Patent application number | Description | Published |
20080320336 | System and Method of Client Side Analysis for Identifying Failing RAM After a User Mode or Kernel Mode Exception - A process executing on a computing system may encounter an exception. Pointers or other references created by the exception may identify portions of the computing system's memory containing the binary code that was executing at the time of the exception. The exception-causing code from the system memory may be compared to an original version of the code from a non-volatile source. If the comparison identifies a hardware corruption pattern, the computing system may communicate information about the process and the exception to an error analysis server. Using historical exception data, the error analysis server may determine if the identified corruption pattern is most likely the result of corrupt hardware at the computing system. If corrupt hardware was the most likely result of the exception, then the server may communicate with the computing system to recommend or initiate a hardware diagnostic routine at the computing system to identify the faulty hardware. | 12-25-2008 |
20100192132 | SYSTEM AND METHOD FOR CUSTOMIZED ERROR REPORTING - An error reporting system within the operating system of a computer that provides error reporting and/or debugging for managed applications. The error reporting service supports a registration programming interface through which applications that use non-native or non-standard error reporting functions can register runtime exception modules. A similar interface may be provided for applications to register debuggers. In response to a failure, such as a crash or an application hang, the error reporting service can poll the registered components to ascertain whether any is adapted for use in conjunction with such a failure. If so, the appropriate registered components can be used to collect failure data and/or debug the failed application. In this way, the error reporting service, and an existing framework that supports aggregation of application error reports, can be customized, including to allow error reporting and debugging of non-native applications. | 07-29-2010 |
20100251218 | DYNAMIC COLLECTION OF INSTRUMENTATION DATA - A flexible system for collecting and reporting instrumentation metrics relating to performance of a software product. Computing devices that execute the software product receive a manifest that specifies the manner in which instrumentation metrics are collected and reported, including what instrumentation metrics are collected. Based on the manifest, an instrumentation metrics client associated with a software product may retrieve instrumentation data from a software product or other sources. The metrics client may then generate one or more instrumentation metrics, based on the instrumentation data, in accordance with instructions in the manifest. The metrics client may then take one or more actions based on the instrumentation metrics and the manifest, such as reporting the information to an instrumentation metrics server for aggregation and analysis by the metrics server or performing escalation actions that can modify the metrics collected and reported. | 09-30-2010 |
20140359774 | Protecting Anti-Malware Processes - Anti-malware process protection techniques are described. In one or more implementations, an anti-malware process is launched. The anti-malware process is verified based at least in part on an anti-malware driver that contains certificates which contain an identity that is signed with the trusted certificate from a verified source. After the anti-malware process is verified, the anti-malware process may be assigned a protection level, and an administrative user may be prevented from altering the anti-malware process. | 12-04-2014 |
20140359775 | Protecting Anti-Malware Processes - Anti-malware process protection techniques are described. In one or more implementations, an anti-malware driver is signed using a hash that identifies a manufacturer of the anti-malware driver. The anti-malware driver is then provided to a computing device. The anti-malware driver may be assigned a protection level based on an agreement between the anti-malware manufacturer and an operating system manufacturer, and this protection level effects the operation of the anti-malware program on the computing device. | 12-04-2014 |
20150302196 | Local System Health Assessment - Techniques for local system health assessment are described. In at least some embodiments, a health assessment can be performed by an isolated security environment that resides locally on a system without requiring a network connection and/or access to a remote attestation service. In at least some embodiments, a health assessment ascertains whether modules that reside on a system have been altered such that the modules may be considered unsafe. For example, a known safe list is generated that includes measurements of known safe versions of modules that may be compared to current measurements of the modules to determine whether the modules have been altered. Health policies may be employed to specify various rules and parameters for performing system health assessments. | 10-22-2015 |