Unlock instant, AI-driven research and patent intelligence for your innovation.

Malicious process ending method and device

A process and malicious technology, which is applied in the field of malicious process ending method and device, can solve the problems affecting the effect of anti-virus software to end malicious processes and the failure of the end process function, so as to achieve the effect of improving reliability and security and improving the effect

Active Publication Date: 2018-11-20
ZHUHAI BAOQU TECH CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This will have the possibility of being hacked by a malicious program, such as hooking the NtOpenProcess function or NtTerminateProcess function, when the antivirus software judges whether the opened process or the terminated process is a malicious program itself, it will refuse to operate, making the above-mentioned solution to terminate the process function invalid , affecting the effect of antivirus software on ending malicious processes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious process ending method and device
  • Malicious process ending method and device
  • Malicious process ending method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0058] Embodiments of the present application are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary, and are intended to explain the present application, and should not be construed as limiting the present application.

[0059] The method and device for terminating a malicious process in the embodiments of the present application are described below with reference to the accompanying drawings.

[0060] figure 1 is a flowchart of a method for ending a malicious process in an embodiment of the present application.

[0061] Such as figure 1 As shown, the methods of ending the malicious process include:

[0062] Step 101, query and obtain the thread IDs of all valid threads on the terminal device.

[0063] The execution subject of the method...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a malicious process terminating method and device. The method comprises the steps of firstly acquiring the thread identifiers of all valid threads on terminal equipment; according to the thread identifiers of the valid threads, inquiring and acquiring to-be-terminated target processes and the thread structure bodies of target threads belonging to the target processes, thereby thoroughly terminating the target processes. The method and the device can improve the effect of terminating malicious processes of antivirus software and thus improve the reliability and security of antivirus software.

Description

technical field [0001] The present application relates to the technical field of communications, and in particular to a method and device for ending a malicious process. Background technique [0002] With the rapid development of Internet technology, malicious program technologies such as viruses and Trojan horses emerge in an endless stream. In order to survive, malicious programs will implement various security protections on their own processes, such as not ending their processes or deleting their files. [0003] In the existing antivirus software technical scheme for terminating malicious processes, the kernel function NtOpenProcess is first called to open the process, the process handle is obtained, and the process handle is used as a parameter to call the kernel function NtTerminateProcess to end the process. This will have the possibility of being hacked by a malicious program, such as hooking the NtOpenProcess function or NtTerminateProcess function, when the antivir...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/568
Inventor 李文靖
Owner ZHUHAI BAOQU TECH CO LTD