×

Method and system for detecting and removing hidden pestware files

  • US 8,381,296 B2
  • Filed: 07/18/2011
  • Issued: 02/19/2013
  • Est. Priority Date: 07/07/2006
  • Status: Active Grant
0
Associated Cases
0
Associated Defendants
0
Product Citations
0
Petitions
3
Forward Citations
9
Assignments
First Claim
Patent Images

1. A method for scanning a storage device of a computer for hidden pestware files, the method comprising:

  • reading a data-bearing portion of the storage device, the reading being performed sequentially in sector order using direct drive access, the direct drive access substantially bypassing standard file Application-Program-Interface (API) function calls of an operating system of the computer;

    identifying, through the reading, files on the storage device;

    determining whether an identified file is detectable by the operating system by attempting to access the identified file using a standard file API function call of the operating system, the identified file being detectable by the operating system when the attempt to access the identified file using the standard file API function call is successful, the identified file being undetectable by the operating system when the attempt to access that identified file using the standard file API function call is unsuccessful;

    in response to determining that the identified file is undetectable, flagging the identified file to the operating system as a potential hidden pestware file;

    performing an automated pestware-signature scan of the identified file flagged as a potential hidden pestware file to determine whether that identified file is indeed a hidden pestware file; and

    in response to determining that the identified file is a hidden pestware file, removing from the storage device automatically, using direct drive access, the identified file determined to be a hidden pestware file.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×