The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Nov. 05, 2013
Filed:
Apr. 15, 2010
Mark Kennedy, Redondo Beach, CA (US);
Sourabh Satish, Fremont, CA (US);
Alexander Danileiko, Newport Coast, CA (US);
Ming-jen Wang, Torrance, CA (US);
Mark Kennedy, Redondo Beach, CA (US);
Sourabh Satish, Fremont, CA (US);
Alexander Danileiko, Newport Coast, CA (US);
Ming-Jen Wang, Torrance, CA (US);
Symantec Corporation, Mountain View, CA (US);
Abstract
The launch of an installer or uninstaller is detected. A process lineage tree is created representing the detected launched installer/uninstaller process, and all processes launched directly and indirectly thereby. The detected installer/uninstaller process is represented by the root node in the process lineage tree. Launches of child processes by the installer/uninstaller process and by any subsequently launched child processes are detected. The launched child processes are represented by child nodes in the tree. As long as the installer/uninstaller process represented by the root node in the tree is running, the processes represented by nodes in tree are exempted from anti-malware analysis. The termination of the installer/uninstaller process is detected, after which the processes represented by nodes in the process lineage tree are no longer exempted from anti-malware analysis.