-
公开(公告)号:US07917951B1
公开(公告)日:2011-03-29
申请号:US11750707
申请日:2007-05-18
IPC分类号: G06F9/00
CPC分类号: G06Q10/107 , H04L51/12 , H04L63/12 , H04L63/1416
摘要: An anti-virus system provider distributes an e-mail identifying content filtering rule seeking to identify e-mail messages suspected of containing an item of malware from a central source (20) to users (2). This distribution may be by an e-mail message itself which is appropriately signed and encrypted. At the user system (2), the received e-mail identifying content filtering rule is extracted from the e-mail message and added to the content filtering rules (18) being applied within that user system. In this way, malware which is distributed by e-mail may be identified by characteristics of its carrier e-mail rather than characteristics of the malware itself which not yet have been properly analyzed or the mechanisms for detecting such characteristics of the malware itself not yet put in place.
摘要翻译: 防病毒系统提供商将识别内容过滤规则的电子邮件分发给用户(2),该内容过滤规则试图将来自中央源(20)的疑似包含恶意软件的邮件消息识别为用户(2)。 该分发可以是通过适当签名和加密的电子邮件消息本身。 在用户系统(2)中,从电子邮件消息中提取收到的电子邮件标识内容过滤规则,并将其添加到在该用户系统内应用的内容过滤规则(18)。 以这种方式,通过电子邮件分发的恶意软件可以通过其载体电子邮件的特征来识别,而不是尚未被适当分析的恶意软件本身的特征,或用于检测恶意软件本身的这些特征的机制尚未 放到位
-
公开(公告)号:US07237008B1
公开(公告)日:2007-06-26
申请号:US10142167
申请日:2002-05-10
CPC分类号: G06Q10/107 , H04L51/12 , H04L63/12 , H04L63/1416
摘要: An anti-virus system provider distributes an e-mail identifying content filtering rule seeking to identify e-mail messages suspected of containing an item of malware from a central source (20) to users (2). This distribution may be by an e-mail message itself which is appropriately signed and encrypted. At the user system (2), the received e-mail identifying content filtering rule is extracted from the e-mail message and added to the content filtering rules (18) being applied within that user system. In this way, malware which is distributed by e-mail may be identified by characteristics of its carrier e-mail rather than characteristics of the malware itself which not yet have been properly analyzed or the mechanisms for detecting such characteristics of the malware itself not yet put in place.
摘要翻译: 防病毒系统提供商将识别内容过滤规则的电子邮件分发给用户(2),该内容过滤规则旨在将来自中央源(20)的疑似包含恶意软件的邮件消息识别为用户(2)。 该分发可以是通过适当签名和加密的电子邮件消息本身。 在用户系统(2)中,从电子邮件消息中提取收到的电子邮件标识内容过滤规则,并将其添加到在该用户系统内应用的内容过滤规则(18)。 以这种方式,通过电子邮件分发的恶意软件可以通过其载体电子邮件的特征来识别,而不是尚未被适当分析的恶意软件本身的特征,或用于检测恶意软件本身的这些特征的机制 放到位
-
公开(公告)号:US06757830B1
公开(公告)日:2004-06-29
申请号:US09678688
申请日:2000-10-03
IPC分类号: G06F1130
CPC分类号: H04L63/145 , G06Q10/107 , H04L51/12
摘要: Received e-mail messages are subject to a minimum delay period determined in dependence upon characteristics of the e-mail message received. Prior to release of the e-mail message upon expiry of the minimum delay period a check is made that the most up-to-date anti-virus and anti-spamming tests have been applied to the e-mail message. Characteristics that may be used to determine the minimum delay period applied include sender characteristics, recipient characteristics, attachment type characteristics and message content type characteristics.
摘要翻译: 收到的电子邮件消息的最小延迟时间取决于接收的电子邮件的特征。 在最短延迟时间到期之前发布电子邮件消息之前,请检查是否已将最新的反病毒和反垃圾邮件测试应用于电子邮件。 可用于确定应用的最小延迟时间的特征包括发送者特征,接收者特征,附件类型特征和消息内容类型特征。
-
4.发明申请METHOD AND SYSTEM FOR DEFINING A SAFE STORAGE AREA FOR USE IN RECOVERING A COMPUTER SYSTEM 审中-公开用于定义用于恢复计算机系统的安全存储区域的方法和系统公开(公告)号:US20120030766A1
公开(公告)日:2012-02-02
申请号:US13253038
申请日:2011-10-04
CPC分类号: G06F21/575
摘要: A method for defining an area to record changes made to a computer system is disclosed. The method includes defining a safe area on a primary storage device of the computer system and storing information on the location of the safe area on a secondary storage device. The method further includes booting the computer system utilizing a backup device and changing data on the primary storage device. The changes are recorded in the safe area of the primary storage device and are accessible when the computer system is booted from the backup device.
