Abstract: An exterior rearview mirror assembly for a vehicle includes a turn signal unit having a housing, a light source and a lens disposed in front of the light source and attached at the housing. The turn signal unit includes an aperture element disposed between the light source and the lens, and includes a film disposed between the lens and the housing so as to be in front of the light source. With the exterior rearview mirror assembly disposed at a side of the vehicle, light emitted by the light source, when powered, passes through the film and through an aperture of the aperture element and through the lens in the forward direction of travel of the equipped vehicle. The film includes structured sections such that light emitted by the light source, when powered, passes through the structured sections of the film and forms an illuminated logo.

Abstract: Methods and apparatus for optimizing computer detection of malware using pattern recognition by refreshing random classification forests are described. In one embodiment, one or more selected trees of a random forest on a computing system may be replaced by one or more new trees. As new categorized data becomes available, one or more new trees may be generated using the new categorized data. Once the one or more new trees are available, the performance of the one or more new trees may be compared to the performance of the trees in the current random forest. Based on this comparison, one or more trees of the random forest may be selected to be replaced by one or more of the new trees.

Abstract: Providing joint access to an isolated computer object by both an isolated computer application and a non-isolated computer application. In one embodiment, a method may include executing a first computer application as a virtualized first computer application in an isolation layer, executing a second computer application as an actual second computer application in an operating system outside the isolation layer, creating a virtualized second computer object in the isolation layer in a location accessible to the virtualized first computer application, creating a gateway third computer object associated with the virtualized second computer object, storing the gateway third computer object outside the isolation layer in a location accessible to the operating system, and enabling joint access to the gateway third computer object by both the virtualized first computer application and the actual second computer application.

Abstract: A turn signal unit for an external mirror for a motor vehicle is designed to radiate a flashing light forwards in the direction of travel with the turn signal unit and the external mirror in the installation position at the side of the vehicle. The turn signal unit includes a light source and a lens disposed in front of the light source. A film with alternating light transmissive and non-light transmissive structures is clamped in the space between the light source and the lens. The film is clamped via a clamping structure which includes structure that is part of the lens and/or a housing portion of the turn signal unit.

Abstract: Thermoplastic compositions useful for sealing longitudinal joints of substrates, for example, roadways and pavement, are provided herein. Formulations including the composition and methods of using the thermoplastic composition to seal longitudinal joints are also disclosed.

Abstract: The disclosed computer-implemented method for improving forest-based malware detection within an organization may include (i) receiving, at a backend computing system, organization data from at least one organization computing device within an organization computer network, (ii) adjusting, at the backend computing system, a general use forest model based on the organization data to generate an organization-specific forest model for detecting malicious computer files within the organization computer network, and (iii) sending, from the backend computing system, the organization-specific forest model to the at least one organization computing device. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A turn signal unit for an external mirror for a motor vehicle is designed to radiate a flashing light forwards in the direction of travel with the turn signal unit and the external mirror in the installation position at the side of the vehicle. The turn signal unit includes a light source and a lens disposed in front of the light source. A film with alternating light transmissive and non-light transmissive structures is clamped in the space between the light source and the lens. The film is clamped via a clamping structure which includes structure that is part of the lens and/or a housing portion of the turn signal unit.

Abstract: Techniques for automated application analysis are disclosed. In one embodiment, the techniques may be realized as a method comprising detecting a code creation activity; detecting the presence of a previously-unknown application; associating the detected application with the code creation activity; and permitting the application to run based on associating the detected application with the code creation activity.

Abstract: Methods, wires, and apparatus for use in cutting (e.g., slicing) hard, brittle materials is provided. The wire can be a super-abrasive wire that includes a wire core and super-abrasive particles bonded to the wire core via a metal bonding layer. This wire, or another type of wire, can be used to slice workpieces useful for producing wafers. The workpieces can be aligned within a holder to produce wafers using the device and methods presently provided. The holder rotates about its central axis, which translates to workpieces moving in orbit around this axis. A single abrasive wire, or multiple turns of wire stretched tightly between wire guides, is then contacted with the rotating holder to slice the workpieces.

Abstract: Systems and methods to automatically generate signatures used to detect malware are provided. The systems and methods use machine learning techniques, to build an over-trained heuristic model to analyze software, cluster identified patterns, validate the clusters against known reputational metrics, automatically create signatures and, in some examples, deploy such signatures to remote computing devices.

