| 发明名称 | System, method and computer program product for inserting an emulation layer in association with a COM server DLL | ||
| 摘要 | A system, method and computer program product are provided. In use, a COM server dynamic link library is identified. Further, an emulation layer is inserted in association with the COM server dynamic link library to emulate interfaces exported by the COM server dynamic link library. As an option, it may be determined whether the COM server DLL is loaded, and the emulation layer may be inserted in response to the determination. | ||
| 申请公布号 | US8863159(B2) | 申请公布日期 | 2014.10.14 |
| 申请号 | US200611484088 | 申请日期 | 2006.07.11 |
| 申请人 | McAfee, Inc. | 发明人 | Sallam Ahmed Said |
| 分类号 | G06F3/00;G06F3/048;H04L29/06;G06F9/445;G06F1/32 | 主分类号 | G06F3/00 |
| 代理机构 | Patent Capital Group | 代理人 | Patent Capital Group |
| 主权项 | 1. A method, comprising: identifying a COM server dynamic link library; inserting an emulation layer in association with the COM server dynamic link library to emulate interfaces exported by the COM server dynamic link library, utilizing a processor, wherein it is ascertained that there is no running application thread with a thread-function residing within the COM server dynamic link library prior to inserting the emulation layer; identifying, utilizing the emulation layer, at least one infected COM server dynamic link library; and in response to the identifying the at least one infected COM server dynamic link library: retrieving an identifier associated with an application thread that loaded, prior to the inserting the emulation layer, the at least one infected COM server dynamic link library; andfreeing, utilizing the emulation layer, the at least one infected COM server dynamic link library from memory based on the identifier. | ||
| 地址 | Santa Clara CA US | ||