When a file is created on a computer, an archive copy of that file is also created and separately stored. Upon a subsequent access to the active copy of that file, a comparison between the active copy and the full archived copy is made to detect any changes. If there are not any changes, then the active copy of the file is assumed to be clean from malicious alteration and the access request is permitted. If an alteration has been made and is detected, then further countermeasures are triggered, such as full virus scanning of that file or blocking of its use. This archiving and comparison technique may be selectively applied to a subset of file types, such as executable files and dynamic link libraries, which are known to be infrequently modified during normal user operations.

 
Web www.patentalert.com

< Recording medium having recording program recorded therein and recording apparatus and method

< Method of permitting group access to electronically stored images and transaction card used in the method

> System and method for systems integration

> Method and system for profiling users based on their relationships with content topics
~ 00260