in requiring a re-creation of the entire database. As the file is a database designed to verify known files, it need not be updated continuously and, at present, we are still running with the original release of the database. We expect to update the database on a regular basis beginning in Spring of 2010. The file was first introduced with definitions of August 26th, 2009. The umcat_01.db will only be generated if a user mode scan encountered a detection. The cat.db file is always generated.
Article URL http://www.symantec.com/docs/TECH95798