Malicious software is on the rise, according to McAfee, but the days of virus outbreaks may be behind us.

This week, McAfee added the 200,000th definition to its threat database, and said it expects the total number of identified threats to double in another two years. McAfee's anti-virus products use the definitions as digital fingerprints to determine which software should not be allowed to run on a user's PC.

After a bit of a lull in their efforts, virus writers have spent the past few years creating more of this software than ever before, said Jimmy Kuo, a research fellow with McAfee's Avert Labs, in a blog posting. Between 1999 and 2002, McAfee's database held steady at around 50,000 definitions, but recently the number of different worms and viruses being created has jumped, he said.

At the same time, the number of serious outbreaks has dropped dramatically. In 2004, McAfee counted 48 virus outbreaks of at least medium severity. In 2005, that number dropped to 12. This year there haven't been any.

These trends reflect the growth and increasing professionalism of hacker culture that no longer seeks the fame that accompanies a worldwide virus outbreak. Instead of fame, hackers want money, Kuo said. "There are now hackers for hire in spamming and phishing campaigns and they're in it to work," he said. "When you create a big incident... the police react and they go searching for you," he added. "So the bad guys don't create these incidents anymore."

McAfee may be bragging that it has discovered a large number of virus definitions, but there's a down side to all of this good work: sluggish computers.

There are now more anti-virus signatures than there are files on a typical PC, according to Andrew Jaquith, a senior analyst at the Yankee Group. "Collectively the industry is creaking under the load of all of it," he said.

With its 200,000 definitions, McAfee's software is going to cause some trouble on some PCs, Kuo admitted. "For those companies that still have really old machines, they basically stop updating their dat [virus definition] files after a while," he said. "If you run it on a 1998-style machine, it's not going to run very well at all."

But even if newer "behaviour-based" anti-virus techniques begin to take a front seat in identifying viruses, definitions will not go away because they serve an important role in cleaning up systems that have already been compromised, Kuo said. "In terms of preventing you might lean more upon behaviour-based techniques," he said. "But after you've been hit by something you're going to want to go to definitions."