[go: up one dir, main page]

WO2014147633A1 - Standalone portable device for detecting and removing virus or malware or spyware - Google Patents

Standalone portable device for detecting and removing virus or malware or spyware Download PDF

Info

Publication number
WO2014147633A1
WO2014147633A1 PCT/IN2013/000362 IN2013000362W WO2014147633A1 WO 2014147633 A1 WO2014147633 A1 WO 2014147633A1 IN 2013000362 W IN2013000362 W IN 2013000362W WO 2014147633 A1 WO2014147633 A1 WO 2014147633A1
Authority
WO
WIPO (PCT)
Prior art keywords
virus
processing unit
digital data
malware
files
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/IN2013/000362
Other languages
French (fr)
Inventor
Rajkumar Krushnakumar RAVAL
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TRANS - INNOVATION TECHNOLOGIES PVT Ltd
Original Assignee
TRANS - INNOVATION TECHNOLOGIES PVT Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TRANS - INNOVATION TECHNOLOGIES PVT Ltd filed Critical TRANS - INNOVATION TECHNOLOGIES PVT Ltd
Publication of WO2014147633A1 publication Critical patent/WO2014147633A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/81Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer by operating on the power supply, e.g. enabling or disabling power-on, sleep or resume operations

Definitions

  • the present invention relates to a virus removing device used in the field of application of digital data security. More particularly, the present invention relates to a portable virus/spyware/malware removing device that particularly removes malicious executable files that may contain the virus/spyware/malware and thereby prevents copying and spreading of any virus/spyware/malware infected data into a digital data storage device or a digital data channel device.
  • None of the prior art devices solve the problem of virus infections being spread particularly by the hand-held electronic non- volatile digital data storage device in a standalone manner without installing into the operating system and without using virus signatures.
  • the main object of the present invention is to provide a portable virus removing device that pre-emptively deletes virus or malware or spyware that being contained into the hand-held electronic non-volatile digital data storage device or memory such as pen drives, thumb drives, pocket hard drives etc.
  • Another object of the present invention is to provide a virus removing device which is not operating system based.
  • Still another object of the present invention is to provide a virus removing device that also deletes virus or malware or spyware contained in to the digital data channel device such as computers, mobile communication device etc.
  • Further object of the present invention is to provide a virus removing device which pre-emptively deletes the virus or malware or spyware in a standalone manner without requiring a computer or a host with its operating system to perform its normal operation and execution.
  • Yet another object of the preset invention is to provide a virus removing device which works with or without connecting in digital data pathway between two data channel devices.
  • Further object of the present invention is to provide a virus removing device which directly deletes the virus or malware or spyware without quarantining or repairing it.
  • Another object of the present invention is to provide a virus removing device which itself cannot get infected while removing any virus or malware or spyware, as during the operation the device does not allow to copy or store virus or malware or spyware infected files.
  • Further object of the present invention is to provide a virus removing device which is entirely an electronic system with no moving or mechanical parts.
  • the present invention relates to a portable standalone virus removing device to remove virus from a hand-held electronic non-volatile digital data storage device or from any digital data channel device.
  • Said virus removing device consists of a main processing unit with an internal memory, an inbuilt or external power source to supply power to said processing unit; and a data port receptacle for interfacing said digital data storage device or digital data channel device with the virus removing device during the operation.
  • the processing unit After receiving power from the power source, when the digital data storage device or digital data channel device is interfaced with the virus removing device through said data port receptacle, the processing unit reads the file system stored on said data storage device or data channel device by analysing entire directory structure as well as all the files including hidden files and system files stored on said storage device or data channel device.
  • the processing unit After reading all such files, the processing unit searches and identifies executable files that possess file extensions that are listed in a list of file extensions stored in the internal memory.
  • the device does not attempt to find out if the identified executable file is infected or if it contains an infection or if it is a virus/malware/spyware. Instead, the device pre-emptively deletes said executable files without repairing or attempting to repair them in order to achieve much faster execution thereby prevents copying and spreading of any virus/spy ware/malware infected data into the digital storage device or the digital data channel device.
  • Fig. 1 is a block diagram of the present invention showing an exemplary virus removing device and an electronic non-volatile digital data storage device.
  • Fig. 2 is a block diagram of another embodiment of the present invention showing a digital data channel device and an electronic non-volatile digital data storage memory being embedded within another exemplary embodiment of a virus removing device.
