| 主权项 |
1. A method for processing a computer virus, comprising:
extracting, from a scanning result, a file type of a first file infected with a computer virus; obtaining process information of a first process used by the computer virus to access the first file; storing a correspondence between the file type and the process information; refusing access to a second file by a second process based at least in part on the stored correspondence, wherein a file type of the second file matches the file type of the stored correspondence, and process information of the second process matches the process information of the stored correspondence; sending, by a first antivirus engine among a plurality of antivirus engines included in a system, the stored correspondence between the file type and the process information to a second antivirus engine among the plurality of antivirus engines; storing, by the second antivirus engine, the correspondence between the file type and the process information; and refusing, by the second antivirus engine, access to a third file by a third process based at least in part on the correspondence stored by the second antivirus engine, wherein a file type of the third file matches the file type of the correspondence stored by the second antivirus engine, and process information of the third process matches the process information of the correspondence stored by the second antivirus engine. |
