US 12,235,957 B2
System and method for recent file malware scanning
Mohamed Adly Amer Elgaafary, Vilnius (LT); and Mantas Briliauskas, Vilnius (LT)
Assigned to UAB 360 IT, Vilnius (LT)
Filed by UAB 360 IT, Vilnius (LT)
Filed on Nov. 17, 2022, as Appl. No. 17/988,821.
Application 17/988,821 is a continuation of application No. 17/529,395, filed on Nov. 18, 2021, granted, now 11,526,609.
Prior Publication US 2023/0153433 A1, May 18, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/56 (2013.01); G06F 16/13 (2019.01)
CPC G06F 21/565 (2013.01) [G06F 16/137 (2019.01); G06F 2221/034 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A security system comprising:
an input/output device;
a storage device; and
a processor programmed to:
download one or more files via the input/output device to the storage device;
filter, by a first driver, the one or more downloaded files using a security zone identifier associated with each of the one or more downloaded files to produce a filtered subset of one or more files;
scan, by the first driver, the filtered subset of one or more files for malware;
store, by a second driver, a first set of information associated with each of the scanned files to indicate that each of the filtered subset of one or more files have been scanned, wherein the first set of information is stored as metadata using alternative data stream (ADS) associated with each scanned file;
monitor, by the second driver, changes to existing files on the storage device based on a comparison of the information associated with the existing files stored and the information stored using ADS associated with the existing files in the associated file's metadata, and send instructions to rescan any existing file that has changed for malware; and
update the information associated with any rescanned file's metadata using the ADS.