  • Fig. 3 is a block diagram of another embodiment of the present invention showing an another exemplary embodiment of virus removing device that physically intervenes between the connection of two data channel devices.
  • Fig. 1 shows an exemplary system of a portable standalone virus removing device (1) and a portable or hand-held electronic non-volatile digital data storage device (2) having executable files that belong to virus or malware or spy ware in its file contents.
  • Said virus removing device (1) consists of a main processing unit (3) with an internal memory (4) to store instructions and a list of file extensions that belongs to said executable files; an inbuilt or external power source (5) to supply power to said processing unit (3); and a data port receptacle (6) for interfacing with said digital data storage device (2).
  • Said processing unit (3) monitors, controls and regulates the digital data pathway that exists between the processing unit (3) and the digital data storage device (2) to remove said executable files identified in said digital data pathway.
  • Said digital data storage device (2) includes pen drives, thumb drives, pocket hard drives etc.
  • the main processing unit (3) includes a microprocessor and/or a Field Programmable Gate Array (FPGA) and/or an Application Specific Integrated Circuit (ASIC).
  • FPGA Field Programmable Gate Array
  • ASIC Application Specific Integrated Circuit
  • Said processing unit (3) executes its function as instructed in said internal memory (4) or in said digital logic circuit.
  • said list of file extensions stored in said internal memory (4) is updated as and when required.
  • some of the file extensions “.exe (dot exe)” or “.scr (dot scr)” or “.ini (dot ini)” are used in said internal memory (4), as in said Windows operating system the infected files typically possess such file extensions which make the files executable within the Windows, when the infected file is accessed by a user or the operating system and thereby spreads the infection in the electronic means.
  • Said electronic means includes a computer, a laptop, a mobile communication device etc.
  • an infected portable or hand-held electronic non-volatile digital data storage device (2) is interfaced with the virus removing device (1) through the data port receptacle (6), entire directory structure and all the files including hidden files and system files is transferred from said data storage device (2) to the processing unit (3) via a digital data pathway that exists within said processing unit (3) in between said processing unit (3) and the digital data storage device (2).
  • the processing unit (3) receives instructions from said internal memory (4) or from said digital logic circuit and executes such instructions to scan and read the data that is being found in said digital data pathway to search executable files that are listed in said list of file extensions.
  • said processing unit (3) identifies said executable files that belong to said file extensions and eventually deletes or cleans all such executable files that may contain virus or malware or spyware to secure infected free data in said digital data pathway without corrupting or deleting data files such as text, word processing files, images, videos, spreadsheets, databases that being stored within said storage device (2). After removing said infected data, all infection free data in said digital pathway are finally transferred back to said digital data storage device (2).
  • said device (1) pre-emptively deletes the executable files that may contain virus or malware or spyware without repairing or attempt to repair the files, this result in much faster execution.
  • the processing unit (3) looks through the properties of all files and identifies the file with executable attributes that may contain infection and preventatively changes it into a file with non-executable attributes.
  • a push button and a LED indication are optionally provided within the device (1).
  • the push button is provided to start the scanning and cleaning operation of the device (1) and the LED indication is provided to show the power indication in said device (1) during its operation.
  • the present invention shows an exemplary system showing a data channel device (7) having executable files that belong to virus or malware or spyware in its file contents and an another embodiment of a portable standalone virus removing device (1).
  • Said virus removing device (1) consists of a main processing unit (3) with an internal memory (4) to store instructions and a list of file extensions that belongs to said executable files, an embedded electronic non-volatile digital data storage memory (2) within the device (1) which is in electronic communication with said processing unit (3) by means of an internal data pathway (8), an inbuilt or external power source (5) to supply power to said processing unit and the digital storage memory (2); and a data port receptacle (6) to interface said processing unit (3) with the data channel device (7) so as to digitally communicate the data channel device (7) with said digital storage memory (2) through said processing unit (3) during the operation.
  • said processing unit (3) monitors, controls and regulates a digital data pathway (10) that exists between said data storage memory (2) and the data channel device (7) within said processing unit (3).
  • Said data channel device includes a host computer, a mobile communication device, laptop etc.
  • the main processing unit (3) includes a microprocessor and/or a Field Programmable Gate Array (FPGA) and/or an Application Specific Integrated Circuit (ASIC).
  • FPGA Field Programmable Gate Array
  • ASIC Application Specific Integrated Circuit
  • Said processing unit (3) executes its function as instructed in said internal memory (4) or in said digital logic circuit.
  • said list of file extensions stored in the internal memory (4) . is updated as and when required.
