CN102867146A - Method and system for preventing computer virus from frequently infecting systems - Google Patents
Method and system for preventing computer virus from frequently infecting systems Download PDFInfo
- Publication number
- CN102867146A CN102867146A CN2012103507521A CN201210350752A CN102867146A CN 102867146 A CN102867146 A CN 102867146A CN 2012103507521 A CN2012103507521 A CN 2012103507521A CN 201210350752 A CN201210350752 A CN 201210350752A CN 102867146 A CN102867146 A CN 102867146A
- Authority
- CN
- China
- Prior art keywords
- module
- malice
- kernel
- driven
- computer virus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 87
- 241000700605 Viruses Species 0.000 title claims abstract description 56
- 230000008569 process Effects 0.000 claims description 60
- 208000015181 infectious disease Diseases 0.000 claims description 16
- 230000008929 regeneration Effects 0.000 claims description 16
- 238000011069 regeneration method Methods 0.000 claims description 16
- 230000026676 system process Effects 0.000 claims description 13
- 230000000903 blocking effect Effects 0.000 claims description 8
- 238000012544 monitoring process Methods 0.000 claims description 7
- 230000006378 damage Effects 0.000 abstract description 4
- 230000007123 defense Effects 0.000 abstract description 2
- 230000002155 anti-virotic effect Effects 0.000 description 4
- 238000013461 design Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000011112 process operation Methods 0.000 description 1
- 230000001172 regenerating effect Effects 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000003612 virological effect Effects 0.000 description 1
Images
Abstract
The invention belongs to the technical field of computer defense, in particular relates to a method and a system for preventing computer virus from frequently infecting systems. The method comprises the following steps of: scanning and deleting the spite model of the computer virus in a computer, and then recording the information of the deleted spite model; generating an interception object list according to the information of the deleted spite model and transmitting the interception object list to a kernel driver; and adopting the kernel driver to prevent other programs from secondly building the spite model which is recorded in the deleted model. The model corresponding to the system of the invention comprises a virus scanning, deleting and recording model, an interception list generation model and a generation interception model of the spite model. The invention can effectively delete the spite virus which has generation capability; at the same time, for enterprise-level servers, the invention can effectively delete the damage of the virus under the condition that the system is not restarted so as to ensure the safety of data and service.
Description
Technical field
The invention belongs to computing machine defense technique field, be specifically related to a kind of method and system that prevent computer virus repeated infection system.
Background technology
Computer virus is establishment or the destruction computer function that inserts in computer program or destroy data, affect computing machine use and one group of computer instruction or program code that can self-replacation, has destructiveness, replicability and infectiousness.It is an important topic of computer safety field always, and along with the development of antivirus techniques, computer virus has also developed various technology and resisted anti-virus product.Wherein, a kind of important method of resisting anti-virus product is exactly by being injected into malicious code in the important process of system, and this part code is carried out in the system process space.
So-called process refers to an application program moving in internal memory, process is a program executed activity on computers.When you move a program, you have just started a process.Obviously, program is dead (static), and process is (dynamically) of living.Process can be divided into system process and consumer process, and the process of every various functions for the complete operation system is exactly system process, and they are exactly the operating system itself that is under the running status; Consumer process is exactly all processes that started by you.
If computer virus is injected into malicious code in the important process of system, just be difficult to safe and reliable from internal memory with its removing normally move because the shutdown system process will directly affect system.Owing to be difficult to safe and reliable its malicious code of removing from internal memory, the countermeasure of anti-virus product is other malice modules of removing first this virus correspondence at present, comprise file, registration table and malicious process etc., then restart system and reach the final purpose of removing virus.
But this removing strategy validity is very poor, main cause is: computer virus often can be monitored other malice modules by the malicious code that is injected in the system process, when finding that other virus module are eliminated, can again discharge these modules and process, thereby realize the ability of regeneration.And for the enterprise customer, restarting of some critical server can bring serious service disconnection, therefore is badly in need of a kind of more efficiently sweep-out method.
Summary of the invention
In order to address the above problem, the object of the present invention is to provide a kind of method and system that prevent computer virus repeated infection system, regenerated by the virus after the killing effectively preventing.
