Malware, such as computer viruses, worms and Trojan horses, is a serious threat to both business and personal computing. Various software vendors provide anti-malware products, which can detect, block and/or remove malware on a user's computer. Anti-malware products use various techniques to protect users from malware, such as, but not limited to, intrusion prevention, web browser defense, signature based detection, heuristic based detection and behavior based detection. When an anti-malware product detects malware, the anti-malware product can make a copy of the malware to analyze it, to learn more about both how it works and how to identify and disarm similar threats in the future. Additionally, users sometimes proactively submit suspect files to anti-malware vendors (e.g., over the Internet) to have them checked for malware. Such directly submitted files can also be analyzed by the anti-malware product.
Some commercial anti-malware products have very large foot prints in the security market. These products can receive so much detected malware and directly submitted suspected malware that limited hardware resources prevent the analysis of all of it. Therefore, such products only analyze a subset of the received malware (both detected and suspected). By not analyzing all of the received malware, important new malware could be overlooked, in favor of malware which is already well known. It would be desirable to address these issues.