  • some of the file extensions ".exe (dot exe)” or “.scr (dot scr)” or “.ini (dot ini)” are used in said memory (4), as in said Windows operating system the infected files typically possess such file extensions which make the files executable within the Windows, when the infected file is accessed by a user or the operating system and thereby spreads the infection in the data channel device (7).
  • said processing unit eventually deletes or cleans all such said executable files that may contain virus or malware or spy ware to secure infection free data in said digital data pathway without corrupting or deleting data files such as text, word processing files, images, videos, spreadsheets, databases that exists in the digital data pathway (10). After removing such executable files from the digital data pathway (10), all the infection free data is transferred to said digital data storage memory (2).
  • said device (1) pre-emptively deletes the executable files that may contain virus or malware or spyware without repairing or attempting to repair the files, this result in much faster execution.
  • the processing unit (3) looks through the properties of all files and identifies the file with executable attributes that may contain infection and preventatively changes it into a file with non-executable attributes.
  • a push button and a LED indication are optionally provided within the device (1).
  • the push button is provided to start the scanning and cleaning operation of the device (1) and the LED indication is provided to show the power indication in said device (1) during its operation.
  • the present invention shows an exemplary system showing an another embodiment of a portable standalone virus removing device (1) being intervened between two data channel devices (7).
  • Said virus removing device (1) consists of a main processing unit (3) with an internal memory (4) to store instructions and a list of file extensions that belongs to a virus or malware or spyware that is to be removed, an inbuilt or external power source (5) to supply power to said processing unit; and a pair of data port receptacles (6) to interface said processing unit (3) with said two data channel devices (7) to allow digital communicate between said processing unit (3) and the data channel devices (7) during the operation.
  • Said processing unit (3) monitors, controls and regulates a digital data pathway (10) that exists between said data channel device (7) within said processing unit (3) during the operation.
  • Said data channel device (7) includes a host computer, a mobile communication device, a laptop etc.
  • the main processing unit (3) includes a microprocessor and/or a Field Programmable Gate Array (FPGA) and/or an Application Specific Integrated Circuit (ASIC).
  • FPGA Field Programmable Gate Array
  • ASIC Application Specific Integrated Circuit
  • Said processing unit (3) executes its function as instructed in said internal memory (4) or in said digital logic circuit.
  • said list of file extensions stored in the internal memory (4) is updated as and when required.
  • some of the file extensions ".exe (dot exe)” or “.scr (dot scr)” or " ni (dot ini)" are used in said memory (4), as in said Windows operating system the infected files typically possess such file extensions which make the files executable within the Windows, when the infected file is accessed by a user or the operating system and thereby spreads the infection within the data channel device (7) in which said Windows operating system is being installed.
  • said processing unit (3) identifies said executable files that belong to said file extensions in said digital pathway (10). After such identification, said processing unit eventually deletes or cleans all such executable files that may contain virus or malware or spy ware to secure infection free data in said digital data pathway (10) without corrupting or deleting data files such as text, word processing files, images, videos, spreadsheets, databases that exists in the digital data pathway (10).
  • said executable files are removed from one of said data channel devices (7), the rest of the infection free data from said digital data pathway is transferred to the other data channel device (7).
  • infection free data is exchanged between each of said two data channel devices (7).
  • said device (1) pre-emptively deletes the executable files that may contain virus or malware or spyware without repairing or attempting to repair the files, this result in much faster execution.
  • the processing unit (3) looks through the properties of all files and identifies the file with executable attributes that may contain infection and preventatively changes it into a file with non executable attributes.
  • a push button and a LED indication are optionally provided within the device (1).
  • the push button is provided to start the scanning and cleaning operation of the device (1) and the LED indication is provided to show the power indication in said device (1) during its operation.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a portable standalone virus removing device (1) to remove virus or malware or spyware from a data storage device (2) or from digital data channel device (7). Said device (1) consists of a processing unit (3), an inbuilt or external power source (5) to supply power to said processing unit and a data port receptacle (6) for interfacing at least one infected digital data storage device or digital data channel device with the device(1). Said processing unit reads the entire file system stored on said data storage device or data channel device. After reading all such files, the processing unit searches and identifies malicious executable files with extensions that belong to virus or malware or spyware and pre-emptively deletes such files without repairing or attempting to repair the files in order to achieve much faster execution.