In order to realize the foregoing invention purpose, the technical solution used in the present invention is as follows:
A kind of method that prevents computer virus repeated infection system may further comprise the steps:
The malice module of the described computer virus that exists in scanning and the dump, and the information of the malice module that is eliminated of record;
Tackle list object and be transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Stop other processes again to create the malice module that records in the described interception list object by described kernel-driven.
Further, described malice module comprises file, registration table and process; The information of the malice module that described record is eliminated, specifically:
Record complete file path name corresponding to described file;
Record path (key) and the key assignments (Value) of described registration table; And
Record the complete file path name of described process institute respective file.
Further, stop other processes again to create the malice module that records in the described interception list object by described kernel-driven, specifically:
By all operations of described kernel-driven monitoring to file, registration table and process, in case when finding to be operated to as if to be recorded in the malice module of tackling in the tabulation, then stop the operation to this object.
Further, stoping other processes again to create the malice module that records in the described interception list object by described kernel-driven when, further comprising the steps of:
The network connection operation that the system process that injects by kernel-driven interception malicious code carries out.
Further, stop by described kernel-driven after other processes create the malice module that records in the described interception list object again described, further comprising the steps of:
Described interception list object is registered in the shutdown callback procedure of system by kernel-driven, to stop in shutdown process because withdrawing from too early the malice module regeneration that causes computer virus; And
When system starts again described interception tabulation is deleted.
A kind of computer virus repeated infection system of systems that prevents comprises with lower module:
Virus scan removing and logging modle are used for the malice module of the described computer virus that scanning and dump exist, and the information of the malice module that is eliminated of record;
Interception tabulation generation module is used for tackling list object and being transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Malice module regeneration blocking module is used for stoping other processes again to create the malice module that described interception list object records by described kernel-driven.
Further, described malice module comprises file, registration table and process; The information of the malice module that described record is eliminated, specifically:
Record complete file path name corresponding to described file;
Record path (key) and the key assignments (Value) of described registration table; And
Record the complete file path name of described process institute respective file.
Further, described malice module regeneration blocking module, specifically by all operations of described kernel-driven monitoring to file, registration table and process, in case when finding to be operated to as if to be recorded in the malice module of tackling in the tabulation, then stop the operation to this object.
Further, also comprise the network connection blocking module, be used for the network connection operation of being undertaken by the system process that kernel-driven interception malicious code injects.
Further, also comprise preventing the regeneration module that shuts down, be used for by kernel-driven described interception list object being registered to the shutdown callback procedure of system, regenerate because withdrawing from too early the malice module that causes computer virus to stop in shutdown process; And tackle the module that ceases to be in force automatically of tabulating, when again starting for system described interception tabulation is deleted.
The present invention is recorded in it in interception list object when just the malice module of computer virus scans and removes, and stops other processes again to create the malice module that records in the described interception list object by kernel-driven at last.
Therefore, the present invention can effectively remove the malice virus with power of regeneration; Simultaneously, for the server of enterprise-level, can in the situation of not restarting system, just can effectively eliminate the harm of virus, guarantee the safety of data and service.
Description of drawings
The picture that this description of drawings provides is used for assisting a further understanding of the present invention, consists of the application's a part, does not consist of to improper restriction of the present invention, in the accompanying drawings:
Fig. 1 is process flow diagram corresponding to the inventive method;
Fig. 2 is block diagram corresponding to system of the present invention.
Embodiment
As shown in Figure 1, present embodiment discloses a kind of method that prevents computer virus repeated infection system, may further comprise the steps:
Step1: the malice module of the described computer virus that exists in scanning and the dump, and the information of the malice module that is eliminated of record; Described malice module comprises file, registration table and process, the information of the malice module that described record is eliminated, specifically: record complete file path name corresponding to described file; Record path (key) and the key assignments (Value) of described registration table; And the complete file path name that records described process institute respective file.Concrete scanning and sweep-out method can adopt existing a lot of conventional method, such as setting up a virus database, the All Files in the scanning system, register list and process whether therein, as therein then with its removing.Such as: the malice module that computer virus is corresponding is the A file, behind the deletion A file just complete file path name that the A file is corresponding record.
