摘要:
Technologies for securing an electronic device include trapping an attempt to access a secured system resource of the electronic device, determining a module associated with the attempt, determining a subsection of the module associated with the attempt, the subsection including a memory location associated with the attempt, accessing a security rule to determine whether to allow the attempted access based on the determination of the module and the determination of the subsection, and handling the attempt based on the security rule. The module includes a plurality of distinct subsections.
摘要:
Provided in some embodiments are systems and methods for remediating malware. Embodiments include receiving (from a process) a request to access data, determining that the process is an unknown process, providing the process with access to one or more data tokens in response to determining that the process is an unknown process, determining whether the process is engaging in suspicious activity with the one or more data tokens, and inhibiting execution of the process in response to determining that the process is engaging in suspicious activity with the one or more data tokens.
摘要:
A method for detecting malware includes determining one or more object-oriented components of an electronic device, trapping at a level below all of the operating systems of the electronic device an attempt to access an object-oriented component of the electronic device, determining an entity causing the attempt, accessing one or more security rules, and, based on the security rules, the entity causing the attempt, and the object-oriented component, determining whether the attempted access is indicative of malware.
摘要:
A method for monitoring for malware includes, during a boot process on an electronic device, determining a portion of memory, determining that the portion of memory is reserved for exclusive access by an entity on the electronic device, and, based on the determination that a portion of memory is reserved for exclusive access during the boot process, determining that the reservation is indicative of malware.
摘要:
A method for monitoring for malware includes, during a boot process on an electronic device, determining a portion of memory, determining that the portion of memory is reserved for exclusive access by an entity on the electronic device, and, based on the determination that a portion of memory is reserved for exclusive access during the boot process, determining that the reservation is indicative of malware.
摘要:
A system, method, and computer program product are provided for detecting hidden or modified data objects. In use, a first set of data objects stored in a device is enumerated, where the enumeration of the first set of data objects is performed within an operating system of the device. Additionally, a second set of data objects stored in the device is enumerated, where the enumeration of the second set of data objects is performed outside of the operating system of the device. Further, the first set of data objects and the second set of data objects are compared for identifying hidden or modified data objects.
摘要:
A rootkit scanning system, method, and computer program product are provided. In use, at least one hook is traversed. Further, code is identified based on the traversal of the at least one hook. In addition, the code is scanned for at least one rootkit.
摘要:
Systems and methods to provide a generic framework for application specific data exchange are shown. In example embodiments a data container is received. The data container includes data saved to a master data system. The data container is buffered. At least one backup data system is determined based on attributes of the data container. A determination is made as to whether the at least one backup data system is available. When the at least one backup data system is available, the data container is forwarded to the at least one backup data system.
摘要:
This disclosure concerns systems and methods for restoring data. In one example, a method for piecemeal restoration of a database involves a computer system having a user interface and a selection device. The method begins when a query is sent to a database server application requesting a list of all offline filegroups for the database. Next, the list of all offline filegroups is received from the database server application. Then, the list of all offline filegroups is automatically presented on the user interface. Next, a list selection signal is received, indicative of the selection device designating one or more of the filegroups from the list. Finally, in response to the receipt of the list selection signal, a command is automatically formulated to bring the designated one or more filegroups online.
摘要:
Displaying configuration test results by leveraged data protection software is described. A memory location is read where a display file is stored for a software installer. A configuration checker is executed for the computer. Results are read from executing the configuration checker. The results are written to the memory location. A leveraged software creation tool is prompted to display the display file via an output device. The leveraged software creation tool lacks the capability to dynamically load the display file.