kaspersky lab zao_kaspersky os下载_kaspersky密码(7)

In one aspect, the antivirus system 200 consists of a control module 160, at least one antivirus agent 170 and an antivirus module 180. In one aspect, the antivirus agent 170 includes an informational database 240 and a checking module 250 to perform its purpose. The informational database 240 is designed to store the necessary information for the working of the antivirus agent 160 and, in particular, the checking module 250. Examples of information might be at least information about the types of files, lists of trusted and untrusted applications, heuristic rules (such as event ysis rules) and information on the results of previous checks. The checking module 250 is designed to perform an ysis of events and objects in order to determine the harmfulness of the objects by the antivirus check methods that were installed during the deployment of the antivirus agent 170 on the VM 150. A list of the methods of antivirus checking are discussed below.

In one aspect, the antivirus agent 170 also includes a restriction module 255, which in turn is designed to monitor events occurring and actions being performed in the client OS 155. By monitoring is meant the identification of suspicious events among the events occurring and the restriction (blocking) of the events occurring according to specified parameters. By parameters is meant various monitoring rules that have been assigned to the antivirus agent 170 by the control module 160 or the checking module 250.

The antivirus module 180 in turn includes a general database 260 and ysis module 270. The general database 260 is designed to store any given information designed for the working of the antivirus module 230 and its components. An example of the information is a list of signatures of malicious files and applications, a list of metadata, lists of monitoring or ysis rules, or a list of already verified objects (a certain centralized data cache) includeed in the VM 150. The ysis module 270 is designed to perform an antivirus check using the antivirus check methods installed in the given module 270.

本文来自电脑杂谈，转载请注明本文网址：
http://www.pc-fly.com/a/jisuanjixue/article-50822-7.html