SYSTEMS AND METHODS FOR PROTECTION malicious software based on fuzzy Vaytlisting

摘要

1. A method comprising: running in a client computer system an initial set of targets scan client computer system for malware; ive response to a predetermined initial scan for malware suspicion target for malicious: the generation of the client computer system sets the target hashes targets, each target hash represents a single code block target, with each separate unit of code contains a sequence of processor instructions Trust object, sending the set of hashes with the target client computer system to server computer system connected to a client computer system of the global computer network; ipoluchenie client computer system from the server computer system server indicator indicating whether the target object is malicious, and server indicator generated server computer system by means of: obtaining a plurality of reference hash reference object for at least one target hash of the set target hashes, the reference object is selected according to the target hash of a set of objects listed in the vaytlist, and if the set targets are not identical to the set of hashes of hashes of reference, certain indicators of similarity according to the number of hashes that are common for a plurality of target hash and hash reference for the set; and if the similarity measure exceeds a predetermined threshold value, marking the object as a target nevredonosnogo.2. The method of claim. 1, wherein the generation with