DE69223275D1 - Verfahren zur Wiederherstellung eines mit einem Virus infizierten Rechnersprogramms - Google Patents

Verfahren zur Wiederherstellung eines mit einem Virus infizierten Rechnersprogramms

Info

Publication number
DE69223275D1
DE69223275D1 DE69223275T DE69223275T DE69223275D1 DE 69223275 D1 DE69223275 D1 DE 69223275D1 DE 69223275 T DE69223275 T DE 69223275T DE 69223275 T DE69223275 T DE 69223275T DE 69223275 D1 DE69223275 D1 DE 69223275D1
Authority
DE
Germany
Prior art keywords
program
infected
fingerprint
string
stored
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE69223275T
Other languages
English (en)
Inventor
Omri Mann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NortonLifeLock Inc
Original Assignee
Symantec Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Symantec Corp filed Critical Symantec Corp
Application granted granted Critical
Publication of DE69223275D1 publication Critical patent/DE69223275D1/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Medicines Containing Material From Animals Or Micro-Organisms (AREA)
  • Collating Specific Patterns (AREA)
DE69223275T 1991-05-24 1992-05-18 Verfahren zur Wiederherstellung eines mit einem Virus infizierten Rechnersprogramms Expired - Lifetime DE69223275D1 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US07/705,390 US5408642A (en) 1991-05-24 1991-05-24 Method for recovery of a computer program infected by a computer virus

Publications (1)

Publication Number Publication Date
DE69223275D1 true DE69223275D1 (de) 1998-01-08

Family

ID=24833252

Family Applications (1)

Application Number Title Priority Date Filing Date
DE69223275T Expired - Lifetime DE69223275D1 (de) 1991-05-24 1992-05-18 Verfahren zur Wiederherstellung eines mit einem Virus infizierten Rechnersprogramms

Country Status (6)

Country Link
US (2) US5408642A (de)
EP (1) EP0514815B1 (de)
AT (1) ATE160638T1 (de)
CA (1) CA2069239C (de)
DE (1) DE69223275D1 (de)
IL (1) IL101983A (de)

