CN102750463A - System and method for improving file rescanning speed - Google Patents
System and method for improving file rescanning speed Download PDFInfo
- Publication number
- CN102750463A CN102750463A CN2011104219086A CN201110421908A CN102750463A CN 102750463 A CN102750463 A CN 102750463A CN 2011104219086 A CN2011104219086 A CN 2011104219086A CN 201110421908 A CN201110421908 A CN 201110421908A CN 102750463 A CN102750463 A CN 102750463A
- Authority
- CN
- China
- Prior art keywords
- file
- document
- virus
- scanning
- cache information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a system and a method for improving a file rescanning speed. According to the system, a cloud caching information base is constructed through a constructing module; file information for the first file scanning is extracted through an extracting module and stored into a storing module according to the extracted information, and the file for the first file scanning is distributed to the cloud caching information base; the file for the first scanning is rescanned and determined whether provided with virus misinformation, namely, the file matches with a corresponding file in the cloud caching information base, the file is delivered to an antivirus engine for determination if no matched file exists in the cloud caching information base, the file is delivered to a remote cloud end for confirmation if the file is detected as a virus file by the antivirus engine, and the result is fed back to the cloud caching information base. According to a method suitable for the system, the file is processed only through matching with a file in the cloud caching information base when a file is rescanned for more than two times. The system and the method solve the problems of a large quantity of detection time and system resource consumption.
Description
Technical field
The present invention relates to computer network field, relate in particular to a kind of system and method that improves multiple scanning file speed.
Background technology
At present, the network security antivirus software is all to carry out a series of feature extraction and characteristic matching through the form of file traversal and to each file to file scan, and this document is carried out long-range high in the clouds identify, realizes the detection to this document.Just in processing such as extraction characteristic, characteristic matching, the evaluation of long-range high in the clouds, consumed a large amount of detection times.And also carried out and scan same work for the first time for scanned file, lot of consumption detection time but also taken a large amount of system resources so not only.So, the scanning document and the most effectively be treated as the urgent problem that solves of needing for how fast.
Summary of the invention
Through the above-mentioned problem that proposes, the present invention is directed to above scanning multiple scanning " same file " a kind of system and method that improves file multiple scanning speed that proposes twice, concrete summary of the invention is following:
A kind of system that improves multiple scanning file speed is characterized in that, comprising:
Make up module, be used to set up cloud cache information storehouse, wherein, described cloud cache information storehouse comprises: blacklist, white list;
Extraction module is used for file is scanned for the first time and extracts the fileinfo of first scanning document;
Memory module is used for storing first scanning document into cloud cache information storehouse according to the fileinfo that extracts first scanning document;
The multiple scanning module is used to judge whether first scanning document exists the virus wrong report, and the virus document of judging is sent to the antivirus engine mould;
The antivirus engine module receives multiple scanning module delivery file virus information and identifies,
If it is virus document that antivirus engine detects, then carries out file virus and identify to long-range high in the clouds;
Not virus document if the antivirus engine module detects, then store in the white list of cloud cache information storehouse;
Long-range high in the clouds, the qualification result that receives the transmission of antivirus engine module is analyzed and is stored in the cloud cache information storehouse.
Described fileinfo comprises: the MD5 value of file, file size.
It is characterized in that described memory module comprises:
Whether detect first scanning document is virus document;
If virus document, then put into the blacklist in cloud cache information storehouse;
If not virus document, then put into the white list in cloud cache information storehouse.
Described multiple scanning module comprises:
Scanning element is carried out multiple scanning to first scanning document;
Detecting unit judges according to the fileinfo of first scanning document whether multiple scanning file and cloud cache information storehouse file mate;
If multiple scanning file and cloud cache information library file coupling are then confirmed in white list still is blacklist;
If the multiple scanning file in white list, is then skipped virus scan;
If the multiple scanning file in blacklist, is then confirmed as virus document;
If multiple scanning file and cloud buffer memory library information library file do not match, then deliver and give whether the detection of antivirus engine module is virus document.
Describedly carry out file virus to long-range high in the clouds and identify and to comprise:
If it is virus document that remote port is identified, then store in the blacklist of cloud cache information storehouse;
If identify in long-range high in the clouds is not virus document, then store in the white list of cloud cache information storehouse.
