| 发明名称 |
System and Method for Detection of Malware on a User Device Using Corrected Antivirus Records |
| 摘要 |
Disclose are system, method and computer program product for detection of malware on a user's computing device. An exemplary method comprises: detecting, by an antivirus application executing of the user's computing device, that an antivirus record is activated on the computing device for detecting a maliciousness of a software object, the antivirus record having a selected status indicator indicating at least one of: a working record, a test record, or an inactive record; in response to detecting the antivirus record having working or test status, checking, by the antivirus application, for a correction of the antivirus record with an antivirus server, wherein said correction includes a change in the status of the antivirus record; in response to receiving from the antivirus server the correction of the antivirus record, using by the antivirus application said correction for processing of the software object. |
| 申请公布号 |
US2016255101(A1) |
申请公布日期 |
2016.09.01 |
| 申请号 |
US201615098896 |
申请日期 |
2016.04.14 |
| 申请人 |
AO Kaspersky Lab |
发明人 |
Romanenko Alexander A.;Lapushkin Anton S.;Ishanov Oleg A. |
| 分类号 |
H04L29/06;G06F21/56 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computer-implemented method for malware detection on a user's computing device, the method comprising:
detecting, by an antivirus application executing of the user's computing device, that an antivirus record is activated on the computing device for detecting a maliciousness of a software object, the antivirus record having a selected status indicator indicating at least one of: a working record, a test record, or an inactive record; in response to detecting the antivirus record having working or test status, checking, by the antivirus application, for a correction of the antivirus record with an antivirus server, wherein said correction includes a change in the status of the antivirus record; in response to receiving from the antivirus server the correction of the antivirus record, using by the antivirus application said correction for processing of the software object comprising: upon detecting the status being changed to the inactive record, avoiding generating notifications to the user for indicating the software object is malicious and blocking subsequent transmissions of collected statistical information relating to the software object to the antivirus server. |
| 地址 |
Moscow RU |
