	US 12,242,607 B2
	Computer-implemented methods and system for preventing and removing unauthorized file modification by malicious software and the like
Fei Qi, Dublin, CA (US); and Yuen Pin Yeap, Saratoga, CA (US)
Assigned to NeuShield, Inc., Fremont, CA (US)
Filed by NeuShield, Inc., Fremont, CA (US)
Filed on Jul. 25, 2022, as Appl. No. 17/872,415.
Application 17/872,415 is a continuation in part of application No. 16/935,782, filed on Jul. 22, 2020, granted, now 11,423,165.
Application 16/935,782 is a continuation in part of application No. 15/981,010, filed on May 16, 2018, abandoned.
Claims priority of provisional application 62/508,275, filed on May 18, 2017.
Prior Publication US 2022/0358216 A1, Nov. 10, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/56 (2013.01); G06F 21/55 (2013.01); G06F 21/62 (2013.01)

CPC G06F 21/565 (2013.01) [G06F 21/554 (2013.01); G06F 21/6209 (2013.01)]

20 Claims

1. A computer implemented cyber security method for preventing and removing undesired modifications of a protected file, the method comprising the following steps:

generating a virtual file object via an authorized handler that is associated with the protected file, wherein when a write request to the protected file is received from an accessing program, the write request describing a change to data of the protected file, the write request is redirected to the virtual file object causing the write request to store the change to the data of the protected file as data in the virtual file object instead of in the protected file;

receiving a read request of the protected file;

determining if there is data on the virtual file object associated with the protected file; and

determining if the data on the virtual file object comprises a change to the data of the protected file; and

wherein, based on the determination, the authorized handler returns one of: (i) the data of the protected file changed by the write request and (ii) the data of the protected file unchanged by the write request.