摘要翻译: 公开了一种定义用于记录对计算机系统的改变的区域的方法。 该方法包括在计算机系统的主存储设备上定义安全区域,并将关于安全区域的位置的信息存储在辅助存储设备上。 该方法还包括利用备份设备引导计算机系统并在主存储设备上改变数据。 更改记录在主存储设备的安全区域中,并且在计算机系统从备份设备启动时可以访问。
-
5.发明申请SYSTEM AND METHOD FOR PREVENTING DATA LOSS USING VIRTUAL MACHINE WRAPPED APPLICATIONS 有权使用虚拟机包装应用程序防止数据丢失的系统和方法公开(公告)号:US20110113467A1
公开(公告)日:2011-05-12
申请号:US12615521
申请日:2009-11-10
CPC分类号: H04L63/205 , G06F21/128 , G06F21/53 , G06F21/6281 , H04L63/0263 , H04L63/20
摘要: A method in one example implementation includes selecting at least one criterion for controlling data transmission from within a virtual machine. At least one application is included within the virtual machine, which includes a policy module. The selected criterion corresponds to at least one policy associated with the policy module. The method also includes evaluating the selected criterion of the policy to permit an attempt to transmit the data from within the virtual machine. In more specific embodiments, the policy may include a plurality of criteria with a first selected criterion permitting transmission of the data to a first application and a second selected criterion prohibiting transmission of the data to a second application. In another specific embodiment, the method may include updating the policy module through an administration module to modify the selected criterion.
摘要翻译: 一个示例实现中的方法包括从虚拟机中选择用于控制数据传输的至少一个准则。 虚拟机中至少包含一个应用程序,其中包括策略模块。 所选择的标准对应于与策略模块相关联的至少一个策略。 该方法还包括评估所选择的策略标准以允许尝试从虚拟机内发送数据。 在更具体的实施例中,策略可以包括具有允许数据传送到第一应用的第一选择标准的多个标准,以及禁止将数据传输到第二应用的第二选择标准。 在另一个具体实施例中,该方法可以包括通过管理模块更新策略模块以修改所选择的标准。
-
公开(公告)号:US07266843B2
公开(公告)日:2007-09-04
申请号:US10025572
申请日:2001-12-26
CPC分类号: G06F21/564
摘要: Pre-emptive malware scanning of user specified operating system 10, 12 defined storage locations is performed to establish whether those storage locations contain any malware containing computer files. If the storage locations are malware-free, then they are classified as clean storage locations and subsequent read accesses to those storage locations will be permitted without requiring further malware scanning. Writes to clean storage locations will continue to be malware scanned.
摘要翻译: 执行用户指定操作系统10,12的定制存储位置的先发恶意软件扫描,以确定这些存储位置是否包含任何包含计算机文件的恶意软件。 如果存储位置是无恶意软件,那么它们被分类为干净的存储位置,并且将允许对这些存储位置的后续读取访问,而不需要进一步的恶意软件扫描。 写入清理存储位置的操作将继续被恶意软件扫描。
-
7.发明授权公开(公告)号:US07013330B1
公开(公告)日:2006-03-14
申请号:US09678692
申请日:2000-10-03
申请人: Lee Codel Lawson Tarbotton , Daniel Joseph Wolff , Paul Nicholas Gartside , Graham Arthur Makinson , Nicholas Paul Kelly
发明人: Lee Codel Lawson Tarbotton , Daniel Joseph Wolff , Paul Nicholas Gartside , Graham Arthur Makinson , Nicholas Paul Kelly
IPC分类号: G06F15/16
CPC分类号: H04L67/06 , H04L12/1863
摘要: A source computer 2 having a copy of a computer file that it is desired to download to a plurality of target computers issues broadcast messages via a computer network linked to those target computers. The broadcast messages indicate the availability of the computer file for download and include a download qualifying parameter. The download qualifying parameter is used by receiving target computers to determine whether or not they qualify to attempt a download from the source computer in response to the received broadcast message. Only those target computers that do qualify attempt a download. The source computer monitors how many target computers make a download attempt in response to a particular broadcast message and adjusts the download qualifying parameters in subsequent broadcast messages so that the target computers progressively download the new computer file without overloading the source computer.