Description

STANDALONE PORTABLE DEVICE FOR DETECTING AND REMOVING VIRUS
OR MALWARE OR SPYWARE
Field of the invention
The present invention relates to a virus removing device used in the field of application of digital data security. More particularly, the present invention relates to a portable virus/spyware/malware removing device that particularly removes malicious executable files that may contain the virus/spyware/malware and thereby prevents copying and spreading of any virus/spyware/malware infected data into a digital data storage device or a digital data channel device.
Back ground and prior art of the invention
Recently, hand-held and pocket portable storage devices have become quite popular amongst the computer users. With the quite rapid advancement of internet technologies, mobile communications and like in the recent past, there is also quite common problem of intrusion of unnecessary data such as virus, malware, spyware and other intruders (herein after referred as virus) into the electronic systems like Personal Computers (PCs), mobiles and any computer based automation systems and networks from such hand-held and pocket portable storage devices. The spread of virus infection, after said intrusion, takes place when a malicious executable file is accessed by the user or the Operating System (OS). It is observed recently that one of the major way of intrusion of virus, apart from the data channel device, is from said infected hand-held and pocket portable storage devices such as memory cards and pen drives which attack on computer systems and networks resulting in loss of digital data and loss of revenue to the tune of billions of dollars to companies and governments who need to rely heavily on information technology. As the use of computers is becoming widespread, such infections are becoming a big problem.
There are quite a lot of products available in the market conventionally and which are widely used too in the field of data security to overcome aforesaid problems for automatic protection in the computers. But unfortunately, such widely used products include OS based anti-virus software that being generally installed on a computer with an operating system like windows (Microsoft Inc TM). However, being operating system based, these anti-virus software make the execution and performance of the computer extremely slow particularly during the scanning step while removing the virus. Most of the times such operating system based anti-virus software cannot simply cope up with the virus infection because it becomes too late for the anti virus to eradicate the infection once the virus has entered the operating system or the computer/ Further, such operating system based anti-virus software itself frequently gets infected by means of intrusion of virus into the system.
Various documents available in the prior art too regarding such data security device. Reference may be made to the US 8245296 which particularly relates to a device for detecting malicious software for directly interconnecting between data transfer devices and independently monitoring data transmissions there between for virus. This device is to be located in the path in between two data transfer devices to analyze only a portion of the data transfer between such two data transfer devices. It also mainly requires using, storing and maintaining virus signatures in order to identify a virus. Hence, the method adapted to protect the system from virus in such patent is still time consuming and harmful to the system.
Reference also made to the patents US 8312547, US 20060161984, CN 101320413, US 7836500 and US 7673341. Subject matter disclosed in such patents relates to the operating system based anti-virus software which as discussed earlier is vulnerable to viruses, spyware and other malicious or harmful program codes and frequently becomes obsolete with each new virus that is written and released. Furthermore, at least some damage is usually being done to some computers during the initial stages of such release ("Zero- day attack"). Also the significant increases of such electronic devices to control and maintain operation of air traffic, transportation system, building environmental control, stock markets, telephone systems, nuclear power plants and other critical public and private infrastructure is affected by the potential harm from such malicious code that goes beyond any momentary assessment.
None of the prior art devices solve the problem of virus infections being spread particularly by the hand-held electronic non- volatile digital data storage device in a standalone manner without installing into the operating system and without using virus signatures.
Object of the invention
The main object of the present invention is to provide a portable virus removing device that pre-emptively deletes virus or malware or spyware that being contained into the hand-held electronic non-volatile digital data storage device or memory such as pen drives, thumb drives, pocket hard drives etc.
Another object of the present invention is to provide a virus removing device which is not operating system based.
Still another object of the present invention is to provide a virus removing device that also deletes virus or malware or spyware contained in to the digital data channel device such as computers, mobile communication device etc.
Further object of the present invention is to provide a virus removing device which pre-emptively deletes the virus or malware or spyware in a standalone manner without requiring a computer or a host with its operating system to perform its normal operation and execution.
Yet another object of the preset invention is to provide a virus removing device which works with or without connecting in digital data pathway between two data channel devices.
Another object of the present invention is to provide a virus removing device which consumes less processing power. Yet another object of the present invention is to provide a virus removing device which is highly economical.
Further object of the present invention is to provide a virus removing device which directly deletes the virus or malware or spyware without quarantining or repairing it.
Another object of the present invention is to provide a virus removing device which itself cannot get infected while removing any virus or malware or spyware, as during the operation the device does not allow to copy or store virus or malware or spyware infected files.
Further object of the present invention is to provide a virus removing device which is entirely an electronic system with no moving or mechanical parts.
Summary of the Invention
The present invention relates to a portable standalone virus removing device to remove virus from a hand-held electronic non-volatile digital data storage device or from any digital data channel device. Said virus removing device consists of a main processing unit with an internal memory, an inbuilt or external power source to supply power to said processing unit; and a data port receptacle for interfacing said digital data storage device or digital data channel device with the virus removing device during the operation. After receiving power from the power source, when the digital data storage device or digital data channel device is interfaced with the virus removing device through said data port receptacle, the processing unit reads the file system stored on said data storage device or data channel device by analysing entire directory structure as well as all the files including hidden files and system files stored on said storage device or data channel device. After reading all such files, the processing unit searches and identifies executable files that possess file extensions that are listed in a list of file extensions stored in the internal memory. The device does not attempt to find out if the identified executable file is infected or if it contains an infection or if it is a virus/malware/spyware. Instead, the device pre-emptively deletes said executable files without repairing or attempting to repair them in order to achieve much faster execution thereby prevents copying and spreading of any virus/spy ware/malware infected data into the digital storage device or the digital data channel device.
