Disclosure of Invention
In view of the above, the technical problem to be solved by the present invention is to provide a method and an apparatus for detecting an installation status of an application, which can perform a thorough and detailed inspection on the installation of the application in combination with various angles.
In order to solve the technical problem, the invention discloses a method for detecting the installation state of an application program, which comprises the following steps: establishing a cloud database, wherein reference feature codes of all files collected by each application program are stored; maintaining a terminal configuration list, wherein an installation path of each application program installed on the terminal, all files installed by each application program obtained according to the installation path and a feature code of each file are recorded; extracting the feature codes of each file of the application program to be detected according to the terminal configuration list, comparing the feature codes in a cloud database, judging whether the application program to be detected is correctly installed on the terminal according to a comparison result, and feeding back the result to the terminal.
Further, the feature code is a feature code that uniquely identifies the file and the file content, and includes one or more of the following combinations: and the MD5 verification code, the secure hash algorithm check code and the cyclic redundancy check code are obtained through the operation of an information digest algorithm MD 5.
Further, the maintaining the terminal configuration list further includes: and when each application program adds a file and/or deletes the file and/or modifies the file content and/or modifies the file storage path, updating a corresponding record in the terminal configuration list.
Further, a reference key value written into a registry entry collected for each application program is also stored in the cloud database; the terminal configuration list also records a path of a registry key created by each application program installed on the terminal and a key value written into the registry key by each application program, which is obtained according to the path of the registry key; and extracting key values written into registry entries of the application program to be detected according to the terminal configuration list, comparing the key values in the cloud database, judging whether the application program to be detected is correctly set in the registry on the terminal according to a comparison result, and feeding back the result to the terminal.
Further, the maintaining the terminal configuration list further includes: and when each application program modifies the path of the registry key and/or adds the registry key and/or deletes the registry key and/or modifies the content of the system registry key, the corresponding record is also updated in the terminal configuration list.
Furthermore, a reference main process and a matched process and/or a whole dynamic link library and/or service created when each collected application program runs are also stored in the cloud database; the terminal configuration list also records a main process created when each application program installed on the terminal runs, and a process and/or a dynamic link library and/or a service called by the main process; and extracting a main process created when the application program to be detected runs and a process and/or a dynamic link library and/or a service called by the main process according to the terminal configuration list, comparing the main process and the process and/or the dynamic link library and/or the service in a cloud database, judging whether the application program to be detected runs correctly on the terminal according to a comparison result, and feeding back the correct operation to the terminal.
Further, the maintaining the terminal configuration list further includes: and when each application program adds a process and/or adds a matching process and/or adds a dynamic link library and/or adds a service and/or deletes a process, updating a corresponding record in the terminal configuration list.
Further, the feedback sent to the terminal when the application program to be detected is correctly installed on the terminal is judged according to the comparison result, and the feedback comprises: prompting that the application program to be detected is correctly installed on the terminal; and when the comparison result is used for judging that the application program to be detected is correctly set in the registry on the terminal, sending feedback to the terminal, wherein the feedback comprises the following steps: prompting that the application program to be detected is correctly set in a registry on the terminal; and judging feedback sent to the terminal when the application program to be detected runs correctly on the terminal according to the comparison result, wherein the feedback comprises the following steps: prompting the application program to be detected to operate correctly on the terminal; and when the application program to be detected is judged not to be correctly installed on the terminal and/or not to be correctly set in a registry on the terminal and/or not to be correctly operated on the terminal according to the comparison result, sending feedback to the terminal, wherein the feedback comprises one or more of the following combinations: prompting incorrect information of the application program to be detected, prompting to repair the application program to be detected, prompting to terminate operation of the application program to be detected, prompting to clean the application program to be detected, and prompting to reinstall the application program to be detected.
In order to solve the above technical problem, the present invention also discloses a device for detecting an installation state of an application program, comprising: the system comprises a cloud database, a cloud database management module, a terminal configuration list maintenance module and a comparison analysis module; the cloud database management module is used for establishing a cloud database; the cloud database is used for storing reference feature codes of all files collected by each application program; the terminal configuration list maintenance module is used for maintaining a terminal configuration list; the terminal configuration list is used for recording an installation path of each application program installed on the terminal, all files installed by each application program and feature codes of each file, wherein the files are obtained according to the installation path; and the comparison analysis module is used for extracting the feature codes of each file of the application program to be detected according to the terminal configuration list, comparing the feature codes in a cloud database, and judging whether the application program to be detected is correctly installed on the terminal according to a comparison result and feeding back the result to the terminal.
