WEBROOT SOFTWARE, INC. Patent applications |
Patent application number | Title | Published |
20120005752 | Method and system for detecting and removing hidden pestware files - A method and system for detecting and removing a hidden pestware file is described. One illustrative embodiment detects, using direct drive access, a file on a computer storage device; determines whether the file is also detectable by the operating system by attempting to access the file using a standard file Application-Program-Interface (API) function call of the operating system; identifies the file as a potential hidden pestware file, when the file is undetectable by the operating system; confirms through an automated pestware-signature scan of the potential hidden pestware file that the potential hidden pestware file is a hidden pestware file; and removes automatically, using direct drive access, the hidden pestware file from the storage device. | 01-05-2012 |
20110289587 | Method and system for detecting and removing hidden pestware files - A method and system for detecting and removing a hidden pestware file is described. One illustrative embodiment detects, using direct drive access, a file on a computer storage device; determines whether the file is also detectable by the operating system by attempting to access the file using a standard file Application-Program-Interface (API) function call of the operating system; identifies the file as a potential hidden pestware file, when the file is undetectable by the operating system; confirms through an automated pestware-signature scan of the potential hidden pestware file that the potential hidden pestware file is a hidden pestware file; and removes automatically, using direct drive access, the hidden pestware file from the storage device. | 11-24-2011 |
20110239298 | CONCURRENT AND DELAYED PROCESSING OF MALWARE WITH REDUCED I/O INTERFERENCE - Systems, methods and non-transitory, tangible computer readable storage mediums encoded with processor readable instructions to scan files for malware are disclosed. An exemplary method includes writing, via a communication pathway, a first file to a storage medium that is utilized by the computer, requesting access to the first file so as to enable the first file to be scanned for malware, and delaying, when the first file resides on the storage medium, access to the first file while there is at least one I/O operation relative to the storage medium that has a higher priority level than a priority level of the request to access the first file. In addition, except to enable the first file to be scanned for malware, access to the first file is prevented until the first file has been scanned for malware. | 09-29-2011 |
20110197272 | Low-Latency Detection of Scripting-Language-Based Exploits - Systems and methods for protecting client computers are described. One method includes receiving webpage data at a proxy from a webpage before the data reaches an intended recipient; gathering scripting-language-data from the webpage data; normalizing the scripting-language-data so as to generate normalized data; emulating execution of the normalized scripting-language-data with a inspection-point-script-execution engine that that is adapted to provide inspection points instead of effectuating particular functions, and determining whether to block the data from the intended recipient by analyzing inspection-data collected from the inspection points. | 08-11-2011 |
20100306522 | Method and system of file manipulation during early boot time using portable executable file reference - A system and method for enabling access to user-level data is described. One embodiment includes accessing a user-level portable executable (PE) file. In this embodiment, the boot-loader registry of a computer is modified during an installation period to include a reference to the user-level PE file. The operating system uses the reference during an early boot-time to image the PE file into memory as a boot-file. | 12-02-2010 |
20090144826 | Systems and Methods for Identifying Malware Distribution - Systems and methods for identifying malware distribution sites are described. In one embodiment, a system includes a malware detection module configured to analyze a file of a protected computer to determine that the file is associated with malware. The system also includes a Web site identification module configured to search a download history log of the protected computer to identify a Web site from which the file was downloaded. | 06-04-2009 |
20080281772 | SYSTEM AND METHOD FOR MANAGING ACCESS TO STORAGE MEDIA - Systems and methods for managing access to a file storage device are described. One embodiment is configured to initially allow an anti-pestware process to access the file storage device, and then in response to identifying a process, other than the anti-pestware process, attempting to access the file storage device while the anti-pestware process is accessing the storage device, ceasing to allow the anti-pestware process to access the storage device during an interrupt period. In this embodiment, the interrupt period is limited so as to allow the anti-pestware process to access the storage device of the computer even if the at least one process continues to attempt to access the storage device. In variations, the interrupt period is extended one or more times in response to one or more processes other than the anti-pestware process attempting to access the file storage device. | 11-13-2008 |