Be adapted to described a kind of system that improves multiple scanning file speed, comprise:
Set up cloud cache information storehouse, wherein, described cloud cache information storehouse comprises: blacklist, white list;
File is scanned and extracts the fileinfo of first scanning document for the first time;
Fileinfo according to extracting first scanning document stores first scanning document into cloud cache information storehouse;
Judge whether first scanning document exists the virus wrong report, and the virus document of judging is sent to the antivirus engine mould;
The antivirus engine mould receives multiple scanning module delivery file virus information and identifies;
If it is virus document that antivirus engine detects, then carries out file virus and identify to long-range high in the clouds;
Not virus document if the antivirus engine module detects, then store in the white list of cloud cache information storehouse.
Described fileinfo comprises: the MD5 value of file, file size.
It is characterized in that, describedly store first scanning document into cloud cache information storehouse and comprise according to extracting first scanning document information:
Whether detect first scanning document is virus document;
If virus document, then put into the blacklist in cloud buffer memory library information storehouse;
If not virus document, then put into the white list in cloud buffer memory library information storehouse.
Describedly judge whether first scanning document exists virus and confirm that the whether storage wrong report of virus document comprises:
First scanning document is carried out multiple scanning;
Judge according to the fileinfo of first scanning document whether multiple scanning file and cloud cache information storehouse file mate;
If multiple scanning file and cloud cache information library file coupling are then confirmed in white list still is blacklist;
If the multiple scanning file in white list, is then skipped virus scan;
If the multiple scanning file in blacklist, is then confirmed as virus document;
If multiple scanning file and cloud buffer memory library file do not match, then deliver and give whether the detection of antivirus engine module is virus document.
Describedly carry out file virus to long-range high in the clouds and identify and to comprise:
If it is virus document that remote port is identified, then store in the blacklist of cloud cache information storehouse;
If identify in long-range high in the clouds is not virus document, then store in the white list of cloud cache information storehouse.
The present invention provides a kind of system and method that improves multiple scanning file speed; Set up cloud cache information storehouse through making up module; By extraction module extract first file scan fileinfo and according to the information stores of extracting in the memory module again the file allocation of first scanning in cloud cache information storehouse; In the multiple scanning module, carry out this document and whether judge for the first time really, promptly with cloud cache information storehouse in corresponding file coupling, if be not complementary file then deliver to antivirus engine and judge in the cloud cache information storehouse; If antivirus engine detects to be virus document then finally to transfer to long-range high in the clouds and confirm, feed back to again in the cloud cache information storehouse; A kind of method that is adapted to this system that proposes only needs just can carry out handled to this document with cloud cache information library file coupling when having solved equally same file being carried out twice above multiple scanning; Through the above-mentioned problem that has solved lot of consumption detection time and taken a large amount of system resources of inventing of carrying.
Description of drawings
In order to be illustrated more clearly in the present invention or technical scheme of the prior art; To do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below; Obviously, the accompanying drawing in describing below only is some embodiment that put down in writing among the present invention, for those of ordinary skills; Under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is a kind of system construction drawing that improves multiple scanning file speed;
Fig. 2 is a kind of raising multiple scanning file method of velocity process flow diagram;
Fig. 3 is a kind of method flow diagram that first scanning document is stored into cloud cache information storehouse that improves in the multiple scanning file method of velocity;
Fig. 4 is a kind of method flow diagram of judging first scanning document in the multiple scanning file method of velocity that improves;
Fig. 5 judges first scanning document process flow diagram for a kind of raising multiple scanning file method of velocity medium-long range high in the clouds.
Embodiment
In order to make those skilled in the art person understand the technical scheme in the embodiment of the invention better, and make above-mentioned purpose of the present invention, feature and advantage can be more obviously understandable, below in conjunction with accompanying drawing technical scheme among the present invention done further detailed explanation.
A kind of system that improves multiple scanning file speed, as shown in Figure 1, comprising:
101 make up module, are used to set up cloud cache information storehouse, and wherein, described cloud cache information storehouse comprises: blacklist, white list;
102 extraction modules are used for file is scanned and extract the civilian fileinfo of first scanning for the first time;
103 memory modules are used for storing first scanning document into cloud cache information storehouse according to the fileinfo that extracts first scanning document;
104 multiple scanning modules are used for multiple scanning and judge whether first scanning document exists the virus wrong report;
105 antivirus engine modules receive multiple scanning module delivery file virus information and identify,
If it is virus document that antivirus engine detects, then carries out file virus and identify to long-range high in the clouds;
Not virus document if the antivirus engine module detects, then store in the white list of cloud cache information storehouse;
106 long-range high in the clouds, the qualification result that receives the transmission of antivirus engine module is analyzed and is stored in the cloud cache information storehouse.