摘要翻译: 具有希望下载到多个目标计算机的计算机文件的副本的源计算机2通过链接到这些目标计算机的计算机网络发布广播消息。 广播消息指示用于下载的计算机文件的可用性,并且包括下载限定参数。 接收目标计算机来使用下载限定参数来确定它们是否有资格根据接收的广播消息从源计算机尝试下载。 只有符合条件的目标计算机才能尝试下载。 源计算机监视多少目标计算机响应于特定广播消息进行下载尝试,并且在随后的广播消息中调整下载限定参数,使得目标计算机逐渐下载新的计算机文件而不会使源计算机过载。
-
公开(公告)号:US20090100519A1
公开(公告)日:2009-04-16
申请号:US11907668
申请日:2007-10-16
IPC分类号: G06F11/30
CPC分类号: G06F21/566 , G06F21/554
摘要: A user of a computer system is provided with warning of unexpected or covert installation attempts using a malware or anti-virus detection engine. Even though the files that are unexpectedly attempted to be installed may be legitimate, rather than malware, the malware detection software is modified or configured to detect the unexpected installation and provide the user with an opportunity to abort the installation. A method of controlling installation of software in a computer system comprises detecting an attempt to install software on the computer system, identifying the software that was attempted to be installed, taking an action in response to identifying the software that was attempted to be installed.
摘要翻译: 计算机系统的用户被提供有使用恶意软件或防病毒检测引擎的意外或隐蔽安装尝试的警告。 即使意外尝试安装的文件可能是合法的,而不是恶意软件,恶意软件检测软件被修改或配置为检测意外的安装,并为用户提供中止安装的机会。 控制软件在计算机系统中的安装的方法包括:检测在计算机系统上安装软件的尝试,识别尝试安装的软件,采取响应于识别尝试安装的软件的动作。
-
9.发明授权System, method and computer program product for precluding writes to critical files 失效系统,方法和计算机程序产品,用于排除对关键文件的写入公开(公告)号:US07340775B1
公开(公告)日:2008-03-04
申请号:US10028651
申请日:2001-12-20
CPC分类号: G06F21/53 , G06F21/566 , G06F21/6218
摘要: A system, method and computer program product are provided for preventing writes to critical files. Initially, factors associated with a computer are identified. Then, requests to write to files on the computer are monitored. The writes to the files on the computer are conditionally prevented based on the factors to prevent virus proliferation. In use, the factors are altered based on the monitoring of the requests.
摘要翻译: 提供了一种用于防止写入关键文件的系统,方法和计算机程序产品。 最初,识别与计算机相关的因素。 然后,监视对计算机上文件的写入请求。 基于防止病毒扩散的因素有条件地防止对计算机上文件的写入。 在使用中,这些因素根据对请求的监控而改变。
-
公开(公告)号:US07272724B2
公开(公告)日:2007-09-18
申请号:US09785216
申请日:2001-02-20
CPC分类号: G06F21/564
摘要: An anti computer virus program uses a library of virus drivers that includes an indication of whether a particular virus can cause irreparable damage and data indicating enhanced user warnings and actions that might be associated with such viruses. If a detected computer virus is one that can cause irreparable damage, then an enhanced user warning (16) is issued indicating this to the user and a notification (28) of the possibility of such corruption is added into the repaired computer file. The notification may take the form of an electronically signed (30) banner message or the like.
摘要翻译: 反病毒程序使用病毒驱动程序库,其中包括特定病毒是否可能导致无法修复的损坏的指示,以及指示可能与此类病毒相关的增强的用户警告和操作的数据。 如果检测到的计算机病毒是可能导致不可修复的损坏的病毒,则发出增强的用户警告(16),向用户指示这一点,并且将这种损坏的可能性的通知(28)添加到修复的计算机文件中。 该通知可以采用电子签名(30)横幅消息等的形式。
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.014 秒)