Abstract: A computer-implemented method for providing security for synchronized files may include (1) synchronizing, using a cloud folder synchronization service, a backend server with both a client folder on a client machine and an additional client folder on an additional client machine, (2) propagating a file from the client folder to the backend server through the cloud folder synchronization service, (3) identifying, using the cloud folder synchronization service, a result of a security scan of the propagated file, and (4) adjusting, using the cloud folder synchronization service, the synchronization of the file with the additional client folder based on the result of the security scan. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A possibly pre-infected system is inspected for the existence of tracked application-specific accounts. In a tracked application-specific account is found, the system is further audited to verify that only authorized processes are using the account and that the authorized account creation application is installed on the host computer system.

Abstract: A computer-implemented method for detecting an obfuscated executable may include identifying an executable file programmed to execute on a target architecture. The method may also include disassembling a first section of the executable file and determining whether the first section of the executable file comprises a valid instruction. The method may further include determining, based on whether the first section of the executable file comprises a valid instruction, whether the executable file poses a security risk. Various other methods, computer-readable media, and systems are also disclosed.

Abstract: A determination is made as to whether a creator of a created executable file is a trusted installer, e.g., a digitally signed installer. Upon a determination that the creator is a trusted installer, the created executable file is defined as a trusted file. By bestowing the trust of a trusted installer to the executable files that the installer creates, suspicious behavior by the created executable files and associated processes, which otherwise would be blocked, is allowed. In this manner, false positives, e.g., blocking of legitimate behavior by the created executable file and associated process(es), are avoided.

Abstract: Method and apparatus for detecting malware are described. In some examples, files of unknown trustworthiness are identified as potential threats on the computer. A trustworthiness level for each of the files is received from a backend. The trustworthiness level of each of the files is compared to a threshold level. Each of the files where the trustworthiness level thereof satisfies the threshold level is designated as a false positive threat. Each of the files where the trustworthiness level thereof does not satisfy the threshold level is designated as a true positive threat.

Abstract: Methods, wires, and apparatus for use in cutting (e.g., slicing) hard, brittle materials is provided. The wire can be a super-abrasive wire that includes a wire core and super-abrasive particles bonded to the wire core via a metal bonding layer. This wire, or another type of wire, can be used to slice workpieces useful for producing wafers. The workpieces can be aligned within a holder to produce wafers using the device and methods presently provided. The holder rotates about its central axis, which translates to workpieces moving in orbit around this axis. A single abrasive wire, or multiple turns of wire stretched tightly between wire guides, is then contacted with the rotating holder to slice the workpieces.

Abstract: An exemplary method for reducing false positives produced by heuristics may include: 1) training a heuristic using a set of training data, 2) deploying the heuristic, 3) identifying false positives produced by the heuristic during deployment, and then 4) tuning the heuristic by: a) duplicating at least a portion of the false positives, b) modifying the training data to include the duplicate false positives, and c) re-training the heuristic using the modified training data. Corresponding systems and computer-readable media are also disclosed.

Abstract: The launch of an installer or uninstaller is detected. A process lineage tree is created representing the detected launched installer/uninstaller process, and all processes launched directly and indirectly thereby. The detected installer/uninstaller process is represented by the root node in the process lineage tree. Launches of child processes by the installer/uninstaller process and by any subsequently launched child processes are detected. The launched child processes are represented by child nodes in the tree. As long as the installer/uninstaller process represented by the root node in the tree is running, the processes represented by nodes in tree are exempted from anti-malware analysis. The termination of the installer/uninstaller process is detected, after which the processes represented by nodes in the process lineage tree are no longer exempted from anti-malware analysis.

Abstract: An exemplary method for translating non-comparable values into comparable values for use in heuristics may include: 1) identifying a data object, 2) identifying a non-comparable value associated with the data object, 3) translating the non-comparable value into a comparable value, and then 4) processing the comparable value in a heuristic. In some examples, the heuristic may include a malware-detection heuristic, such as a decision tree.

Abstract: A configuration information manager monitors attempts by processes to update non-structured storage of system configuration information, such as plain text files which contain system configuration information. When such an attempt is made, the configuration information manager makes a copy of the target file, and redirects the write operation to this copy. The configuration information manager then analyzes the process that did the writing, as well as the content that was written. If the process and/or the content is deemed to be suspicious, the changes will be logged and discarded, thus protecting the system. Should the changes be deemed legitimate, then the configuration information manager folds them into the real file, typically in an annotated manner, so as enable subsequent reversion of the changes as desired.