cancel
Showing results for 
Search instead for 
Did you mean: 
hemantk
Level 12
Report Inappropriate Content
Message 1 of 8

Signatures Included in DAT

Hello Everyone.

How to find what virus/malwares/trojan...signatures are included in DAT file

7 Replies
Reliable Contributor rmetzger
Reliable Contributor
Report Inappropriate Content
Message 2 of 8

Re: Signatures Included in DAT

Hemant Koli wrote:

Hello Everyone.

How to find what virus/malwares/trojan...signatures are included in DAT file

Hi Hemant,

Try: http://www.mcafee.com/apps/mcafee-labs/release-notes/datreadme.aspx?region=us

Good luck,

Ron Metzger

Thanks,
Ron Metzger

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
hemantk
Level 12
Report Inappropriate Content
Message 3 of 8

Re: Signatures Included in DAT

Hello rmetzger,

Thanks for reply........

I have refered the link, but it shows only new detections..

I want to know what all signatures(new & old) are included in a DAT.

Reliable Contributor rmetzger
Reliable Contributor
Report Inappropriate Content
Message 4 of 8

Re: Signatures Included in DAT

Hi Hemant,

Yes, I realized that with my reply.

However, I am not sure of any reputable security company that lists 'All' detections within there signature files. This would open them up to having their processes opened up to the malware writers targeting the very things that the software is designed to protect.

Allowing for some old signatures to be removed from the detection process gives better performance. But informing the outside world that this was done, would lead to malware writers to re-using the now removed detections again. This would lead to never removing a detection and even worse performance, or gutting the protection we users expect.

Good luck,

Ron Metzger

Thanks,
Ron Metzger

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
hemantk
Level 12
Report Inappropriate Content
Message 5 of 8

Re: Signatures Included in DAT

Hello rmetzger.

Good One..........

I was just want to know that DNSChanger signatures are Included in DAT???...........

Reliable Contributor rmetzger
Reliable Contributor
Report Inappropriate Content
Message 6 of 8

Re: Signatures Included in DAT

Hi Hemant,

Try: http://www.mcafee.com/us/mcafee-labs/threat-intelligence.aspx

Select checkbox for 'Malware Name' and enter DNSChanger for the search.

This should lead to many (1000s) of hits and you may want to narrow the search further.

Each hit should lead to instructions on removal and DAT version inclusion.

Hopefully this helps.

Ron Metzger

Thanks,
Ron Metzger

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
hemantk
Level 12
Report Inappropriate Content
Message 7 of 8

Re: Signatures Included in DAT

Hello rmetzger,

This is not helpfull for me because this will only show the DAT numbers when the singnature was added to DAT when the detection discovered.

But i want to know that, does DNSChanger definitions are included in current DAT??>......

Reliable Contributor rmetzger
Reliable Contributor
Report Inappropriate Content
Message 8 of 8

Re: Signatures Included in DAT

Hi Hemant,

From my previous post: "Allowing for some old signatures to be removed from the detection process gives better performance. But informing the outside world that this was done, would lead to malware writers to re-using the now removed detections again. This would lead to never removing a detection and even worse performance, or gutting the protection we users expect."

You are asking for information I do not want made Public.

Given the 'age' of DNSchanger, I would be hard pressed to believe that it has been removed. Rather, what new variant has been added, would be my question.

If you are working on a system that has suspected files, I would suggest submitting these files to virustotal.com for verifying whether it is detected, or not.

If you are trying to determine, in general, if a particular malware is detected without having a sample, I would suggest talking to your McAfee Service Rep. for verbal confirmation of the info you need.

A side note: if there are 1000s of hit in the database for a malware, with dates relatively near, my guess is that it has Not been removed from the DAT files.

Ron Metzger

Thanks,
Ron Metzger

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community