Further, the feature code extracted by the comparison analysis module is a feature code that uniquely identifies the file and the file content, and includes one or a combination of more of the following: and the MD5 verification code, the secure hash algorithm check code and the cyclic redundancy check code are obtained through the operation of an information digest algorithm MD 5.
Further, the terminal configuration list maintenance module is further configured to update a corresponding record in the terminal configuration list when a file is newly added and/or a file is deleted and/or a file content is modified and/or a file storage path is modified for each application program while maintaining the terminal configuration list.
Further, the cloud database is also used for storing reference key values written into registry entries collected by each application program; the terminal configuration list is further used for recording a path of a registry key created by each application program installed on the terminal and a key value written into the registry key by each application program, wherein the key value is acquired according to the path of the registry key; the comparison analysis module is further configured to extract key values written into the registry entry of the application program to be detected according to the terminal configuration list, compare the key values in the cloud database, and determine whether the application program to be detected is correctly set in the registry on the terminal according to a comparison result and feed the result back to the terminal.
Further, the terminal configuration list maintenance module is configured to, when maintaining the terminal configuration list, update a corresponding record in the terminal configuration list when each application modifies a path of a registry key and/or adds a registry key and/or deletes a registry key and/or modifies content of a system registry key.
Further, the cloud database is also used for storing a reference main process and a matched process and/or a whole dynamic link library and/or service which are created when each collected application program runs; the terminal configuration list is further used for recording a main process created when each application program installed on the terminal runs and a process and/or a dynamic link library and/or a service called by the main process; the comparison analysis module is further configured to extract a main process created when the application program to be detected runs according to the terminal configuration list, compare the process called by the main process and/or the dynamic link library and/or the service in a cloud database, determine whether the application program to be detected runs correctly on the terminal according to a comparison result, and feed back the result to the terminal.
Further, the terminal configuration list maintenance module is configured to, when maintaining the terminal configuration list, update a corresponding record in the terminal configuration list when each application adds a process and/or adds a matching process and/or adds a dynamic link library and/or adds a service and/or deletes a process.
Further, the comparing and analyzing module, according to the comparison result, determines the feedback sent to the terminal when the application program to be detected is correctly installed on the terminal, and includes: prompting that the application program to be detected is correctly installed on the terminal; the comparison analysis module is used for judging feedback sent to the terminal when the application program to be detected is correctly set in the registry on the terminal according to the comparison result, and the feedback comprises the following steps: prompting that the application program to be detected is correctly set in a registry on the terminal; the comparison analysis module is used for judging feedback sent to the terminal when the application program to be detected correctly runs on the terminal according to a comparison result, and comprises the following steps: prompting the application program to be detected to operate correctly on the terminal; the comparison analysis module is used for judging feedback sent to the terminal when the application program to be detected is not correctly installed on the terminal and/or is not correctly set in a registry on the terminal and/or is not correctly operated on the terminal according to a comparison result, and the feedback comprises one or more of the following combinations: prompting incorrect information of the application program to be detected, repairing the application program to be detected, terminating the operation of the application program to be detected, cleaning the application program to be detected, and reinstalling the application program to be detected.
Compared with the prior scheme, the invention has the following technical effects:
1) the application program is damaged due to virus trojan infection damage and poor fault tolerance of the application program, the non-PE data files such as dat files, lib files and the like, even system files can be damaged or lost at any time, the invention can identify the damage of the file content, and an intelligent, quick and convenient detection mode is particularly necessary.
2) The invention can identify the damage of the registry key, and can thoroughly trace whether the software can be basically and correctly started or not by the detection mode.
3) The invention can identify the damage of the memory loading item, thereby thoroughly tracing the reason that the memory loading item can not be correctly started after installation.
Description of the embodiments
The process of the present invention is illustrated below by way of an example. As shown in fig. 1, which is a flowchart of a method for detecting an installation state of an application according to an embodiment of the present invention, the following operations are performed:
and step S10, detecting the feature code of each file of the application program to be detected, and judging whether the application program to be detected is correctly installed on the terminal according to the detection result.
And step S20, detecting the key value written into the registry key by the application program to be detected, and judging whether the application program to be detected is correctly set on the terminal according to the detection result.