Described fileinfo comprises: the MD5 value of file, file size.
Described memory module 103 comprises:
Whether detect first scanning document is virus document;
If virus document, then put into the blacklist in cloud cache information storehouse;
If not virus document, then put into the white list in cloud cache information storehouse.
Described multiple scanning module 104 comprises:
The 104-1 scanning element is carried out multiple scanning to first scanning document;
The 104-2 detecting unit judges according to the fileinfo of first scanning document whether multiple scanning file and cloud cache information storehouse file mate;
If multiple scanning file and cloud cache information library file coupling are then confirmed in white list still is blacklist;
If the multiple scanning file in white list, is then skipped virus scan;
If the multiple scanning file in blacklist, is then confirmed as virus document;
If multiple scanning file and cloud buffer memory library information library file do not match, then deliver and give whether the detection of antivirus engine module is virus document; Mentioned herein to not matching with buffer memory library information library file, be meant that Here it is so and buffer memory library information library file does not match if the multiple scanning file is a white list file and first scanning is the blacklist file.
Whether described delivery detects for antivirus engine module 105 is that virus document comprises:
If it is virus document that remote port is identified, then store in the blacklist of cloud cache information storehouse;
If identify in long-range high in the clouds is not virus document, then store in the white list of cloud cache information storehouse.
Further be interpreted as to the above-mentioned system that proposes, carry out the above scanning second time (containing scanning for the second time) to same file and can directly detect processing, promptly can improve file scan speed by the multiple scanning module.
A kind of raising multiple scanning file method of velocity is adapted to described a kind of system that improves multiple scanning file speed, and is as shown in Figure 2, comprising:
S201 sets up cloud cache information storehouse, and wherein, described cloud cache information storehouse comprises: blacklist, white list;
S202 scans and extracts the fileinfo of first scanning document for the first time to file;
S203 stores first scanning document into cloud cache information storehouse according to the fileinfo that extracts first scanning document;
S204 judges whether first scanning document exists the virus wrong report, and the virus document of judging is sent to the antivirus engine mould;
S205 antivirus engine mould receives multiple scanning module delivery file virus information and identifies,
If it is virus document that antivirus engine detects, then execution in step S206 carries out the file virus evaluation to long-range high in the clouds;
Be not virus document if the antivirus engine module detects, then execution in step S207 stores in the white list of cloud cache information storehouse.
S206 carries out file virus to long-range high in the clouds to be identified;
S207 stores in the white list of cloud cache information storehouse.
Described fileinfo comprises: the MD5 value of file, file size.
Describedly store first scanning document into cloud cache information storehouse S203 according to extracting first scanning document information, as shown in Figure 3, comprising:
S301 stores first scanning document into cloud cache information storehouse;
Whether S302 detects first scanning document is virus document;
If virus document, then execution in step S303 puts into the blacklist in cloud buffer memory library information storehouse;
If not virus document, then execution in step S304 puts into the white list in cloud buffer memory library information storehouse;
S303 puts into the blacklist in cloud buffer memory library information storehouse;
S304 puts into the white list in cloud buffer memory library information storehouse.
Describedly judge whether first scanning document exists virus and confirm and be the whether storage wrong report S204 of virus document, as shown in Figure 4, comprising:
S401 carries out multiple scanning to first scanning document;
S402 judges according to the fileinfo of first scanning document whether multiple scanning file and cloud cache information storehouse file mate;
If multiple scanning file and cloud cache information library file coupling, then execution in step S403 confirms in white list still is blacklist, promptly judges whether in white list otherwise just in blacklist;
If the multiple scanning file is in white list, then execution in step S404 skips virus scan;
If the multiple scanning file is in blacklist, then execution in step S405 confirms as virus document;
If multiple scanning file and cloud buffer memory library file do not match, then execution in step S406 delivers whether detection is virus document to the antivirus engine module;
S403 confirms in white list still is blacklist, promptly judges whether in white list otherwise just in blacklist;
S404 skips virus scan;
S405 confirms as virus document;
Whether S406 delivers and detects to the antivirus engine module is virus document.
