摘要 |
FIELD: physics, computer engineering.SUBSTANCE: invention relates systems and methods of detecting presence of malware in an operating system preventing the user from working with the operating system. To detect presence of malware in an operating system, the method includes: (a) detecting the occurrence of an event characterised by disruption of user interaction with the operating system interface; (b) comparing the current state of the operating system with patterns of states characterising operation of the of operating system with malware which prevents user interaction with the operating system interface; and (c) upon detecting said event characterised by disruption of user interaction with the operating system interface, and upon match of the current state of the operating system with said patterns of states characterising operation of the operating system with said malware, determining the presence of said malware in the operating system.EFFECT: detecting the presence of malware preventing user interaction with an operating system interface.11 cl, 6 dwg |