Families Citing this family (113)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5721788A (en) 1992-07-31 1998-02-24 Corbis Corporation Method and system for digital image signatures
US5448668A (en) * 1993-07-08 1995-09-05 Perelson; Alan S. Method of detecting changes to a collection of digital signals
US5398196A (en) * 1993-07-29 1995-03-14 Chambers; David A. Method and apparatus for detection of computer viruses
JPH07177142A (ja) * 1993-10-27 1995-07-14 Hitachi Ltd メッセージの保証システム
US6611607B1 (en) 1993-11-18 2003-08-26 Digimarc Corporation Integrating digital watermarks in multimedia content
US7171016B1 (en) 1993-11-18 2007-01-30 Digimarc Corporation Method for monitoring internet dissemination of image, video and/or audio files
US6424725B1 (en) 1996-05-16 2002-07-23 Digimarc Corporation Determining transformations of media signals with embedded code signals
US5822436A (en) 1996-04-25 1998-10-13 Digimarc Corporation Photographic products and methods employing embedded information
US6408082B1 (en) 1996-04-25 2002-06-18 Digimarc Corporation Watermark detection using a fourier mellin transform
US6614914B1 (en) 1995-05-08 2003-09-02 Digimarc Corporation Watermark embedder and reader
US5862260A (en) 1993-11-18 1999-01-19 Digimarc Corporation Methods for surveying dissemination of proprietary empirical data
US6122403A (en) 1995-07-27 2000-09-19 Digimarc Corporation Computer system linked by using information in data objects
US6983051B1 (en) 1993-11-18 2006-01-03 Digimarc Corporation Methods for audio watermarking and decoding
US5768426A (en) 1993-11-18 1998-06-16 Digimarc Corporation Graphics processing system employing embedded code signals
US5748763A (en) 1993-11-18 1998-05-05 Digimarc Corporation Image steganography system featuring perceptually adaptive and globally scalable signal embedding
US5832119C1 (en) 1993-11-18 2002-03-05 Digimarc Corp Methods for controlling systems using control signals embedded in empirical data
US6580819B1 (en) 1993-11-18 2003-06-17 Digimarc Corporation Methods of producing security documents having digitally encoded data and documents employing same
US5841886A (en) 1993-11-18 1998-11-24 Digimarc Corporation Security system for photographic identification
US6516079B1 (en) 2000-02-14 2003-02-04 Digimarc Corporation Digital watermark screening and detecting strategies
US5509120A (en) * 1993-11-30 1996-04-16 International Business Machines Corporation Method and system for detecting computer viruses during power on self test
US6522770B1 (en) 1999-05-19 2003-02-18 Digimarc Corporation Management of documents and other objects using optical devices
US5572590A (en) * 1994-04-12 1996-11-05 International Business Machines Corporation Discrimination of malicious changes to digital information using multiple signatures
US5835953A (en) * 1994-10-13 1998-11-10 Vinca Corporation Backup system that takes a snapshot of the locations in a mass storage device that has been identified for updating prior to updating
US6560349B1 (en) 1994-10-21 2003-05-06 Digimarc Corporation Audio monitoring using steganographic information
US5613002A (en) * 1994-11-21 1997-03-18 International Business Machines Corporation Generic disinfection of programs infected with a computer virus
US5485575A (en) * 1994-11-21 1996-01-16 International Business Machines Corporation Automatic analysis of a computer virus structure and means of attachment to its hosts
US5745569A (en) * 1996-01-17 1998-04-28 The Dice Company Method for stega-cipher protection of computer code
US5699507A (en) * 1995-01-17 1997-12-16 Lucent Technologies Inc. Method of identifying similarities in code segments
US6721440B2 (en) 1995-05-08 2004-04-13 Digimarc Corporation Low visibility watermarks using an out-of-phase color
US6744906B2 (en) 1995-05-08 2004-06-01 Digimarc Corporation Methods and systems using multiple watermarks
US6760463B2 (en) 1995-05-08 2004-07-06 Digimarc Corporation Watermarking methods and media
JP4162099B2 (ja) 1995-06-02 2008-10-08 富士通株式会社 ウィルス感染に対処する機能を持つ装置及びその記憶装置
US6577746B1 (en) 1999-12-28 2003-06-10 Digimarc Corporation Watermark-based object linking and embedding
US6788800B1 (en) 2000-07-25 2004-09-07 Digimarc Corporation Authenticating objects using embedded data
US6829368B2 (en) 2000-01-26 2004-12-07 Digimarc Corporation Establishing and interacting with on-line media collections using identifiers in media signals
US5765030A (en) * 1996-07-19 1998-06-09 Symantec Corp Processor emulator module having a variable pre-fetch queue size for program execution
US6067410A (en) * 1996-02-09 2000-05-23 Symantec Corporation Emulation repair system