And step S30, detecting the memory loading item of the application program to be detected during operation, and judging whether the application program to be detected operates correctly on the terminal according to the detection result.
The installation state of the application program includes: whether the application program to be detected is correctly installed, correctly set and/or correctly operated on the terminal. The steps S10, S20, and S30 have no execution sequence, and may be executed simultaneously or sequentially in any sequence, so as to detect the status of the application to be detected from the above three parallel angles.
The above step S10 is explained below as an example. As shown in fig. 2, which is a flowchart of step S10 according to the embodiment of the present invention, the following operations are performed:
step S102, a cloud database is established, wherein reference feature codes of all files collected by each application program are stored;
the feature code is a feature code for uniquely identifying the file and the file content, and comprises one or more of the following combinations: the method comprises the steps of MD5 verification code obtained through operation of an information digest algorithm MD5, a secure hash algorithm SHA1 check code and a cyclic redundancy CRC check code.
The reference feature code can be a correct reference value which is judged to be correctly installed and is realized through a white list; the reference signature may also be a reference value that is erroneous and determined to be incorrectly installed, and is implemented by a blacklist.
Step S104, maintaining a terminal configuration list, wherein an installation path of each application program installed on the terminal, all files installed by each application program and feature codes of each file, which are obtained according to the installation path, are recorded;
acquiring an installation path of each application installed on the terminal through an API (application programming interface) function having a function of whether a file or a directory exists, such as a PathFileExists function for determining whether a path of a file system object of a file or a directory is valid; and acquiring all files installed by each application program, such as a FindFirstFile function and a FindNextFile function, by using the API function with the function of enumerating files or folders according to the installation path, wherein the FindFirstFile function is used for searching for files according to file names, and the FindNextFile function is used for searching for a next file according to a file name specified when the FindFirstFile function is called.
When each application program adds a file and/or deletes the file and/or modifies the file content (including the system file) and/or modifies the file storage path, the corresponding record is also updated in the terminal configuration list.
And step S106, extracting the feature codes of each file of the application program to be detected according to the terminal configuration list, comparing the feature codes in a cloud database, judging whether the application program to be detected is correctly installed on the terminal according to a comparison result, and feeding back the result to the terminal.
When the reference feature codes are stored in the white list of the cloud database, if the feature codes in the terminal configuration list are hit by the reference feature codes in the cloud database after comparison, it can be judged that the application program to be detected is correctly installed on the terminal; if the feature codes in one terminal configuration list are not hit by the reference feature codes in the cloud database after comparison, it can be determined that the application program to be detected is not correctly installed on the terminal.
When the reference feature codes are stored in the blacklist of the cloud database, if the comparison shows that only one feature code in the terminal configuration list is hit by the reference feature codes in the cloud database, the situation that the application program to be detected is not correctly installed on the terminal can be judged; and if the feature codes in the terminal configuration list are not hit by the reference feature codes in the cloud database after comparison, judging that the application program to be detected is correctly installed on the terminal.
And judging feedback sent to the terminal when the application program to be detected is correctly installed on the terminal according to the comparison result, wherein the feedback comprises the following steps: prompting that the application program to be detected is correctly installed on the terminal;
and judging feedback sent to the terminal when the application program to be detected is not correctly installed on the terminal according to the comparison result, wherein the feedback comprises one or more of the following combinations: prompting incorrect information of the application program to be detected, prompting to repair the application program to be detected, prompting to terminate operation of the application program to be detected, prompting to clean the application program to be detected, and prompting to reinstall the application program to be detected.
The above step S10 is explained below as an application example. The application program to be detected is exemplified by the position, the feature code is exemplified by the MD5, and the MD5 value can be obtained by a hash algorithm.
The cloud database holds reference MD5 values for all files collected by each application, where the reference MD5 value is the correct reference value, for example, including at least:
Fetion.exe&8af829e342a6b15696af9650ad5f805c
fxWebBrowser.exe&8af829e342a6b15696af9650ad5f8051
Fetion.lib&8af829e342a6b15696af9650ad5f8052
wherein, the version, fxwebbrowser. exe, version are files, 8af829e342a6b15696af9650ad5f805c is the MD5 value corresponding to the version, exe, 8af829e342a6b15696af9650ad5f8051 is the MD5 value corresponding to the fxwebbrowser. exe, and 8af829e342a6b15696af9650ad5f8052 is the MD5 value corresponding to the version.
