Trojan horse killing method and device

A Trojan-killing and Trojan-killing technology, applied in the field of Trojan-killing methods and devices, can solve problems such as the inability to detect the Bootkit Trojan.

Active Publication Date: 2018-10-02
TENCENT TECH (SHENZHEN) CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] Based on this, it is necessary to provide a method for checking and killing a Trojan horse for the problem that traditional antivirus software cannot check out a Bootkit Trojan horse, which can detect a Bootkit Trojan horse and check and kill it.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trojan horse killing method and device
  • Trojan horse killing method and device
  • Trojan horse killing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0037] Figure 1A The block diagram of the internal structure of the terminal in . like Figure 1A As shown, the terminal includes a processor connected through a system bus, a storage medium, memory, a network interface, a display screen and an input device. Wherein, the storage medium of the terminal stores an operating system, and also includes a Trojan checking and killing device, and the Trojan checking and killing device is used to implement a Trojan checking and killing method. The processor is used to provide computing and control capabilities to support the operation of the entire termina...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a Trojan searching and killing method and device. The method comprises the following steps: obtaining a Trojan searching and killing instruction; according to the Trojan searching and killing instruction, detecting whether disk drive is hooked or not; if the disk drive is hooked, cleaning the hooking; reading a main boot record of a first physical sector of a magnetic disk; judging whether the main boot record of the first physical sector conforms to a preset virus characteristic or not, if so, judging whether data on a second physical sector of the magnetic disk is the normal main boot record or not, if so, judging whether the partition table of the first physical sector is normal or not, if so, covering the starting point of the first physical sector with the main boot record of the second physical sector, and restarting a system to clear Trojan; otherwise, ending. According to the above Trojan searching and killing method and device, after a phenomenon that the disk drive is hooked is detected, the hooking is removed, and Bootkit Trojan is searched and killed.

Description

technical field [0001] The invention relates to the field of computer security, in particular to a method and device for checking and killing Trojan horses. Background technique [0002] A Trojan horse is a computer virus, that is, a computer malicious program that can endanger computer security. There are many types of Trojan horses. Among them, "Dark Cloud" is one of the most complex Trojan horses so far, which has infected millions of computers. Dark Cloud Trojans can lurk in users' computer systems for a long time. Dark Cloud Trojans use Bootkit Technology, directly infects the boot area of ​​the disk, even if the system is reinstalled and the hard disk is formatted after infection, the Trojan cannot be removed. Bootkit is a more advanced Rootkit. This concept was first mentioned by eEye Digtal in their BootRoot project in 2005. This project bypasses kernel checks and Start stealth. Dark Cloud Trojan has the following characteristics: [0003] First, the concealment ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/564G06F2221/034
Inventor 胡训国龙海黄源超沈晓斌黄磊饶帅陈铭霖
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap