US2012030766A1PendingUtilityA1

Method and system for defining a safe storage area for use in recovering a computer system

Assignee: TARBOTTON LEE CODEL LAWSONPriority: Sep 30, 2002Filed: Oct 4, 2011Published: Feb 2, 2012
Est. expirySep 30, 2022(expired)· nominal 20-yr term from priority
G06F 21/575
47
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method for defining an area to record changes made to a computer system is disclosed. The method includes defining a safe area on a primary storage device of the computer system and storing information on the location of the safe area on a secondary storage device. The method further includes booting the computer system utilizing a backup device and changing data on the primary storage device. The changes are recorded in the safe area of the primary storage device and are accessible when the computer system is booted from the backup device.

Claims

exact text as granted — not AI-modified
1 - 31 . (canceled) 
     
     
         32 . A method comprising:
 defining a safe area on a primary storage device of a computer system, the primary storage device containing a primary operating system of the computer system;   identifying changes made on the primary storage device following booting of the computer system; and   recording the changes made on the primary storage device to the defined safe area.   
     
     
         33 . The method of  claim 32 , further comprising storing information on a secondary storage device, the information identifying the location of the safe area on the primary storage device. 
     
     
         34 . The method of  claim 33 , wherein the information includes a file with content forming a detectable pattern for each cluster allocated to the file. 
     
     
         35 . The method of  claim 32 , wherein the computer system is booted utilizing a backup device. 
     
     
         36 . The method of  claim 35 , wherein the bootable device includes a virus scanner and a virus cleaner. 
     
     
         37 . The method of  claim 35 , wherein the bootable device includes a secondary operating system and the computer system is booted utilizing the secondary operating system. 
     
     
         38 . The method of  claim 32 , further comprising storing, in the safe area, computer-readable instructions for recovering the computer system using the changes recorded in the safe area. 
     
     
         39 . The method of  claim 32 , further comprising running a malware scan of at least a portion of the primary storage device. 
     
     
         40 . The method of  claim 39 , wherein running the malware scan includes determining whether a safe area has been defined on the primary storage device. 
     
     
         41 . The method of  claim 40 , wherein a determination that a safe area has not been defined prompts definition of the safe area on the primary storage device. 
     
     
         42 . The method of  claim 32 , further comprising using data stored in the safe area to restore at least a portion of the primary storage device to an earlier configuration. 
     
     
         43 . The method of  claim 42 , wherein the earlier configuration is a configuration prior to cleaning the primary storage device of malware detected during a scan of the primary storage device. 
     
     
         44 . The method of  claim 42 , wherein restoring at least a portion of the primary storage device to the earlier configuration includes verifying availability of the safe area. 
     
     
         45 . The method of  claim 44 , wherein data identifying location of the safe area on the first storage device is stored on a secondary storage device, and verifying the availability of the safe area includes verifying presence of the safe area at the location specified by the data stored on the secondary storage device. 
     
     
         46 . The method of  claim 44 , wherein data identifying patterns of the safe area is stored on a secondary storage device, and verifying the availability of the safe area includes comparing the patterns of the safe area as stored on the secondary storage device with the patterns of the safe area on the first storage device. 
     
     
         47 . The method of  claim 44 , wherein determining that the safe area is not available prompts definition of a new safe area on the primary storage device. 
     
     
         48 . The method of  claim 47 , wherein defining the new safe area includes booting the computer system utilizing the primary operating system. 
     
     
         49 . Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
 defining a safe area on a primary storage device of a computer system, the primary storage device containing a primary operating system of the computer system;   identifying changes made on the primary storage device following booting of the computer system; and   recording the changes made on the primary storage device to the defined safe area.   
     
     
         50 . A method comprising:
 identifying malware during a scan of a primary storage device of a computer system, the primary storage device including a primary operating system;   removing the identified malware, wherein removal of the identified malware causes changes on the primary storage device; and   recording the changes on the primary storage device in a predefined safe area on the primary storage device.   
     
     
         51 . The method of  claim 50 , further comprising determining that the safe area is defined prior to removing the identified malware. 
     
     
         52 . The method of  claim 51 , wherein defining the safe area includes storing data on a secondary storage device, the data identifying the location of the safe area on the primary storage device. 
     
     
         53 . The method of  claim 52 , wherein the data includes a file with content forming a detectable pattern for each cluster allocated to the file. 
     
     
         54 . The method of  claim 52 , wherein size of the safe area is determined based, at least in part, on predicted changes to the primary storage device responsive to the scan of the primary storage device. 
     
     
         55 . The method of  claim 50 , further comprising determining whether the computer system functions properly following removal of the identified malware. 
     
     
         56 . The method of  claim 55 , wherein determining whether the computer system functions properly following removal of the identified malware includes attempting to boot the computer system utilizing the primary operating system following the removal of the identified malware. 
     
     
         57 . The method of  claim 55 , wherein a determination that the computer system does not function properly following removal of the identified malware prompts a restoration of at least a portion of the primary storage device to a configuration prior to the removal of the identified malware. 
     
     
         58 . The method of  claim 57 , wherein restoring at least a portion of the primary storage device includes booting the computer system utilizing a backup operating system. 
     
     
         59 . The method of  claim 57 , wherein restoring at least a portion of the primary storage device includes reading a secondary storage device to identify a location of the predefined safe area on the primary storage device. 
     
     
         60 . The method of  claim 50 , wherein the computer system is booted from a backup operating system for the scan of the primary storage device. 
     
     
         61 . Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
 identifying malware during a scan of a primary storage device of a computer system, the primary storage device including a primary operating system;   removing the identified malware, wherein removal of the identified malware causes changes on the primary storage device; and   recording the changes on the primary storage device in a predefined safe area on the primary storage device.

Join the waitlist — get patent alerts

Track US2012030766A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.