CN101308533A - Method, apparatus and system for virus checking and killing - Google Patents

Method, apparatus and system for virus checking and killing Download PDF

Info

Publication number
CN101308533A
CN101308533A CNA2008101291507A CN200810129150A CN101308533A CN 101308533 A CN101308533 A CN 101308533A CN A2008101291507 A CNA2008101291507 A CN A2008101291507A CN 200810129150 A CN200810129150 A CN 200810129150A CN 101308533 A CN101308533 A CN 101308533A
Authority
CN
China
Prior art keywords
characteristic information
file destination
matching result
client
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2008101291507A
Other languages
Chinese (zh)
Inventor
孙灵峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Digital Technologies Chengdu Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNA2008101291507A priority Critical patent/CN101308533A/en
Publication of CN101308533A publication Critical patent/CN101308533A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

An embodiment of the invention discloses a virus killing method; at the client terminal, the method comprises the following steps: to collect the characteristic information of an object file; to send the characteristic information to the server for characteristic matching; to receive the matching result returned by the server; to process the object file based on the matching result. At the server side, the method comprises the following steps: to receive the characteristic information of the object file sent by the client terminal; to match the characteristic information with the characteristic information in a characteristic library; wherein, the characteristic library is located at the server side and used to store the characteristic information of the virus-affected object file; to send the matching result to the client terminal which then processes the object file according to the matching result. The embodiment of the invention also provides a client terminal, a server side and a virus killing system. The invention is applied to the communication terminals for killing virus and can save system resources.