US5696822A (en) * 1995-09-28 1997-12-09 Symantec Corporation Polymorphic virus detection module
US5854916A (en) * 1995-09-28 1998-12-29 Symantec Corporation State-based cache for antivirus software
US5826013A (en) * 1995-09-28 1998-10-20 Symantec Corporation Polymorphic virus detection module
WO1997024665A1 (en) * 1995-12-28 1997-07-10 Eyal Dotan Method for protecting executable software programs against infection by software viruses
US5822517A (en) * 1996-04-15 1998-10-13 Dotan; Eyal Method for detecting infection of software programs by memory resident software viruses
US6381341B1 (en) 1996-05-16 2002-04-30 Digimarc Corporation Watermark encoding method exploiting biases inherent in original signal
US5951698A (en) * 1996-10-02 1999-09-14 Trend Micro, Incorporated System, apparatus and method for the detection and removal of viruses in macros
US6802028B1 (en) 1996-11-11 2004-10-05 Powerquest Corporation Computer virus detection and removal
DE19701166A1 (de) 1997-01-15 1998-07-23 Siemens Ag Verfahren zur Überwachung der bestimmungsgemäßen Ausführung von Softwareprogrammen
US5964889A (en) * 1997-04-16 1999-10-12 Symantec Corporation Method to analyze a program for presence of computer viruses by examining the opcode for faults before emulating instruction in emulator
US6029256A (en) * 1997-12-31 2000-02-22 Network Associates, Inc. Method and system for allowing computer programs easy access to features of a virus scanning engine
KR19990060338A (ko) * 1997-12-31 1999-07-26 윤종용 하드 디스크 드라이브의 바이러스에 의한 손상 데이터복구방법
US7054463B2 (en) 1998-01-20 2006-05-30 Digimarc Corporation Data encoding using frail watermarks
US6295638B1 (en) * 1998-07-30 2001-09-25 International Business Machines Corporation Method and apparatus for loading native object code in data processing system
US6981155B1 (en) 1999-07-14 2005-12-27 Symantec Corporation System and method for computer security
US7117532B1 (en) 1999-07-14 2006-10-03 Symantec Corporation System and method for generating fictitious content for a computer
US7461402B1 (en) 1999-07-14 2008-12-02 Symantec Corporation System and method for preventing detection of a selected process running on a computer
US7203962B1 (en) 1999-08-30 2007-04-10 Symantec Corporation System and method for using timestamps to detect attacks
US6954858B1 (en) 1999-12-22 2005-10-11 Kimberly Joyce Welborn Computer virus avoidance system and mechanism
US6625297B1 (en) 2000-02-10 2003-09-23 Digimarc Corporation Self-orienting watermarks
US6804377B2 (en) 2000-04-19 2004-10-12 Digimarc Corporation Detecting information hidden out-of-phase in color channels
US7032114B1 (en) * 2000-08-30 2006-04-18 Symantec Corporation System and method for using signatures to detect computer intrusions
US6941490B2 (en) * 2000-12-21 2005-09-06 Emc Corporation Dual channel restoration of data between primary and backup servers
US6871271B2 (en) 2000-12-21 2005-03-22 Emc Corporation Incrementally restoring a mass storage device to a prior state
US7613930B2 (en) 2001-01-19 2009-11-03 Trustware International Limited Method for protecting computer programs and data from hostile code
EP1225513A1 (de) * 2001-01-19 2002-07-24 Eyal Dotan Verfahren zur Sicherung der Rechnerprogramme und Rechnerdaten eines feindlichen Programms
CN100419743C (zh) * 2001-02-14 2008-09-17 英业达股份有限公司 自动建立应用软件版本信息库的方法
US7114184B2 (en) * 2001-03-30 2006-09-26 Computer Associates Think, Inc. System and method for restoring computer systems damaged by a malicious computer program
CN1147795C (zh) * 2001-04-29 2004-04-28 北京瑞星科技股份有限公司 检测和清除已知及未知计算机病毒的方法、系统
US7043634B2 (en) * 2001-05-15 2006-05-09 Mcafee, Inc. Detecting malicious alteration of stored computer files
US7117357B2 (en) * 2001-06-27 2006-10-03 International Business Machines Corporation Method, system, and product for pre-encrypting static information transmitted by secure web sites
US20030014667A1 (en) * 2001-07-16 2003-01-16 Andrei Kolichtchak Buffer overflow attack detection and suppression
US6963978B1 (en) 2001-07-26 2005-11-08 Mcafee, Inc. Distributed system and method for conducting a comprehensive search for malicious code in software
US7149691B2 (en) * 2001-07-27 2006-12-12 Siemens Corporate Research, Inc. System and method for remotely experiencing a virtual environment
US7234167B2 (en) * 2001-09-06 2007-06-19 Mcafee, Inc. Automatic builder of detection and cleaning routines for computer viruses
US7035867B2 (en) * 2001-11-28 2006-04-25 Aerocast.Com, Inc. Determining redundancies in content object directories
