U.S. patents available from 1976 to present.
U.S. patent applications available from 2005 to present.

Generic disinfection of programs infected with a computer virus

Patent 5613002 Issued on March 18, 1997. Estimated Expiration Date: Icon_subject November 21, 2014. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.

Patent References

Method and apparatus for verifying the integrity of a file stored separately from a computer
Patent #: 5050212
Issued on: 09/17/1991
Inventor: Dyson

Method for recovery of a computer program infected by a computer virus
Patent #: 5349655
Issued on: 09/20/1994
Inventor: Mann

Data processing virus protection circuitry including a permanent memory for storing a redundant partition table
Patent #: 5367682
Issued on: 11/22/1994
Inventor: Chang

Method for recovery of a computer program infected by a computer virus
Patent #: 5408642
Issued on: 04/18/1995
Inventor: Mann

Searching for patterns in encrypted data
Patent #: 5442699
Issued on: 08/15/1995
Inventor: Arnold, et al.

Method and apparatus for increasing the speed of the detecting of computer viruses
Patent #: 5473769
Issued on: 12/05/1995
Inventor: Cozza

Method and arrangement for monitoring computer manipulations
Patent #: 5475625
Issued on: 12/12/1995
Inventor: Glaschick

Automatic analysis of a computer virus structure and means of attachment to its hosts Patent #: 5485575
Issued on: 01/16/1996
Inventor: Chess, et al.

Inventors

Application

No. 342520 filed on 11/21/1994

US Classes:

713/188, COMPUTER VIRUS DETECTION BY CRYPTOGRAPHY714/36, Test sequence at power-up or initialization714/38, Of computer software714/39Monitor recognizes sequence of events (e.g., protocol or logic state analyzer)

Examiners

Primary: Tarcza, Thomas H.
Assistant: Sayadian, Hrayr A.

Attorney, Agent or Firm

International Classes

H04L 009/00
H04K 001/00

Abstract

A method for restoring a computer program infected with a computer virus to its non-viral condition. The method uses certain information about an uninfected host program recorded prior to infection without relying upon pre-existing knowledge of the computer virus. The method includes: recording a checksum of the uninfected original program, the length of the program, and information pertaining to bytes located near the beginning and end of the original program; and, subsequent to any modification of the original program that is deemed suspicious, generating one or more trial reconstructions based on the recorded information and information contained in the modified file; comparing a checksum of each generated trial reconstruction with the checksum of the original program stored in the database; and outputting a trial reconstruction as the original uninfected program if its checksum matches that of the original program.

Other References

  • "Calculating CRC's By Bits and Bytes" Sep. 1986 pp. 115-124 Bytes Magazine, Greg Morse
  • "Virus Verification and Removal--Tools and Techniques" Virus Bulletin Nov. 1991 UK pp. 7-11 D. M. Ches
PatentsPlus Images
Enhanced PDF formats
loading...
PatentsPlus: add to cart
PatentsPlus: add to cartSearch-enhanced full patent PDF image
$9.95more info
PatentsPlus: add to cart
PatentsPlus: add to cartIntelligent turbocharged patent PDFs with marked up images
$18.95more info
 
Sign InRegister
Username  
Password   
forgot password?