Description

The methods, devices and systems of checking and killing virus
Technical field
The present invention relates to communication technical field, relate in particular to a kind of methods, devices and systems of checking and killing virus.
Background technology
At present, growing along with network technology, internet worm is also threatening the network user's safety, gives the network user's privacy and the very big risk that interests are brought.Portable terminal is no exception, and usually, portable terminal adopts installs checking and killing virus software, is carried out the killing of virus by portable terminal self.
Present most of checking and killing virus softwares adopt condition code to look into the method that poison combines with artificial virus killing.In portable terminal, store the virus characteristic storehouse, when killing virus, the condition code in program body and the feature database is mated, find out virus, and then kill virus by artificial establishment detoxifcation code.
In realizing process of the present invention, the inventor finds that there are the following problems at least in the prior art:
Because it is at present less relatively at the malicious code quantity of portable terminal, therefore feature database takes up room less, and along with the increase of viral load, the feature database occupation space of mobile terminal device is also along with increase, but increase that can not be unlimited, therefore, the feature database of mobile terminal device can not satisfy the needs that viral load increases day by day; In addition, viral search procedure is to carry out in the portable terminal, and it has taken a large amount of system resource.
Summary of the invention
Embodiments of the invention provide a kind of methods, devices and systems of checking and killing virus, can save system resource.
For achieving the above object, embodiments of the invention adopt following technical scheme:
A kind of method of checking and killing virus comprises:
Collect the characteristic information of file destination;
Described characteristic information is sent to server end carry out characteristic matching;
Receive the matching result that service end is returned;
According to described matching result described file destination is handled.
A kind of method of checking and killing virus comprises:
Receive the characteristic information of the file destination of client transmission;
Characteristic information in described characteristic information and the feature database is carried out characteristic matching, and wherein, described feature database is positioned at server end, is used for the characteristic information of the virulent file destination of file;
Described matching result is sent to client, according to described matching result described file destination is handled by client.
A kind of client comprises:
The feature collection module is used to collect the characteristic information of file destination;
First sending module is used for that described characteristic information is sent to server end and carries out characteristic matching;
First receiver module is used for the matching result that the reception server end returns;
Processing module is used for according to described matching result described file destination being handled.
A kind of server end comprises:
Second receiver module is used to receive the characteristic information that client sends;
Feature database is used for the characteristic information of the virulent file destination of file;
Characteristic matching module is used for the characteristic information that described second receiver module is received and the characteristic information of described feature database and carries out characteristic matching;
Second sending module is used for the matching result of described characteristic matching module is sent to client.
A kind of system of checking and killing virus comprises:
Client is used to collect the characteristic information of file destination;
Server end, be used to receive the characteristic information that described client sends, described characteristic information is carried out characteristic matching, described matching result is returned to described client, wherein, described client also is used to receive the matching result that described server end returns, and according to described matching result described file destination is handled.
The methods, devices and systems of the checking and killing virus that the embodiment of the invention provides, client is extracted the characteristic information of file destination, described characteristic information is sent to server end, according to the feature database of inside described characteristic information is carried out characteristic matching by server end, and matching result returned client, client is handled described file destination according to described matching result.Compared with prior art, client needn't be deposited a large amount of virus characteristic storehouses, and in addition, the process of characteristic matching is finished at server end, has saved the resource of client.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is method embodiment one method flow diagram of client checking and killing virus provided by the invention;
Fig. 2 is method embodiment two method flow diagrams of client checking and killing virus provided by the invention;
Fig. 3 is method embodiment one method flow diagram of server end checking and killing virus provided by the invention;
Fig. 4 is method embodiment two method flow diagrams of server end checking and killing virus provided by the invention;
Fig. 5 is client implementation example one structural representation provided by the invention;
Fig. 6 is client implementation example two structural representations provided by the invention;
Fig. 7 is server end embodiment one structural representation provided by the invention;
Fig. 8 is server end embodiment two structural representations provided by the invention;
The system architecture synoptic diagram of the checking and killing virus that Fig. 9 provides for the embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.
Embodiments of the invention provide a kind of methods, devices and systems of checking and killing virus.
For the advantage that makes technical solution of the present invention is clearer, the present invention is elaborated below in conjunction with drawings and Examples.
Embodiments of the invention provide a kind of method of checking and killing virus, and this method can be saved system resource.
Embodiment one
As shown in Figure 1, the method for described checking and killing virus comprises:
The characteristic information of S101, collection file destination;
S102, described characteristic information is sent to server end carry out characteristic matching;
The matching result that S103, reception service end are returned;
S104, described file destination is handled according to described matching result.
The method of the checking and killing virus that the embodiment of the invention provides, client is extracted the characteristic information of file destination, described characteristic information is sent to server end, according to the feature database of inside described characteristic information is carried out characteristic matching by server end, and matching result returned client, client is handled described file destination according to described matching result.Compared with prior art, client needn't be deposited a large amount of virus characteristic storehouses, and in addition, the process of characteristic matching is finished at server end, has saved the resource of client.
Embodiment two
As shown in Figure 2, the method for described checking and killing virus comprises:
S201, selection need the file destination of scanning, and described file destination has unique proof test value;
The characteristic information of S202, the described file destination of extraction;
The characteristic information and the proof test value of S203, the described file destination of storage, described proof test value and described characteristic information are for concerning one to one;
Wherein, described proof test value and characteristic information all are a kind of signs of unique expression file destination, and for same file destination, there are corresponding relation in its proof test value and characteristic information.
