METHOD AND SYSTEM FOR CLEANING MALICIOUS SOFTWARE AND COMPUTER PROGRAM PRODUCT AND STORAGE MEDIUM
    3.
    发明申请
    METHOD AND SYSTEM FOR CLEANING MALICIOUS SOFTWARE AND COMPUTER PROGRAM PRODUCT AND STORAGE MEDIUM 有权
    清除恶意软件和计算机程序产品和存储介质的方法和系统

    公开(公告)号:US20110023120A1

    公开(公告)日:2011-01-27

    申请号:US12571447

    申请日:2009-10-01

    IPC分类号: G06F12/14

    CPC分类号: G06F21/56 G06F21/568

    摘要: A method and a system for cleaning malicious software (malware), a computer program product, and a storage medium are provided. A relation graph is established to associate processes in an operating system and related elements. A node marking action is performed on the relation graph when a predetermined condition is satisfied. The node corresponding to a malicious process and its related nodes are marked with a first label. The nodes of other normal processes and their related nodes are marked with a second label. Then, those nodes marked with both the first label and the second label are screened, so that each of the nodes is marked with only the first label or the second label. Finally, the processes and elements corresponding to the nodes marked with the first label are removed.

    摘要翻译: 提供了一种用于清洁恶意软件(恶意软件),计算机程序产品和存储介质的方法和系统。 建立关系图以将操作系统中的过程和相关元素相关联。 当满足预定条件时,在关系图上执行节点标记动作。 对应于恶意进程的节点及其相关节点标有第一个标签。 其他正常进程的节点及其相关节点标有第二个标签。 然后,屏蔽标记有第一标签和第二标签的节点,使得每个节点仅标记第一标签或第二标签。 最后,删除与标记有第一个标签的节点对应的进程和元素。

    Method and system for cleaning malicious software and computer program product and storage medium
    4.
    发明授权
    Method and system for cleaning malicious software and computer program product and storage medium 有权
    恶意软件和计算机程序产品和存储介质的清除方法和系统

    公开(公告)号:US08490192B2

    公开(公告)日:2013-07-16

    申请号:US12571447

    申请日:2009-10-01

    IPC分类号: G06F12/14

    CPC分类号: G06F21/56 G06F21/568

    摘要: A method and a system for cleaning malicious software (malware), a computer program product, and a storage medium are provided. A relation graph is established to associate processes in an operating system and related elements. A node marking action is performed on the relation graph when a predetermined condition is satisfied. The node corresponding to a malicious process and its related nodes are marked with a first label. The nodes of other normal processes and their related nodes are marked with a second label. Then, those nodes marked with both the first label and the second label are screened, so that each of the nodes is marked with only the first label or the second label. Finally, the processes and elements corresponding to the nodes marked with the first label are removed.

    摘要翻译: 提供了一种用于清洁恶意软件(恶意软件),计算机程序产品和存储介质的方法和系统。 建立关系图以将操作系统中的过程和相关元素相关联。 当满足预定条件时,在关系图上执行节点标记动作。 对应于恶意进程的节点及其相关节点标有第一个标签。 其他正常进程的节点及其相关节点标有第二个标签。 然后,屏蔽标记有第一标签和第二标签的节点,使得每个节点仅标记第一标签或第二标签。 最后,删除与标记有第一个标签的节点对应的进程和元素。

    Phishing processing method and system and computer readable storage medium applying the method
    5.
    发明授权
    Phishing processing method and system and computer readable storage medium applying the method 有权
    网络钓鱼处理方法和应用该方法的系统和计算机可读存储介质

    公开(公告)号:US08516581B2

    公开(公告)日:2013-08-20

    申请号:US13323863

    申请日:2011-12-13

    IPC分类号: G06F11/00 G06F11/30 H04L29/06

    摘要: A phishing processing method includes: an information input web page comprising an information input interface, through which information is transmitted to an information receiving address, is received. Determine if the information input web page is a phishing web page. If it is determined that the information input web page is the phishing web page, fake input information is transmitted to the information receiving address. When information for verification is received from an information transmitting address, if the received information for verification is the fake input information is determined. If the received information for verification is the fake input information, it is determined that the information transmitting address is a malicious address.