The file path, the file and the MD5 value of the file are recorded in the terminal configuration list, for example:
File1="C:\ProgramFiles\ChinaMobile\Fetion\Fetion.exe"&8af829e342a6b15696af9650ad5f805c
File1="C:\ProgramFiles\ChinaMobile\Fetion\fxWebBrowser.exe"&8af829e342a6b15696af9650ad5f8051
File1="C:\ProgramFiles\ChinaMobile\Fetion\Fetion.lib"&8af829e342a6b15696af9650ad5f8052
in the above formats, the version, fxWebBrowser, exe and version are files, C \ Programfiles \ ChinaMobil \ version is a file path, 8af829e342a6b15696af9650ad5f805C is the MD5 value corresponding to the version, exe, 8af829e342a6b15696af9650ad5f8051 is the MD5 value corresponding to the fxWebBrowser, 8af829e342a6b 15996 af9650ad5f8051 is the MD5 value corresponding to the version, and the version is a non-PE file.
When the application program position adds a file (including a temporarily generated file), deletes the file, modifies the file content (including modifying a windows system file), and stores the path of the file, the parameters recorded in the terminal configuration list are automatically updated and adjusted.
Extracting the MD5 values of the position.exe, fxWebBrowser.exe and the position.lib of the position according to the terminal configuration list, comparing the values in a cloud database, and if the MD5 values in the terminal configuration list are hit by the reference MD5 value in the cloud database after comparison, judging that the application program to be detected is correctly installed on the terminal; if only one MD5 in the terminal configuration list is not hit by the reference MD5 value in the cloud database after comparison, it may be determined that the application to be detected is not correctly installed on the terminal.
The above step S20 is explained below as an example. As shown in fig. 3, which is a flowchart of step S20 according to the embodiment of the present invention, the following operations are performed:
step S202, a cloud database is established, wherein reference key values which are collected by each application program and written into registry entries are stored;
the reference key value can be a correct reference value which is judged to be correctly installed and is realized through a white list; the reference key value may also be a reference value that is erroneous and determined to be incorrectly installed, and is implemented by a blacklist.
Step S204, maintaining a terminal configuration list, wherein a path of a registry key created by each application program installed on the terminal and a key value written into the registry key by each application program obtained according to the path of the registry key are recorded;
acquiring a path of a registry key created by each application program and a key value written in the registry key, such as a SHGetValue function and a RegCreateKeyEx function, by using an API function having a function of performing read-write operation under a specified registry key, wherein the SHGetValue function is used for performing read-write operation under the specified registry key; the RegCreateKeyEx function is used in the Win32 environment for a complex way to create new items under a specified registry key.
And when each application program modifies the path of the registry key and/or adds the registry key and/or deletes the registry key and/or modifies the content of the system registry key, the corresponding record is also updated in the terminal configuration list.
Step S206, extracting key values written into registry entries of the application program to be detected according to the terminal configuration list, comparing the key values in the cloud database, judging whether the application program to be detected is correctly set in the registry on the terminal according to a comparison result, and feeding back the result to the terminal;
when the reference key values are stored in the white list of the cloud database, if the key values in the terminal configuration list are hit by the reference key values in the cloud database after comparison, it can be judged that the application program to be detected is correctly set on the terminal; if only one key value in the terminal configuration list is not hit by the reference key value in the cloud database after comparison, it can be determined that the application program to be detected is not correctly set on the terminal.
When the reference key values are stored in the blacklist of the cloud database, if the comparison shows that only one key value in the terminal configuration list is hit by the reference key value in the cloud database, the application program to be detected can be judged to be not correctly set on the terminal; if the key values in the terminal configuration list are not hit by the reference key values in the cloud database after comparison, it can be determined that the application program to be detected is correctly set on the terminal.
And when the comparison result is used for judging that the application program to be detected is correctly set in the registry on the terminal, sending feedback to the terminal, wherein the feedback comprises the following steps: prompting that the application program to be detected is correctly set in a registry on the terminal;
and feedback sent to the terminal when the application program to be detected is judged not to be correctly set in the registry on the terminal according to the comparison result, wherein the feedback comprises one or more of the following combinations: prompting incorrect information of the application program to be detected, prompting to repair the application program to be detected, prompting to terminate operation of the application program to be detected, prompting to clean the application program to be detected, and prompting to reinstall the application program to be detected.