When a file destination of scanning and after extracting the characteristic information of this file destination, the characteristic information of described file destination will be stored, when selecting the same file destination of scanning next time, then do not need again this file destination is scanned extraction with characteristic information, only need proof test value, can find the characteristic information of this file destination according to this file destination.
S204, the described characteristic information of collecting is encrypted;
S205, the characteristic information after the described encryption is converted to the characteristic information of the form that support information sends;
S206, send the indication that described characteristic information is sent to server end;
S207, described characteristic information is sent to server end carry out characteristic matching;
Wherein, the described server end characteristic matching of carrying out comprises:
Whether server end is searched in the internal feature storehouse described characteristic information, comprises the characteristic information of the file destination that has virus in the described feature database.
Matching result after the encryption that S208, the described server end of reception return;
S209, described matching result is decrypted;
S210, judge whether described matching result is normal;
Wherein, described matching result is a kind of form that server end and client are appointed in advance, and the matching result of this kind form that client is returned according to server end can learn whether described matching result is normal.
For example: server end and client appoint in advance, when server end finds the characteristic information that the characteristic information with described file destination is complementary in feature database, returns 1, shows that described matching result is undesired, and described file destination has virus; When server end does not find the characteristic information that the characteristic information with described file destination is complementary in feature database, return 0, show that described matching result is normal, described file destination does not have virus.
S211, if normal, then point out described file destination normal;
Described in step S210, if matching result is 0, show that then described matching result is normal, point out described file destination normal.
S212, if undesired, then point out described file destination undesired, and delete described file destination.
Described in step S210, if matching result is 1, show that then described matching result is undesired, point out described file destination undesired, delete described file destination.
Thereby, utilize the method for embodiments of the invention checking and killing virus, can save system resource.
Embodiments of the invention provide a kind of method of checking and killing virus, and this method can be saved system resource.
Embodiment one
As shown in Figure 3, the method for described checking and killing virus comprises:
The characteristic information of the file destination that S301, reception client send;
S302, the characteristic information in described characteristic information and the feature database is carried out characteristic matching, wherein, described feature database is positioned at server end, is used for the characteristic information of the virulent file destination of file;
S303, described matching result is sent to client, according to described matching result described file destination is handled by client.
The method of the checking and killing virus that the embodiment of the invention provides, server end receives the characteristic information that client sends, characteristic information in described characteristic information and the internal feature storehouse is carried out characteristic matching, and matching result returned to client, client is handled described file destination according to described matching result.Compared with prior art, client needn't be deposited a large amount of virus characteristic storehouses, and in addition, the process of characteristic matching is finished at server end, has saved the resource of client.
Embodiment two
As shown in Figure 4, the method for described checking and killing virus comprises:
The characteristic information of the file destination after the encryption that S401, reception client send;
S402, the described characteristic information that receives is decrypted;
S403, the characteristic information after the described deciphering is converted to the characteristic information of the form that can discern.
S404, the characteristic information in described characteristic information and the feature database is carried out characteristic matching, wherein, described feature database is positioned at server end, is used for the characteristic information of the virulent file destination of file;
S405, described matching result is encrypted;
S406, the matching result after the described encryption is sent to client, according to described matching result described file destination is handled by client.
Thereby, utilize the method for embodiments of the invention checking and killing virus, can save system resource.
Embodiments of the invention also provide a kind of client, can save system resource.
Embodiment one
As shown in Figure 5, described client comprises:
Feature collection module 501 is used to collect the characteristic information of file destination;
First sending module 502 is used for that described characteristic information is sent to server end and carries out characteristic matching;
First receiver module 503 is used for the matching result that the reception server end returns;
Processing module 504 is used for according to described matching result described file destination being handled.
The client that the embodiment of the invention provides, client is extracted the characteristic information of file destination, described characteristic information is sent to server end, according to the feature database of inside described characteristic information is carried out characteristic matching by server end, and matching result returned client, client is handled described file destination according to described matching result.Compared with prior art, client needn't be deposited a large amount of virus characteristic storehouses, and in addition, the process of characteristic matching is finished at server end, has saved the resource of client.
Embodiment two
As shown in Figure 6, described client comprises:
Feature collection module 601 is used to collect the characteristic information of file destination;
First sending module 602 is used for that described characteristic information is sent to server end and carries out characteristic matching;
First receiver module 603 is used for the matching result that the reception server end returns;
Processing module 604 is used for according to described matching result described file destination being handled.
As shown in Figure 6, described feature collection module 601 comprises:
Selected cell 605 is used to select the file destination of needs scanning, and described file destination has unique proof test value;
Extraction unit 606 is used to extract the characteristic information of described file destination;
Storage unit 607 is used to store the characteristic information and the proof test value of described file destination, and described proof test value and described characteristic information are relation one to one.
When a file destination of scanning and after extracting the characteristic information of this file destination, the characteristic information of described file destination will be stored unit 607 and preserve, when selecting the same file destination of scanning next time, then do not need again this file destination is scanned extraction with characteristic information, only need proof test value, from described storage unit 607, can find the characteristic information of this file destination according to this file destination.
As shown in Figure 6, described client also comprises:
First encrypting module 608 is used for the described characteristic information of collecting is encrypted;
First modular converter 609 is used for the characteristic information after the described encryption is converted to the characteristic information of the form that support information sends;
Indicating module 610 is used to send the indication that described characteristic information is sent to server end.
As shown in Figure 6, the matching result that the described server end of described first receiver module, 603 receptions returns is the matching result after described server end is encrypted, and described client also comprises:
First deciphering module 611 is used for described matching result is decrypted.
As shown in Figure 6, described processing module 604 comprises:
Judge module 612 is used to judge whether the matching result after the described deciphering is normal;
Reminding module 613 is used for working as the judgement matching result for just often, points out described file destination normal;
Removing module 614 is used for pointing out described file destination undesired, and deleting described file destination when judging that matching result is undesired.
Wherein, described matching result is a kind of form that server end and client are appointed in advance, and the matching result of this kind form that client is returned according to server end can learn whether described matching result is normal.
For example: server end and client are appointed in advance, when server end finds the characteristic information that the characteristic information with described file destination is complementary in feature database, return 1, show that described matching result is undesired, described file destination has virus, the described file destination of removing module 614 promptings is undesired, and deletes described file destination; When server end does not find the characteristic information that the characteristic information with described file destination is complementary in feature database, return 0, show that described matching result is normal, described file destination does not have virus, and the described file destination of reminding module 613 promptings is normal.
Thereby, utilize the embodiments of the invention client, can save system resource.
Wherein, described client includes but are not limited to communication terminal devices such as mobile phone, notebook, PDA.
Embodiments of the invention also provide a kind of server end, can save system resource.
Embodiment one
As shown in Figure 7, described server end comprises:
Second receiver module 701 is used to receive the characteristic information that client sends;
Feature database 702 is used for the characteristic information of the virulent file destination of file;
Characteristic matching module 703 is used for the characteristic information that described second receiver module 701 is received and the characteristic information of described feature database 702 and carries out characteristic matching;
Second sending module 704 is used for the matching result of described characteristic matching module 703 is sent to client.
The server end that the embodiment of the invention provides, server end receives the characteristic information that client sends, characteristic information in described characteristic information and the internal feature storehouse is carried out characteristic matching, and matching result returned to client, client is handled described file destination according to described matching result.Compared with prior art, client needn't be deposited a large amount of virus characteristic storehouses, and in addition, the process of characteristic matching is finished at server end, has saved the resource of client.
Embodiment two
As shown in Figure 8, described server end comprises:
Second receiver module 801 is used to receive the characteristic information that client sends;
Feature database 802 is used for the characteristic information of the virulent file destination of file;
Characteristic matching module 803 is used for the characteristic information that described second receiver module 801 is received and the characteristic information of described feature database 802 and carries out characteristic matching;
Second sending module 804 is used for the matching result of described characteristic matching module 803 is sent to client.
Wherein, described matching result is a kind of form that server end and client are appointed in advance, and the matching result of this kind form that client is returned according to server end can learn whether described matching result is normal.
For example: server end and client appoint in advance, when server end finds the characteristic information that the characteristic information with described file destination is complementary in feature database 802, returns 1, shows that described matching result is undesired, and described file destination has virus; When server end does not find the characteristic information that the characteristic information with described file destination is complementary in feature database 802, return 0, show that described matching result is normal, described file destination does not have virus.
As shown in Figure 8, described server end also comprises:
Second deciphering module 805 is used for the characteristic information that described second receiver module 801 receives is decrypted;
Second modular converter 806 is used for the characteristic information after described second deciphering module 805 deciphering is converted to the characteristic information of the form that described characteristic matching module 803 can discern.
As shown in Figure 8, described server end also comprises:
Second encrypting module 807 is used for the matching result that described characteristic matching module 803 generates is encrypted;
The matching result that described second sending module 804 sends to client is the matching result after described second encrypting module 807 is encrypted.
Thereby, utilize the embodiments of the invention server end, can save system resource.
Wherein, described server end is the equipment that can receive the similar gateway of information, and this equipment has sufficient storage space and favorable compatibility, and has the function of information transmit-receive.
Embodiments of the invention also provide a kind of system of checking and killing virus, can save system resource.
As shown in Figure 9, described system comprises client 901 and server end 902;
Client 901 is used to collect the characteristic information of file destination;
Server end 902 is used to receive the characteristic information that described client 901 sends, described characteristic information is carried out characteristic matching, described matching result is returned to described client 901, wherein, described client 901 also is used to receive the matching result that described server end 902 returns, and according to described matching result described file destination is handled.
The system of the checking and killing virus that the embodiment of the invention provides, client 901 is extracted the characteristic information of file destination, described characteristic information is sent to server end 902, according to the feature database of inside described characteristic information is carried out characteristic matching by server end 902, and matching result returned client 901, client 901 is handled described file destination according to described matching result.Compared with prior art, client 901 needn't be deposited a large amount of virus characteristic storehouses, and in addition, the process of characteristic matching is finished at server end 902, has saved the resource of client 901.
Wherein, described client 901 is used to also judge whether described matching result is normal, when judging described matching result just often, points out described file destination normal; And when judging that described matching result is undesired, point out described file destination undesired, and delete described file destination.
Wherein, described client includes but are not limited to communication terminal devices such as mobile phone, notebook, PDA.
Wherein, described server end is the equipment that can receive the similar gateway of information, and this equipment has sufficient storage space and favorable compatibility, and has the function of information transmit-receive.
One of ordinary skill in the art will appreciate that all or part of flow process that realizes in the foregoing description method, be to instruct relevant hardware to finish by computer program, described program can be stored in the computer read/write memory medium, this program can comprise the flow process as the embodiment of above-mentioned each side method when carrying out.Wherein, described storage medium can be magnetic disc, CD, read-only storage memory body (Read-Only Memory, ROM) or at random store memory body (RandomAccess Memory, RAM) etc.
The above; it only is the embodiment of the embodiment of the invention; but the protection domain of the embodiment of the invention is not limited thereto; anyly be familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, the protection domain of the embodiment of the invention should be as the criterion with the protection domain of claim.

