File restoration method for computer viruses and related equipment

A computer virus and repair method technology, applied in the field of network security, can solve problems such as consumption, low repair efficiency, and multiple labor costs, and achieve the effects of strong timeliness, high repair efficiency, and reduced labor costs.

Active Publication Date: 2019-06-21
SANGFOR TECH INC
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It can be seen that this method not only has low repair efficiency, but also requires more labor costs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • File restoration method for computer viruses and related equipment
  • File restoration method for computer viruses and related equipment
  • File restoration method for computer viruses and related equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The core of this application is to provide a file repair method and related equipment for computer viruses, so as to effectively reduce labor costs and improve repair efficiency.

[0044] In order to describe the technical solutions in the embodiments of the present application more clearly and completely, the technical solutions in the embodiments of the present application will be introduced below in conjunction with the drawings in the embodiments of the present application. Apparently, the described embodiments are only some of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0045] In computer systems, common EXE, DLL, OCX, SYS, COM and other types of files are all PE files. For details about the execution process of a normal PE file, please refer to figur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a file restoration method for computer viruses, which comprises the following steps: in the execution process of a target PE file, judging whether a skip instruction occurs inthe execution instruction of the target PE file or not according to the instruction characteristics of the skip instruction of the computer virus; if yes, determining a storage address of an originalfile code of the target PE file according to the jump instruction; and carrying out file restoration on the target PE file according to the storage address. According to the invention, the instructioncharacteristics of the jump instruction at the end of the running of the virus code are utilized. The execution process of the target PE file is dynamically monitored, the original file code can be positioned after the jump instruction appears, file restoration is automatically carried out, manual debugging is not needed, simplicity and convenience are achieved, restoration efficiency is high, timeliness is high, and the labor cost is effectively reduced. The invention further discloses a file restoration device for the computer virus, electronic equipment and a computer readable storage medium which have the same beneficial effects.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method for repairing files against computer viruses and related equipment. Background technique [0002] With the development of network technology, the security problems caused by computer viruses are becoming more and more serious. At present, there are many common ways that computer viruses are used to infect PE (Portable Executable) files, that is, executable files, including offset, overlay, obfuscation and encryption. A PE file is a program file in a computer operating system. During the execution of a normal PE file, the system will extract the address of the entry point from the PE header, and then locate the entry point to start running the file code. And once the PE file is infected by a computer virus, its entry point address or the file code stored at the entry point are likely to be tampered with and point to the virus code, and it will jump bac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCY02D10/00
Inventor 范楷朋
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap