CN100465978C - 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 - Google Patents
被病毒程序破坏的数据恢复方法、装置及病毒清除方法 Download PDFInfo
- Publication number
- CN100465978C CN100465978C CNB2006100076114A CN200610007611A CN100465978C CN 100465978 C CN100465978 C CN 100465978C CN B2006100076114 A CNB2006100076114 A CN B2006100076114A CN 200610007611 A CN200610007611 A CN 200610007611A CN 100465978 C CN100465978 C CN 100465978C
- Authority
- CN
- China
- Prior art keywords
- virus
- behavior
- operation steps
- destructive
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
Abstract
Description
Claims (12)
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2006100076114A CN100465978C (zh) | 2005-11-16 | 2006-02-15 | 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 |
EP06805120A EP1967954A1 (en) | 2005-11-16 | 2006-10-31 | A method for deleting virus program and a method to get back the data destroyed by the virus. |
PCT/CN2006/002919 WO2007056932A1 (fr) | 2005-11-16 | 2006-10-31 | Procede pour supprimer un programme contenant un virus et procede pour recuperer les donnees detruites par le virus |
US12/093,776 US20080222215A1 (en) | 2005-11-16 | 2006-10-31 | Method for Deleting Virus Program and Method to Get Back the Data Destroyed by the Virus |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200510114944.2 | 2005-11-16 | ||
CN200510114944 | 2005-11-16 | ||
CNB2006100076114A CN100465978C (zh) | 2005-11-16 | 2006-02-15 | 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1936911A CN1936911A (zh) | 2007-03-28 |
CN100465978C true CN100465978C (zh) | 2009-03-04 |
Family
ID=37954411
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2006100076114A Expired - Fee Related CN100465978C (zh) | 2005-11-16 | 2006-02-15 | 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20080222215A1 (zh) |
EP (1) | EP1967954A1 (zh) |
CN (1) | CN100465978C (zh) |
WO (1) | WO2007056932A1 (zh) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7979904B2 (en) * | 2007-03-07 | 2011-07-12 | International Business Machines Corporation | Method, system and program product for maximizing virus check coverage while minimizing redundancy in virus checking |
CN101604361A (zh) * | 2008-06-11 | 2009-12-16 | 北京奇虎科技有限公司 | 一种恶意软件的检测方法及装置 |
CN103078864B (zh) | 2010-08-18 | 2015-11-25 | 北京奇虎科技有限公司 | 一种基于云安全的主动防御文件修复方法 |
CN102855432B (zh) | 2011-06-27 | 2015-11-25 | 北京奇虎科技有限公司 | 一种文件、文件夹解锁和删除方法及系统 |
CN103679020A (zh) * | 2012-09-14 | 2014-03-26 | 纬创资通股份有限公司 | 病毒警报装置和病毒警报方法 |
CN105186463B (zh) * | 2015-08-31 | 2018-03-16 | 许继集团有限公司 | 一种防止智能变电站继电保护装置误操作的方法 |
US10291634B2 (en) | 2015-12-09 | 2019-05-14 | Checkpoint Software Technologies Ltd. | System and method for determining summary events of an attack |
US10440036B2 (en) * | 2015-12-09 | 2019-10-08 | Checkpoint Software Technologies Ltd | Method and system for modeling all operations and executions of an attack and malicious process entry |
US10880316B2 (en) | 2015-12-09 | 2020-12-29 | Check Point Software Technologies Ltd. | Method and system for determining initial execution of an attack |
CN106560833A (zh) * | 2016-07-22 | 2017-04-12 | 哈尔滨安天科技股份有限公司 | 一种基于文件头检测感染式病毒的方法及系统 |
CN106156623B (zh) * | 2016-07-29 | 2018-10-30 | 江西师范大学 | 基于意图的sqlia防御方法 |
CN110865630B (zh) * | 2019-11-14 | 2022-07-05 | 深圳供电局有限公司 | 智能变电站内置程序的验收方法和系统 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1314638A (zh) * | 2001-04-29 | 2001-09-26 | 北京瑞星科技股份有限公司 | 检测和清除已知及未知计算机病毒的方法、系统和介质 |
CN1371050A (zh) * | 2001-02-20 | 2002-09-25 | 英业达股份有限公司 | 一种生成具有自检测和自修复功能的应用程序的方法 |
WO2004090733A1 (en) * | 2003-04-14 | 2004-10-21 | Hauri, Inc. | Method for removing viruses infecting memory, computer-readable storage medium recorded with virus-removing program, and virus-removing apparatus |
CN1707383A (zh) * | 2004-06-10 | 2005-12-14 | 陈朝晖 | 通过进程和系统轨迹分析阻断计算机病毒方法 |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5822517A (en) * | 1996-04-15 | 1998-10-13 | Dotan; Eyal | Method for detecting infection of software programs by memory resident software viruses |
US6795966B1 (en) * | 1998-05-15 | 2004-09-21 | Vmware, Inc. | Mechanism for restoring, porting, replicating and checkpointing computer systems using state extraction |
US7114184B2 (en) * | 2001-03-30 | 2006-09-26 | Computer Associates Think, Inc. | System and method for restoring computer systems damaged by a malicious computer program |
US7188368B2 (en) * | 2001-05-25 | 2007-03-06 | Lenovo (Singapore) Pte. Ltd. | Method and apparatus for repairing damage to a computer system using a system rollback mechanism |
