【教學】KAV/KIS6.0所使用的iChecker 與 iSwift 技術是什麼?
(資料來源:官方討論區資訊&產品說明文件)

What is iChecker and iSwift technology?
iChecker 與 iSwift 技術是什麼?

一、iChecker technology (iChecker技術)

Features: Use technology that can increase the scan speed by skipping objects that have not been altered since the last scan, provided that scan settings (threat signatures and settings) have not changed. Information about this is stored in a special database.

特徵:使用此技術能夠經由跳過從上次掃描後沒有被修改的物件來增加掃描的速度,
倘若那些掃描的設定(威脅的特徵與設定)沒有被改變。
關於這些資訊會被儲存於一個特別的資料庫之中。

or example, you have an archived file that the program scanned and assigned the status of not infected. The next time, the program will skip this archive, unless it has been altered or the scan settings have been changed. If the structure of the archive has changed, because a new object has been added to it, if the scan settings have changed, or if the threat signatures have been updated, the program will scan the archive again. iChecker Works independent of the file system (FAT, NTFS). Based on file type and checksum (hash) of the object; data is stored in sfdb.dat.

或是舉例,你有個檔案庫文件經由程式掃描過,並且指定它的狀態是沒有受到感染的。
在下次掃瞄時,程式將會跳過這個檔案庫,除非它被修改過或是掃描的設定被改變。
假如檔案庫的結構被改變,因為一個新的物件加入到它之中、假如掃描的設定已經被改變、
或假如威脅的特徵已經被更新,程式將會再次掃描這個檔案庫。
iChecker於檔案系統下獨立運作(FAT,NTFS)。
根據檔案的種類與校驗總和(混雜);資料被儲存於sfdb.dat之中。

Benefits: Recognizes also files stored in the memory. After a file has been checked for the first time, any copy of it is identified quickly as identical, even if it is located in another folder, in an archive or in a mail attachment.

優點:辨識的同樣檔案儲存於記錄之中。
當檔案第一次被檢查過後,任何此檔案的複本同樣迅速地被鑑定,
即使假如它位於其他的路徑、在資料夾之中或在郵件的附件裡。

Limitations: it only applies to objects with a structure that Kaspersky Internet Security recognizes (for example, .exe, .dll, .lnk, .ttf, .inf, .sys, .com, .chm, .zip, .rar). iChecker is not efficient for large files since the calculation of the hash sum takes more time than scanning it. iChecker is not efficient for frequently modified files. Only a limited number of formats is supported. iChecker is slower than iSwift. The number of entries in the iChecker database is limited. If the database is full, the first entries are deleted to free space for new entries (FIFO).

限制:它只適用於Kaspersky Internet Security認定結構的物件
(舉例:.exe,.dll,.lnk,.ttf,.inf,.sys,.com,.chm,.zip,.rar)。
iChecker對於大型檔案沒有效果,從計算校驗總和到完畢,會比掃描它要花費更多的時間。
iChecker對於時常被修改的檔案沒有效果。只有被限制的數種格式的檔案是被支援的。
iChecker比iSwift較慢。進入iChecker資料庫的數目是被限制的。
假如資料庫滿了,最初的登錄資料會被刪除以謄出空間給新的登錄資料(先進先出)

二、iSwift technology (iSwift技術)

Features: Use technology that can increase scan speed by only scanning new and altered objects. iSwift Works only for NTFS partitions. It identifies files by internal descriptors of the NTFS. The "footprint" of each file is stored in the dedicated database called FIDBOX.

特徵:使用此技術能夠增加掃描的速度,經由只有掃描新的和變更過的檔案。
iSwift只能於NTFS分割磁區下運作。他是由NTFS內部的描述符號來識別檔案。
每個檔案的「痕跡」會被儲存於專用的資料庫,被稱為FIDBOX。

Benefits: The algorithm is fast because no checksum has to be calculated. Works independent of format and size of the file.

優點:因為沒有效驗總和被計算,運算法則是快速的。
此運作與檔案的格式與大小無關。

Limitations: it only applies to objects in NTFS file systems. Using the iSwift technology is not possible on computers running Microsoft Windows 98SE/ME/XP64 operating system. If the object is moved, it has to be re-scanned. iSwift requires a special driver.

限制:他只適用於NTFS檔案系統中的物件。
在Microsoft Windows 98SE/ME/XP64的作業系統下是不可能使用iSwift技術的。
假如檔案被移動時,它必須再次被掃瞄。iSwift需要特別的驅動程式。