-
公开(公告)号:US20080289042A1
公开(公告)日:2008-11-20
申请号:US12093948
申请日:2006-10-31
申请人: Jie Bai , Wei Li , Zhengyu Lu
发明人: Jie Bai , Wei Li , Zhengyu Lu
IPC分类号: G06F21/00
CPC分类号: G06F21/566
摘要: A method for identifying unknown virus program, includes: getting the behavior data of the program that would be tested, determining whether the said program is a virus program or not based on the behavior data of said program and the behavior data of pre-setting typical virus program. A method for deleting the virus program, according to the behavior of the virus program, sets and performs an anti-operation which is in reversed to the virus program, and gets back the destroyed data.
摘要翻译: 一种用于识别未知病毒程序的方法,包括:获取要测试的程序的行为数据,基于所述程序的行为数据确定所述程序是否是病毒程序,以及预设典型的行为数据 病毒程序。 根据病毒程序的行为,删除病毒程序的方法设置并执行与病毒程序相反的反作用,并且恢复被破坏的数据。
-
2.发明申请Method for Deleting Virus Program and Method to Get Back the Data Destroyed by the Virus 审中-公开删除病毒程序的方法和取回病毒破坏的数据的方法公开(公告)号:US20080222215A1
公开(公告)日:2008-09-11
申请号:US12093776
申请日:2006-10-31
申请人: Jie Bai , Wei Li , Zhengyu Lu
发明人: Jie Bai , Wei Li , Zhengyu Lu
IPC分类号: G06F17/30
CPC分类号: G06F21/568 , G06F11/1446
摘要: The present invention discloses a method of recovering data corrupted by a virus program, comprising: obtaining a devastating behavior operation step that can be performed by the virus program; establishing a reverse behavior operation step corresponding to the devastating behavior operation step; performing the corresponding reverse behavior operation step in response to the devastating behavior operation step that can be performed by the virus program. The present invention further provides a method of removing a virus program, comprising: establishing reverse behavior operation steps corresponding to operation steps of the virus program, executing the reverse behavior operation steps and removing the program to be checked. The method of the present invention employs different reverse behavior operation steps for different virus programs, recovering data corrupted by a virus program, eliminates the defect that existing methods of removing a virus perform a identical processing step for any virus program, enabling the computer removed of the virus program to recover as far as possible to its previous state before infected by the virus program.
摘要翻译: 本发明公开了一种恢复由病毒程序损坏的数据的方法,包括:获取可由病毒程序执行的破坏行为操作步骤; 建立与破坏行为操作步骤对应的反向行为操作步骤; 响应于可由病毒程序执行的破坏行为操作步骤,执行相应的反向行为操作步骤。 本发明还提供了一种去除病毒程序的方法,包括:建立与病毒程序的操作步骤相对应的反向行为操作步骤,执行反向行为操作步骤和移除要检查的程序。 本发明的方法对于不同的病毒程序采用不同的反向行为操作步骤,恢复病毒程序损坏的数据,消除了现有的病毒删除方法对任何病毒程序执行相同处理步骤的缺陷, 病毒程序在病毒程序感染之前尽可能地恢复到之前的状态。
-
搜索结果
2 条记录 (耗时 0.012 秒)
