CN1936911A - 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 - Google Patents
被病毒程序破坏的数据恢复方法、装置及病毒清除方法 Download PDFInfo
- Publication number
- CN1936911A CN1936911A CNA2006100076114A CN200610007611A CN1936911A CN 1936911 A CN1936911 A CN 1936911A CN A2006100076114 A CNA2006100076114 A CN A2006100076114A CN 200610007611 A CN200610007611 A CN 200610007611A CN 1936911 A CN1936911 A CN 1936911A
- Authority
- CN
- China
- Prior art keywords
- virus
- behavior
- operation steps
- destructive
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Virology (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Description
Claims (12)
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2006100076114A CN100465978C (zh) | 2005-11-16 | 2006-02-15 | 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 |
US12/093,776 US20080222215A1 (en) | 2005-11-16 | 2006-10-31 | Method for Deleting Virus Program and Method to Get Back the Data Destroyed by the Virus |
EP06805120A EP1967954A1 (en) | 2005-11-16 | 2006-10-31 | A method for deleting virus program and a method to get back the data destroyed by the virus. |
PCT/CN2006/002919 WO2007056932A1 (fr) | 2005-11-16 | 2006-10-31 | Procede pour supprimer un programme contenant un virus et procede pour recuperer les donnees detruites par le virus |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200510114944 | 2005-11-16 | ||
CN200510114944.2 | 2005-11-16 | ||
CNB2006100076114A CN100465978C (zh) | 2005-11-16 | 2006-02-15 | 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1936911A true CN1936911A (zh) | 2007-03-28 |
CN100465978C CN100465978C (zh) | 2009-03-04 |
Family
ID=37954411
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2006100076114A Expired - Fee Related CN100465978C (zh) | 2005-11-16 | 2006-02-15 | 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20080222215A1 (zh) |
EP (1) | EP1967954A1 (zh) |
CN (1) | CN100465978C (zh) |
WO (1) | WO2007056932A1 (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101924762A (zh) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | 一种基于云安全的主动防御方法 |
CN106203116A (zh) * | 2008-06-11 | 2016-12-07 | 北京奇虎科技有限公司 | 一种恶意软件的检测方法及装置 |
CN110865630A (zh) * | 2019-11-14 | 2020-03-06 | 深圳供电局有限公司 | 智能变电站内置程序的验收方法和系统 |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7979904B2 (en) * | 2007-03-07 | 2011-07-12 | International Business Machines Corporation | Method, system and program product for maximizing virus check coverage while minimizing redundancy in virus checking |
CN102855432B (zh) | 2011-06-27 | 2015-11-25 | 北京奇虎科技有限公司 | 一种文件、文件夹解锁和删除方法及系统 |
CN103679020A (zh) * | 2012-09-14 | 2014-03-26 | 纬创资通股份有限公司 | 病毒警报装置和病毒警报方法 |
CN105186463B (zh) * | 2015-08-31 | 2018-03-16 | 许继集团有限公司 | 一种防止智能变电站继电保护装置误操作的方法 |
US10880316B2 (en) | 2015-12-09 | 2020-12-29 | Check Point Software Technologies Ltd. | Method and system for determining initial execution of an attack |
US10291634B2 (en) | 2015-12-09 | 2019-05-14 | Checkpoint Software Technologies Ltd. | System and method for determining summary events of an attack |
US10440036B2 (en) * | 2015-12-09 | 2019-10-08 | Checkpoint Software Technologies Ltd | Method and system for modeling all operations and executions of an attack and malicious process entry |
CN106560833A (zh) * | 2016-07-22 | 2017-04-12 | 哈尔滨安天科技股份有限公司 | 一种基于文件头检测感染式病毒的方法及系统 |
CN106156623B (zh) * | 2016-07-29 | 2018-10-30 | 江西师范大学 | 基于意图的sqlia防御方法 |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5822517A (en) * | 1996-04-15 | 1998-10-13 | Dotan; Eyal | Method for detecting infection of software programs by memory resident software viruses |
US6795966B1 (en) * | 1998-05-15 | 2004-09-21 | Vmware, Inc. | Mechanism for restoring, porting, replicating and checkpointing computer systems using state extraction |
CN1197006C (zh) * | 2001-02-20 | 2005-04-13 | 英业达股份有限公司 | 一种生成具有自检测和自修复功能的应用程序的方法 |
US7114184B2 (en) * | 2001-03-30 | 2006-09-26 | Computer Associates Think, Inc. | System and method for restoring computer systems damaged by a malicious computer program |
CN1147795C (zh) * | 2001-04-29 | 2004-04-28 | 北京瑞星科技股份有限公司 | 检测和清除已知及未知计算机病毒的方法、系统 |
US7188368B2 (en) * | 2001-05-25 | 2007-03-06 | Lenovo (Singapore) Pte. Ltd. | Method and apparatus for repairing damage to a computer system using a system rollback mechanism |
CN1282083C (zh) * | 2001-09-14 | 2006-10-25 | 北京瑞星科技股份有限公司 | 计算机内存病毒监控和带毒运行方法 |
KR20040039357A (ko) * | 2001-09-14 | 2004-05-10 | 컴퓨터 어소시에이츠 싱크, 인코포레이티드 | 컴퓨터 바이러스 검출 및 치료 방법과 시스템, 프로그램저장 매체, 암호형 데이터 해독 방법, 암호형 컴퓨터바이러스 치료 방법 |
