Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2005-10-05
2009-12-08
Moazzami, Nasser G (Department: 2436)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
Reexamination Certificate
active
07631357
ABSTRACT:
A computing system configured to detect and/or remove a rootkit. For detection, a snapshot component takes a snapshot of a storage unit. A rootkit detection component accesses an enumeration of individual files stored on the storage unit using an alternative file system I/O to detect the presence of a rootkit. For removal, the location of a rootkit is identified and a computing system shutdown is initiated. A snapshot component pauses the shutdown operation prior to the completion of the shut down and takes a snapshot of a file storage unit. A rootkit repair component accesses the identified location of the portion of the file storage unit containing the rootkit and modifies the portion of the snapshot of the file storage unit so as remove the rootkit.
REFERENCES:
patent: 6795966 (2004-09-01), Lim et al.
patent: 2004/0078636 (2004-04-01), Suzaki
patent: 2005/0193428 (2005-09-01), Ring et al.
patent: 2006/0031673 (2006-02-01), Beck et al.
patent: 2006/0294592 (2006-12-01), Polyakov et al.
Advantedge Law Group, LLC
Moazzami Nasser G
Pogmore Travis
Symantec Corporation
LandOfFree
Detecting and removing rootkits from within an infected... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Detecting and removing rootkits from within an infected..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detecting and removing rootkits from within an infected... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4059449