US2012030766A1PendingUtilityA1
Method and system for defining a safe storage area for use in recovering a computer system
Est. expirySep 30, 2022(expired)· nominal 20-yr term from priority
G06F 21/575
47
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
A method for defining an area to record changes made to a computer system is disclosed. The method includes defining a safe area on a primary storage device of the computer system and storing information on the location of the safe area on a secondary storage device. The method further includes booting the computer system utilizing a backup device and changing data on the primary storage device. The changes are recorded in the safe area of the primary storage device and are accessible when the computer system is booted from the backup device.
Claims
exact text as granted — not AI-modified1 - 31 . (canceled)
32 . A method comprising:
defining a safe area on a primary storage device of a computer system, the primary storage device containing a primary operating system of the computer system; identifying changes made on the primary storage device following booting of the computer system; and recording the changes made on the primary storage device to the defined safe area.
33 . The method of claim 32 , further comprising storing information on a secondary storage device, the information identifying the location of the safe area on the primary storage device.
34 . The method of claim 33 , wherein the information includes a file with content forming a detectable pattern for each cluster allocated to the file.
35 . The method of claim 32 , wherein the computer system is booted utilizing a backup device.
36 . The method of claim 35 , wherein the bootable device includes a virus scanner and a virus cleaner.
37 . The method of claim 35 , wherein the bootable device includes a secondary operating system and the computer system is booted utilizing the secondary operating system.
38 . The method of claim 32 , further comprising storing, in the safe area, computer-readable instructions for recovering the computer system using the changes recorded in the safe area.
39 . The method of claim 32 , further comprising running a malware scan of at least a portion of the primary storage device.
40 . The method of claim 39 , wherein running the malware scan includes determining whether a safe area has been defined on the primary storage device.
41 . The method of claim 40 , wherein a determination that a safe area has not been defined prompts definition of the safe area on the primary storage device.
42 . The method of claim 32 , further comprising using data stored in the safe area to restore at least a portion of the primary storage device to an earlier configuration.
43 . The method of claim 42 , wherein the earlier configuration is a configuration prior to cleaning the primary storage device of malware detected during a scan of the primary storage device.
44 . The method of claim 42 , wherein restoring at least a portion of the primary storage device to the earlier configuration includes verifying availability of the safe area.
45 . The method of claim 44 , wherein data identifying location of the safe area on the first storage device is stored on a secondary storage device, and verifying the availability of the safe area includes verifying presence of the safe area at the location specified by the data stored on the secondary storage device.
46 . The method of claim 44 , wherein data identifying patterns of the safe area is stored on a secondary storage device, and verifying the availability of the safe area includes comparing the patterns of the safe area as stored on the secondary storage device with the patterns of the safe area on the first storage device.
47 . The method of claim 44 , wherein determining that the safe area is not available prompts definition of a new safe area on the primary storage device.
48 . The method of claim 47 , wherein defining the new safe area includes booting the computer system utilizing the primary operating system.
49 . Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
defining a safe area on a primary storage device of a computer system, the primary storage device containing a primary operating system of the computer system; identifying changes made on the primary storage device following booting of the computer system; and recording the changes made on the primary storage device to the defined safe area.
50 . A method comprising:
identifying malware during a scan of a primary storage device of a computer system, the primary storage device including a primary operating system; removing the identified malware, wherein removal of the identified malware causes changes on the primary storage device; and recording the changes on the primary storage device in a predefined safe area on the primary storage device.
51 . The method of claim 50 , further comprising determining that the safe area is defined prior to removing the identified malware.
52 . The method of claim 51 , wherein defining the safe area includes storing data on a secondary storage device, the data identifying the location of the safe area on the primary storage device.
53 . The method of claim 52 , wherein the data includes a file with content forming a detectable pattern for each cluster allocated to the file.
54 . The method of claim 52 , wherein size of the safe area is determined based, at least in part, on predicted changes to the primary storage device responsive to the scan of the primary storage device.
55 . The method of claim 50 , further comprising determining whether the computer system functions properly following removal of the identified malware.
56 . The method of claim 55 , wherein determining whether the computer system functions properly following removal of the identified malware includes attempting to boot the computer system utilizing the primary operating system following the removal of the identified malware.
57 . The method of claim 55 , wherein a determination that the computer system does not function properly following removal of the identified malware prompts a restoration of at least a portion of the primary storage device to a configuration prior to the removal of the identified malware.
58 . The method of claim 57 , wherein restoring at least a portion of the primary storage device includes booting the computer system utilizing a backup operating system.
59 . The method of claim 57 , wherein restoring at least a portion of the primary storage device includes reading a secondary storage device to identify a location of the predefined safe area on the primary storage device.
60 . The method of claim 50 , wherein the computer system is booted from a backup operating system for the scan of the primary storage device.
61 . Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
identifying malware during a scan of a primary storage device of a computer system, the primary storage device including a primary operating system; removing the identified malware, wherein removal of the identified malware causes changes on the primary storage device; and recording the changes on the primary storage device in a predefined safe area on the primary storage device.Join the waitlist — get patent alerts
Track US2012030766A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.