US7296125B2 (en) * 2001-11-29 2007-11-13 Emc Corporation Preserving a snapshot of selected data of a mass storage system
US7194464B2 (en) 2001-12-07 2007-03-20 Websense, Inc. System and method for adapting an internet filter
TWI286701B (en) * 2002-01-09 2007-09-11 Via Tech Inc Process for avoiding system infection of software viruses
EP1520274A2 (de) * 2002-06-28 2005-04-06 Koninklijke Philips Electronics N.V. Abspielsystem mit fernbedienungseinrichtung
US8069480B1 (en) * 2002-09-30 2011-11-29 Mcafee, Inc. Method and system for defining a safe storage area for use in recovering a computer system
KR20040089386A (ko) * 2003-04-14 2004-10-21 주식회사 하우리 메모리를 감염시키는 바이러스의 치료방법, 프로그램을기록한 컴퓨터로 읽을 수 있는 기록매체 및 바이러스의치료장치
EP1652033A1 (de) * 2003-07-08 2006-05-03 Seventh Knight Automatische regeneration von computer-datei-beschreibung
KR20050053401A (ko) * 2003-12-02 2005-06-08 주식회사 하우리 컴퓨터 바이러스 방역방법과 그 프로그램을 기록한 기록매체
US7539871B1 (en) * 2004-02-23 2009-05-26 Sun Microsystems, Inc. System and method for identifying message propagation
GB2416879B (en) 2004-08-07 2007-04-04 Surfcontrol Plc Device resource access filtering system and method
US7457832B2 (en) * 2004-08-31 2008-11-25 Microsoft Corporation Verifying dynamically generated operations on a data store
GB2418037B (en) 2004-09-09 2007-02-28 Surfcontrol Plc System, method and apparatus for use in monitoring or controlling internet access
GB2418999A (en) * 2004-09-09 2006-04-12 Surfcontrol Plc Categorizing uniform resource locators
GB2418108B (en) * 2004-09-09 2007-06-27 Surfcontrol Plc System, method and apparatus for use in monitoring or controlling internet access
FR2877118B1 (fr) * 2004-10-22 2007-01-19 Oberthur Card Syst Sa Protection contre les attaques par generation de fautes sur les instructions de saut
EP1828902A4 (de) * 2004-10-26 2009-07-01 Rudra Technologies Pte Ltd System und verfahren zum identifizieren und entfernen von malware auf einem computersystem
US8117659B2 (en) 2005-12-28 2012-02-14 Microsoft Corporation Malicious code infection cause-and-effect analysis
US20060130144A1 (en) * 2004-12-14 2006-06-15 Delta Insights, Llc Protecting computing systems from unauthorized programs
US20060156397A1 (en) * 2005-01-13 2006-07-13 Steven Dai A New Anti-spy method without using scan
US8984636B2 (en) 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US7895651B2 (en) 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
US8453243B2 (en) 2005-12-28 2013-05-28 Websense, Inc. Real time lockdown
US7823007B2 (en) * 2006-02-17 2010-10-26 International Business Machines Corporation Apparatus, system, and method for switching a volume address association in a point-in-time copy relationship
US8495037B1 (en) * 2006-02-21 2013-07-23 Symantec Operating Corporation Efficient isolation of backup versions of data objects affected by malicious software
US8615800B2 (en) 2006-07-10 2013-12-24 Websense, Inc. System and method for analyzing web content
US8020206B2 (en) 2006-07-10 2011-09-13 Websense, Inc. System and method of analyzing web content
KR101303532B1 (ko) * 2006-10-31 2013-09-03 티티아이 인벤션스 씨 엘엘씨 암호 해싱을 이용한 바이러스 위치파악
US9654495B2 (en) 2006-12-01 2017-05-16 Websense, Llc System and method of analyzing web addresses
GB2445764A (en) * 2007-01-22 2008-07-23 Surfcontrol Plc Resource access filtering system and database structure for use therewith
US20080195676A1 (en) * 2007-02-14 2008-08-14 Microsoft Corporation Scanning of backup data for malicious software
US8015174B2 (en) 2007-02-28 2011-09-06 Websense, Inc. System and method of controlling access to the internet
GB0709527D0 (en) 2007-05-18 2007-06-27 Surfcontrol Plc Electronic messaging system, message processing apparatus and message processing method
US7975313B2 (en) * 2007-08-14 2011-07-05 International Business Machines Corporation System and method for tracing Tardos fingerprint codes
EP2318955A1 (de) * 2008-06-30 2011-05-11 Websense, Inc. System und verfahren zur dynamischen und echtzeit-kategorisierung von webseiten
KR101197182B1 (ko) 2008-12-23 2012-11-02 한국전자통신연구원 컴퓨터 시스템에서의 해킹 방지 장치 및 방법
WO2010138466A1 (en) 2009-05-26 2010-12-02 Wabsense, Inc. Systems and methods for efficeint detection of fingerprinted data and information
US8850428B2 (en) 2009-11-12 2014-09-30 Trustware International Limited User transparent virtualization method for protecting computer programs and data from hostile code
WO2011119940A1 (en) * 2010-03-26 2011-09-29 Telcordia Technologies, Inc. Detection of global metamorphic malware variants using control and data flow analysis
US9117054B2 (en) 2012-12-21 2015-08-25 Websense, Inc. Method and aparatus for presence based resource management