Describedly carry out file virus to long-range high in the clouds and identify S205, as shown in Figure 5, comprising:
S501 carries out in long-range high in the clouds file virus to be identified;
The long-range high in the clouds of S502 judges whether to be virus document;
If it is virus document that remote port is identified, then execution in step S503 stores in the blacklist of cloud cache information storehouse;
If identify in long-range high in the clouds is not virus document, then execution in step S504 stores in the white list of cloud cache information storehouse;
S503 stores in the blacklist of cloud cache information storehouse;
S504 stores in the white list of cloud cache information storehouse.
The present invention proposes a kind of system and method that improves multiple scanning file speed; Wherein said system is mainly through setting up cloud cache information storehouse and storing by carrying out the first time to cloud buffer memory storehouse after extraction module, the memory module analysis; When the scanning of identical file being carried out more than twice or twice is then directly carried out file coupling through cloud cache information storehouse file, if do not have this file in the cloud cache information storehouse so then to crossing antivirus engine and identify in long-range high in the clouds and net result is sent to cloud cache information storehouse; The present invention also proposes a kind of raising multiple scanning file method of velocity to carrying system, can improve file scan speed and reduce down file being scanned quickly and accurately in advance of the wasting of resources through the method.
Though described the present invention through embodiment, those of ordinary skills know, the present invention has many distortion and variation and do not break away from spirit of the present invention, hope that appended claim comprises these distortion and variation and do not break away from spirit of the present invention.
Claims (10)
1. a system that improves multiple scanning file speed is characterized in that, comprising:
Make up module, be used to set up cloud cache information storehouse, wherein, described cloud cache information storehouse comprises: blacklist, white list;
Extraction module is used for file is scanned for the first time and extracts the fileinfo of first scanning document;
Memory module is used for storing first scanning document into cloud cache information storehouse according to the fileinfo that extracts first scanning document;
The multiple scanning module is used to judge whether first scanning document exists the virus wrong report, and the virus document of judging is sent to the antivirus engine mould;
The antivirus engine module receives multiple scanning module delivery file virus information and identifies;
If it is virus document that antivirus engine detects, then carries out file virus and identify to long-range high in the clouds;
Not virus document if the antivirus engine module detects, then store in the white list of cloud cache information storehouse;
Long-range high in the clouds, the qualification result that receives the transmission of antivirus engine module is analyzed and is stored in the cloud cache information storehouse.
2. the system of claim 1 is characterized in that, described fileinfo comprises: the MD5 value of file, file size.
3. the system of claim 1 is characterized in that, described memory module comprises:
Whether detect first scanning document is virus document;
If virus document, then put into the blacklist in cloud cache information storehouse;
If not virus document, then put into the white list in cloud cache information storehouse.
4. the system of claim 1 is characterized in that, described multiple scanning module comprises:
Scanning element is carried out multiple scanning to first scanning document;
Detecting unit judges according to the fileinfo of first scanning document whether multiple scanning file and cloud cache information storehouse file mate;
If multiple scanning file and cloud cache information library file coupling are then confirmed in white list still is blacklist;
If the multiple scanning file in white list, is then skipped virus scan;
If the multiple scanning file in blacklist, is then confirmed as virus document;
If multiple scanning file and cloud buffer memory library information library file do not match, then deliver and give whether the detection of antivirus engine module is virus document.
5. the system of claim 1 is characterized in that, describedly carries out file virus to long-range high in the clouds and identifies and to comprise:
If it is virus document that remote port is identified, then store in the blacklist of cloud cache information storehouse;
If identify in long-range high in the clouds is not virus document, then store in the white list of cloud cache information storehouse.
6. one kind is improved multiple scanning file method of velocity, is adapted to described a kind of system that improves multiple scanning file speed, comprising:
Set up cloud cache information storehouse, wherein, described cloud cache information storehouse comprises: blacklist, white list;
File is scanned and extracts the fileinfo of first scanning document for the first time;
Fileinfo according to extracting first scanning document stores first scanning document into cloud cache information storehouse;
Judge whether first scanning document exists the virus wrong report, and the virus document of judging is sent to the antivirus engine mould;
The antivirus engine mould receives multiple scanning module delivery file virus information and identifies,
If it is virus document that antivirus engine detects, then carries out file virus and identify to long-range high in the clouds;
Not virus document if the antivirus engine module detects, then store in the white list of cloud cache information storehouse.