GB0214943D0 (en) * | 2002-06-28 | 2002-08-07 | Bitarts Ltd | Computer program protection |
JP2004046435A (ja) * | 2002-07-10 | 2004-02-12 | Hitachi Ltd | バックアップ方法、その方法に用いた記憶制御装置 |
CN1308846C (zh) * | 2002-12-16 | 2007-04-04 | 联想(北京)有限公司 | 在硬盘上实现保护计算机操作系统的方法 |
KR20040089386A (ko) * | 2003-04-14 | 2004-10-21 | 주식회사 하우리 | 메모리를 감염시키는 바이러스의 치료방법, 프로그램을기록한 컴퓨터로 읽을 수 있는 기록매체 및 바이러스의치료장치 |
US7392542B2 (en) * | 2003-08-29 | 2008-06-24 | Seagate Technology Llc | Restoration of data corrupted by viruses using pre-infected copy of data |
CN1707383A (zh) * | 2004-06-10 | 2005-12-14 | 陈朝晖 | 通过进程和系统轨迹分析阻断计算机病毒方法 |
WO2006116395A2 (en) * | 2005-04-26 | 2006-11-02 | Rdr Technologies, Llc | System for data archiving and system behavior prediction |
-
2006
- 2006-02-15 CN CNB2006100076114A patent/CN100465978C/zh not_active Expired - Fee Related
- 2006-10-31 EP EP06805120A patent/EP1967954A1/en not_active Withdrawn
- 2006-10-31 WO PCT/CN2006/002919 patent/WO2007056932A1/zh active Application Filing
- 2006-10-31 US US12/093,776 patent/US20080222215A1/en not_active Abandoned
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106203116A (zh) * | 2008-06-11 | 2016-12-07 | 北京奇虎科技有限公司 | 一种恶意软件的检测方法及装置 |
CN101924762A (zh) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | 一种基于云安全的主动防御方法 |
CN101924762B (zh) * | 2010-08-18 | 2013-02-27 | 北京奇虎科技有限公司 | 一种基于云安全的主动防御方法 |
US9177141B2 (en) | 2010-08-18 | 2015-11-03 | Beijing Qihoo Technology Company Limited | Active defense method on the basis of cloud security |
US9916447B2 (en) | 2010-08-18 | 2018-03-13 | Beijing Qihoo Technology Company Limited | Active defense method on the basis of cloud security |
CN110865630A (zh) * | 2019-11-14 | 2020-03-06 | 深圳供电局有限公司 | 智能变电站内置程序的验收方法和系统 |
Also Published As
Publication number | Publication date |
---|---|
WO2007056932A1 (fr) | 2007-05-24 |
US20080222215A1 (en) | 2008-09-11 |
EP1967954A1 (en) | 2008-09-10 |
CN100465978C (zh) | 2009-03-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100465978C (zh) | 被病毒程序破坏的数据恢复方法、装置及病毒清除方法 | |
CN100437614C (zh) | 未知病毒程序的识别及清除方法 | |
Perkins et al. | Automatically patching errors in deployed software | |
DE69702335T2 (de) | Emulierendes reparatursystem | |
Hu et al. | {MutantX-S}: Scalable malware clustering based on static features | |
CN100595778C (zh) | 鉴定病毒文件的方法、装置 | |
US20070100905A1 (en) | Malware and spyware attack recovery system and method | |
KR20120094481A (ko) | 동적 함수 호출 시스템들에서 공격적인 자기-수정을 위한 시스템 및 방법 | |
KR101369251B1 (ko) | 시스템 파일 보호 및 복구를 위한 장치, 방법, 사용자 단말기 및 시스템 | |
Balachandran et al. | Potent and stealthy control flow obfuscation by stack based self-modifying code | |
US20140047222A1 (en) | Method and device for recombining runtime instruction | |
US20050015579A1 (en) | Handling exceptions | |
CN101477610A (zh) | 源码和目标码联合嵌入的软件水印方法 | |
Suk et al. | UnThemida: Commercial obfuscation technique analysis with a fully obfuscated program | |
Bacs et al. | System-level support for intrusion recovery | |
Al-Sharif et al. | The Effects of Platforms and Languages on the Memory Footprint of the Executable Program: A Memory Forensic Approach. | |
CN100373287C (zh) | 检测程序操作行为的方法及病毒程序检测、清除方法 | |
CN103679024A (zh) | 病毒的处理方法及设备 | |
CN103677746A (zh) | 指令重组方法及装置 | |
JP2003091429A (ja) | データ一括保護システム | |
JP5549810B2 (ja) | プログラム難読化装置、プログラム制御装置、プログラム難読化方法及びプログラム | |
CN102902913A (zh) | 防止恶意破坏计算机内的软件的保全方法 | |
Balachandran et al. | Obfuscation by code fragmentation to evade reverse engineering | |
CN103593612B (zh) | 一种处理恶意程序的方法及装置 | |
US20090133124A1 (en) | A method for detecting the operation behavior of the program and a method for detecting and clearing the virus program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
ASS | Succession or assignment of patent right |
Owner name: JIANG ZHIYUAN Free format text: FORMER OWNER: BAI JIE Effective date: 20120731 Free format text: FORMER OWNER: LI WEI LU ZHENGYU Effective date: 20120731 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100089 HAIDIAN, BEIJING TO: 264012 YANTAI, SHANDONG PROVINCE |
|
TR01 | Transfer of patent right |
Effective date of registration: 20120731 Address after: 264012, No. 9, No. 6, agriculture support, Zhifu District, Yantai, Shandong Patentee after: Jiang Zhiyuan Address before: 100089 No. 203, building 16, little Nanzhuang, Beijing, Haidian District Co-patentee before: Li Wei Patentee before: Bai Jie Co-patentee before: Lu Zhengyu |
|
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090304 Termination date: 20150215 |
|
EXPY | Termination of patent right or utility model |