Claims (18)

1, a kind of method of checking and killing virus is characterized in that, comprising:
Collect the characteristic information of file destination;
Described characteristic information is sent to server end carry out characteristic matching;
Receive the matching result that service end is returned;
According to described matching result described file destination is handled.
2, the method for checking and killing virus according to claim 1 is characterized in that, the step of the characteristic information of described collection file destination comprises:
Need to select the file destination of scanning, described file destination has unique proof test value;
Extract the characteristic information of described file destination;
Store the characteristic information and the proof test value of described file destination, described proof test value and described characteristic information are for concerning one to one.
3, the method for checking and killing virus according to claim 1 is characterized in that, described characteristic information is sent to before server end carries out the step of characteristic matching described, also comprises:
The described characteristic information of collecting is encrypted;
Characteristic information after the described encryption is converted to the characteristic information of the form of support information transmission;
Send the indication that described characteristic information is sent to server end.
4, the method for checking and killing virus according to claim 1 is characterized in that, the step of the matching result that described reception service end is returned comprises:
Receive the matching result after the encryption that described service end returns;
Described matching result is decrypted.
5, the method for checking and killing virus according to claim 1 is characterized in that, the described step of described file destination being handled according to described matching result comprises:
Judge whether described matching result is normal;
If normal, then point out described file destination normal;
If undesired, then point out described file destination undesired, and delete described file destination.
6, a kind of method of checking and killing virus is characterized in that, comprising:
Receive the characteristic information of the file destination of client transmission;
Characteristic information in described characteristic information and the feature database is carried out characteristic matching, and wherein, described feature database is positioned at server end, is used for the characteristic information of the virulent file destination of file;
Described matching result is sent to client, according to described matching result described file destination is handled by client.
7, the method for checking and killing virus according to claim 6, it is characterized in that, the characteristic information of the described file destination that receives is the characteristic information behind the client encrypt, before described step of the characteristic information in described characteristic information and the feature database being carried out characteristic matching, also comprises:
The described characteristic information that receives is decrypted;
Characteristic information after the described deciphering is converted to the characteristic information of the form that can discern.
8, the method for checking and killing virus according to claim 6 is characterized in that, the described step that described matching result is sent to client comprises:
Described matching result is encrypted;
Matching result after the described encryption is sent to described client.
9, a kind of client is characterized in that, comprising:
The feature collection module is used to collect the characteristic information of file destination;
First sending module is used for that described characteristic information is sent to server end and carries out characteristic matching;
First receiver module is used for the matching result that the reception server end returns;
Processing module is used for according to described matching result described file destination being handled.
10, client according to claim 9 is characterized in that, described feature collection module comprises:
Selected cell is used to select the file destination of needs scanning, and described file destination has unique proof test value;
Extraction unit is used to extract the characteristic information of described file destination;
Storage unit is used to store the characteristic information and the proof test value of described file destination, and described proof test value and described characteristic information are relation one to one.
11, client according to claim 9 is characterized in that, described client also comprises:
First encrypting module is used for the described characteristic information of collecting is encrypted;
First modular converter is used for the characteristic information after the described encryption is converted to the characteristic information of the form that support information sends;
Indicating module is used to send the indication that described characteristic information is sent to server end.
12, client according to claim 9 is characterized in that, it is matching result after described server end is encrypted that described first receiver module receives matching result that described server end returns, and described client also comprises:
First deciphering module is used for described matching result is decrypted.
13, client according to claim 9 is characterized in that, described processing module comprises:
Judge module is used to judge whether the matching result after the described deciphering is normal;
Reminding module is used for working as the judgement matching result for just often, points out described file destination normal;
Removing module is used for pointing out described file destination undesired, and deleting described file destination when judging that matching result is undesired.
14, a kind of server end is characterized in that, comprising:
Second receiver module is used to receive the characteristic information that client sends;
Feature database is used for the characteristic information of the virulent file destination of file;
Characteristic matching module is used for the characteristic information that described second receiver module is received and the characteristic information of described feature database and carries out characteristic matching;
Second sending module is used for the matching result of described characteristic matching module is sent to client.
15, server end according to claim 14 is characterized in that, also comprises:
Second deciphering module is used for the characteristic information that described second receiver module receives is decrypted;
Second modular converter is used for the characteristic information after the deciphering of described second deciphering module is converted to the characteristic information of the form that described characteristic matching module can discern.
16, server end according to claim 14 is characterized in that, also comprises:
Second encrypting module is used for the matching result that described characteristic matching module generates is encrypted;
The matching result that described second sending module sends to client is the matching result after described second encrypting module is encrypted.
17, a kind of system of checking and killing virus is characterized in that, comprising:
Client is used to collect the characteristic information of file destination;
Server end, be used to receive the characteristic information that described client sends, described characteristic information is carried out characteristic matching, described matching result is returned to described client, wherein, described client also is used to receive the matching result that described server end returns, and according to described matching result described file destination is handled.
18, the system of checking and killing virus according to claim 17 is characterized in that, described client is used to also judge whether described matching result is normal, when judging described matching result just often, points out described file destination normal; And when judging that described matching result is undesired, point out described file destination undesired, and delete described file destination.
CNA2008101291507A 2008-06-30 2008-06-30 Method, apparatus and system for virus checking and killing Pending CN101308533A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA2008101291507A CN101308533A (en) 2008-06-30 2008-06-30 Method, apparatus and system for virus checking and killing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA2008101291507A CN101308533A (en) 2008-06-30 2008-06-30 Method, apparatus and system for virus checking and killing