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4734856A (en) * 1984-03-02 1988-03-29 Davis Dannie E Autogeneric system
GB2222899B (en) * 1988-08-31 1993-04-14 Anthony Morris Rose Securing a computer against undesired write operations or from a mass storage device
US5121345A (en) * 1988-11-03 1992-06-09 Lentz Stephen A System and method for protecting integrity of computer data and software
US4975950A (en) * 1988-11-03 1990-12-04 Lentz Stephen A System and method of protecting integrity of computer data and software
US5050212A (en) * 1990-06-20 1991-09-17 Apple Computer, Inc. Method and apparatus for verifying the integrity of a file stored separately from a computer
US5274807A (en) * 1990-11-01 1993-12-28 At&T Bell Laboratories Method for reducing magnetic storage volume for computer disk image backup
US5163088A (en) * 1991-03-06 1992-11-10 Locascio Peter Facsimile security system

Also Published As

Publication number Publication date
EP0514815A2 (de) 1992-11-25
IL101983A0 (en) 1992-12-30
ATE160638T1 (de) 1997-12-15
EP0514815B1 (de) 1997-11-26
US5349655A (en) 1994-09-20
EP0514815A3 (en) 1993-12-22
US5408642A (en) 1995-04-18
IL101983A (en) 1995-12-31
CA2069239A1 (en) 1992-11-25
CA2069239C (en) 2005-04-12

Similar Documents

Publication Publication Date Title
DE69223275D1 (de) Verfahren zur Wiederherstellung eines mit einem Virus infizierten Rechnersprogramms
ATE260486T1 (de) Auffindung von zeichenketten in einer datenbank von zeichenketten
ATE193773T1 (de) Vorrichtung und verfahren zur identifizierung von eingabedaten, die von einer stift-basierten benutzerschnittstelle erzeugt werden
DE69913618D1 (de) Verfahren zur Erzeugung eines Prüfpunktes welcher eine Basisdatei beschreibt und Verfahren zur Erzeugung einer Differenzdatei zwischen einer aktualisierten Datei und einer Basisdatei
DE60043179D1 (de) Verfahren zum lesen von postcodes
DE69602752T2 (de) Verfahren zum aufsuchen von bezahldaten in einem anonymen bezahlsystem, sowie ein bezahlsystem in dem dieses verfahren angewendet wird
KR920005022A (ko) 지문대조방법
US6160914A (en) Handwritten character verification method and apparatus therefor
ATE366404T1 (de) Verfahren und vorrichtung zur dreidimensionalen erfassung von objekten sowie verwendung der vorrichtung und des verfahrens
ATE70649T1 (de) Verfahren zur pruefung von unterschriften.
DE69331383D1 (de) Verfaren zur bestimmung der innenpunkte eines objektes in einem hintergrund
DE69230940D1 (de) Verfahren zum Ableiten der Merkmale von Zeichen in einem Zeichenerkennungssystem
ATE29608T1 (de) Verfahren und vorrichtung zur erfassung und behandlung geschriebener daten.
ATE361503T1 (de) Verfahren und vorrichtung zur verbesserung der erkennung und/oder wiedererkennung von objekten in der bildverarbeitung
DE69017426D1 (de) Verfahren und Vorrichtung zur Wiedergewinnung von Kohlenwasserstoffen aus Luft-Kohlenwasserstoffdampfmischungen.
DE68911423T2 (de) Verfahren und Vorrichtung zur Korrektur von MICR-Daten auf einem Dokument.
KR100914359B1 (ko) 형상 기술자 파라미터의 효과적인 부호화 방법
DE502004009633D1 (de) Verfahren zum wiederherstellen eines berechtigungscodes
DE69736134D1 (de) Verfahren zur karaktererkennung auf einer pixelmatrix
DE59102372D1 (de) Verfahren zur bearbeitung eines benutzerprogramms auf einem parallelrechnersystem.
DE59402389D1 (de) Verfahren zur abtrennung von fulleren aus fullerenhaltigem russ
DE69219185D1 (de) Verfahren und Vorrichtung zur Aufzeichnung von Information
JPS61290584A (ja) 文字認識方法
JOHNSON et al. Dynamic pattern matcher using incomplete data(Patent)
JOHNSON et al. Dynamic pattern matcher using incomplete data(Patent Application)

Legal Events

Date Code Title Description
8332 No legal effect for de