Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System and method for killing ROOTKIT

A technology of scanning and killing system files, which is applied in the field of scanning and killing ROOTKIT systems, which can solve problems such as user inconvenience, process cannot be checked, and the method of closing the system is unrealistic, achieving high security effects

Inactive Publication Date: 2007-09-26
LENOVO (BEIJING) CO LTD
View PDF0 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] 1) This method can only detect files in the hard disk, and cannot check processes that may enter the system or the running state of the system through the network or other means;
[0009] 2) Shutting down the system will cause inconvenience to users, especially for some important systems that cannot be shut down for 24 hours (for example, the bank's authorization system, etc.), the method of shutting down the system is unrealistic;

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for killing ROOTKIT
  • System and method for killing ROOTKIT
  • System and method for killing ROOTKIT

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The system and method for detecting and killing ROOTKIT of the present invention will be further described below in conjunction with accompanying drawings 1 to 3 .

[0040] FIG. 1 is a schematic diagram of the system structure of the ROOTKIT of the present invention.

[0041] As shown in FIG. 1 , the ROOTKIT killing system of the present invention includes: at least one guest operating system (guest OS) 1 , a service operating system 2 , and a virtual machine monitor (Virtual Machine Monitor, VMM) 3 .

[0042] Wherein, the virtual machine monitor 3 runs on a hardware platform that supports virtual computing instructions, and runs various existing operating systems (comprising the guest operating system 1 and the service operating system 2 of the present invention) on it; the service operating system 2. It runs on the virtual machine monitor 3 and includes a check module 21. The check module 21 includes a filter module 211 and a detection tool 212, wherein the filter mod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This invention discloses one virus killing ROOTKIT system and method, wherein, the system comprises virtual machine monitor, service operation system in virtual monitor and at least one customer operation system; the service operation system comprises test module to check whether there is ROOTKIT in the operation system and to find alarm. This invention system and method can check ROOTKIT in reliable operation inside the memory area besides operation system.

Description

technical field [0001] The invention relates to a system and method for checking and killing viruses, in particular to a system and method for checking and killing ROOTKIT. Background technique [0002] With the continuous increase of commercial users' dependence on personal computers (PCs), the main tools for users to check viruses and Trojans on PCs are anti-virus and anti-Trojan tool software. The working principle of these tools is When the system is running, it scans the processes in the system memory and the system files saved on the hard disk, and matches the relevant characteristic files to find viruses and Trojan horses. [0003] The operating system is composed of two parts: the kernel (Kernel) and the shell (Shell). Among them: the kernel is responsible for all practical work, including CPU task scheduling, memory allocation management, device management, file operations, etc.; the shell is based on the interaction provided by the kernel. An interface that exists...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F1/00G06F21/56
Inventor 杨文兵
Owner LENOVO (BEIJING) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com