Home > General > RapidVirusScan


According to a preferred embodiment, it is the file VIRUS_SIGNATURES.DAT 524 which contains the time-sensitive virus signature information, and which is the file which is most often updated by central antivirus At step 1204, service computer 1020 receives antivirus updates, if any are required, from the central antivirus server 1002. A NBCI database is connected to Server 3. Inc.Method and system including phone with rewards imageUS785721623 Oct 200728 Dic 2010Visa U.S.A.

In addition, this method does not solve the system resource exhaustion issue caused by high concurrency of network data traffic or the system resource “live-lock” issue caused by inspection of large The computer based secure Web platform as claimed in claim 1, the Web server further comprising the method step of implementing the chroot command to change the root directory of the Sharing can be dangerous (Blogs/Latest) ...unrestricted access to information on all computers. Would appreciate any support!Thanks!BillDDS (Ver_09-01-07.01) - NTFSx86 Run by Bill Kovach at 17:08:55.47 on Sat 01/17/2009Internet Explorer: 7.0.6001.18000Microsoft Windows Vista Home Premium 6.0.6001.1.1252.1.1033.18.2045.873 [GMT -5:00]AV: Trend Micro AntiVirus *On-access scanning enabled*

In other scenarios, when many instances of the same content arrive at the same time, past NBCI system will spend system resources inspecting each of the instances. Within the scope of such a preferred embodiment is a system wherein each local area network antivirus server simply acts as a lowest level of an antivirus server hierarchy. Their impact varies from minor annoyances to data removal on the hard disk. In particular, the Web server 220 root directory is chrooted such that the files it needs are the only available ones (Step 310).

  • The computer based secure Web platform (SWP) as claimed in claim 2, the mandatory access control policy further comprising a plurality of sensitivity labels, wherein a sensitivity label of System Outside
  • A main routine used by this antivirus application is “SCAN.EXE”, a program file that is typically placed in the directory C:\PROGRAM_FILES\MCAFEE\VIRUSSCAN on the user's hard drive.
  • Soc.; 1995; pp. 31 41.* Citada por examinador Citada por Patente citante Fecha de presentación Fecha de publicación Solicitante TítuloUS6055567 *2 Feb 199825 Abr 2000Checkfree CorporationDistributed data accessing techniqueUS6088796 *6 Ago
  • monthly, quarterly, etc.).
  • U.S.
  • BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a simplified block diagram of a prior art computer executing a Web browser to communicate HTTP with another computer executing a Web server.
  • In one embodiment, this additional information may be time of inspection that may be part of a system to enhance security such that a data payload is no longer marked as
  • In particular, a sensitivity label of System Outside is assigned to any files requiring write access by the Web server, and a sensitivity label of System is assigned to any files
  • If any such files are not received, at step 414 the antivirus update agent pauses for a period of time.
  • BACKGROUND OF THE INVENTION Network based content inspection (NBCI) is a technology that accumulates data packets transmitted via a data network, reconstructs the accumulated packets into payloads of application level protocols,

Program directory 518 comprises a first executable file Antivirus_Application.exe 520 and a second executable file Antivirus_Update_Agent.exe 522. A method for providing antivirus files to a plurality of client computers connected to a first network, the client computers being connected to a common service computer also connected to said These networks are shared by large numbers of concurrent users who send and retrieve application content of various sizes via a variety of communication protocols. At step 108, on Jul. 15, 2000, the antivirus manufacturer who makes Antivirus_Application.exe discovers BAD_APPLE.V.

Common virus scanning software allows for boot-sector scanning upon system bootup, on-demand scanning at the explicit request of the user, and/or on-access scanning of a file when that file is accessed While preferred embodiments have been described, these descriptions are merely illustrative and are not intended to limit the scope of the present invention. Imágenes(15) Reclamaciones(25) What is claimed is: 1. Any of a variety of computer networking connection methods are also within the scope of the preferred embodiment including, but not limited to, a full-time or dedicated connection between client computer

Inc.Method and apparatus for management of electronic receipts on portable devicesUS7836494 *17 Feb 200416 Nov 2010Intel CorporationSystem and method for regulating the flow of information to or from an applicationUS78375605 Feb A CIH record 42 b is inserted into the CIHL Table 24. A method for providing antivirus files to a client computer connected to the internet via an internet service provider, the method for providing comprising: installing a first set of antivirus files Computer network 800 comprises a client computer 802, the Internet 804, and an ISP 806 similar to the elements 302, 304, and 306, respectively, of FIG. 3.

Each local computer has a maximum allowable data rate between itself and the computer network. In the embodiment of FIG. 8, the central antivirus server 808 serves a more limited function than the central antivirus server 308 of FIG. 3. If any such files are received, at step 412 the antivirus update files are loaded. In particular, the gateway server 240 reads its configuration file (a copy of configuration file "tcb/files/tgad.conf" is attached as Appendix B) which specifies the attributes of the trusted gateway agent server

The contents of Program directory 518 are shown on the right hand side of FIG. 5A. Advantageously, in antivirus update distribution systems according to the preferred embodiments described herein, there is an opportunity for minimized latency between the discovery of a new virus by an antivirus manufacturer These additional files, which are designed to counteract the negative effects of the newest types of harmful software unleashed by computer hackers, may be associated into the scanning engine through a Any time a process tries to read, write, or execute a file, the system examines the process and object sensitivity labels and consults its MAC rules.

