Patent · US Active

On-access scan of memory for malware

US7836504B2 · kind B2 · utility

81Cited by

0References

17Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Kenneth D. Ray · Seattle, US
Michael Kramer · Yonkers, US
Paul England · Bellevue, US
Scott A. Field · Redmond, US

Key dates

Filing date	Mar 1, 2005
Grant date	Nov 16, 2010
Priority date	—
Expiry date	Aug 25, 2027

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/562
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The present invention provides a system, method, and computer-readable medium for identifying malware that is loaded in the memory of a computing device. Software routines implemented by the present invention track the state of pages loaded in memory using page table access bits available from a central processing unit. A page in memory may be in a state that is “unsafe” or potentially infected with malware. In this instance, the present invention calls a scan engine to search a page for malware before information on the page is executed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.