首页>
外国专利>
Method using kernel mode assistance for the detection and removal of threats which are actively preventing detection and removal from a running system
Method using kernel mode assistance for the detection and removal of threats which are actively preventing detection and removal from a running system
展开▼
机译:使用内核模式辅助来检测和消除威胁的方法,这些威胁正在积极阻止从运行中的系统进行检测和消除
展开▼
页面导航
摘要
著录项
相似文献
摘要
A user mode application component invokes the assistance of a kernel mode driver component to detect and/or remediate malicious code on a computer system. The user mode application may include code that detects, for example, spyware and computer viruses, from user mode and when appropriate takes protective action when malicious code is detected. In one aspect, when the user mode application is unable to perform a selected operation in attempting to detect and/or take protective action, the user mode application invokes a kernel mode driver for assistance. The kernel mode driver assists user mode application in detecting malicious code and/or taking protective action by enabling or otherwise performing a selected operation for the user mode application.
展开▼