Protecting computing systems from unauthorized programs
First Claim
1. A method in a computing system for protecting the computing system from computer viruses, the method comprising:
- executing a protection program on a computing system during startup to facilitate antivirus protection for the computing system, the executing occurring subsequent to booting of the computing system and prior to execution of other programs during the computing system startup; and
under control of the executing protection program, automatically preventing computer viruses from executing on the computing system during startup by, for each of multiple other programs that are to be executed during the computing system startup, before the other program is executed during the computing system startup, automatically determining if the other program is unchanged since a successful execution during a prior startup of the computing system; and
unless it is determined that the other program is unchanged, automatically determining if the other program is included in a set of programs previously identified as being authorized; and
unless it is determined that the other program is included in the set of authorized programs, automatically preventing the other program from being executed, so that unauthorized programs are not executed during computing system startup.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and computer-readable medium are described for assisting in protecting computing systems from unauthorized programs, such as by preventing computer viruses and other types of malware programs from executing during startup of a computing system and/or at other times. In some situations, computing system protection is provided by executing programs only if they have been confirmed as being authorized, which may be determined in various ways (e.g., if a program is automatically determined to be unchanged since a prior time when the program was authorized or to match a set of programs identified as being allowable, or if an appropriate user provides appropriate information). This abstract is provided to comply with rules requiring an abstract, and it is submitted with the intention that it will not be used to interpret or limit the scope or meaning of the claims.
-
Citations
47 Claims
-
1. A method in a computing system for protecting the computing system from computer viruses, the method comprising:
-
executing a protection program on a computing system during startup to facilitate antivirus protection for the computing system, the executing occurring subsequent to booting of the computing system and prior to execution of other programs during the computing system startup; and
under control of the executing protection program, automatically preventing computer viruses from executing on the computing system during startup by, for each of multiple other programs that are to be executed during the computing system startup, before the other program is executed during the computing system startup, automatically determining if the other program is unchanged since a successful execution during a prior startup of the computing system; and
unless it is determined that the other program is unchanged, automatically determining if the other program is included in a set of programs previously identified as being authorized; and
unless it is determined that the other program is included in the set of authorized programs, automatically preventing the other program from being executed, so that unauthorized programs are not executed during computing system startup. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method for protecting a computing system from execution of unwanted programs, the method comprising:
-
identifying one or more programs to be executed during startup of a computing system; and
automatically preventing unwanted programs from being executed during the computing system startup by, for each of the identified programs, before the identified program is executed during the computing system startup, automatically determining whether the identified program is confirmed as being allowable for the computing system; and
unless it is determined that the identified program is confirmed as being allowable, automatically preventing the identified program from being executed. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A computer-readable medium whose contents enable a computing device to prevent execution of malware programs, by performing a method comprising:
automatically protecting a computing device from malware programs by, for each of one or more programs identified to be executed on the computing device, attempting to automatically determine that the identified program is not a malware program; and
unless the automatic determining confirms that the identified program is not a malware program, automatically preventing the identified program from executing. - View Dependent Claims (36, 37, 38, 39, 40)
-
41. A computing system configured to prevent unwanted changes affecting computing system execution, comprising:
-
a target identifier component that is configured to identify one or more groups of data to be used during startup of a computing device;
a target use authorizer component that is configured to, for each of the identified groups of data and before the identified group of data is used during the computing device startup, automatically determine whether the identified group of data is unchanged since a prior use of a copy of the identified group of data and/or whether a change of the identified group of data since the prior use was authorized; and
a target use preventer component configured to, for each of the identified groups of data and unless it is determined that the identified group of data is unchanged since the prior use or that the change of the identified group of data since the prior use was approved by an authorized user, automatically prevent the identified group of data from being used during startup of the computing device. - View Dependent Claims (42, 43, 44, 45, 46, 47)
-
Specification