主权项 |
1. A computer-implemented system for automatic generation of a heuristic script for malware detection, the system comprising:
a server-based automatic heuristics generation system for generating heuristic scripts for curing malware infections on a user computer; a log database connected to the automatic heuristics generation system and containing logs of events that occurred on user computers, the events including detection of known malicious objects and detection of suspicious objects; a safe objects database accessible by the automatic heuristics generation system and containing properties of known safe objects; and a malicious objects database accessible by the automatic heuristics generation system and containing signatures of known malicious objects, wherein the automatic heuristics generation system retrieves suspect object metadata from the log database and generates the heuristic script based on data from the safe objects database and the malicious objects database, wherein, for multiple computers having the same configuration and connected to the same network and having the same logs, only one log that is common to all the multiple computers is transmitted to the log database and only one heuristic script is generated and distributed to the multiple computers, and a different and specific heuristic script is distributed to those computers that have a different log than the common log. |