Publications (1)

Publication Number Publication Date
CN101308533A true CN101308533A (en) 2008-11-19

Family

ID=40124982

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2008101291507A Pending CN101308533A (en) 2008-06-30 2008-06-30 Method, apparatus and system for virus checking and killing

Country Status (1)

Country Link
CN (1) CN101308533A (en)

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101808102A (en) * 2010-04-23 2010-08-18 潘燕辉 Operating record tracing system and method based on cloud computing
CN101827096A (en) * 2010-04-09 2010-09-08 潘燕辉 Cloud computing-based multi-user collaborative safety protection system and method
CN101923617A (en) * 2010-08-18 2010-12-22 奇智软件(北京)有限公司 Cloud-based sample database dynamic maintaining method
CN101969450A (en) * 2010-02-10 2011-02-09 方小祥 System and method for remotely wirelessly checking security of progress of smart phone
CN102255915A (en) * 2011-07-20 2011-11-23 中兴通讯股份有限公司 Internet virus detection method, apparatus thereof and system thereof
CN102281540A (en) * 2011-09-08 2011-12-14 广东华仝九方科技有限公司 Method and system for searching and killing mobile phone malicious software
CN102333122A (en) * 2011-09-28 2012-01-25 奇智软件(北京)有限公司 Downloaded resource provision method, device and system
WO2012022225A1 (en) * 2010-08-18 2012-02-23 北京奇虎科技有限公司 Active defence method on the basis of cloud security
CN102592103A (en) * 2011-01-17 2012-07-18 中国电信股份有限公司 Secure file processing method, equipment and system
CN102609515A (en) * 2012-02-07 2012-07-25 奇智软件(北京)有限公司 Quick file scanning method and quick file scanning system
CN102819713A (en) * 2012-06-29 2012-12-12 北京奇虎科技有限公司 Method and system for detecting security of popup window
CN102902921A (en) * 2012-09-18 2013-01-30 北京奇虎科技有限公司 Method and device for detecting and eliminating computer viruses
CN102938758A (en) * 2011-08-15 2013-02-20 联想(北京)有限公司 Detection method and terminal
CN103020521A (en) * 2011-09-22 2013-04-03 腾讯科技(深圳)有限公司 Trojan horse scanning method and system
CN103093148A (en) * 2012-12-28 2013-05-08 广东欧珀移动通信有限公司 Detection method, system and device of malicious advertisements
CN103150504A (en) * 2013-01-23 2013-06-12 北京奇虎科技有限公司 Method and device for detecting and removing computer macro viruses
WO2013117151A1 (en) * 2012-02-07 2013-08-15 北京奇虎科技有限公司 Method and system for rapidly scanning files
CN103425927A (en) * 2012-05-16 2013-12-04 腾讯科技(深圳)有限公司 Device and method for removing viruses of computer documents
WO2014032608A1 (en) * 2012-09-03 2014-03-06 Tencent Technology (Shenzhen) Company Limited Method and apparatus for uploading files
WO2014063565A1 (en) * 2012-10-24 2014-05-01 Tencent Technology (Shenzhen) Company Limited Method and apparatus for reporting virus
CN104573518A (en) * 2015-01-23 2015-04-29 百度在线网络技术(北京)有限公司 Method, device, server and system for scanning files
CN104700030A (en) * 2013-12-04 2015-06-10 腾讯科技(深圳)有限公司 Virus data searching method, device and server
CN104850782A (en) * 2014-02-18 2015-08-19 腾讯科技(深圳)有限公司 Method and device for matching virus characteristics
CN105844155A (en) * 2013-06-28 2016-08-10 北京奇虎科技有限公司 Macrovirus searching and killing method and system
CN108898014A (en) * 2018-06-22 2018-11-27 珠海市君天电子科技有限公司 A kind of checking and killing virus method, server and electronic equipment

