Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2008-04-23
2008-12-30
Moise, Emmanuel L (Department: 2437)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S022000, C726S023000, C726S025000, C713S188000, C707S793000
Reexamination Certificate
active
07472420
ABSTRACT:
A system, method, and computer program product for identifying malware components on a computer, including detecting an attempt to create or modify an executable file or an attempt to write to a system registry; logging the attempt as an auditable event; performing a malware check on executable files of the computer; if malware is detected on the computer, identifying all other files created or modified during the auditable event, and all other processes related to the auditable event; terminating the processes related to the auditable event; deleting or quarantining the executable files created or modified during the auditable event; and if the deleted executable files include any system files, restoring the system files from a trusted backup. Optionally, all files and processes having a parent-child relationship to a known malware component or known infected file are identified. A log of auditable events is maintained, and is recoverable after system reboot.
REFERENCES:
patent: 5440723 (1995-08-01), Arnold et al.
patent: 6944772 (2005-09-01), Dozortsev
patent: 6973577 (2005-12-01), Kouznetsov
patent: 6981279 (2005-12-01), Arnold et al.
patent: 2002/0083334 (2002-06-01), Rogers et al.
patent: 2004/0025015 (2004-02-01), Satterlee et al.
patent: 2005/0240769 (2005-10-01), Gassoway
patent: 2006/0179484 (2006-08-01), Scrimsher et al.
patent: 2007/0067843 (2007-03-01), Williamson et al.
patent: 2007/0150956 (2007-06-01), Sharma et al.
patent: 2007/0199060 (2007-08-01), Touboul
patent: 2008/0016339 (2008-01-01), Shukla
patent: 2008/0114957 (2008-05-01), Safa
patent: 2008/0172563 (2008-07-01), Stokes
Koike, Ryuiti et al., “Development of System for the Automatic Generation of Unknown Virus Extermination Software,” Proceedings of the 2007 International Symposium on Applications and the Internet (SAINT'07), pp. 1-7.
Bardmesser Law Group
Kaspersky Lab ZAO
Moise Emmanuel L
Pyzocha Michael
LandOfFree
Method and system for detection of previously unknown... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for detection of previously unknown..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for detection of previously unknown... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4038855