CN1282083C (zh) * | 2001-09-14 | 2006-10-25 | 北京瑞星科技股份有限公司 | 计算机内存病毒监控和带毒运行方法 |
US7260725B2 (en) * | 2001-09-14 | 2007-08-21 | Computer Associates Think, Inc. | Virus detection system |
GB0214943D0 (en) * | 2002-06-28 | 2002-08-07 | Bitarts Ltd | Computer program protection |
JP2004046435A (ja) * | 2002-07-10 | 2004-02-12 | Hitachi Ltd | バックアップ方法、その方法に用いた記憶制御装置 |
CN1308846C (zh) * | 2002-12-16 | 2007-04-04 | 联想(北京)有限公司 | 在硬盘上实现保护计算机操作系统的方法 |
US7392542B2 (en) * | 2003-08-29 | 2008-06-24 | Seagate Technology Llc | Restoration of data corrupted by viruses using pre-infected copy of data |
WO2006116395A2 (en) * | 2005-04-26 | 2006-11-02 | Rdr Technologies, Llc | System for data archiving and system behavior prediction |
-
2006
- 2006-02-15 CN CNB2006100076114A patent/CN100465978C/zh not_active Expired - Fee Related
- 2006-10-31 EP EP06805120A patent/EP1967954A1/en not_active Withdrawn
- 2006-10-31 US US12/093,776 patent/US20080222215A1/en not_active Abandoned
- 2006-10-31 WO PCT/CN2006/002919 patent/WO2007056932A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1371050A (zh) * | 2001-02-20 | 2002-09-25 | 英业达股份有限公司 | 一种生成具有自检测和自修复功能的应用程序的方法 |
CN1314638A (zh) * | 2001-04-29 | 2001-09-26 | 北京瑞星科技股份有限公司 | 检测和清除已知及未知计算机病毒的方法、系统和介质 |
WO2004090733A1 (en) * | 2003-04-14 | 2004-10-21 | Hauri, Inc. | Method for removing viruses infecting memory, computer-readable storage medium recorded with virus-removing program, and virus-removing apparatus |
CN1707383A (zh) * | 2004-06-10 | 2005-12-14 | 陈朝晖 | 通过进程和系统轨迹分析阻断计算机病毒方法 |
Also Published As
Publication number | Publication date |
---|---|
CN1936911A (zh) | 2007-03-28 |
US20080222215A1 (en) | 2008-09-11 |
WO2007056932A1 (fr) | 2007-05-24 |
EP1967954A1 (en) | 2008-09-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100465978C (zh) | 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 | |
CN100437614C (zh) | 未知病毒程序的识别及清除方法 | |
Perkins et al. | Automatically patching errors in deployed software | |
US7756834B2 (en) | Malware and spyware attack recovery system and method | |
CN1954297A (zh) | 在具有病毒、间谍软件以及黑客防护特征的虚拟处理空间中的隔离复用多维处理 | |
KR20120094481A (ko) | 동적 함수 호출 시스템들에서 공격적인 자기-수정을 위한 시스템 및 방법 | |
Balachandran et al. | Potent and stealthy control flow obfuscation by stack based self-modifying code | |
CN107450964B (zh) | 一种用于发现虚拟机自省系统中是否存在漏洞的方法 | |
US20140047222A1 (en) | Method and device for recombining runtime instruction | |
US20050015579A1 (en) | Handling exceptions | |
CN101477610A (zh) | 源码和目标码联合嵌入的软件水印方法 | |
KR20130093775A (ko) | 시스템 파일 보호 및 복구를 위한 장치, 방법, 사용자 단말기 및 시스템 | |
KR101860674B1 (ko) | 크래시 리포트 그룹핑 방법, 서버 및 컴퓨터 프로그램 | |
KR20160138523A (ko) | 위험 파일에 대응하는 행위 정보를 결정하는 방법 및 장치 | |
Suk et al. | UnThemida: Commercial obfuscation technique analysis with a fully obfuscated program | |
Al-Sharif et al. | The Effects of Platforms and Languages on the Memory Footprint of the Executable Program: A Memory Forensic Approach. | |
Bacs et al. | System-level support for intrusion recovery | |
CN100373287C (zh) | 检测程序操作行为的方法及病毒程序检测、清除方法 | |
CN103679024A (zh) | 病毒的处理方法及设备 | |
CN103677746A (zh) | 指令重组方法及装置 | |
JP2003091429A (ja) | データ一括保護システム | |
JP5549810B2 (ja) | プログラム難読化装置、プログラム制御装置、プログラム難読化方法及びプログラム | |
CN102902913A (zh) | 防止恶意破坏计算机内的软件的保全方法 | |
Balachandran et al. | Obfuscation by code fragmentation to evade reverse engineering | |
US20090133124A1 (en) | A method for detecting the operation behavior of the program and a method for detecting and clearing the virus program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
ASS | Succession or assignment of patent right |
Owner name: JIANG ZHIYUAN Free format text: FORMER OWNER: BAI JIE Effective date: 20120731 Free format text: FORMER OWNER: LI WEI LU ZHENGYU Effective date: 20120731 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100089 HAIDIAN, BEIJING TO: 264012 YANTAI, SHANDONG PROVINCE |
|
TR01 | Transfer of patent right |
Effective date of registration: 20120731 Address after: 264012, No. 9, No. 6, agriculture support, Zhifu District, Yantai, Shandong Patentee after: Jiang Zhiyuan Address before: 100089 No. 203, building 16, little Nanzhuang, Beijing, Haidian District Co-patentee before: Li Wei Patentee before: Bai Jie Co-patentee before: Lu Zhengyu |
|
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090304 Termination date: 20150215 |
|
EXPY | Termination of patent right or utility model |