Abstract: The invention provides methods for treating and/or preventing cognitive impairments, dementia, or neurodegenerative diseases and disorders (e.g., Alzheimer's disease, Parkinson's disease, Huntington's disease, amyotrophic lateral sclerosis) in patients by administering therapeutically effective amounts of an AMPA receptor antagonist (e.g., 1,2-dihydropyridine compounds) and therapeutically effective amounts of nootropics (e.g., cholinesterase inhibitors) to patients. The invention also provides combinations, commercial packages, and pharmaceutical compositions comprising therapeutically effective amounts of AMPA receptor antagonists (e.g., 1,2-dihydropyridine compounds) and therapeutically effective amounts nootropics (e.g., cholinesterase inhibitors). The 1,2-dihydropyridine compound may be, for example, 3-(2-cyanophenyl)-5-(2-pyridyl)-1-phenyl-1,2-dihydropyridin-2-one. The cholinesterase inhibitor may be, for example, donepezil.

Abstract: A method and system for controlling access rights and privileges of services is provided. A service control system creates a security identifier that is unique for each service that executes within a service host and adds the security identifiers to the security context of the service host. The service control system may create a unique security identifier for each service that is independent of the computer system and the account on which the service executes. The service control system may also adjust the privileges of the security context of a service host to be an aggregate of the privileges needed by the services that are to execute within the service host. The service control system may also create a restricted security context for the service host that includes the security identifiers of the services as restricted service identifiers.

Abstract: Systems and methods for performing integrity verifications for computer programs to run on computing systems are provided. An integrity check is completed before passing execution control to the next level of an operating system or before allowing a program to run. The integrity check involves the use of a locally stored key to determine if a program has been modified or tampered with prior to execution. If the check shows that the program has not been altered, the program will execute and, during the boot process, allow execution control to be transferred to the next level. If, however, the check confirms that the program has been modified, the computing system does not allow the program to run.

Abstract: A stack allocation system and method is described. In one implementation, an attempt is made to allocate N bytes of data to a stack having a fixed depth. A probe size for the stack is determined. Verification is then made to ascertain whether the probe size and the N bytes of data exceed the fixed depth of the stack, prior to allocating the N bytes of data to the stack. In another implementation, the N bytes of data are allocated to a heap; if the probe size and the N bytes of data exceed the fixed depth of the stack.

Abstract: Systems and methods for validating integrity of an executable file are described. In one aspect, the systems and methods determine that an executable file is being introduced into a path of execution. The executable file is then automatically evaluated in view of multiple malware checks to detect if the executable file represents a type of malware. The multiple malware checks are integrated into an operating system trust verification process along the path of execution.

Abstract: A system and method for providing enhanced security with regard to obtained files is presented. Upon obtaining a file from an external location, the obtained file is tagged with tagging information regarding the origin of the obtained file. Additionally, an operating system suitable for execution on a computing device is also presented. The operating system includes at least one application-callable function (API) for obtaining content from an external location. Each application-callable function for obtaining content from an external location is configured to associate tagging information with each obtained file, the tagging information comprising the origin of the obtained file. The origin of the obtained file can be used for subsequent security policy decisions, such as whether to allow or block execution or rendering of the content, as well as whether the content will be accessed in a constrained environment such as a “sandbox” or virtual machine.

Abstract: In accordance with this invention, a system, method, and computer-readable medium that selectively scans files stored on a computing device for malware is provided. One or more files may be sent from a trusted source to a computing device that implements the present invention. The integrity of the files that originate from a trusted source is validated using a signature-based hashing function. Any modifications made to files stored on the computing device are tracked by a component of the operating system. In instances when the file is not modified after being validated, an aspect of the present invention prevents the file from being scanned for malware when a scanning event is directed to the file. As a result, the performance of the computing device is improved as static files from trusted sources are not repeatedly scanned for malware.

Abstract: A system and method for protecting a computer system connected to a communication network from a potential vulnerability. The system and method protects a computer system that is about to undergo or has just undergone a change in state that may result in placing the computer system at risk to viruses, and the like, over a communication network. The system and method first detect an imminent or recent change in state. A security component and a fixing component react to the detection of the change in state. The security component may raise the security level to block incoming network information, other than information from a secure or known location, or information requested by the computer system. The fixing component implements a fixing routine, such as installing missing updates or patches, and on successfully completing the fixing routine, the security level is relaxed or lowered.

Abstract: The present invention is directed to a system, methods, and a computer-readable medium for efficiently performing a backup of data in a networking environment. In embodiments of the present invention, a backup of a file from a local computing device to a remote computing device is performed. However, the file may not be transmitted to the remote computing device in all instances. Instead, aspects of the present invention determine whether the file is already stored on the remote computing device by another user or by an operating system and/or application program provider. In this regard, a signature of the file is generated and compared to signatures of files stored on the back end computing device. Only in instances when a match to the signature is not found is the complete file transmitted to the back end computing device and stored in a database.

