Methods for blocking harmful information online
DCFirst Claim
1. A method for blocking in real time harmful information in a file to be executed, the method comprising the steps of:
- (a) on a computer network through which a web server and a client system are linked to each other, the web server receiving a connection request from the client system over the computer network;
(b) the web server transmitting a harmful information blocking code module to the client system; and
(c) once the transmission of the harmful information blocking code module is completed, the harmful information blocking code module automatically running on the client system to block in real time harmful information including computer viruses,wherein the step (c) comprises steps of;
(c1) inspecting file input/output (I/O) on the client system by hooking up file I/O routines,(c2) determining whether the file to be executed corresponding to the inspected file input/output in the step (c1) is harmful or not; and
(c3) treating a file determined to be harmful in the step (c2) and executing the file, if it can be treated, and aborting the execution of the file determined to be harmful in the step (c2), if it cannot be treated.
1 Assignment
Litigations
2 Petitions
Accused Products
Abstract
A system and method are provided for diagnosing, remedying and blocking harmful information including computer viruses online over a computer network via which a web server and a client are linked to each other. The method includes, on a computer network through which a web server and a client system are linked to each other, the web server receiving a connection request from the client system over the computer network. Then, the web server transmits a harmful information blocking code module to the client system. Once the transmission of the harmful information blocking code module is completed the harmful information blocking code module automatically runs on the client system to block in real time harmful information including computer viruses. The harmful information blocking code module is automatically transmitted to and installed in the client system only by online connecting to the harmful information management server, so that the harmful information detected on the client system can be actively blocked in real time without requiring a manual installation process.
12 Citations
54 Claims
-
1. A method for blocking in real time harmful information in a file to be executed, the method comprising the steps of:
-
(a) on a computer network through which a web server and a client system are linked to each other, the web server receiving a connection request from the client system over the computer network; (b) the web server transmitting a harmful information blocking code module to the client system; and (c) once the transmission of the harmful information blocking code module is completed, the harmful information blocking code module automatically running on the client system to block in real time harmful information including computer viruses, wherein the step (c) comprises steps of; (c1) inspecting file input/output (I/O) on the client system by hooking up file I/O routines, (c2) determining whether the file to be executed corresponding to the inspected file input/output in the step (c1) is harmful or not; and (c3) treating a file determined to be harmful in the step (c2) and executing the file, if it can be treated, and aborting the execution of the file determined to be harmful in the step (c2), if it cannot be treated. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for blocking in real time harmful information in a file to be executed, the method comprising the steps of:
-
(a) on a computer network through which a first web server, a second web server and a client system are linked to each other, the client system connecting to the second web server over the computer network; (b) the client system connecting to the first web server over the computer network, according to information provided from the second web server to the client system; (c) the first web server transmitting a harmful information blocking code module to the client system; and (d) once the transmission of the harmful information blocking code module is completed, the harmful information blocking code module automatically running on the client system to block in real time harmful information including computer viruses, wherein the step (d) comprises steps of; (d1) inspecting file input/output (I/O) on the client system by hooking up file I/O routines; (d2) determining whether the file to be executed corresponding to the inspected file input/output in the step (d1) is harmful or not; and (d3) treating a file determined to be harmful in the step (d2) and executing the file, if it can be treated, and aborting execution of the file determined to be harmful in the step (d2), if it cannot be treated. - View Dependent Claims (9)
-
-
10. A method for blocking in a real time harmful information in a file to be executed in real time, the method comprising steps of:
-
(a) on a computer network through which a first web server and a client system are linked to each other, the first web server receiving a connection request from the client system over the computer network; (b) the connection request is issued by the client system according to information provided from a second web server after the client system is connected to the second web server separated from the first web server; (c) once the first web server transmits a harmful information blocking code module to the client system, the harmful information blocking code module automatically running on the client system to block in real time harmful information including computer viruses, wherein the step (d) comprises steps of; (c1) inspecting file input/output (I/O) on the client system by hooking up file I/O routines; (c2) determining whether the file to be executed corresponding to the inspected file input/output in the step (c1) is harmful or not; and (c3) treating a file determined to be harmful in the step (c2) and executing the file, if it can be treated, and aborting execution of the file determined to be harmful in the step (c2), if it cannot be treated. - View Dependent Claims (11)
-
-
12. A system for blocking in real time harmful information in a file to be executed, comprising:
-
a first web server for providing online services through a computer network; and a client computer linked with the first web server via the computer network, wherein when the first web server receives a connection request from the client system, the first web server transmits a harmful information blocking code module to the client computer, and the harmful information blocking code module is automatically executed on the client computer to block in real time harmful information including computer viruses, and wherein the harmful information blocking code module inspect file input/output (I/O) on the client system by hooking up file I/O routines, and determines whether the file to be executed corresponding to the inspected file input/output is harmful or not; and treats a file determined to be harmful and executes the file, if it can be treated, and aborts the execution of the file determined to be harmful, if it cannot be treated. - View Dependent Claims (13, 14, 15)
-
-
16. A method performed by a server system for blocking harmful information at a client system, wherein the server system and the client system are connected by a computer network, the method comprising:
-
receiving a request from the client system; transmitting to the client system, in response to the request, a harmful information blocking code module, wherein the harmful information blocking code module is configured to execute on the client system to block harmful information in response to completion of transmission of the harmful information blocking code module to the client system, the harmful information blocking code module configured to; inspect file input/output by intercepting at least one file input/output routine on the client system; determine whether at least one file corresponding to the file input/output routine is harmful or not; and in response to determining that a file is harmful, abort execution of the file input/output routine if the file cannot be treated. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method for blocking harmful information at a client system, wherein the client system is connected to a server system via a computer network, the method comprising:
-
sending a request to download a harmful information blocking code module from the server system; downloading the harmful information blocking code module; executing the harmful information blocking code module runs on the client system to block harmful information wherein executing the harmful information blocking code module comprises; inspecting file input/output (I/O) by intercepting I/O data of at least one file I/O routine on the client system; determining, based on the intercepting, whether at least one file corresponding to the file I/O routine is harmful or not; and in response to determining that a file is harmful, aborting execution of the file I/O routine if the file cannot be treated. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A client computer comprising:
-
a connection to a computer network; a processor, wherein, in response to receipt of a harmful information blocking code module from the computer network, the processor is configured to execute the harmful information blocking code module, which causes the processor to be configured to; inspect file input/output (I/O) by intercepting I/O data of at least one file I/O routine on the client system; determine, based on the intercepting, whether at least one file corresponding to the file I/O routine is harmful or not; determine whether the file determined to be harmful can be treated; and in response to determining that a file is harmful and cannot be treated, abort execution of the file I/O routine. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47)
-
-
48. A non-transitory computer-readable medium on which are stored instructions for execution by a client computer system connected to a server computer system via a computer network, wherein the instructions are received at the client computer system from the server system in response to a request from the client computer system, and wherein the instructions execute on the client computer system after receipt of the instructions from the server computer system, the instructions comprising:
-
instructions to inspect file input/output (I/O) by intercepting I/O data of at least one file I/O routine on the client system; instructions to determine, based on the intercepting, whether at least one file corresponding to the file input/output routine is harmful or not; and instructions to, in response to determining that a file is harmful, abort execution of the file I/O routine if the file cannot be treated. - View Dependent Claims (49, 50, 51, 52, 53, 54)
-
Specification