Patents by Inventor Michael Sean Jarrett
Michael Sean Jarrett has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9767282Abstract: The subject disclosure relates to antimalware scanning, and more particularly to offline antimalware scanning of a host environment via an alternate, known safe operating system. An offline scanning product obtains data previously written by the host environment online antimalware scanning tool, e.g., configuration data and antimalware signatures in shared data stores accessible to the offline and online products, and uses that data to perform the offline antimalware scan. The offline scanning product writes results information and any quarantined files to other shared data stores, whereby the online environment, when rebooted, has access to the information, such as for review and to upload telemetry information to an online service for analysis. Also described is offline replacement of operating system files that cannot be cleaned or removed when online.Type: GrantFiled: December 14, 2010Date of Patent: September 19, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Sterling M. Reasor, Kumi N. Hilwa, Eddy S. Hsia, Santanu Chakraborty, Joseph Leo Faulhaber, Vishal Kapoor, Michael Sean Jarrett, Charles Turner, Jeremy D. Croy
-
Patent number: 9436826Abstract: The subject disclosure is directed towards detecting malware or possible malware in an input file by allowing the input file to be opened, and by monitoring for one or more behaviors corresponding to the open file that likely indicate malware. Only certain executable files and/or file types opened thereby may be monitored, with various collected event data used for antimalware purposes when improper behavior is observed. Example behaviors include writing of a file to storage, generation of network traffic, injection of a process, running of script, and/or writing system registry data. Telemetry data and/or a sample of the file may be sent to an antimalware service, and malware remediation may be performed. Data (e.g., the collected events) may be distributed to other nodes for use in antimalware detection, e.g., to block execution of a similar file.Type: GrantFiled: June 16, 2011Date of Patent: September 6, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Vishal Kapoor, Jonathan Mark Keller, Ajith Kumar, Adrian M. Marinescu, Marc E. Seinfeld, Anil Francis Thomas, Michael Sean Jarrett, Joseph J. Johnson, Joseph L. Faulhaber
-
Publication number: 20120297488Abstract: The subject disclosure is directed towards detecting malware or possible malware in an input file by allowing the input file to be opened, and by monitoring for one or more behaviors corresponding to the open file that likely indicate malware. Only certain executable files and/or file types opened thereby may be monitored, with various collected event data used for antimalware purposes when improper behavior is observed. Example behaviors include writing of a file to storage, generation of network traffic, injection of a process, running of script, and/or writing system registry data. Telemetry data and/or a sample of the file may be sent to an antimalware service, and malware remediation may be performed. Data (e.g., the collected events) may be distributed to other nodes for use in antimalware detection, e.g., to block execution of a similar file.Type: ApplicationFiled: June 16, 2011Publication date: November 22, 2012Applicant: MICROSOFT CORPORATIONInventors: Vishal Kapoor, Jonathan Mark Keller, Ajith Kumar, Adrian M. Marinescu, Marc E. Seinfeld, Anil Francis Thomas, Michael Sean Jarrett, Joseph J. Johnson, Joseph L. Faulhaber
-
Publication number: 20120151582Abstract: The subject disclosure relates to antimalware scanning, and more particularly to offline antimalware scanning of a host environment via an alternate, known safe operating system. An offline scanning product obtains data previously written by the host environment online antimalware scanning tool, e.g., configuration data and antimalware signatures in shared data stores accessible to the offline and online products, and uses that data to perform the offline antimalware scan. The offline scanning product writes results information and any quarantined files to other shared data stores, whereby the online environment, when rebooted, has access to the information, such as for review and to upload telemetry information to an online service for analysis. Also described is offline replacement of operating system files that cannot be cleaned or removed when online.Type: ApplicationFiled: December 14, 2010Publication date: June 14, 2012Applicant: MICROSOFT CORPORATIONInventors: Sterling M. Reasor, Kumi N. Hilwa, Eddy S. Hsia, Santanu Chakraborty, Joseph Leo Faulhaber, Vishal Kapoor, Michael Sean Jarrett, Charles Turner, Jeremy D. Croy
-
Publication number: 20120144489Abstract: The subject disclosure is directed towards protecting virtual machines on guest partitions from malware in a resource-efficient manner. Antimalware software is divided into lightweight agents that run on each malware-protected guest partition, a shared scanning and signature update mechanism, and a management component. Each agent provides the scanning mechanism with files to scan for malware, such as by running a script, and receives results from the scanning mechanism including possible remediation actions to perform. The management component provides the scanning mechanism with access to virtual machine services, such as to pause, resume, snapshot and rollback guest partitions as requested by the scanning mechanism.Type: ApplicationFiled: December 7, 2010Publication date: June 7, 2012Applicant: Microsoft CorporationInventors: Michael Sean Jarrett, Joseph Jared Johnson, Vishal Kapoor, Anil Francis Thomas, Eugene John Neystadt, Dennis Scott Batchelder
-
Patent number: 8087061Abstract: Systems and methods that mitigate affects of malware and facilitate remediation processes. An analysis engine generates a list of actions for resources associated with the malware, and prioritizes/sorts the actions for execution. Such list of actions can be generated automatically via an action list generation component associated with the analysis engine. Likewise, a sorting component as part of the analysis engine can prioritize operations between detected malware to typically ensure a smooth operation during remediation processes (e.g., avoid conflicts).Type: GrantFiled: April 29, 2008Date of Patent: December 27, 2011Assignee: Microsoft CorporationInventor: Michael Sean Jarrett
-
Publication number: 20090217378Abstract: Aspects of the subject matter described herein relate to removing malware from a computer system. In aspects, an anti-malware engine detects malware and writes a tool onto a storage device. The anti-malware engine disguises the tool to make it more difficult for malware to detect that the tool is on the storage device. In addition, the anti-malware engine encrypts and writes remediation actions to be taken by the tool to the storage device and requests that the computer reboot. After rebooting, the computer executes the tool which takes the remediation actions including removing the malware.Type: ApplicationFiled: February 27, 2008Publication date: August 27, 2009Applicant: MICROSOFT CORPORATIONInventors: Joseph Jared Johnson, Catalin Daniel Sandu, Michael Sean Jarrett
-
Publication number: 20090044272Abstract: Systems and methods that mitigate affects of malware and facilitate remediation processes. An analysis engine generates a list of actions for resources associated with the malware, and prioritizes/sorts the actions for execution. Such list of actions can be generated automatically via an action list generation component associated with the analysis engine. Likewise, a sorting component as part of the analysis engine can prioritize operations between detected malware to typically ensure a smooth operation during remediation processes (e.g., avoid conflicts).Type: ApplicationFiled: April 29, 2008Publication date: February 12, 2009Applicant: MICROSOFT CORPORATIONInventor: Michael Sean Jarrett