7. method as claimed in claim 6 is characterized in that, described fileinfo comprises: the MD5 value of file, file size.
8. method as claimed in claim 6 is characterized in that, it is characterized in that, describedly stores first scanning document into cloud cache information storehouse and comprises according to extracting first scanning document information:
Whether detect first scanning document is virus document;
If virus document, then put into the blacklist in cloud buffer memory library information storehouse;
If not virus document, then put into the white list in cloud buffer memory library information storehouse.
9. method as claimed in claim 6 is characterized in that, describedly judges whether first scanning document exists virus and confirm that the whether storage wrong report of virus document comprises:
First scanning document is carried out multiple scanning;
Judge according to the fileinfo of first scanning document whether multiple scanning file and cloud cache information storehouse file mate;
If multiple scanning file and cloud cache information library file coupling are then confirmed in white list still is blacklist;
If the multiple scanning file in white list, is then skipped virus scan;
If the multiple scanning file in blacklist, is then confirmed as virus document;
If multiple scanning file and cloud buffer memory library file do not match, then deliver and give whether the detection of antivirus engine module is virus document.
10. method as claimed in claim 6 is characterized in that, describedly carries out file virus to long-range high in the clouds and identifies and to comprise:
If it is virus document that remote port is identified, then store in the blacklist of cloud cache information storehouse;
If identify in long-range high in the clouds is not virus document, then store in the white list of cloud cache information storehouse.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011104219086A CN102750463A (en) | 2011-12-16 | 2011-12-16 | System and method for improving file rescanning speed |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011104219086A CN102750463A (en) | 2011-12-16 | 2011-12-16 | System and method for improving file rescanning speed |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102750463A true CN102750463A (en) | 2012-10-24 |
Family
ID=47030639
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2011104219086A Pending CN102750463A (en) | 2011-12-16 | 2011-12-16 | System and method for improving file rescanning speed |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102750463A (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102982284A (en) * | 2012-11-30 | 2013-03-20 | 北京奇虎科技有限公司 | Scanning equipment, cloud management equipment and method and system used for malicious program checking and killing |
CN102982121A (en) * | 2012-11-12 | 2013-03-20 | 北京奇虎科技有限公司 | File scanning method and file scanning device and file detecting system |
CN102999722A (en) * | 2012-11-12 | 2013-03-27 | 北京奇虎科技有限公司 | File detecting system |
CN103034808A (en) * | 2012-11-30 | 2013-04-10 | 北京奇虎科技有限公司 | Scanning method, equipment and system and cloud management method and equipment |
CN103607433A (en) * | 2013-11-01 | 2014-02-26 | 北京奇虎科技有限公司 | Method of deploying files in batches on terminal and apparatus thereof |
CN104052807A (en) * | 2014-06-13 | 2014-09-17 | 珠海市君天电子科技有限公司 | Information processing method and device based on cloud |
WO2016029441A1 (en) * | 2014-08-25 | 2016-03-03 | 百度在线网络技术(北京)有限公司 | File scanning method and apparatus |
CN105718800A (en) * | 2016-01-18 | 2016-06-29 | 北京金山安全管理系统技术有限公司 | Rapid virus scanning and killing method and apparatus |
CN107451152A (en) * | 2016-05-31 | 2017-12-08 | 阿里巴巴集团控股有限公司 | Computing device, data buffer storage and the method and device of lookup |
CN107679080A (en) * | 2017-08-29 | 2018-02-09 | 努比亚技术有限公司 | A kind of multimedia data recording method, terminal and computer-readable recording medium |
CN111061656A (en) * | 2019-11-13 | 2020-04-24 | 杭州安恒信息技术股份有限公司 | Secondary rapid disinfection method with low resource consumption |
CN111400712A (en) * | 2020-03-17 | 2020-07-10 | 深信服科技股份有限公司 | File virus checking and killing method, equipment, device and computer storage medium |
