Backwards researching activity indicative of pestware
First Claim
Patent Images
1. A method for identifying an origin of activity on a computer that is indicative of pestware comprising:
- monitoring the computer for activity that is indicative of pestware;
identifying, based upon the activity, an object residing on the computer that is a suspected pestware object; and
accessing at least a portion of a recorded history of sources that the computer received files from so as to identify a reference to an identity of a particular source that the suspected pestware object originated from.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method for researching an identity of a source of activity that is indicative of pestware is described. In one embodiment the method comprises monitoring the computer for activity that is indicative of pestware, identifying, based upon the activity, an object residing on the computer that is a suspected pestware object; and accessing at least a portion of a recorded history of sources that the computer received files from so as to identify a reference to an identity of a particular source that the suspected pestware object originated from.
-
Citations
22 Claims
-
1. A method for identifying an origin of activity on a computer that is indicative of pestware comprising:
-
monitoring the computer for activity that is indicative of pestware;
identifying, based upon the activity, an object residing on the computer that is a suspected pestware object; and
accessing at least a portion of a recorded history of sources that the computer received files from so as to identify a reference to an identity of a particular source that the suspected pestware object originated from. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for identifying a source of activity on a computer that is indicative of pestware including:
-
a heuristics module configured to identify activity on the computer that is indicative of pestware residing on the computer; and
a research portion configured to access a first set of recorded information on the computer that relates the activity to at least one file residing an the computer, and wherein the research portion is configured to access a second set of recorded information on the computer that relates the at least one file to a source from which the file was received; and
a reporting portion configured to generate a report that identifies the source of the file. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-readable medium including processor-executable instructions for identifying an origin of activity on a computer that is indicative of pestware, the instructions including instructions for:
-
monitoring the computer for activity that is indicative of pestware;
identifying, based upon the activity, an object residing on the computer that is a suspected pestware object; and
accessing at least a portion of a recorded history of sources that the computer received files from so as to identify a reference to an identity of a source that the suspected pestware object originated from. - View Dependent Claims (18, 19, 20, 21, 22)
-
Specification