Detailed description of the drawings
Fig. 1 is a block diagram of the present invention showing an exemplary virus removing device and an electronic non-volatile digital data storage device. Fig. 2 is a block diagram of another embodiment of the present invention showing a digital data channel device and an electronic non-volatile digital data storage memory being embedded within another exemplary embodiment of a virus removing device.
Fig. 3 is a block diagram of another embodiment of the present invention showing an another exemplary embodiment of virus removing device that physically intervenes between the connection of two data channel devices.
Detailed description of the invention
Before explaining the present invention in detail, it is to be understood that the invention is not limited in its application to the details of the construction and arrangement of parts illustrated in the accompany drawings. The invention is capable of other embodiments, as depicted in different figures as described above and of being practiced or carried out in a variety of ways. It is to be understood that the phraseology and terminology employed herein is for the purpose of description and not of limitation.
The present invention, as illustrates in Fig. 1 shows an exemplary system of a portable standalone virus removing device (1) and a portable or hand-held electronic non-volatile digital data storage device (2) having executable files that belong to virus or malware or spy ware in its file contents. Said virus removing device (1) consists of a main processing unit (3) with an internal memory (4) to store instructions and a list of file extensions that belongs to said executable files; an inbuilt or external power source (5) to supply power to said processing unit (3); and a data port receptacle (6) for interfacing with said digital data storage device (2). Said processing unit (3), during the operation, monitors, controls and regulates the digital data pathway that exists between the processing unit (3) and the digital data storage device (2) to remove said executable files identified in said digital data pathway. Said digital data storage device (2) includes pen drives, thumb drives, pocket hard drives etc.
The main processing unit (3) includes a microprocessor and/or a Field Programmable Gate Array (FPGA) and/or an Application Specific Integrated Circuit (ASIC). In case of ASIC or FPGA said instructions and the list of file extensions are implemented in the form of hard code in its digital logic circuit. Said processing unit (3) executes its function as instructed in said internal memory (4) or in said digital logic circuit.
Depending upon the operating system used, said list of file extensions stored in said internal memory (4) is updated as and when required. For example, on a Windows (TM of Microsoft Inc, USA) operating system, some of the file extensions ".exe (dot exe)" or ".scr (dot scr)" or ".ini (dot ini)" are used in said internal memory (4), as in said Windows operating system the infected files typically possess such file extensions which make the files executable within the Windows, when the infected file is accessed by a user or the operating system and thereby spreads the infection in the electronic means. Said electronic means includes a computer, a laptop, a mobile communication device etc.
During the operation, when an infected portable or hand-held electronic non-volatile digital data storage device (2) is interfaced with the virus removing device (1) through the data port receptacle (6), entire directory structure and all the files including hidden files and system files is transferred from said data storage device (2) to the processing unit (3) via a digital data pathway that exists within said processing unit (3) in between said processing unit (3) and the digital data storage device (2). As a consequence of the existence of such digital data pathway, the processing unit (3) receives instructions from said internal memory (4) or from said digital logic circuit and executes such instructions to scan and read the data that is being found in said digital data pathway to search executable files that are listed in said list of file extensions.
As a result of such search, said processing unit (3), among all the read files, identifies said executable files that belong to said file extensions and eventually deletes or cleans all such executable files that may contain virus or malware or spyware to secure infected free data in said digital data pathway without corrupting or deleting data files such as text, word processing files, images, videos, spreadsheets, databases that being stored within said storage device (2). After removing said infected data, all infection free data in said digital pathway are finally transferred back to said digital data storage device (2). Hence, said device (1) pre-emptively deletes the executable files that may contain virus or malware or spyware without repairing or attempt to repair the files, this result in much faster execution.
However, in case during said search, when such listed file extension is not found, the processing unit (3) looks through the properties of all files and identifies the file with executable attributes that may contain infection and preventatively changes it into a file with non-executable attributes.
Further, in the present embodiment of the device (1), a push button and a LED indication are optionally provided within the device (1). The push button is provided to start the scanning and cleaning operation of the device (1) and the LED indication is provided to show the power indication in said device (1) during its operation.
The present invention, as illustrated in Fig. 2, shows an exemplary system showing a data channel device (7) having executable files that belong to virus or malware or spyware in its file contents and an another embodiment of a portable standalone virus removing device (1). Said virus removing device (1) consists of a main processing unit (3) with an internal memory (4) to store instructions and a list of file extensions that belongs to said executable files, an embedded electronic non-volatile digital data storage memory (2) within the device (1) which is in electronic communication with said processing unit (3) by means of an internal data pathway (8), an inbuilt or external power source (5) to supply power to said processing unit and the digital storage memory (2); and a data port receptacle (6) to interface said processing unit (3) with the data channel device (7) so as to digitally communicate the data channel device (7) with said digital storage memory (2) through said processing unit (3) during the operation.
During the operation, said processing unit (3) monitors, controls and regulates a digital data pathway (10) that exists between said data storage memory (2) and the data channel device (7) within said processing unit (3). Said data channel device includes a host computer, a mobile communication device, laptop etc.
The main processing unit (3) includes a microprocessor and/or a Field Programmable Gate Array (FPGA) and/or an Application Specific Integrated Circuit (ASIC). In case of ASIC or FPGA said instructions and the list file extensions are implemented in the form of hard code in its digital logic circuit. Said processing unit (3) executes its function as instructed in said internal memory (4) or in said digital logic circuit.