CN113238760A (en) * | 2021-05-28 | 2021-08-10 | 统信软件技术有限公司 | Software migration method and device, computing equipment and readable storage medium |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050132205A1 (en) * | 2003-12-12 | 2005-06-16 | International Business Machines Corporation | Apparatus, methods and computer programs for identifying matching resources within a data processing network |
CN1983295A (en) * | 2005-12-12 | 2007-06-20 | 北京瑞星国际软件有限公司 | Method and device for recognizing virus |
CN101017523A (en) * | 2006-04-14 | 2007-08-15 | 北京瑞星国际软件有限公司 | Scanning system for virus and method therefor |
CN101039177A (en) * | 2007-04-27 | 2007-09-19 | 珠海金山软件股份有限公司 | Apparatus and method for on-line searching virus |
CN101304426A (en) * | 2008-07-10 | 2008-11-12 | 腾讯科技(深圳)有限公司 | Method and device for recognizing and reporting questionable document |
CN101923617A (en) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | Cloud-based sample database dynamic maintaining method |
CN101950336A (en) * | 2010-08-18 | 2011-01-19 | 奇智软件(北京)有限公司 | Method and device for removing malicious programs |
CN102262716A (en) * | 2010-05-25 | 2011-11-30 | 腾讯科技(深圳)有限公司 | Real-time protection method and device |
CN102272771A (en) * | 2008-12-31 | 2011-12-07 | 微软公司 | Shared repository of malware data |
CN102279917A (en) * | 2011-09-19 | 2011-12-14 | 奇智软件(北京)有限公司 | Multi-antivirus engine parallel antivirus method and system |
CN301923617S (en) * | 2011-11-21 | 2012-05-23 | 方壁东 | Explosion-proof project mop socket (Cp-A12) |
-
2011
- 2011-12-16 CN CN2011104219086A patent/CN102750463A/en active Pending
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050132205A1 (en) * | 2003-12-12 | 2005-06-16 | International Business Machines Corporation | Apparatus, methods and computer programs for identifying matching resources within a data processing network |
CN1983295A (en) * | 2005-12-12 | 2007-06-20 | 北京瑞星国际软件有限公司 | Method and device for recognizing virus |
CN101017523A (en) * | 2006-04-14 | 2007-08-15 | 北京瑞星国际软件有限公司 | Scanning system for virus and method therefor |
CN101039177A (en) * | 2007-04-27 | 2007-09-19 | 珠海金山软件股份有限公司 | Apparatus and method for on-line searching virus |
CN101304426A (en) * | 2008-07-10 | 2008-11-12 | 腾讯科技(深圳)有限公司 | Method and device for recognizing and reporting questionable document |
CN102272771A (en) * | 2008-12-31 | 2011-12-07 | 微软公司 | Shared repository of malware data |
CN102262716A (en) * | 2010-05-25 | 2011-11-30 | 腾讯科技(深圳)有限公司 | Real-time protection method and device |
CN101923617A (en) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | Cloud-based sample database dynamic maintaining method |
CN101950336A (en) * | 2010-08-18 | 2011-01-19 | 奇智软件(北京)有限公司 | Method and device for removing malicious programs |
CN102279917A (en) * | 2011-09-19 | 2011-12-14 | 奇智软件(北京)有限公司 | Multi-antivirus engine parallel antivirus method and system |
CN301923617S (en) * | 2011-11-21 | 2012-05-23 | 方壁东 | Explosion-proof project mop socket (Cp-A12) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102999722B (en) * | 2012-11-12 | 2015-09-16 | 北京奇虎科技有限公司 | File detection system |
CN102982121A (en) * | 2012-11-12 | 2013-03-20 | 北京奇虎科技有限公司 | File scanning method and file scanning device and file detecting system |
CN102999722A (en) * | 2012-11-12 | 2013-03-27 | 北京奇虎科技有限公司 | File detecting system |
CN102982121B (en) * | 2012-11-12 | 2015-11-11 | 北京奇虎科技有限公司 | A kind of file scanning method, file scanning device and file detection system |
CN103034808A (en) * | 2012-11-30 | 2013-04-10 | 北京奇虎科技有限公司 | Scanning method, equipment and system and cloud management method and equipment |
CN102982284A (en) * | 2012-11-30 | 2013-03-20 | 北京奇虎科技有限公司 | Scanning equipment, cloud management equipment and method and system used for malicious program checking and killing |
CN103607433B (en) * | 2013-11-01 | 2018-05-04 | 北京奇安信科技有限公司 | A kind of method and device in terminal deployment file in batches |
CN103607433A (en) * | 2013-11-01 | 2014-02-26 | 北京奇虎科技有限公司 | Method of deploying files in batches on terminal and apparatus thereof |
CN104052807A (en) * | 2014-06-13 | 2014-09-17 | 珠海市君天电子科技有限公司 | Information processing method and device based on cloud |