    摘要翻译: 网络钓鱼处理方法包括:接收信息输入网页,其包括信息输入接口,通过该信息输入接口向信息接收地址发送信息。 确定信息输入网页是否是网络钓鱼网页。 如果确定信息输入网页是网络钓鱼网页,则将假输入信息发送到信息接收地址。 当从信息发送地址接收到用于验证的信息时,如果所接收的用于验证的信息是假输入信息被确定。 如果接收到的用于验证的信息是假输入信息,则确定信息发送地址是恶意地址。

    Computer with a touch screen
    6.
    发明授权
    Computer with a touch screen 有权
    电脑带触摸屏

    公开(公告)号:US07185291B2

    公开(公告)日:2007-02-27

    申请号:US10377652

    申请日:2003-03-04

    IPC分类号: G06F17/00 G09G5/00

    CPC分类号: G06F17/24 G06F3/04883

    摘要: The present invention relates to a computer with a touch screen, and the user can execute one of “undo”, “cut”, “copy” and “paste” editing commands by a continuous stroke movement to increase the input operational efficiency. For example, after marking an area on the screen, if the subsequent stroke is moved downwards, the “cut” operation is performed, and if the subsequent stroke is moved upwards, the “copy” operation is performed. Furthermore, when the user stops the stroke at a predetermined position, if the subsequent stroke is moved towards the right, the “paste” operation is performed, and if the subsequent stroke is moved towards the left, the “undo” operation is performed.

    摘要翻译: 本发明涉及具有触摸屏的计算机,并且用户可以通过连续的行程移动执行“撤消”,“剪切”,“复制”和“粘贴”编辑命令中的一个以增加输入操作效率。 例如,在屏幕上标记区域之后,如果随后的行程向下移动,则执行“切割”操作,并且如果随后的行程向上移动,则执行“复制”操作。 此外,当用户在预定位置停止行程时,如果随后的行程向右移动,则执行“粘贴”操作,并且如果随后的行程向左移动,则执行“撤销”操作。

    Monitor method and monitor apparatus for monitoring data of hardware
    7.
    发明授权
    Monitor method and monitor apparatus for monitoring data of hardware 有权
    用于监控硬件数据的监视方法和监视器

    公开(公告)号:US08286258B2

    公开(公告)日:2012-10-09

    申请号:US12631546

    申请日:2009-12-04

    IPC分类号: H04L29/06

    CPC分类号: G06F21/554 G06F21/6263

    摘要: A monitor method and a monitor apparatus for monitoring a data of hardware are provided. The data has private information, identification information and at least one first network transmission address. The monitor apparatus comprises a storage unit and a processing unit. The data is stored in the storage unit according to the identification information. The processing unit is configured to record the identification information and the at least one first network transmission address of the data in a mark information table. In response to a sending system call, when a transmission is arranged to transmit the private information of the data to a second network transmission address which is different from the at least one first network transmission address, the processing unit will output a signal to cease the transmission.

    摘要翻译: 提供了一种用于监视硬件数据的监视方法和监视装置。 数据具有私人信息,识别信息和至少一个第一网络传输地址。 监视器装置包括存储单元和处理单元。 数据根据识别信息存储在存储单元中。 处理单元被配置为将标识信息和数据的至少一个第一网络传输地址记录在标记信息表中。 响应于发送系统呼叫,当发送被设置为将数据的私有信息发送到与至少一个第一网络发送地址不同的第二网络发送地址时,处理单元将输出信号以停止 传输。

    Computer Worm Curing System and Method and Computer Readable Storage Medium for Storing Computer Worm Curing Method
    8.
    发明申请
    Computer Worm Curing System and Method and Computer Readable Storage Medium for Storing Computer Worm Curing Method 有权
    计算机蠕虫固化系统和计算机可读存储介质,用于存储计算机蠕虫固化方法

    公开(公告)号:US20120117647A1

    公开(公告)日:2012-05-10

    申请号:US12961605

    申请日:2010-12-07

    IPC分类号: G06F11/00

    CPC分类号: G06F21/568

    摘要: A computer worm curing system includes a string receiving module, a string generating module and a string replying module. The string receiving module receives an infected string, which is generated by a computer worm, from an infected host, which is infected by the computer worm, through a network. The infected string includes a shellcode, and the shellcode is executed utilizing a vulnerable process. The string generating module generates a curing code for curing the computer worm, and replaces the shellcode in the infected string with the curing code to generate a curing string, such that the curing string can be executed utilizing the vulnerable process. The string replying module replies the curing string to the infected host, such that the curing code of the curing string can be executed utilizing the vulnerable process of the infected host to cure the infected host of the computer worm.

