kaspersky lab zao_kaspersky os下载_kaspersky密码(13)

Yet another example is the situation when the object is an executable file (application). In this case, the control module 160 may determine the need to perform an antivirus check with the aid of the following methods: request to a security service 195 via the Internet 190, emulation of the source code, signature ysis or formulation of a task for the restriction module 255 to check the application using the monitoring rules. In other words, the control module 160 needs to delegate the task of monitoring the execution of the application to the restriction module 255, residing on the antivirus agent 170, delegate the task of a request to the service 195 to the checking module 250, for example, and the tasks of emulation and signature ysis or heuristic ysis to the ysis module 270. Furthermore, the indicated methods of antivirus checking may be performed either deferred in time or at the same time.

In one particular aspect, the task of the antivirus check includes all possible methods of antivirus checking.

After determining the methods of the antivirus check, the control module 160 prioritizes them。 Prioritization of the methods of the antivirus check also enables a reduced volume of necessary resources and less time to perform the check。 To designate the priorities for the methods of the antivirus check, the control module 160 uses at least two prioritization criteria, namely, the resource intensity and the time of performance of each antivirus check method。 By resource intensity is meant which computing resources of the host machine 110 are needed to carry out the corresponding antivirus check method and what workload is placed on the given resources。

本文来自电脑杂谈，转载请注明本文网址：
http://www.pc-fly.com/a/jisuanjixue/article-50822-13.html