Step2: tackle list object and be transferred to kernel-driven according to the Information generation of the described malice module that is eliminated; Such as: the malice module that records in the 1st step comprises file A, registration table B and consumer process C, and this step is just write into the information of three correspondences recording in the 1st step in the one interception list object.
Step3A: stop other processes again to create the malice module that records in the described interception list object by described kernel-driven, specifically: by all operations of described kernel-driven monitoring to file, registration table and process, in case when finding the malice module during being operated to as if being recorded in interception tabulates, then stop the operation to this object.Such as: recorded file A, registration table B and consumer process C in the interception list object, when kernel-driven find to have other programs or process to its delete, copy, create, during the operation such as modification, then kernel-driven just stops these operations to them.
Step3B: the network connection operation that the system process that injects by kernel-driven interception malicious code carries out can further prevent system process again download malice module on network that malicious code injects.
Step4: described interception list object is registered in the shutdown callback procedure of system by kernel-driven, to stop in shutdown process because withdrawing from too early the malice module regeneration that causes computer virus; Because, in shutdown process, stop too early the supervisory control action of kernel-driven, will be to viral regenerating device meeting.
Step5: when system starts again described interception tabulation is deleted; Because behind the virus sweep, just there is no need to stop its infected file operation always.
As shown in Figure 2, present embodiment also discloses a kind of system corresponding with said method, and it comprises with lower module:
Virus scan removing and logging modle 1 are used for the malice module of the described computer virus that scanning and dump exist, and the information of the malice module that is eliminated of record; Described malice module comprises file, registration table and process; The information of the malice module that described record is eliminated, specifically: record complete file path name corresponding to described file; Record path (key) and the key assignments (Value) of described registration table; And the complete file path name that records described process institute respective file;
Interception tabulation generation module 2 is used for tackling list object and being transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Malice module regeneration blocking module 3, be used for stoping other processes again to create the malice module that described interception list object records by described kernel-driven, specifically: by all operations of described kernel-driven monitoring to file, registration table and process, in case when finding the malice module during being operated to as if being recorded in interception tabulates, then stop the operation to this object;
Network connection blocking module 4 is used for the network connection operation of being undertaken by the system process that kernel-driven interception malicious code injects;
The regeneration module 5 that prevents from shutting down is used for by kernel-driven described interception list object being registered to the shutdown callback procedure of system, regenerates because withdrawing from too early the malice module that causes computer virus to stop in shutdown process; And
Tackle the module 6 that ceases to be in force automatically of tabulating, when again starting for system described interception tabulation is deleted.
Kernel described in the present invention is the core of an operating system, and kernel-driven is in charge of process, internal memory, device driver, file and the network system of system, is determining performance and the stability of system.
Essence of the present invention is by the virus detection of kernel-driven and client layer and removes the module cooperation and realize, in order to remove this malice virus with code injection and power of regeneration, the present invention is by the monitoring of kernel-driven realization for file, registration table, network and process operation; After finding malice module (file, registration table or process) and it removed, kernel-driven is recorded and is passed in the clear operation of doing, automatically generate the interception tabulation, stop other processes again to create the module that these are eliminated by kernel-driven; The suspicious network connection that the system process that is injected by malicious code simultaneously carries out can be blocked.
Simultaneously, the shutdown readjustment of kernel-driven by Accreditation System avoided withdrawing from too early in shutdown process and caused virus malice to drive the regeneration of having an opportunity.And after system started again, the interception of last time tabulation ceased to be in force automatically.
The present invention can effectively remove the malice virus with power of regeneration; For the server of enterprise-level, can in the situation of not restarting system, just can effectively eliminate the harm of virus, guarantee the safety of data and service.
More than describe preferred embodiment of the present invention in detail, the ordinary skill that should be appreciated that this area need not creative work and just can design according to the present invention make many modifications and variations.Therefore, all in the art technician according to the present invention design on the prior art basis by logic analysis, reasoning or according to the available technical scheme of limited experiment, all should be among the determined protection domain by these claims.