Cited By (47)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101969450A (en) * 2010-02-10 2011-02-09 方小祥 System and method for remotely wirelessly checking security of progress of smart phone
CN101827096B (en) * 2010-04-09 2012-09-05 潘燕辉 Cloud computing-based multi-user collaborative safety protection system and method
CN101827096A (en) * 2010-04-09 2010-09-08 潘燕辉 Cloud computing-based multi-user collaborative safety protection system and method
CN101808102B (en) * 2010-04-23 2012-12-12 潘燕辉 Operating record tracing system and method based on cloud computing
CN101808102A (en) * 2010-04-23 2010-08-18 潘燕辉 Operating record tracing system and method based on cloud computing
US9177141B2 (en) 2010-08-18 2015-11-03 Beijing Qihoo Technology Company Limited Active defense method on the basis of cloud security
US9916447B2 (en) 2010-08-18 2018-03-13 Beijing Qihoo Technology Company Limited Active defense method on the basis of cloud security
WO2012022225A1 (en) * 2010-08-18 2012-02-23 北京奇虎科技有限公司 Active defence method on the basis of cloud security
CN101923617B (en) * 2010-08-18 2013-03-20 北京奇虎科技有限公司 Cloud-based sample database dynamic maintaining method
CN101923617A (en) * 2010-08-18 2010-12-22 奇智软件(北京)有限公司 Cloud-based sample database dynamic maintaining method
CN102592103A (en) * 2011-01-17 2012-07-18 中国电信股份有限公司 Secure file processing method, equipment and system
CN102255915A (en) * 2011-07-20 2011-11-23 中兴通讯股份有限公司 Internet virus detection method, apparatus thereof and system thereof
WO2013010394A1 (en) * 2011-07-20 2013-01-24 中兴通讯股份有限公司 Internet virus detection method, apparatus thereof and system thereof
CN102938758A (en) * 2011-08-15 2013-02-20 联想(北京)有限公司 Detection method and terminal
CN102281540A (en) * 2011-09-08 2011-12-14 广东华仝九方科技有限公司 Method and system for searching and killing mobile phone malicious software
CN102281540B (en) * 2011-09-08 2013-11-27 广东华仝九方科技有限公司 Method and system for searching and killing mobile phone malicious software
CN103020521A (en) * 2011-09-22 2013-04-03 腾讯科技(深圳)有限公司 Trojan horse scanning method and system
CN103020521B (en) * 2011-09-22 2015-10-21 腾讯科技(深圳)有限公司 Wooden horse scan method and system
CN102333122A (en) * 2011-09-28 2012-01-25 奇智软件(北京)有限公司 Downloaded resource provision method, device and system
CN102333122B (en) * 2011-09-28 2015-04-15 奇智软件(北京)有限公司 Downloaded resource provision method, device and system
CN102609515A (en) * 2012-02-07 2012-07-25 奇智软件(北京)有限公司 Quick file scanning method and quick file scanning system
WO2013117151A1 (en) * 2012-02-07 2013-08-15 北京奇虎科技有限公司 Method and system for rapidly scanning files
CN102609515B (en) * 2012-02-07 2013-10-16 北京奇虎科技有限公司 Quick file scanning method and quick file scanning system
CN103425927A (en) * 2012-05-16 2013-12-04 腾讯科技(深圳)有限公司 Device and method for removing viruses of computer documents
CN102819713A (en) * 2012-06-29 2012-12-12 北京奇虎科技有限公司 Method and system for detecting security of popup window
CN102819713B (en) * 2012-06-29 2015-09-16 北京奇虎科技有限公司 A kind of method and system detecting bullet window safe
WO2014032608A1 (en) * 2012-09-03 2014-03-06 Tencent Technology (Shenzhen) Company Limited Method and apparatus for uploading files
CN103685150A (en) * 2012-09-03 2014-03-26 腾讯科技(深圳)有限公司 File uploading method and device
US9596260B2 (en) 2012-09-03 2017-03-14 Tencent Technology (Shenzhen) Company Limited Method and apparatus for uploading files
TWI493378B (en) * 2012-09-03 2015-07-21 Tencent Tech Shenzhen Co Ltd Method and device for uploading files
CN102902921A (en) * 2012-09-18 2013-01-30 北京奇虎科技有限公司 Method and device for detecting and eliminating computer viruses
CN102902921B (en) * 2012-09-18 2015-11-25 北京奇虎科技有限公司 The method and apparatus of a kind of detection and dump virus
US9692783B2 (en) 2012-10-24 2017-06-27 Tencent Technology (Shenzhen) Company Limited Method and apparatus for reporting a virus
WO2014063565A1 (en) * 2012-10-24 2014-05-01 Tencent Technology (Shenzhen) Company Limited Method and apparatus for reporting virus
CN103093148A (en) * 2012-12-28 2013-05-08 广东欧珀移动通信有限公司 Detection method, system and device of malicious advertisements
CN103150504A (en) * 2013-01-23 2013-06-12 北京奇虎科技有限公司 Method and device for detecting and removing computer macro viruses
CN103150504B (en) * 2013-01-23 2015-12-23 北京奇虎科技有限公司 The method and apparatus of detection and dump macrovirus
CN105844155A (en) * 2013-06-28 2016-08-10 北京奇虎科技有限公司 Macrovirus searching and killing method and system
CN104700030A (en) * 2013-12-04 2015-06-10 腾讯科技(深圳)有限公司 Virus data searching method, device and server
CN104700030B (en) * 2013-12-04 2017-12-01 腾讯科技(深圳)有限公司 A kind of viral data search method, device and server
WO2015124086A1 (en) * 2014-02-18 2015-08-27 Tencent Technology (Shenzhen) Company Limited Virus signature matching method and apparatus
CN104850782A (en) * 2014-02-18 2015-08-19 腾讯科技(深圳)有限公司 Method and device for matching virus characteristics
US10114951B2 (en) 2014-02-18 2018-10-30 Tencent Technology (Shenzhen) Company Limited Virus signature matching method and apparatus
CN104850782B (en) * 2014-02-18 2019-05-14 腾讯科技(深圳)有限公司 Match the method and device of virus characteristic
CN104573518A (en) * 2015-01-23 2015-04-29 百度在线网络技术(北京)有限公司 Method, device, server and system for scanning files
CN104573518B (en) * 2015-01-23 2019-03-26 百度在线网络技术(北京)有限公司 File scanning method, device, server and system
CN108898014A (en) * 2018-06-22 2018-11-27 珠海市君天电子科技有限公司 A kind of checking and killing virus method, server and electronic equipment

