摘要 |
<p>A METHOD OF DETECTING MALWARE PRESENT ON A COMPUTER SYSTEM RUNNING A WINDOWS? OPERATING SYSTEM, THE METHOD COMPRISING DETECTING A CALL BY AN APPLICATION TO AN UNESCAPE FUNCTION (102), REDIRECTING THE FUNCTION CALL TO A SCANNING FUNCTION, EMPLOYING THE SCANNING FUNCTION TO SCAN A PARAMETER OF THE FUNCTION CALL FOR SUSPECT SHELLCODE (106), AND, IN THE EVENT THAT SUSPECT SHELLCODE IS DETECTED, INHIBITING THE FUNCTION CALL (110).</p> |