Claims (10)
1. method that prevents computer virus repeated infection system is characterized in that may further comprise the steps:
The malice module of the described computer virus that exists in scanning and the dump, and the information of the malice module that is eliminated of record;
Tackle list object and be transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Stop other processes again to create the malice module that records in the described interception list object by described kernel-driven.
2. the method that prevents computer virus repeated infection system according to claim 1 is characterized in that:
Described malice module comprises file, registration table and process;
The information of the malice module that described record is eliminated, specifically:
Record complete file path name corresponding to described file;
Record path (key) and the key assignments (Value) of described registration table; And
Record the complete file path name of described process institute respective file.
3. the method that prevents computer virus repeated infection system according to claim 1 is characterized in that, stops other processes again to create the malice module that records in the described interception list object by described kernel-driven, specifically:
By all operations of described kernel-driven monitoring to file, registration table and process, in case when finding to be operated to as if to be recorded in the malice module of tackling in the tabulation, then stop the operation to this object.
4. the method that prevents computer virus repeated infection system according to claim 1 is characterized in that, and is stoping other processes again to create the malice module that records in the described interception list object by described kernel-driven when, further comprising the steps of:
The network connection operation that the system process that injects by kernel-driven interception malicious code carries out.
5. the method that prevents computer virus repeated infection system according to claim 1, it is characterized in that, stop by described kernel-driven after other processes create the malice module that records in the described interception list object again described, further comprising the steps of:
Described interception list object is registered in the shutdown callback procedure of system by kernel-driven, to stop in shutdown process because withdrawing from too early the malice module regeneration that causes computer virus; And
When system starts again described interception tabulation is deleted.
6. one kind prevents computer virus repeated infection system of systems, it is characterized in that comprising with lower module:
Virus scan removing and logging modle are used for the malice module of the described computer virus that scanning and dump exist, and the information of the malice module that is eliminated of record;
Interception tabulation generation module is used for tackling list object and being transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Malice module regeneration blocking module is used for stoping other processes again to create the malice module that described interception list object records by described kernel-driven.
7. the computer virus repeated infection system of systems that prevents according to claim 1 is characterized in that:
Described malice module comprises file, registration table and process;
The information of the malice module that described record is eliminated, specifically:
Record complete file path name corresponding to described file;
Record path (key) and the key assignments (Value) of described registration table; And
Record the complete file path name of described process institute respective file.
8. the computer virus repeated infection system of systems that prevents according to claim 1 is characterized in that:
Described malice module regeneration blocking module is specifically by all operations of described kernel-driven monitoring to file, registration table and process, in case when finding to be operated to as if to be recorded in the malice module of tackling in the tabulation, then stop the operation to this object.
9. the computer virus repeated infection system of systems that prevents according to claim 1 characterized by further comprising:
The network connection blocking module is used for the network connection operation of being undertaken by the system process that kernel-driven interception malicious code injects.