Similar Documents

Publication Publication Date Title
CN101308533A (en) Method, apparatus and system for virus checking and killing
CN102546656B (en) Method, system and device for finding user in social network
CN103843002B (en) Dynamic cleaning for malware using cloud technology
CN101350852B (en) Dialing method, system and mobile terminal
CN104253741B (en) A kind of method for sending information, relevant apparatus and system
WO2015000397A1 (en) User login methods,devices,and systems
CN102082589B (en) Method, device and system for storing contact information
CN104092715A (en) Synchronization application program method, server and system
CN102480492B (en) To the method and apparatus of the monitoring input/output of sensitive document
CN108377247B (en) Message pushing method and device
CN105162768A (en) Method and device for detecting phishing Wi-Fi hotspots
CN104244254A (en) Method and device for detecting pseudo base station based on short message center number
CN102833262A (en) Whois information-based phishing website gathering, identification method and system
CN104283926A (en) Data synchronization method, device and server
CN104283941A (en) Data access method, device and system
CN104021141A (en) Method, device and system for data processing and cloud service
CN104468833A (en) Request information unified processing method and device
CN104244206A (en) Method, device and terminal device for processing short message
CN102378136A (en) Short message processing method and device
CN103927252A (en) Cross-component log recording method, device and system
CN104618853A (en) Method, device and system for information push
CN105791552B (en) A kind of SMS processing method, device and mobile terminal
CN104753761A (en) Method, server and system for processing messages
CN105468941A (en) Right control method and device
CN104320766A (en) Spam short message identification method, device and equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: CHENGDU CITY HUAWEI SAIMENTEKE SCIENCE CO., LTD.

Free format text: FORMER OWNER: HUAWEI TECHNOLOGY CO., LTD.

Effective date: 20090424

C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20090424

Address after: Qingshui River District, Chengdu high tech Zone, Sichuan Province, China: 611731

Applicant after: Chengdu Huawei Symantec Technologies Co., Ltd.

Address before: Headquarters office building, Bantian HUAWEI base, Longgang District, Guangdong, Shenzhen Province, China: 518129

Applicant before: Huawei Technologies Co., Ltd.

C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication

Open date: 20081119