In another embodiment, the system is a software component embedded into a content inspection module which is a software module, a co-processor or a computer system. Since that CGI application 225 has been invoked with the same argument and environment vectors used to invoke the gateway client 237 (which the Web server 210 "thinks" is the real The program SCAN.EXE is adapted to be used for any of the following types of virus scanning: virus scanning of system boot-sectors at startup, on-demand virus scanning at the explicit request FIG. 12 shows steps taken by service computer 1020 according to a preferred embodiment.

The scenario of FIG. 1 is a common manner in which desktop systems that are purportedly “protected” from infection nevertheless become infected by new viruses, and represents a problem unique to If the user has already been sent the latest version of the virus signature files, no action is taken for that user, wherein steps 602-606 are repeated. In a typical configuration, VirusScan™ is used in conjunction with a set of virus signature files having the names CLEAN.DAT, MCALYZE.DAT, NAMES.DAT, and SCAN.DAT.

The gateway server program 240 verifies that the connection originated from a reserved or a privileged port.

FIG. 1 shows a flowchart of steps 100 which can occur when a typical user purchases and loads an antivirus program equipped with virus signature files, but neglects to keep its Inc.Method and system using wildcard valuesUS790473025 Sep 20078 Mar 2011Hewlett-Packard Development Company, L.P.System for providing a trustworthy user interfaceUS790577830 Jul 200715 Mar 2011IgtServer based gaming system having multiple progressive awardsUS7917751 *22 A bridge between the Web server and the set of CGI applications could be advantageous when implemented by use of a trusted gateway agent to take information from a Web browser's ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: Connection to failed.

A typical organization employs a combination of CGI applications and HTML to provide a desired service or product. In another preferred embodiment, a plurality of local client computers are coupled to a local area network antivirus server across a local area network. The virus scanning engine scans a user's computer files via a serial comparison of each file against the virus signature files. Your cache administrator is webmaster.

More specifically, the invention provides systems and methods for improved NBCI in complex networks that are typical for enterprises and service providers. The system of claim 2 wherein the additional information includes any one of or a combination of inspection history information, content classification information and content manipulation instructions. 4. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. However, at step 116 the BAD_APPLE.V virus goes undetected by Antivirus_Application.exe because the VIRUS_SIGNATURE.DAT file being used is an old one dated Feb. 1, 2000 and therefore it does not contain

For example, if a program is executed within a shell (for example, sh(1), csh(1), or ksh(1), the new process automatically inherits the sensitivity label of the shell process. Shown in FIG. 3 is a central antivirus server 308 having a packet-switched connection to Internet 304. The Web server 210 is restricted from accessing non-essential files by changing the root directory during initialization (Step 305). As known in the art, at computer startup the program Antivirus_Application.exe 520 is executed or, alternatively, this program can be manually invoked by the user.

Still further, for large, archived payloads, this method does not take advantage of the fact that some components of the payload may have already been inspected. For example, US 2006/0221658 (Gould) uses a programmable finite state machine implemented as an integrated circuit to improve the memory usage efficiency of applying pattern matching against data payload for the In a further embodiment, the system and method enable many copies of data payloads of the same content entering a network via a variety of communication sessions and via different communication This allows very basic information pages (which may not need as much protection) to be accessed more quickly and prevent unauthorized modification.

In the Windows 95™ environment, the Registry files are often modified such that SCAN.EXE is run at computer startup, and also remains resident for scanning all files upon file access. As illustrated in FIG. 2, an HP UNIX CMW based computer 200 (an HP 9000 Series 700 series workstation) incorporates a layered software secure Web platform 202 having a compartmentalized process Step 406 is a detection step, wherein the antivirus update agent queries the operating system of client computer 302 for an indication that a TCP/IP connection and that a Web browser In this case, the service computer 1020 would only receive the UNIX updates from central antivirus server 1002, and the automated installation procedure would distribute and install the updates only onto

Blogs Home Search Search Keyword: Search All words Any words Exact Phrase Ordering: Newest FirstOldest FirstMost PopularAlphabeticalSection/Category Search Only: Articles Web Links Contacts Categories Sections News Feeds Search Keyword their Total: Accordingly, it would be desirable to provide a method and system for providing the most up-to-date virus scanning, disinfection, and signature files on a user's computer for protecting against the newest Such computers are typically run by system administrators, help desk administrators, or designated power users, and are referred to by various names such as help desks, administration computers, or other names. Computer network 1000 comprises a central antivirus server 1002, a push administration system 1003, the Internet 1004, and a corporate computer network 1006.

The program Antivirus_Update_Agent.exe 522 is designed to interact with the operating system such that the creation of a TCP/IP connection to the Internet and the invocation of a Web browser is