by logan » Oct 27 09 3:49 pm
Drip-feeding passes on the first 75% of the file to the client as it is downloaded from the Internet. The last 25% of the file is buffered in the server until the entire file has been downloaded from the Internet. Kaspersky then scans the entire file (not only the last 25%)
If the file is clean, then the last 25% is passed to the client in a quick burst. If the file is found to be infected, the download is terminated and the remaining 25% of the file is not passed on to the client. At this point the client has 75% of an infected file. In most cases, this will corrupt the file causing making it fail to execute. However, this is not really a perfect solution as on rare occasions a file may be able to execute without the remaining 25%. I haven't personally encountered such a file myself, but have been informed that it is possible.
Can you ellaborate on how your higher-up figured that KAV was not working while drip-feeding was enabled.