10. the method that prevents computer virus repeated infection system according to claim 1 characterized by further comprising:
Prevent the regeneration module that shuts down, be used for by kernel-driven described interception list object being registered to the shutdown callback procedure of system, regenerate because withdrawing from too early the malice module that causes computer virus to stop in shutdown process; And
Tackle the module that ceases to be in force automatically of tabulating, when again starting for system described interception tabulation is deleted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210350752.1A CN102867146B (en) | 2012-09-18 | 2012-09-18 | Method and system for preventing computer virus from repeatedly infecting system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210350752.1A CN102867146B (en) | 2012-09-18 | 2012-09-18 | Method and system for preventing computer virus from repeatedly infecting system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102867146A true CN102867146A (en) | 2013-01-09 |
| CN102867146B CN102867146B (en) | 2016-01-27 |
Family
ID=47446013
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210350752.1A Active CN102867146B (en) | 2012-09-18 | 2012-09-18 | Method and system for preventing computer virus from repeatedly infecting system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102867146B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103679031A (en) * | 2013-12-12 | 2014-03-26 | 北京奇虎科技有限公司 | File virus immunizing method and device |
| CN105631329A (en) * | 2015-12-21 | 2016-06-01 | 北京金山安全管理系统技术有限公司 | Virut infective virus immune method and apparatus |
| CN106203118A (en) * | 2016-07-13 | 2016-12-07 | 北京金山安全软件有限公司 | Processing method and device for modifying flicker time of insertion mark and electronic equipment |
| CN107612933A (en) * | 2017-10-20 | 2018-01-19 | 广东岭南职业技术学院 | A kind of novel computer internet worm system of defense |
| TWI647585B (en) * | 2017-06-27 | 2019-01-11 | 關隆股份有限公司 | Malicious virus protection method |
| CN109214186A (en) * | 2018-08-29 | 2019-01-15 | 厦门快快网络科技有限公司 | A kind of interception trojan horse system and method based on inner nuclear layer |
| US10503898B2 (en) | 2017-10-03 | 2019-12-10 | Grand Mate Co., Ltd. | Method for defending against malware |
| CN110717183A (en) * | 2019-12-09 | 2020-01-21 | 深信服科技股份有限公司 | Virus checking and killing method, device, equipment and storage medium |
| CN110851831A (en) * | 2019-11-12 | 2020-02-28 | 腾讯科技(深圳)有限公司 | Virus processing method and device, computer equipment and computer readable storage medium |
| CN112784270A (en) * | 2021-01-18 | 2021-05-11 | 仙境文化传媒(武汉)有限公司 | System and method for loading code file by annotation mode |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7917955B1 (en) * | 2005-01-14 | 2011-03-29 | Mcafee, Inc. | System, method and computer program product for context-driven behavioral heuristics |
| CN102194072A (en) * | 2011-06-03 | 2011-09-21 | 奇智软件(北京)有限公司 | Method, device and system used for handling computer virus |
| CN102629310A (en) * | 2012-02-29 | 2012-08-08 | 卡巴斯基实验室封闭式股份公司 | System and method for protecting computer system from being infringed by activities of malicious objects |
-
2012
- 2012-09-18 CN CN201210350752.1A patent/CN102867146B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7917955B1 (en) * | 2005-01-14 | 2011-03-29 | Mcafee, Inc. | System, method and computer program product for context-driven behavioral heuristics |
| CN102194072A (en) * | 2011-06-03 | 2011-09-21 | 奇智软件(北京)有限公司 | Method, device and system used for handling computer virus |
| CN102629310A (en) * | 2012-02-29 | 2012-08-08 | 卡巴斯基实验室封闭式股份公司 | System and method for protecting computer system from being infringed by activities of malicious objects |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103679031B (en) * | 2013-12-12 | 2017-10-31 | 北京奇虎科技有限公司 | A kind of immune method and apparatus of file virus |
| CN103679031A (en) * | 2013-12-12 | 2014-03-26 | 北京奇虎科技有限公司 | File virus immunizing method and device |
| CN105631329A (en) * | 2015-12-21 | 2016-06-01 | 北京金山安全管理系统技术有限公司 | Virut infective virus immune method and apparatus |
| CN105631329B (en) * | 2015-12-21 | 2019-05-10 | 北京金山安全管理系统技术有限公司 | Virut infection type virus immunity method and device thereof |
| CN106203118B (en) * | 2016-07-13 | 2019-01-22 | 北京金山安全软件有限公司 | Processing method and device for modifying flicker time of insertion mark and electronic equipment |
| CN106203118A (en) * | 2016-07-13 | 2016-12-07 | 北京金山安全软件有限公司 | Processing method and device for modifying flicker time of insertion mark and electronic equipment |
| TWI647585B (en) * | 2017-06-27 | 2019-01-11 | 關隆股份有限公司 | Malicious virus protection method |
| US10503898B2 (en) | 2017-10-03 | 2019-12-10 | Grand Mate Co., Ltd. | Method for defending against malware |
| CN107612933A (en) * | 2017-10-20 | 2018-01-19 | 广东岭南职业技术学院 | A kind of novel computer internet worm system of defense |
