| 摘要 |
A method of inspecting a file on a client computer in order to determine if the file is malicious. The client computer sends a hash of the file to a server. The server then compares the hash of the file to a database of hashes of known files, and uses results of the comparison to determine whether or not the file is unknown to the server. If the file is unknown, the server sends a request for a first security analysis of the file to the client computer. The client computer then performs the first security analysis on the file, modifies the results of the first security analysis by removing or hashing selected data from results, and sends the modified results of the first security analysis to the server. The server performs a second security analysis on the modified results in order to determine if the file is malicious. |