The above step S20 is explained below as an application example. The application to be detected is for example the position.
The cloud database stores a reference key value of the write registry key collected for each application, where the reference key value is a correct reference value, and for example, the reference key value at least includes:
″\″C:\\Program Files\\China Mobile\\Fetion\\Fetion.exe\″\″%1\″″。
the terminal configuration list records a path of the registry key and a key value written into the registry key, for example:
[HKEY_CLASSES_ROOT\Applications\Fetion.exe\shell\open\command]="\"C:\\Program Files\\China Mobile\\Fetion\\Fetion.exe\″\″%1\″″
in the above formats, [ HKEY _ CLASSES _ ROOT \ Applications \ version \ \ shell \ open \ command ] is the path of the registry key, "\ \ Program Files \ China Mobile \ Fetion \ \ Fetion \. exe \" "% \ \ 1 \" is the key value of the registry key written.
When the application program position modifies the path of the registry, adds a registry key (including a temporarily generated registry key), deletes the registry key, and modifies the content of the registry key (including modifying the windows registry key), the parameters recorded in the terminal configuration list can be automatically updated and adjusted.
Extracting key values of registry entries written in by the position according to the terminal configuration list, comparing the key values in the registry entries in a cloud database, and if the key values in the terminal configuration list are hit by reference key values in the cloud database after comparison, judging that the application program to be detected is correctly set on the terminal; if only one key value in the terminal configuration list is not hit by the reference key value in the cloud database after comparison, it can be determined that the application program to be detected is not correctly set on the terminal.
The above step S30 is explained below as an example. As shown in fig. 4, which is a flowchart of step S30 according to the embodiment of the present invention, the following operations are performed:
step S302, a cloud database is established, wherein a reference main process and a matched process and/or all dynamic link libraries and/or services created when each collected application program runs are stored;
the reference main process and the matched processes and/or all dynamic link libraries and/or services can be correct reference values which are judged to be correctly installed and are realized through a white list; the reference main process and the matched processes and/or all dynamic link libraries and/or services can also be wrong reference values which are judged to be incorrectly installed, and the reference main process and the matched processes and/or all dynamic link libraries and/or services are realized through a blacklist.
Step S304, maintaining a terminal configuration list, wherein a main process created when each application program installed on the terminal runs and a process and/or a dynamic link library and/or a service called by the main process are recorded;
the method comprises the steps of obtaining a main process created by each application program during running and a process and/or a dynamic link library and/or a service called by the main process, such as a CreateToolhelp32Snapshot function, through an API function with a function of creating a Snapshot for a specified process, a HEAP used by the process, a MODULE and a THREAD, wherein the CreateToolhelp32Snapshot function is used for creating a Snapshot for the specified process, the HEAP used by the process [ HEAP ], the MODULE [ MODULE ] and the THREAD [ THREAD ].
And when each application program adds a process and/or adds a matching process and/or adds a dynamic link library and/or adds a service and/or deletes a process, updating a corresponding record in the terminal configuration list.
Step S306, extracting a main process created when the application program to be detected runs and a process and/or a dynamic link library and/or a service called by the main process according to the terminal configuration list, comparing the main process and the process and/or the dynamic link library and/or the service in a cloud database, judging whether the application program to be detected runs correctly on the terminal according to a comparison result, and feeding back the result to the terminal;
when the reference value is stored in the white list of the cloud database, if the main process in the terminal configuration list and the process and/or the dynamic link library and/or the service called by the main process are hit by the reference value in the cloud database after comparison, the application program to be detected can be judged to be correctly set on the terminal; if only one main process and the process and/or the dynamic link library and/or the service called by the main process are not hit by the reference value in the cloud database in the terminal configuration list after comparison, it can be judged that the application program to be detected is not correctly set on the terminal.
When the reference value is stored in the blacklist of the cloud database, if the comparison shows that only one main process and the process and/or the dynamic link library and/or the service called by the main process are hit by the reference key value in the cloud database in the terminal configuration list, it can be judged that the application program to be detected is not correctly set on the terminal; and if the main process in the terminal configuration list and the process and/or the dynamic link library and/or the service called by the main process are not hit by the reference key values in the cloud database after comparison, the application program to be detected can be judged to be correctly set on the terminal.
