Invention Grant
US07971249B2 System and method for scanning memory for pestware offset signatures
有权
用于扫描内存的系统和方法,用于有害动物抵消签名
- Patent Title: System and method for scanning memory for pestware offset signatures
- Patent Title (中): 用于扫描内存的系统和方法,用于有害动物抵消签名
-
Application No.: US12559434Application Date: 2009-09-14
-
Publication No.: US07971249B2Publication Date: 2011-06-28
- Inventor: Jefferson Delk Horne
- Applicant: Jefferson Delk Horne
- Applicant Address: US CO Boulder
- Assignee: Webroot Software, Inc.
- Current Assignee: Webroot Software, Inc.
- Current Assignee Address: US CO Boulder
- Agency: Faegre & Benson LLP
- Main IPC: G06F12/14
- IPC: G06F12/14
Abstract:
Systems and methods for managing pestware processes on a protected computer are described. In one implementation, a reference point in the executable memory that is associated with a process running in the executable memory is located. A first and second sets of information from corresponding first and second portions of the executable memory are then retrieved. The first and second portions of the executable memory are separated by a defined offset, and each of the first and second portions of the executable memory are offset from the reference point. The process is identifiable as a particular type of pestware when the first and second sets of information each include information previously found to be separated by the defined offset in other processes that are of the particular type of pestware. In some variations, the reference point is a starting address and/or an API implementation in the process.
Public/Granted literature
- US20100005530A1 SYSTEM AND METHOD FOR SCANNING MEMORY FOR PESTWARE OFFSET SIGNATURES Public/Granted day:2010-01-07
Information query
