Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
538 Views 4 Replies Latest reply: Sep 22, 2013 10:35 PM by petersimmons RSS
firec Newcomer 5 posts since
Aug 23, 2013
Currently Being Moderated

Aug 23, 2013 9:31 AM

Number of detections in DAT file

Hello,

 

as of today, the VSE DAT file (version 7175) says it includes 668,629 detections.

However, when exported to a text file using CSSCAN.EXE -virlist, the full list only has 108,634 items (including variants).

Am I missing something?

 

Thanks!

 

 

 

[Partial output]

 

CommonShell Command Line Scanner Lite (VSCORE.15.0.0.476)

 

Engine Version     : 5600.1067

Engine Load Time   : 3760 milliseconds

AV     DAT Version : 7175.0000   668629 detections   Built 22 August 2013

 

Extra DAT          : 0 detections

 

Please wait ... retrieving list of names from the Anti-Virus DAT

          1C/Tanga                      Virus

          1down3up                      Trojan

          4ArcadePBar                   Unwanted Object

          7AdPower                      Unwanted Object

  ...

  • rick_chandler Newcomer 1 posts since
    Nov 19, 2009
    Currently Being Moderated
    2. Sep 18, 2013 12:05 PM (in response to firec)
    Re: Number of detections in DAT file

    It's not a list of viruses, but a list of drivers so the number isn't a good representation of how many pieces of malware that the DAT's have in place.  Drivers have many detections.

  • petersimmons McAfee Employee 230 posts since
    Dec 22, 2009
    Currently Being Moderated
    4. Sep 22, 2013 10:35 PM (in response to firec)
    Re: Number of detections in DAT file

    It doesn't match viruses. We use it against a zoo filled with samples that number in excess of 50 million. Maybe even north of 100 million. I haven't seen accurate numbers lately (and they inflate by tens of thousands per day). The current DAT files are proof against that large corpus of viruses AND the fingerprints of stuff within GTI.

     

    On a side note trying to accurately measure the quantity of viruses is very troublesome. Do you measure files? Samples? Names? Categories? Types? Fingerprints? For example, we can write protection against something we don't have a sample for. We have samples but that doesn't include all variations. And certainly you can have a single virus attach itself to multiple files thereby creating new "samples". We had trouble figuring out these numbers back when we had 50K samples (circa 2005). Now we see that much in a single day.

     

    You ask an academically interesting question. The answer isn't easy and requires a lot of explanation. Even if you get an answer I'm not sure how useful it is to compare to anything else.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points