Remote malware remediation
First Claim
1. A non-transitory computer-readable medium comprising one or more instructions that when executed by a processor, cause the processor to:
- identify, at an antimalware support system, an opportunity to assist with remediation of a file at a host device remote from the antimalware support system;
determine a remediation tool for remediation of the file;
initiate, by the antimalware support system remote from the host device, at least a portion of the remediation tool to be performed locally at the host device, where operations of the at least a portion of the remediation tool performed locally are applied to resources of the host device; and
receive feedback data at the antimalware support system from the host device identifying whether the at least a portion of the remediation tool performed locally remediated the file, wherein feedback data identifying that remediation of the file is incomplete causes the antimalware support system to apply another remediation tool to resources of the host device.
2 Assignments
0 Petitions
Accused Products
Abstract
An opportunity to assist with remediation of a file at a remote particular host device is identified. One or more remediation techniques are identified that can be applied to assist with remediation of the file at the particular host device. In one aspect, one or more remediation scripts are identified from a plurality of remediation scripts for remediation of the file and provided to the particular host device for execution on the particular host device. In another aspect, a remediation tool is identified and launched on a computing device remote from the particular host device with operations of the remediation tool applied to resources of the particular host device. In another aspect, at least a portion of the remediation techniques are remotely initiated to be performed locally at the particular host device.
58 Citations
22 Claims
-
1. A non-transitory computer-readable medium comprising one or more instructions that when executed by a processor, cause the processor to:
-
identify, at an antimalware support system, an opportunity to assist with remediation of a file at a host device remote from the antimalware support system; determine a remediation tool for remediation of the file; initiate, by the antimalware support system remote from the host device, at least a portion of the remediation tool to be performed locally at the host device, where operations of the at least a portion of the remediation tool performed locally are applied to resources of the host device; and receive feedback data at the antimalware support system from the host device identifying whether the at least a portion of the remediation tool performed locally remediated the file, wherein feedback data identifying that remediation of the file is incomplete causes the antimalware support system to apply another remediation tool to resources of the host device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method comprising:
-
identifying, at an antimalware support system, an opportunity to assist with remediation of a file at a host device remote from the antimalware support system; determining a remediation tool for remediation of the file; initiating, by the antimalware support system remote from the host device, at least a portion of the remediation tool to be performed locally at the host device, wherein operations of the at least a portion of the remediation tool performed locally are applied to resources of the host device; and receiving feedback data at the antimalware support system from the host device identifying whether the at least a portion of the remediation tool performed locally remediated the file, wherein feedback data identifying that remediation of the file is incomplete causes the antimalware support system to apply another remediation tool to resources of the host device.
-
-
22. A system comprising:
-
at least one processor device; at least one memory element; and an antimalware support server adapted when executed by the at least one processor device to; identify, at an antimalware support system, an opportunity to assist with remediation of a file at a host device remote from the antimalware support system; determine a remediation tool for remediation of the file; initiate, by the antimalware support system remote from the host device, at least a portion of the remediation tool to be performed locally at the host device, wherein operations of the at least a portion of the remediation tool performed locally are applied to resources of the host device; and receive feedback data at the antimalware support system from the host device identifying whether the at least a portion of the remediation tool performed locally remediated the file, wherein feedback data identifying that remediation of the file is incomplete causes the antimalware support system to apply another remediation tool to resources of the host device.
-
Specification