Depending upon the operating system that being installed in the data channel device (7), said list of file extensions stored in the internal memory (4) . is updated as and when required. For example, on a Windows (TM of Microsoft Inc, USA) operating system, some of the file extensions ".exe (dot exe)" or ".scr (dot scr)" or ".ini (dot ini)" are used in said memory (4), as in said Windows operating system the infected files typically possess such file extensions which make the files executable within the Windows, when the infected file is accessed by a user or the operating system and thereby spreads the infection in the data channel device (7).
During the operation, when an infected data channel device (7) is electrically interfaced with the device (1) through said data port receptacle (6), entire directory structure and all the files including hidden files and system files is transferred from said data channel device (7) to the processing unit (3) via a digital data pathway (10) that exists within said processing unit (3) in between said processing unit (3) and the digital data storage memory (2). As a consequence of the existence of such data pathway (10), said processing unit (3) receives instructions from said internal memory (4) or from said digital logic circuit and executes such instructions to scan and read the data that being found on said digital data pathway (10). Consequently, said processing unit (3), among all the read files, searches and identifies executable files that is listed in said list of file extensions stored in the internal memory (4) or in the digital logic circuit.
After such identification, said processing unit eventually deletes or cleans all such said executable files that may contain virus or malware or spy ware to secure infection free data in said digital data pathway without corrupting or deleting data files such as text, word processing files, images, videos, spreadsheets, databases that exists in the digital data pathway (10). After removing such executable files from the digital data pathway (10), all the infection free data is transferred to said digital data storage memory (2). Hence, said device (1) pre-emptively deletes the executable files that may contain virus or malware or spyware without repairing or attempting to repair the files, this result in much faster execution.
However, in case during said search, when such listed file extension is not found, the processing unit (3) looks through the properties of all files and identifies the file with executable attributes that may contain infection and preventatively changes it into a file with non-executable attributes.
Further, in this embodiment of the device (1), a push button and a LED indication are optionally provided within the device (1). The push button is provided to start the scanning and cleaning operation of the device (1) and the LED indication is provided to show the power indication in said device (1) during its operation. The present invention, as illustrated in Fig. 3, shows an exemplary system showing an another embodiment of a portable standalone virus removing device (1) being intervened between two data channel devices (7). Said virus removing device (1) consists of a main processing unit (3) with an internal memory (4) to store instructions and a list of file extensions that belongs to a virus or malware or spyware that is to be removed, an inbuilt or external power source (5) to supply power to said processing unit; and a pair of data port receptacles (6) to interface said processing unit (3) with said two data channel devices (7) to allow digital communicate between said processing unit (3) and the data channel devices (7) during the operation. Said processing unit (3) monitors, controls and regulates a digital data pathway (10) that exists between said data channel device (7) within said processing unit (3) during the operation. Said data channel device (7) includes a host computer, a mobile communication device, a laptop etc.
The main processing unit (3) includes a microprocessor and/or a Field Programmable Gate Array (FPGA) and/or an Application Specific Integrated Circuit (ASIC). In case of ASIC or FPGA said instructions and the list of file extensions are implemented in the form of hard code in its digital logic circuit. Said processing unit (3) executes its function as instructed in said internal memory (4) or in said digital logic circuit.
Depending upon the operating system that being installed in each of the two data channel device (7), said list of file extensions stored in the internal memory (4) is updated as and when required. For example, on a Windows (TM of Microsoft Inc, USA) operating system, some of the file extensions ".exe (dot exe)" or ".scr (dot scr)" or " ni (dot ini)" are used in said memory (4), as in said Windows operating system the infected files typically possess such file extensions which make the files executable within the Windows, when the infected file is accessed by a user or the operating system and thereby spreads the infection within the data channel device (7) in which said Windows operating system is being installed.
During the operation, when the virus removing device (1) is electrically interfaced between each of said two data channel devices by means of said two data port receptacles (6), entire directory structure and all the files including hidden files and system files are transferred from one of said data channel devices (7) to the other via a digital data pathway (10) that exists within said processing unit (3) in between said processing unit (3) and the digital data channel device (7). As a consequence of the existence of such data pathway (10), said processing unit (3) receives instructions from said internal memory (4) or in said digital logic circuit and executes such instructions to scan and read the data of said digital pathway (10) and thereby searches executable files of such file extensions that is listed in said list of file extensions stored in the internal memory (4) or in the digital logic circuit.
As a consequence of this search, said processing unit (3), among all the read files, identifies said executable files that belong to said file extensions in said digital pathway (10). After such identification, said processing unit eventually deletes or cleans all such executable files that may contain virus or malware or spy ware to secure infection free data in said digital data pathway (10) without corrupting or deleting data files such as text, word processing files, images, videos, spreadsheets, databases that exists in the digital data pathway (10). Once, said executable files are removed from one of said data channel devices (7), the rest of the infection free data from said digital data pathway is transferred to the other data channel device (7). Hence, by this means infection free data is exchanged between each of said two data channel devices (7). Hence, said device (1) pre-emptively deletes the executable files that may contain virus or malware or spyware without repairing or attempting to repair the files, this result in much faster execution.
However, in case during said search, when such listed file extension is not found, the processing unit (3) looks through the properties of all files and identifies the file with executable attributes that may contain infection and preventatively changes it into a file with non executable attributes.
Further, in this embodiment of the device (1), a push button and a LED indication are optionally provided within the device (1). The push button is provided to start the scanning and cleaning operation of the device (1) and the LED indication is provided to show the power indication in said device (1) during its operation.
While, the invention has been described with respect to the given embodiment, it will be appreciated that many variations, modifications and other applications of the invention may be made. However, it is to be expressly understood that such modifications and adaptations are within the scope of the present invention, as set forth in the following claims.