    摘要翻译: 计算机蠕虫固化系统包括串接收模块,字符串生成模块和字符串应答模块。 字符串接收模块通过网络从受感染的主机(由计算机蠕虫感染)接收由计算机蠕虫产生的感染字符串。 受感染的字符串包括一个shellcode,并且shellcode是使用一个易受攻击的进程执行的。 字符串生成模块生成用于固化计算机蠕虫的固化代码,并用固化代码替换感染字符串中的shellcode以生成固化串,使得可以使用易受攻击的过程来执行固化串。 字符串回复模块将固化字符串回复到感染的主机,使得可以利用受感染主机的易受攻击的程序来执行固化字符串的固化代码,以治愈受感染的计算机蠕虫主机。

    Computer worm curing system and method and computer readable storage medium for storing computer worm curing method
    9.
    发明授权
    Computer worm curing system and method and computer readable storage medium for storing computer worm curing method 有权
    计算机蠕虫固化系统及其计算机可读存储介质,用于存储计算机蠕虫固化方法

    公开(公告)号:US08832838B2

    公开(公告)日:2014-09-09

    申请号:US12961605

    申请日:2010-12-07

    IPC分类号: H04L21/00 G06F21/56

    CPC分类号: G06F21/568

    摘要: A computer worm curing system includes a string receiving module, a string generating module and a string replying module. The string receiving module receives an infected string, which is generated by a computer worm, from an infected host, which is infected by the computer worm, through a network. The infected string includes a shellcode, and the shellcode is executed utilizing a vulnerable process. The string generating module generates a curing code for curing the computer worm, and replaces the shellcode in the infected string with the curing code to generate a curing string, such that the curing string can be executed utilizing the vulnerable process. The string replying module replies the curing string to the infected host, such that the curing code of the curing string can be executed utilizing the vulnerable process of the infected host to cure the infected host of the computer worm.

    摘要翻译: 计算机蠕虫固化系统包括串接收模块,字符串生成模块和字符串应答模块。 字符串接收模块通过网络从受感染的主机(由计算机蠕虫感染)接收由计算机蠕虫产生的感染字符串。 受感染的字符串包括一个shellcode,并且shellcode是使用一个易受攻击的进程执行的。 字符串生成模块生成用于固化计算机蠕虫的固化代码,并用固化代码替换感染字符串中的shellcode以生成固化串,使得可以使用易受攻击的过程来执行固化串。 字符串回复模块将固化字符串回复到感染的主机,使得可以利用受感染主机的易受攻击的程序来执行固化字符串的固化代码,以治愈受感染的计算机蠕虫主机。

    Phishing Processing Method and System and Computer Readable Storage Medium Applying the Method
    10.
    发明申请
    Phishing Processing Method and System and Computer Readable Storage Medium Applying the Method 有权
    网络钓鱼处理方法和系统和计算机可读存储介质应用该方法

    公开(公告)号:US20130145462A1

    公开(公告)日:2013-06-06

    申请号:US13323863

    申请日:2011-12-13

    IPC分类号: G06F21/00

    摘要: A phishing processing method includes: an information input web page comprising an information input interface, through which information is transmitted to an information receiving address, is received. Determine if the information input web page is a phishing web page. If it is determined that the information input web page is the phishing web page, fake input information is transmitted to the information receiving address. When information for verification is received from an information transmitting address, if the received information for verification is the fake input information is determined. If the received information for verification is the fake input information, it is determined that the information transmitting address is a malicious address.

    摘要翻译: 网络钓鱼处理方法包括:接收信息输入网页,其包括信息输入接口,通过该信息输入接口向信息接收地址发送信息。 确定信息输入网页是否是网络钓鱼网页。 如果确定信息输入网页是网络钓鱼网页,则将假输入信息发送到信息接收地址。 当从信息发送地址接收到用于验证的信息时,如果所接收的用于验证的信息是假输入信息被确定。 如果接收到的用于验证的信息是假输入信息,则确定信息发送地址是恶意地址。