kaspersky lab zao_kaspersky os下载_kaspersky密码(10)

Another example is the situation when the VM 150 is limited in computing resources, such as memory, so it does not make sense for it to include a large volume of information, such as a database including the signatures of harmful objects or a functional responsible for the method of ysis by comparing signatures。

Let us now consider a working scenario of the present aspects。 Each antivirus agent 170 (hereinafter, agent 170) performs a monitoring of the events taking place in the client OS 155。 An example of occurring events are events of opening/closing a file, consulting a register, writing to a file, library startup, and so on, In some aspects, the monitoring is performed to identify the events occuring。 In one particular case, the monitoring may be done to identify only certain events, such as those which are suspicious, a list of which has been previously drawn up。

Then the agent 170 determines, for each identified event, an object related to the one or more monitored events, e。g。, the object which performed the given event, or the object to which the identified event was sent。 By object is meant at least a file, a process occurring at the time of execution of a file, or a link pointing to a particular object in the Internet。 If the object is a file, it is physically located on a data medium of the host machine 110, and when consulting it from several virtual machines 150 a delay is created when working with it。

In one particular case, the file may also be located on an outside host machine, which may lead to even greater delays involving access to the file via a network, such as the Internet 190。 After determining the object, the agent 170 performs a primary ysis of that object in order to determine its type。 To determine the type of the object, the agent 170 may use the informational database 240, which includes a list of possible types of objects。 in one example aspect, the informational database 240 may include a list of not all types of objects, but, for example, the first one hundred of the most popular types。

本文来自电脑杂谈，转载请注明本文网址：
http://www.pc-fly.com/a/jisuanjixue/article-50822-10.html