Claims

We Claim,
1. A portable standalone virus or malware or spyware removing device (1) consists of a processing unit (3), an inbuilt or external digital data storage memory or device (2), an internal memory (4) within said processing unit (3), an inbuilt or external power source (5), at least one data port receptacle (6), an internal data pathway (8), a push button and a LED indication;
wherein said processing unit (3) removes the infected executable digital data pre-emptively from said digital data storage device (2) or digital data channel device (7);
wherein an instruction to execute said processing device (3) and a list of file extensions that belongs to a virus or malware or spyware are stored in said internal memory (4);
wherein said power source (5) supplies power to said digital data storage memory (2) and/or processing unit (3);
wherein said digital data storage memory is in electronic communication with said processing unit (3) by means of said internal data pathway (8);
wherein said data port receptacle (6) is provided to interface between said device (1) and a single or multiple digital data channel device (7) or digital data storage device (2);
wherein said LED indication is provided to show power indication of the device (1) during the operation;
wherein the push button is provided to start the operation of the device
(1)·
2. The portable standalone virus or malware or spyware removing device (1) as claimed in claim 1, wherein the main processing unit (3) includes a microprocessor or an Application Specific Integrated Circuit (ASIC) or a Filed Programmable Gate Array (FPGA) or any combination thereof.
3. The portable standalone virus or malware or spy ware removing device (1) as claimed in claim 1 or 2, wherein in ASIC or FPGA, said instructions and said list of file extensions are implemented in the form of hard code in its digital logic circuit.
4. The portable standalone virus or malware or spyware removing device (1) as claimed in claim 1 or 3, wherein said list of file extensions is updated as and when required.
5. The portable standalone virus or malware or spyware removing device (1) as claimed in claim 1, wherein optionally, at least one digital data channel device (7) is interfaced with said device (1) by means of said data port receptacle (6).
6. An operation of a portable standalone virus or malware or spyware removing device (1) comprises following steps; a) interfacing the device (1) with an infected digital data storage device (2) or single or multiple infected data channel device (7);
b) transferring data directly from said data storage device (2) to a processing unit (3) or from said data channel device (7) to a digital data storage memory via a digital data pathway (10) that exists within said processing unit (3);
c) scanning and reading the data of files including system files and hidden files that being found in said data pathway;
d) searching and identifying executable files with file extensions as listed in a list of file extensions found within an internal memory (4) of said processing unit (3);
e) pre-emptively deleting or removing said data of said executable files that may contain virus/malware/spyware;
f) transferring infection free data to said digital data storage device (2) or digital data channel device (7);
g) terminating said operation of the device (1).
7. The operation of a portable standalone virus or malware or spyware removing device (1), as claimed in claim 6, wherein said processing unit (3) monitors, controls and regulates said digital data pathway (10) and executes the steps c) to g) using instructions stored within said internal memory (4).
8. The operation of a portable standalone virus or malware or spyware removing device (1), as claimed in claim 6, wherein during the step d), when files with a file extension that is listed in the list of file extensions are not found, the processing unit (3) looks through the properties of said files and identifies the file with executable attributes that may contain infection and preventatively changes it into a file with non executable attributes.
PCT/IN2013/000362 2013-03-19 2013-06-07 Standalone portable device for detecting and removing virus or malware or spyware Ceased WO2014147633A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN831/MUM/2013 2013-03-19
IN831MU2013 2013-03-19