CN104052807B (en) * | 2014-06-13 | 2018-05-08 | 珠海市君天电子科技有限公司 | A kind of information processing method and device based on high in the clouds |
WO2016029441A1 (en) * | 2014-08-25 | 2016-03-03 | 百度在线网络技术(北京)有限公司 | File scanning method and apparatus |
US10049113B2 (en) | 2014-08-25 | 2018-08-14 | Baidu Online Network Technology (Beijing) Co., Ltd. | File scanning method and apparatus |
CN105718800A (en) * | 2016-01-18 | 2016-06-29 | 北京金山安全管理系统技术有限公司 | Rapid virus scanning and killing method and apparatus |
CN107451152A (en) * | 2016-05-31 | 2017-12-08 | 阿里巴巴集团控股有限公司 | Computing device, data buffer storage and the method and device of lookup |
CN107451152B (en) * | 2016-05-31 | 2021-06-11 | 阿里巴巴集团控股有限公司 | Computing device, data caching and searching method and device |
CN107679080A (en) * | 2017-08-29 | 2018-02-09 | 努比亚技术有限公司 | A kind of multimedia data recording method, terminal and computer-readable recording medium |
CN111061656A (en) * | 2019-11-13 | 2020-04-24 | 杭州安恒信息技术股份有限公司 | Secondary rapid disinfection method with low resource consumption |
CN111400712A (en) * | 2020-03-17 | 2020-07-10 | 深信服科技股份有限公司 | File virus checking and killing method, equipment, device and computer storage medium |
CN113238760A (en) * | 2021-05-28 | 2021-08-10 | 统信软件技术有限公司 | Software migration method and device, computing equipment and readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102750463A (en) | System and method for improving file rescanning speed | |
CN102611611B (en) | A kind of log buffer system and method | |
EP2416272A3 (en) | Smart card, anti-virus system and scanning method using the same | |
CN101308533A (en) | Method, apparatus and system for virus checking and killing | |
CN102945348A (en) | Method and device for collecting file information | |
CN103632094A (en) | Virus defense system for uploading cloud computing big data | |
CN102945349A (en) | Method and device for processing unknown files | |
CN102821164A (en) | Efficient parallel-distribution type data processing system | |
CN102523223A (en) | Trojan detection method and apparatus thereof | |
CN103368914A (en) | Method, apparatus and device for intercepting message | |
CN102609653A (en) | File quick-scanning method and file quick-scanning system | |
US20200019934A1 (en) | Method and device for determining mail path information | |
CN102752371A (en) | Method for achieving splash on client side and client side | |
CN101833546A (en) | Method and device for extracting form from portable electronic document | |
EP2738675A3 (en) | System and method for efficient resource management of a signal flow programmed digital signal processor code | |
CN105488409A (en) | Method and system for detecting malicious code family variety and new family | |
CN103942282A (en) | Sample data obtaining method, device and system | |
CN101989322A (en) | Method and system for automatically extracting memory features of malicious code | |
CN102685209A (en) | Method, device and facility for assisting user equipment to receive and dispatch instant message | |
CN105337850A (en) | Internet of Things data processing method and internet of Things gateway | |
CN105024989A (en) | Malicious URL heuristic detection method and system based on abnormal port | |
CN101976229A (en) | Data reading method, system and device for peripheral equipment of system | |
CN101719208B (en) | Method and device for automatically extracting characteristics of virus file | |
CN102594708A (en) | Flow control method and device, line cards and distributed network equipment | |
CN108966160B (en) | Short message processing method and device and computer readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C53 | Correction of patent of invention or patent application | ||
CB02 | Change of applicant information |
Address after: 100080 Haidian District City, Zhongguancun, the main street, No. 1 Hailong building, room 1415, room 14 Applicant after: Beijing Antiy Electronic Installation Co., Ltd. Address before: 100084, 2B-521, bright city, No. 1, Nongda South Road, Beijing, Haidian District Applicant before: Beijing Antiy Electronic Installation Co., Ltd. |
|
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20121024 |