| CN109214186A (en) * | 2018-08-29 | 2019-01-15 | 厦门快快网络科技有限公司 | A kind of interception trojan horse system and method based on inner nuclear layer |
| CN110851831A (en) * | 2019-11-12 | 2020-02-28 | 腾讯科技(深圳)有限公司 | Virus processing method and device, computer equipment and computer readable storage medium |
| CN110851831B (en) * | 2019-11-12 | 2023-04-28 | 腾讯科技(深圳)有限公司 | Virus processing method, device, computer equipment and computer readable storage medium |
| CN110717183A (en) * | 2019-12-09 | 2020-01-21 | 深信服科技股份有限公司 | Virus checking and killing method, device, equipment and storage medium |
| CN112784270A (en) * | 2021-01-18 | 2021-05-11 | 仙境文化传媒(武汉)有限公司 | System and method for loading code file by annotation mode |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102867146B (en) | 2016-01-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102867146B (en) | Method and system for preventing computer virus from repeatedly infecting system | |
| JP4406627B2 (en) | Computer security management, such as in virtual machines or hardened operating systems | |
| US9256739B1 (en) | Systems and methods for using event-correlation graphs to generate remediation procedures | |
| US9166997B1 (en) | Systems and methods for reducing false positives when using event-correlation graphs to detect attacks on computing systems | |
| CN100504899C (en) | Software watchdog system and method | |
| US20110173698A1 (en) | Mitigating false positives in malware detection | |
| US8402539B1 (en) | Systems and methods for detecting malware | |
| US10007785B2 (en) | Method and apparatus for implementing virtual machine introspection | |
| KR102079304B1 (en) | Apparatus and method of blocking malicious code based on whitelist | |
| CN105320884A (en) | Security protection method and system for virtual machine | |
| CN102194072A (en) | Method, device and system used for handling computer virus | |
| CN102004882A (en) | Method and device for detecting and processing remote-thread injection type Trojan | |
| US20190095285A1 (en) | Backup and recovery of data files using hard links | |
| CN110826067A (en) | Virus detection method and device, electronic equipment and storage medium | |
| CN103593616A (en) | System and method for preventing and controlling USB flash disk viruses in enterprise information network | |
| CN103428212A (en) | Malicious code detection and defense method | |
| CN103679024A (en) | Virus treating method and device | |
| US10169575B1 (en) | Systems and methods for preventing internal network attacks | |
| CN115086081B (en) | Escape prevention method and system for honeypots | |
| EP3800567A1 (en) | Systems and methods for countering removal of digital forensics information by malicious software | |
| WO2021217652A1 (en) | Method and apparatus for controlling mobile storage device, and computer-readable medium | |
| US8621632B1 (en) | Systems and methods for locating malware | |
| KR20160100626A (en) | Computing device executing malicious code with using actual resources, server system managing information of malicious code, and electronic system including the same | |
| CN105224871A (en) | Virus removal method and device | |
| KR101489142B1 (en) | Client system and control method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: KINGSOFT CORPORATION LIMITED BEIKE INTERNET (BEIJI Effective date: 20130503 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20130503 Address after: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8 Applicant after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Applicant after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Applicant after: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd. Applicant after: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd. Address before: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8 Applicant before: Zhuhai Juntian Electronic Technology Co.,Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 519070 Guangdong city of Zhuhai Province town Harbour Road Technology Road No. 10 building six layer 601F Co-patentee after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Co-patentee after: Beijing Cheetah Mobile Technology Co.,Ltd. Co-patentee after: Beijing Cheetah Network Technology Co.,Ltd. Address before: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8 Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. Co-patentee before: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd. Co-patentee before: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20191125 Address after: Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Patentee after: Zhuhai Leopard Technology Co.,Ltd. Address before: 519070, No. 10, main building, No. six, science Road, Harbour Road, Tang Wan Town, Guangdong, Zhuhai, 601F Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. Co-patentee before: Beijing Cheetah Mobile Technology Co.,Ltd. Co-patentee before: Beijing Cheetah Network Technology Co.,Ltd. |