System and method for directly accessing data from a data storage medium
First Claim
1. A method for scanning files on a protected computer for pestware, the method comprising:
- identifying a location of each of at least a first file, a second file, and a third file on a file storage device of the protected computer;
sorting a listing of the first, second, and third files in accordance with their respective physical locations on the storage device to generate a sorted list;
retrieving, while circumventing an operating system of the protected computer, information from the first, second, and third files by directly and sequentially accessing the first, second, and third files in the order the first, second, and third files are listed in the sorted list;
analyzing the information from the first, second, and third files to determine whether or not each of the first, second, and third files is a potential pestware file; and
reporting results of the analyzing to a user.
10 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for scanning files for pestware on a protected computer are described. In one variation, locations of each of a plurality of files in a file storage device of the protected computer are identified while substantially circumventing an operating system of the protected computer. Information from each of the plurality of files is retrieved and analyzed so as to determine whether any of the plurality of files are potential pestware files. In variations, the operating system is circumvented while the information from each of the plurality of files is retrieved. In other variations, before information is retrieved from each of the plurality of files, a listing of the plurality of files is sorted according to the locations of the files on the storage device so as to reduce, even further, the time required to access the plurality of files.
-
Citations
14 Claims
-
1. A method for scanning files on a protected computer for pestware, the method comprising:
-
identifying a location of each of at least a first file, a second file, and a third file on a file storage device of the protected computer; sorting a listing of the first, second, and third files in accordance with their respective physical locations on the storage device to generate a sorted list; retrieving, while circumventing an operating system of the protected computer, information from the first, second, and third files by directly and sequentially accessing the first, second, and third files in the order the first, second, and third files are listed in the sorted list; analyzing the information from the first, second, and third files to determine whether or not each of the first, second, and third files is a potential pestware file; and reporting results of the analyzing to a user. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for scanning files on a protected computer for pestware, the method comprising:
-
identifying, while circumventing an operating system of the protected computer, a location of each of a plurality of files on a file storage device of the protected computer; sorting, by location on the file storage device, a listing of the plurality of files to generate a sorted list; retrieving information from each of the plurality of files by directly and sequentially accessing each of the plurality of files in the order the plurality of files are listed in the sorted list; analyzing the information from each of the plurality of files to determine whether any of the plurality of files are potential pestware files; and reporting results of the analyzing to a user. - View Dependent Claims (7, 8, 9)
-
-
10. A system for managing pestware, the system comprising:
-
a processor; and a memory including a plurality of program instructions, the plurality of program instructions including; a pestware detection module configured to cause the processor to detect pestware on a file storage device of a protected computer; and a sweep speedup module configured to cause the processor to; identify, while circumventing an operating system of the protected computer, a location of each of a plurality of files on the file storage device; sort, by location on the file storage device, a listing of the plurality of files to generate a sorted list; and retrieve information from each of the plurality of files by directly and sequentially accessing each of the plurality of files in the order the plurality of files are listed in the sorted list; wherein the pestware detection module is configured to analyze the information from each of the plurality of files to determine whether any of the plurality of files are potential pestware files and to report results of the analysis to a user. - View Dependent Claims (13)
-
-
11. The system of claim l0, wherein the sweep speedup module is configured to cause the processor to:
-
access, while circumventing the operating system, a master file table of the file storage device; and identify the location of each of the plurality of files by analyzing the data of the master file table.
-
-
12. The system of claim l0, wherein the sweep speedup module is configured to cause the processor to utilize the operating system to retrieve information from each of the plurality of files.
-
14. The system of claim l0, wherein the protected computer includes a plurality of file storage devices, and wherein the plurality of files are distributed among the plurality of file storage devices.
Specification