Abstract: The present invention provides a system, method, and computer-readable medium for identifying malware that is loaded in the memory of a computing device. Software routines implemented by the present invention track the state of pages loaded in memory using page table access bits available from a central processing unit. A page in memory may be in a state that is “unsafe” or potentially infected with malware. In this instance, the present invention calls a scan engine to search a page for malware before information on the page is executed.

Abstract: A method and system for selectively excluding a program from a security policy is provided. The security system receives from a user an indication of a program with a problem that is to be excluded from the security policy. When the program executes and a security enforcement event occurs, the security system does not apply the security policy. If the problem appears to be resolved as a result of excluding the program from the security policy, then the user may assume that the security policy is the cause of the problem.

Abstract: A method and system that enables a security policy to separate developer-provided detection criteria from an administrator-provided custom policy is provided. The security system allows a developer of detection criteria to provide a signature file containing the signatures that are available for use by a security policy. The security system also allows an administrator of a computer system to specify a custom policy that uses the signatures of the signature file. The developer may distribute the signature file to host computer systems independently of the administrator's distribution of the rules of the custom policy to the host computer systems. When a security enforcement event occurs at the host computer system, the security system applies the rules of the security policy to the event.

Abstract: Upon successfully authenticating a client device with a server system, the client device and server system share auto-reconnect data. Upon subsequently losing and re-establishing communications with the server system, the client sends an auto-authenticate request to the server. The auto-authenticate request includes a session verifier that is based at least in part on the shared auto-reconnect data. The server validates the session verifier. If the validation is successful, the server automatically re-authenticates the client device.

Abstract: A security scheme provides security to one or more self-contained operating environment instances executing on a computer. The security scheme may include implementing a set of security applications that may be controlled by a supervisory process, or the like. Both the set of security applications and the supervisory process may operate on a host system of the computer, which may also provide a platform for execution of the one or more self-contained operating environments. The security scheme protects processes running in the one or more self-contained operating environment and processes running on the computer outside of the self-contained operating environments.

Abstract: A self-healing device is provided in which changes made between the time that an infection resulting from an attack on the device was detected and an earlier point in time to which the device is capable of being restored may be recovered based, at least in part, on what kinds of changes were made, whether the changes were bona fide or malware induced, whether the changes were made after the time that the infection likely occurred, and whether new software was installed.

Abstract: The present invention provides a system, method, and computer-readable medium for identifying and removing active malware from a computer. Aspects of the present invention are included in a cleaner tool that may be obtained automatically with an update service or may be downloaded manually from a Web site or similar distribution system. The cleaner tool includes a specialized scanning engine that searches a computer for active malware. Since the scanning engine only searches for active malware, the amount of data downloaded and resource requirements of the cleaner tool are less than traditional antivirus software. The scanning engine searches specific locations on a computer, such as data mapped in memory, configuration files, and file metadata for data characteristic of malware. If malware is detected, the cleaner tool removes the malware from the computer.

Abstract: Upon successfully authenticating a client device with a server system, the client device and server system share auto-reconnect data. Upon subsequently losing and re-establishing communications with the server system, the client sends an auto-authenticate request to the server. The auto-authenticate request includes a session verifier that is based at least in part on the shared auto-reconnect data. The server validates the session verifier. If the validation is successful, the server automatically re-authenticates the client device.

Abstract: Upon successfully authenticating a client device with a server system, the client device and server system share auto-reconnect data. Upon subsequently losing and re-establishing communications with the server system, the client sends an auto-authenticate request to the server. The auto-authenticate request includes a session verifier that is based at least in part on the shared auto-reconnect data. The server validates the session verifier. If the validation is successful, the server automatically re-authenticates the client device.

Abstract: A system and method for efficiently determining that a received file is not malware is presented. In operation, when a file is received at a computing device, an evaluation is made as to whether the file includes user-modifiable, or superficial, data areas, i.e., areas of the file that by their nature do not typically carry or embed malware. If the file includes superficial data areas, those superficial data areas are filtered out and a file signature is generated based on the remaining portions of the received file. The file can then be compared to a list of know malware to determine if the file is malware. Alternatively, the file can be compared to a list of known, trusted files to determine whether the file is trustworthy.

Abstract: Systems and methods for modeling stress intensity solutions of integrally stiffened panels are disclosed. In one embodiment, a method includes serving a process over the internet. The process includes taking a problem definition, automatically forming a finite element model at least partially based on the problem definition, automatically verifying a suitability condition of the finite element model, automatically solving a computational solution using the finite element model and automatically validating the computational solution. In one aspect, providing a problem definition includes at least one of providing a geometry definition, providing a crack definition, and providing load and constraint definition.