Publications (1)

Publication Number Publication Date
WO2014147633A1 true WO2014147633A1 (en) 2014-09-25

Family

ID=51579398

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2013/000362 Ceased WO2014147633A1 (en) 2013-03-19 2013-06-07 Standalone portable device for detecting and removing virus or malware or spyware

Country Status (1)

Country Link
WO (1) WO2014147633A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101382928A (en) * 2008-10-29 2009-03-11 清华大学 A kind of soft computer and its realization method
US7591018B1 (en) * 2004-09-14 2009-09-15 Trend Micro Incorporated Portable antivirus device with solid state memory
EP2166476A1 (en) * 2008-09-19 2010-03-24 LG Electronics Mobile terminal capable of preventing virus infection and method of controlling operation of the mobile terminal
US8028335B2 (en) * 2006-06-19 2011-09-27 Microsoft Corporation Protected environments for protecting users against undesirable activities

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7591018B1 (en) * 2004-09-14 2009-09-15 Trend Micro Incorporated Portable antivirus device with solid state memory
US8028335B2 (en) * 2006-06-19 2011-09-27 Microsoft Corporation Protected environments for protecting users against undesirable activities
EP2166476A1 (en) * 2008-09-19 2010-03-24 LG Electronics Mobile terminal capable of preventing virus infection and method of controlling operation of the mobile terminal
CN101382928A (en) * 2008-10-29 2009-03-11 清华大学 A kind of soft computer and its realization method

Similar Documents

Publication Publication Date Title
US12079340B2 (en) Cloud based just in time memory analysis for malware detection
CN112106047B (en) Anti-ransomware system and method using sinkholes at electronic devices
US9852289B1 (en) Systems and methods for protecting files from malicious encryption attempts
US8356354B2 (en) Silent-mode signature testing in anti-malware processing
US10079835B1 (en) Systems and methods for data loss prevention of unidentifiable and unsupported object types
CN106557696B (en) System and method for detecting malicious data encryption programs
CN103620613B (en) Systems and methods for hypervisor-based anti-malware security
EP2667314B1 (en) System and method for detection and treatment of malware on data storage devices
US9686304B1 (en) Systems and methods for healing infected document files
US10530788B1 (en) Detection and prevention of malicious remote file operations
US9886576B2 (en) Security box
WO2008048665A2 (en) Method, system, and computer program product for malware detection analysis, and response
US7401361B2 (en) System and method for reducing virus scan time
US9219728B1 (en) Systems and methods for protecting services
US20200218809A1 (en) Logical and Physical Security Device
CA3025422A1 (en) Virus detection technologies benchmarking
US9135442B1 (en) Methods and systems for detecting obfuscated executables
US9646158B1 (en) Systems and methods for detecting malicious files
CN105556481B (en) System and method is protected in gas defence
WO2014147633A1 (en) Standalone portable device for detecting and removing virus or malware or spyware
KR101543338B1 (en) System and method for disinfection pocessing the inputing files
KR101521885B1 (en) System and method processing files in portable storage media
US20240346131A1 (en) System, Method, and Apparatus for Whitelisting Installations

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13878609

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13878609

Country of ref document: EP

Kind code of ref document: A1