And judging feedback sent to the terminal when the application program to be detected runs correctly on the terminal according to the comparison result, wherein the feedback comprises the following steps: prompting the application program to be detected to operate correctly on the terminal;
and judging feedback sent to the terminal when the application program to be detected does not operate correctly on the terminal according to the comparison result, wherein the feedback comprises one or more of the following combinations: prompting incorrect information of the application program to be detected, prompting to repair the application program to be detected, prompting to terminate operation of the application program to be detected, prompting to clean the application program to be detected, and prompting to reinstall the application program to be detected.
The above step S30 is explained below as an application example. The application to be detected is for example the position.
The cloud database stores a reference main process and a matched process and/or a whole dynamic link library and/or service created when each collected application program runs, and the reference main process and the matched process and/or the whole dynamic link library and/or service are correct reference values, for example, the reference values at least include:
main process position.exe, supporting dynamic link library ADVAPI32.dll and Avatarx.dll.
The terminal configuration list records the main process created by each application program during operation and the process and/or dynamic link library and/or service called by the main process, such as:
Exe1=Fetion.exe&ADVAPI32.dll&AvatarX.dll
Exe2=…
in the above format, the position.exe is the main process, the advapi32.dll is the dynamic link library of the main process position.exe, and the avatar x.dll is also the dynamic link library of the main process position.exe.
When the application program position adds a process (including a temporarily loaded process), adds a matched dll (including a process or dll needing to be injected into a windows system), adds a matched service, and deletes the process, parameters recorded in the terminal configuration list can be automatically updated and adjusted.
Extracting a reference main process and a matched process and/or all dynamic link libraries and/or services created during the position operation according to the terminal configuration list, comparing the reference main process and the matched process and/or all dynamic link libraries and/or services in a cloud database, and if the main process and the matched process and/or all dynamic link libraries and/or services in the terminal configuration list are hit by a reference value in the cloud database after comparison, judging that the application program to be detected is correctly operated on the terminal; if the main process and the matched processes and/or all dynamic link libraries and/or services in the terminal configuration list are not hit by the reference value in the cloud database after comparison, it can be determined that the application program to be detected is not operated correctly on the terminal.
The device of the invention is described below in three embodiments of the device, which correspond to the above-mentioned method sequence, and for the disadvantages, reference is made to the above-mentioned method section. As shown in fig. 5, the apparatus for detecting the installation state of an application includes: the system comprises a cloud database 1, a cloud database management module 2, a terminal configuration list 3, a terminal configuration list maintenance module 4 and a comparison analysis module 5.
First apparatus embodiment
The cloud database management module 2 is used for establishing a cloud database 1;
the cloud database 1 is used for storing reference feature codes of all files collected by each application program;
the terminal configuration list maintenance module 4 is used for maintaining a terminal configuration list 3;
the terminal configuration list 3 is used for recording an installation path of each application program installed on the terminal, all files installed by each application program and feature codes of each file, wherein the files are obtained according to the installation path;
the comparison analysis module 5 is configured to extract a feature code of each file of the application program to be detected according to the terminal configuration list 3, compare the feature codes in the cloud database 1, and determine whether the application program to be detected is correctly installed on the terminal according to a comparison result and feed back the result to the terminal.
The terminal configuration list maintenance module 4 is further configured to obtain an installation path of each application program installed on the terminal through an application programming interface API function having a function of whether a file or a directory exists when maintaining the terminal configuration list 3; and further obtaining all files installed by each application program through an API function with a function of enumerating files or folders according to the installation path.
The terminal configuration list maintenance module 4 is further configured to update corresponding records in the terminal configuration list 3 when each application adds a file and/or deletes a file and/or modifies file contents (including system files) and/or modifies file storage paths while maintaining the terminal configuration list 3.
The feature code is a feature code for uniquely identifying the file and the file content, and comprises one or more of the following combinations: and the MD5 verification code, the secure hash algorithm check code and the cyclic redundancy check code are obtained through the operation of an information digest algorithm MD 5.
The comparison analysis module 5, which determines the feedback sent to the terminal when the application program to be detected is correctly installed on the terminal according to the comparison result, includes: prompting that the application program to be detected is correctly installed on the terminal; and judging feedback sent to the terminal when the application program to be detected is not correctly installed on the terminal according to the comparison result, wherein the feedback comprises one or more of the following combinations: prompting incorrect information of the application program to be detected, repairing the application program to be detected, terminating the operation of the application program to be detected, cleaning the application program to be detected, and reinstalling the application program to be detected.
Second apparatus embodiment
The cloud database management module 2 is used for establishing a cloud database 1;
the cloud database 1 is used for storing reference key values written into registry entries collected by each application program;
the terminal configuration list maintenance module 4 is used for maintaining a terminal configuration list 3;
the terminal configuration list 3 is used for recording a path of a registry key created by each application program installed on the terminal and a key value written into the registry key by each application program, which is obtained according to the path of the registry key;
the comparison analysis module 5 is configured to extract, according to the terminal configuration list 3, a key value written into a registry entry of the application to be detected, compare the key value in the cloud database 1, and determine, according to a comparison result, whether the application to be detected is correctly set in the registry on the terminal and feed back the result to the terminal.
The terminal configuration list maintenance module 4 is further configured to obtain, when maintaining the terminal configuration list 3, a path of the registry key created by each application program and a key value written in the registry key through an API function having a function of performing a read-write operation under a specified registry key.
The terminal configuration list maintenance module 4 is further configured to update a corresponding record in the terminal configuration list 3 when each application modifies a path of a registry key and/or adds a registry key and/or deletes a registry key and/or modifies content of a system registry key while maintaining the terminal configuration list 3.
The comparison analysis module 5, which sends feedback to the terminal when determining that the application to be detected is correctly set in the registry on the terminal according to the comparison result, includes: prompting that the application program to be detected is correctly set in a registry on the terminal; and feedback sent to the terminal when the application program to be detected is judged not to be correctly set in the registry on the terminal according to the comparison result, wherein the feedback comprises one or more of the following combinations: prompting incorrect information of the application program to be detected, repairing the application program to be detected, terminating the operation of the application program to be detected, cleaning the application program to be detected, and reinstalling the application program to be detected.
Third apparatus embodiment
The cloud database management module 2 is used for establishing a cloud database 1;
the cloud database 1 is used for storing a reference main process and matched processes and/or all dynamic link libraries and/or services which are created when each collected application program runs;
the terminal configuration list maintenance module 4 is used for maintaining a terminal configuration list 3;
the terminal configuration list 3 is further configured to record a main process created when each application installed on the terminal runs, and a process and/or a dynamic link library and/or a service called by the main process;
the comparison analysis module 5 is further configured to extract a main process created when the application to be detected runs and a process and/or a dynamic link library and/or a service called by the main process according to the terminal configuration list 3, compare the main process and the process and/or the dynamic link library and/or the service called by the main process in the cloud database 1, determine whether the application to be detected runs correctly on the terminal according to a comparison result, and feed back the result to the terminal.
The terminal configuration list maintenance module 4 is further configured to, when maintaining the terminal configuration list 3, obtain, through an API function having a function of creating a snapshot for a specified process, a heap used by the process, a module, and a thread, a main process created during the running of each application program, and a process and/or a dynamic link library and/or a service called by the main process.
The terminal configuration list maintenance module 4 is further configured to update a corresponding record in the terminal configuration list 3 when a new process and/or a new matching process and/or a new dynamic link library and/or a new service and/or a process deletion is performed on each application program while the terminal configuration list 3 is maintained.
The comparison analysis module 5, which determines the feedback sent to the terminal when the application program to be detected correctly runs on the terminal according to the comparison result, includes: prompting the application program to be detected to operate correctly on the terminal; and judging feedback sent to the terminal when the application program to be detected does not operate correctly on the terminal according to the comparison result, wherein the feedback comprises one or more of the following combinations: prompting incorrect information of the application program to be detected, repairing the application program to be detected, terminating the operation of the application program to be detected, cleaning the application program to be detected, and reinstalling the application program to be detected.
It should be noted that the embodiments and features of the embodiments of the present invention may be arbitrarily combined with each other without conflict.
The present invention is capable of other embodiments, and various changes and modifications may be made by one skilled in the art without departing from the spirit and scope of the invention.
It will be understood by those skilled in the art that all or part of the steps of the above methods may be performed by instructions of a program and associated hardware, and that the program may be stored in a computer readable storage medium, such as a read-only memory, a magnetic or optical disk, and the like. Alternatively, all or part of the steps of the above embodiments may be implemented using one or more integrated circuits. Accordingly, each module/unit in the above embodiments may be implemented in the form of hardware, and may also be implemented in the form of a software functional module. The present invention is not limited to any specific form of combination of hardware and software.