Invention Grant
US08191147B1 Method for malware removal based on network signatures and file system artifacts
有权
基于网络签名和文件系统工件的恶意软件删除方法
- Patent Title: Method for malware removal based on network signatures and file system artifacts
- Patent Title (中): 基于网络签名和文件系统工件的恶意软件删除方法
-
Application No.: US12109253Application Date: 2008-04-24
-
Publication No.: US08191147B1Publication Date: 2012-05-29
- Inventor: Patrick Gardner , Shane Pereira
- Applicant: Patrick Gardner , Shane Pereira
- Applicant Address: US CA Mountain View
- Assignee: Symantec Corporation
- Current Assignee: Symantec Corporation
- Current Assignee Address: US CA Mountain View
- Agency: McKay and Hodgson, LLP
- Agent Serge J. Hodgson; Sean P. Lewis
- Main IPC: G06F12/14
- IPC: G06F12/14
Abstract:
A network communication corresponding to a malicious network signature associated with malicious code is detected on a host computer system. A determination is made whether or not the malicious network signature is validated as associated with a non-malicious code process. Upon a determination that the malicious network signature is not validated, the corresponding network communication is blocked, and the associated malicious code is located on the host computer system and removed from the host computer system. In some embodiments, the host computer system is further evaluated for the presence of residual artifacts of the malicious code on the host computer system.
Information query
