System and method for autonomic peer-to-peer virus inoculation
First Claim
1. A computer-implemented method comprising:
- receiving, at a detecting client computer system, a computer file from an infected client computer system, wherein the detecting client computer system and the infected client computer system are peers and connected to a common computer network, wherein neither the detecting client computer system nor the infected client computer system is a server;
scanning the received computer file at the detecting client computer system using a first plurality of virus definitions accessible to the detecting client computer system;
detecting, based on the scanning at the detecting client computer system, a virus in the received computer file;
retrieving virus information corresponding to the detected virus, wherein the virus information includes a virus definition selected from the first plurality of virus definitions;
removing, by the detecting client computer system, the virus from the received computer file using the selected virus definition, resulting in a disinfected computer file;
in response to removing the virus from the received computer file, determining, by the detecting client computer system, that the virus can automatically be removed;
in response to the determination, retrieving, by the detecting client computer system, instructions to remove the virus; and
automatically sending, by the detecting client computer system, the selected virus definition and the instructions to remove the virus to the infected client computer system over the common computer network using a peer-to-peer connection.
2 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and program product is provided that communicates virus information between a computer that detects a virus in a file (the detecting computer system) and the computer that sent the infected file (the infected computer system). When the infected computer system sends an infected file to the detecting computer system the detecting computer system detects the virus in the infected file, retrieves virus information corresponding to the virus (such as the name of the infected file, the identifier, or name, of the virus, the virus definitions used to identify the virus, and any instructions needed to eradicate the virus), and automatically sends the virus information back to the infected computer system over the network.
15 Citations
20 Claims
-
1. A computer-implemented method comprising:
receiving, at a detecting client computer system, a computer file from an infected client computer system, wherein the detecting client computer system and the infected client computer system are peers and connected to a common computer network, wherein neither the detecting client computer system nor the infected client computer system is a server; scanning the received computer file at the detecting client computer system using a first plurality of virus definitions accessible to the detecting client computer system; detecting, based on the scanning at the detecting client computer system, a virus in the received computer file; retrieving virus information corresponding to the detected virus, wherein the virus information includes a virus definition selected from the first plurality of virus definitions; removing, by the detecting client computer system, the virus from the received computer file using the selected virus definition, resulting in a disinfected computer file; in response to removing the virus from the received computer file, determining, by the detecting client computer system, that the virus can automatically be removed; in response to the determination, retrieving, by the detecting client computer system, instructions to remove the virus; and automatically sending, by the detecting client computer system, the selected virus definition and the instructions to remove the virus to the infected client computer system over the common computer network using a peer-to-peer connection. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A information handling system comprising:
-
one or more processors; a memory accessible by at least one of the processors; a nonvolatile storage area accessible by at least one of the processors; a network interface adapter connecting the information handling system to a computer network; and a set of instructions stored in the memory, wherein one or more of the processors executes the set of instructions in order to perform actions of; receiving, at the network interface adapter, a computer file from an infected client computer system, wherein the information handling system and the infected client computer system are peers and connected to the computer network, wherein neither the information handling system nor the infected client computer system is a server; scanning the received computer file using a first plurality of virus definitions stored in the nonvolatile storage area; detecting, based on the scanning by the information handling system, a virus in the received computer file; retrieving virus information corresponding to the detected virus, wherein the virus information includes a virus definition selected from the first plurality of virus definitions; removing, by the information handling system, the virus from the received computer file using the selected virus definition, resulting in a disinfected computer file; in response to removing the virus from the received computer file, determining, by the information handling system, that the virus can automatically be removed; in response to the determination, retrieving, by the information handling system, instructions to remove the virus; and automatically sending the selected virus definition and the instructions to remove the virus to the infected client computer system over the common computer network via the network interface adapter using a peer-to-peer connection. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer program product stored in a non-transitory computer readable medium, comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform actions that include:
-
receiving, at a detecting client computer system, a computer file from an infected client computer system, wherein the detecting client computer system and the infected client computer system are connected to a common computer network, wherein neither the detecting client computer system nor the infected client computer system is a server; scanning the received computer file at the detecting client computer system using a first plurality of virus definitions accessible to the detecting client computer system; detecting, based on the scanning at the detecting client computer system, a virus in the received computer file; retrieving virus information corresponding to the detected virus, wherein the virus information includes a virus definition selected from the first plurality of virus definitions; removing, by the detecting client computer system, the virus from the received computer file using the selected virus definition, resulting in a disinfected computer file; in response to removing the virus from the received computer file, determining, by the detecting client computer system, that the virus can automatically be removed; in response to the determination, retrieving, by the detecting client computer system, instructions to remove the virus; and automatically sending, by the detecting client computer system, the selected virus definition and the instructions to remove the virus to the infected client computer system over the common computer network using a peer-to-peer connection. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification