[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN102867146A - Method and system for preventing computer virus from frequently infecting systems - Google Patents

Method and system for preventing computer virus from frequently infecting systems Download PDF

Info

Publication number
CN102867146A
CN102867146A CN2012103507521A CN201210350752A CN102867146A CN 102867146 A CN102867146 A CN 102867146A CN 2012103507521 A CN2012103507521 A CN 2012103507521A CN 201210350752 A CN201210350752 A CN 201210350752A CN 102867146 A CN102867146 A CN 102867146A
Authority
CN
China
Prior art keywords
module
malice
kernel
driven
computer virus
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2012103507521A
Other languages
Chinese (zh)
Other versions
CN102867146B (en
Inventor
陶智飞
李容
叶进
陈睿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Baoqu Technology Co Ltd
Original Assignee
Zhuhai Juntian Electronic Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai Juntian Electronic Technology Co Ltd filed Critical Zhuhai Juntian Electronic Technology Co Ltd
Priority to CN201210350752.1A priority Critical patent/CN102867146B/en
Publication of CN102867146A publication Critical patent/CN102867146A/en
Application granted granted Critical
Publication of CN102867146B publication Critical patent/CN102867146B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention belongs to the technical field of computer defense, in particular relates to a method and a system for preventing computer virus from frequently infecting systems. The method comprises the following steps of: scanning and deleting the spite model of the computer virus in a computer, and then recording the information of the deleted spite model; generating an interception object list according to the information of the deleted spite model and transmitting the interception object list to a kernel driver; and adopting the kernel driver to prevent other programs from secondly building the spite model which is recorded in the deleted model. The model corresponding to the system of the invention comprises a virus scanning, deleting and recording model, an interception list generation model and a generation interception model of the spite model. The invention can effectively delete the spite virus which has generation capability; at the same time, for enterprise-level servers, the invention can effectively delete the damage of the virus under the condition that the system is not restarted so as to ensure the safety of data and service.

Description

A kind of method and system that prevent computer virus repeated infection system
Technical field
The invention belongs to computing machine defense technique field, be specifically related to a kind of method and system that prevent computer virus repeated infection system.
Background technology
Computer virus is establishment or the destruction computer function that inserts in computer program or destroy data, affect computing machine use and one group of computer instruction or program code that can self-replacation, has destructiveness, replicability and infectiousness.It is an important topic of computer safety field always, and along with the development of antivirus techniques, computer virus has also developed various technology and resisted anti-virus product.Wherein, a kind of important method of resisting anti-virus product is exactly by being injected into malicious code in the important process of system, and this part code is carried out in the system process space.
So-called process refers to an application program moving in internal memory, process is a program executed activity on computers.When you move a program, you have just started a process.Obviously, program is dead (static), and process is (dynamically) of living.Process can be divided into system process and consumer process, and the process of every various functions for the complete operation system is exactly system process, and they are exactly the operating system itself that is under the running status; Consumer process is exactly all processes that started by you.
If computer virus is injected into malicious code in the important process of system, just be difficult to safe and reliable from internal memory with its removing normally move because the shutdown system process will directly affect system.Owing to be difficult to safe and reliable its malicious code of removing from internal memory, the countermeasure of anti-virus product is other malice modules of removing first this virus correspondence at present, comprise file, registration table and malicious process etc., then restart system and reach the final purpose of removing virus.
But this removing strategy validity is very poor, main cause is: computer virus often can be monitored other malice modules by the malicious code that is injected in the system process, when finding that other virus module are eliminated, can again discharge these modules and process, thereby realize the ability of regeneration.And for the enterprise customer, restarting of some critical server can bring serious service disconnection, therefore is badly in need of a kind of more efficiently sweep-out method.
Summary of the invention
In order to address the above problem, the object of the present invention is to provide a kind of method and system that prevent computer virus repeated infection system, regenerated by the virus after the killing effectively preventing.
In order to realize the foregoing invention purpose, the technical solution used in the present invention is as follows:
A kind of method that prevents computer virus repeated infection system may further comprise the steps:
The malice module of the described computer virus that exists in scanning and the dump, and the information of the malice module that is eliminated of record;
Tackle list object and be transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Stop other processes again to create the malice module that records in the described interception list object by described kernel-driven.
Further, described malice module comprises file, registration table and process; The information of the malice module that described record is eliminated, specifically:
Record complete file path name corresponding to described file;
Record path (key) and the key assignments (Value) of described registration table; And
Record the complete file path name of described process institute respective file.
Further, stop other processes again to create the malice module that records in the described interception list object by described kernel-driven, specifically:
By all operations of described kernel-driven monitoring to file, registration table and process, in case when finding to be operated to as if to be recorded in the malice module of tackling in the tabulation, then stop the operation to this object.
Further, stoping other processes again to create the malice module that records in the described interception list object by described kernel-driven when, further comprising the steps of:
The network connection operation that the system process that injects by kernel-driven interception malicious code carries out.
Further, stop by described kernel-driven after other processes create the malice module that records in the described interception list object again described, further comprising the steps of:
Described interception list object is registered in the shutdown callback procedure of system by kernel-driven, to stop in shutdown process because withdrawing from too early the malice module regeneration that causes computer virus; And
When system starts again described interception tabulation is deleted.
A kind of computer virus repeated infection system of systems that prevents comprises with lower module:
Virus scan removing and logging modle are used for the malice module of the described computer virus that scanning and dump exist, and the information of the malice module that is eliminated of record;
Interception tabulation generation module is used for tackling list object and being transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Malice module regeneration blocking module is used for stoping other processes again to create the malice module that described interception list object records by described kernel-driven.
Further, described malice module comprises file, registration table and process; The information of the malice module that described record is eliminated, specifically:
Record complete file path name corresponding to described file;
Record path (key) and the key assignments (Value) of described registration table; And
Record the complete file path name of described process institute respective file.
Further, described malice module regeneration blocking module, specifically by all operations of described kernel-driven monitoring to file, registration table and process, in case when finding to be operated to as if to be recorded in the malice module of tackling in the tabulation, then stop the operation to this object.
Further, also comprise the network connection blocking module, be used for the network connection operation of being undertaken by the system process that kernel-driven interception malicious code injects.
Further, also comprise preventing the regeneration module that shuts down, be used for by kernel-driven described interception list object being registered to the shutdown callback procedure of system, regenerate because withdrawing from too early the malice module that causes computer virus to stop in shutdown process; And tackle the module that ceases to be in force automatically of tabulating, when again starting for system described interception tabulation is deleted.
The present invention is recorded in it in interception list object when just the malice module of computer virus scans and removes, and stops other processes again to create the malice module that records in the described interception list object by kernel-driven at last.
Therefore, the present invention can effectively remove the malice virus with power of regeneration; Simultaneously, for the server of enterprise-level, can in the situation of not restarting system, just can effectively eliminate the harm of virus, guarantee the safety of data and service.
Description of drawings
The picture that this description of drawings provides is used for assisting a further understanding of the present invention, consists of the application's a part, does not consist of to improper restriction of the present invention, in the accompanying drawings:
Fig. 1 is process flow diagram corresponding to the inventive method;
Fig. 2 is block diagram corresponding to system of the present invention.
Embodiment
As shown in Figure 1, present embodiment discloses a kind of method that prevents computer virus repeated infection system, may further comprise the steps:
Step1: the malice module of the described computer virus that exists in scanning and the dump, and the information of the malice module that is eliminated of record; Described malice module comprises file, registration table and process, the information of the malice module that described record is eliminated, specifically: record complete file path name corresponding to described file; Record path (key) and the key assignments (Value) of described registration table; And the complete file path name that records described process institute respective file.Concrete scanning and sweep-out method can adopt existing a lot of conventional method, such as setting up a virus database, the All Files in the scanning system, register list and process whether therein, as therein then with its removing.Such as: the malice module that computer virus is corresponding is the A file, behind the deletion A file just complete file path name that the A file is corresponding record.
Step2: tackle list object and be transferred to kernel-driven according to the Information generation of the described malice module that is eliminated; Such as: the malice module that records in the 1st step comprises file A, registration table B and consumer process C, and this step is just write into the information of three correspondences recording in the 1st step in the one interception list object.
Step3A: stop other processes again to create the malice module that records in the described interception list object by described kernel-driven, specifically: by all operations of described kernel-driven monitoring to file, registration table and process, in case when finding the malice module during being operated to as if being recorded in interception tabulates, then stop the operation to this object.Such as: recorded file A, registration table B and consumer process C in the interception list object, when kernel-driven find to have other programs or process to its delete, copy, create, during the operation such as modification, then kernel-driven just stops these operations to them.
Step3B: the network connection operation that the system process that injects by kernel-driven interception malicious code carries out can further prevent system process again download malice module on network that malicious code injects.
Step4: described interception list object is registered in the shutdown callback procedure of system by kernel-driven, to stop in shutdown process because withdrawing from too early the malice module regeneration that causes computer virus; Because, in shutdown process, stop too early the supervisory control action of kernel-driven, will be to viral regenerating device meeting.
Step5: when system starts again described interception tabulation is deleted; Because behind the virus sweep, just there is no need to stop its infected file operation always.
As shown in Figure 2, present embodiment also discloses a kind of system corresponding with said method, and it comprises with lower module:
Virus scan removing and logging modle 1 are used for the malice module of the described computer virus that scanning and dump exist, and the information of the malice module that is eliminated of record; Described malice module comprises file, registration table and process; The information of the malice module that described record is eliminated, specifically: record complete file path name corresponding to described file; Record path (key) and the key assignments (Value) of described registration table; And the complete file path name that records described process institute respective file;
Interception tabulation generation module 2 is used for tackling list object and being transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Malice module regeneration blocking module 3, be used for stoping other processes again to create the malice module that described interception list object records by described kernel-driven, specifically: by all operations of described kernel-driven monitoring to file, registration table and process, in case when finding the malice module during being operated to as if being recorded in interception tabulates, then stop the operation to this object;
Network connection blocking module 4 is used for the network connection operation of being undertaken by the system process that kernel-driven interception malicious code injects;
The regeneration module 5 that prevents from shutting down is used for by kernel-driven described interception list object being registered to the shutdown callback procedure of system, regenerates because withdrawing from too early the malice module that causes computer virus to stop in shutdown process; And
Tackle the module 6 that ceases to be in force automatically of tabulating, when again starting for system described interception tabulation is deleted.
Kernel described in the present invention is the core of an operating system, and kernel-driven is in charge of process, internal memory, device driver, file and the network system of system, is determining performance and the stability of system.
Essence of the present invention is by the virus detection of kernel-driven and client layer and removes the module cooperation and realize, in order to remove this malice virus with code injection and power of regeneration, the present invention is by the monitoring of kernel-driven realization for file, registration table, network and process operation; After finding malice module (file, registration table or process) and it removed, kernel-driven is recorded and is passed in the clear operation of doing, automatically generate the interception tabulation, stop other processes again to create the module that these are eliminated by kernel-driven; The suspicious network connection that the system process that is injected by malicious code simultaneously carries out can be blocked.
Simultaneously, the shutdown readjustment of kernel-driven by Accreditation System avoided withdrawing from too early in shutdown process and caused virus malice to drive the regeneration of having an opportunity.And after system started again, the interception of last time tabulation ceased to be in force automatically.
The present invention can effectively remove the malice virus with power of regeneration; For the server of enterprise-level, can in the situation of not restarting system, just can effectively eliminate the harm of virus, guarantee the safety of data and service.
More than describe preferred embodiment of the present invention in detail, the ordinary skill that should be appreciated that this area need not creative work and just can design according to the present invention make many modifications and variations.Therefore, all in the art technician according to the present invention design on the prior art basis by logic analysis, reasoning or according to the available technical scheme of limited experiment, all should be among the determined protection domain by these claims.

Claims (10)

1. method that prevents computer virus repeated infection system is characterized in that may further comprise the steps:
The malice module of the described computer virus that exists in scanning and the dump, and the information of the malice module that is eliminated of record;
Tackle list object and be transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Stop other processes again to create the malice module that records in the described interception list object by described kernel-driven.
2. the method that prevents computer virus repeated infection system according to claim 1 is characterized in that:
Described malice module comprises file, registration table and process;
The information of the malice module that described record is eliminated, specifically:
Record complete file path name corresponding to described file;
Record path (key) and the key assignments (Value) of described registration table; And
Record the complete file path name of described process institute respective file.
3. the method that prevents computer virus repeated infection system according to claim 1 is characterized in that, stops other processes again to create the malice module that records in the described interception list object by described kernel-driven, specifically:
By all operations of described kernel-driven monitoring to file, registration table and process, in case when finding to be operated to as if to be recorded in the malice module of tackling in the tabulation, then stop the operation to this object.
4. the method that prevents computer virus repeated infection system according to claim 1 is characterized in that, and is stoping other processes again to create the malice module that records in the described interception list object by described kernel-driven when, further comprising the steps of:
The network connection operation that the system process that injects by kernel-driven interception malicious code carries out.
5. the method that prevents computer virus repeated infection system according to claim 1, it is characterized in that, stop by described kernel-driven after other processes create the malice module that records in the described interception list object again described, further comprising the steps of:
Described interception list object is registered in the shutdown callback procedure of system by kernel-driven, to stop in shutdown process because withdrawing from too early the malice module regeneration that causes computer virus; And
When system starts again described interception tabulation is deleted.
6. one kind prevents computer virus repeated infection system of systems, it is characterized in that comprising with lower module:
Virus scan removing and logging modle are used for the malice module of the described computer virus that scanning and dump exist, and the information of the malice module that is eliminated of record;
Interception tabulation generation module is used for tackling list object and being transferred to kernel-driven according to the Information generation of the described malice module that is eliminated;
Malice module regeneration blocking module is used for stoping other processes again to create the malice module that described interception list object records by described kernel-driven.
7. the computer virus repeated infection system of systems that prevents according to claim 1 is characterized in that:
Described malice module comprises file, registration table and process;
The information of the malice module that described record is eliminated, specifically:
Record complete file path name corresponding to described file;
Record path (key) and the key assignments (Value) of described registration table; And
Record the complete file path name of described process institute respective file.
8. the computer virus repeated infection system of systems that prevents according to claim 1 is characterized in that:
Described malice module regeneration blocking module is specifically by all operations of described kernel-driven monitoring to file, registration table and process, in case when finding to be operated to as if to be recorded in the malice module of tackling in the tabulation, then stop the operation to this object.
9. the computer virus repeated infection system of systems that prevents according to claim 1 characterized by further comprising:
The network connection blocking module is used for the network connection operation of being undertaken by the system process that kernel-driven interception malicious code injects.
10. the method that prevents computer virus repeated infection system according to claim 1 characterized by further comprising:
Prevent the regeneration module that shuts down, be used for by kernel-driven described interception list object being registered to the shutdown callback procedure of system, regenerate because withdrawing from too early the malice module that causes computer virus to stop in shutdown process; And
Tackle the module that ceases to be in force automatically of tabulating, when again starting for system described interception tabulation is deleted.
CN201210350752.1A 2012-09-18 2012-09-18 Method and system for preventing computer virus from repeatedly infecting system Active CN102867146B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210350752.1A CN102867146B (en) 2012-09-18 2012-09-18 Method and system for preventing computer virus from repeatedly infecting system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210350752.1A CN102867146B (en) 2012-09-18 2012-09-18 Method and system for preventing computer virus from repeatedly infecting system

Publications (2)

Publication Number Publication Date
CN102867146A true CN102867146A (en) 2013-01-09
CN102867146B CN102867146B (en) 2016-01-27

Family

ID=47446013

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210350752.1A Active CN102867146B (en) 2012-09-18 2012-09-18 Method and system for preventing computer virus from repeatedly infecting system

Country Status (1)

Country Link
CN (1) CN102867146B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103679031A (en) * 2013-12-12 2014-03-26 北京奇虎科技有限公司 File virus immunizing method and device
CN105631329A (en) * 2015-12-21 2016-06-01 北京金山安全管理系统技术有限公司 Virut infective virus immune method and apparatus
CN106203118A (en) * 2016-07-13 2016-12-07 北京金山安全软件有限公司 Processing method and device for modifying flicker time of insertion mark and electronic equipment
CN107612933A (en) * 2017-10-20 2018-01-19 广东岭南职业技术学院 A kind of novel computer internet worm system of defense
TWI647585B (en) * 2017-06-27 2019-01-11 關隆股份有限公司 Malicious virus protection method
CN109214186A (en) * 2018-08-29 2019-01-15 厦门快快网络科技有限公司 A kind of interception trojan horse system and method based on inner nuclear layer
US10503898B2 (en) 2017-10-03 2019-12-10 Grand Mate Co., Ltd. Method for defending against malware
CN110717183A (en) * 2019-12-09 2020-01-21 深信服科技股份有限公司 Virus checking and killing method, device, equipment and storage medium
CN110851831A (en) * 2019-11-12 2020-02-28 腾讯科技(深圳)有限公司 Virus processing method and device, computer equipment and computer readable storage medium
CN112784270A (en) * 2021-01-18 2021-05-11 仙境文化传媒(武汉)有限公司 System and method for loading code file by annotation mode

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7917955B1 (en) * 2005-01-14 2011-03-29 Mcafee, Inc. System, method and computer program product for context-driven behavioral heuristics
CN102194072A (en) * 2011-06-03 2011-09-21 奇智软件(北京)有限公司 Method, device and system used for handling computer virus
CN102629310A (en) * 2012-02-29 2012-08-08 卡巴斯基实验室封闭式股份公司 System and method for protecting computer system from being infringed by activities of malicious objects

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7917955B1 (en) * 2005-01-14 2011-03-29 Mcafee, Inc. System, method and computer program product for context-driven behavioral heuristics
CN102194072A (en) * 2011-06-03 2011-09-21 奇智软件(北京)有限公司 Method, device and system used for handling computer virus
CN102629310A (en) * 2012-02-29 2012-08-08 卡巴斯基实验室封闭式股份公司 System and method for protecting computer system from being infringed by activities of malicious objects

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103679031B (en) * 2013-12-12 2017-10-31 北京奇虎科技有限公司 A kind of immune method and apparatus of file virus
CN103679031A (en) * 2013-12-12 2014-03-26 北京奇虎科技有限公司 File virus immunizing method and device
CN105631329A (en) * 2015-12-21 2016-06-01 北京金山安全管理系统技术有限公司 Virut infective virus immune method and apparatus
CN105631329B (en) * 2015-12-21 2019-05-10 北京金山安全管理系统技术有限公司 Virut infection type virus immunity method and device thereof
CN106203118B (en) * 2016-07-13 2019-01-22 北京金山安全软件有限公司 Processing method and device for modifying flicker time of insertion mark and electronic equipment
CN106203118A (en) * 2016-07-13 2016-12-07 北京金山安全软件有限公司 Processing method and device for modifying flicker time of insertion mark and electronic equipment
TWI647585B (en) * 2017-06-27 2019-01-11 關隆股份有限公司 Malicious virus protection method
US10503898B2 (en) 2017-10-03 2019-12-10 Grand Mate Co., Ltd. Method for defending against malware
CN107612933A (en) * 2017-10-20 2018-01-19 广东岭南职业技术学院 A kind of novel computer internet worm system of defense
CN109214186A (en) * 2018-08-29 2019-01-15 厦门快快网络科技有限公司 A kind of interception trojan horse system and method based on inner nuclear layer
CN110851831A (en) * 2019-11-12 2020-02-28 腾讯科技(深圳)有限公司 Virus processing method and device, computer equipment and computer readable storage medium
CN110851831B (en) * 2019-11-12 2023-04-28 腾讯科技(深圳)有限公司 Virus processing method, device, computer equipment and computer readable storage medium
CN110717183A (en) * 2019-12-09 2020-01-21 深信服科技股份有限公司 Virus checking and killing method, device, equipment and storage medium
CN112784270A (en) * 2021-01-18 2021-05-11 仙境文化传媒(武汉)有限公司 System and method for loading code file by annotation mode

Also Published As

Publication number Publication date
CN102867146B (en) 2016-01-27

Similar Documents

Publication Publication Date Title
CN102867146B (en) Method and system for preventing computer virus from repeatedly infecting system
JP4406627B2 (en) Computer security management, such as in virtual machines or hardened operating systems
US9256739B1 (en) Systems and methods for using event-correlation graphs to generate remediation procedures
US9166997B1 (en) Systems and methods for reducing false positives when using event-correlation graphs to detect attacks on computing systems
US20110173698A1 (en) Mitigating false positives in malware detection
US8402539B1 (en) Systems and methods for detecting malware
CN101136044A (en) Software watchdog system and method
CN105320884A (en) Security protection method and system for virtual machine
CN102194072A (en) Method, device and system used for handling computer virus
US20190095285A1 (en) Backup and recovery of data files using hard links
KR102079304B1 (en) Apparatus and method of blocking malicious code based on whitelist
CN102004882A (en) Method and device for detecting and processing remote-thread injection type Trojan
CN110826067A (en) Virus detection method and device, electronic equipment and storage medium
CN103428212A (en) Malicious code detection and defense method
US20160314297A1 (en) Method and Apparatus for Implementing Virtual Machine Introspection
CN103593616A (en) System and method for preventing and controlling USB flash disk viruses in enterprise information network
CN102012982A (en) Method and device for protecting safe operation of intelligent device
CN103679024B (en) Virus treating method and device
US10169575B1 (en) Systems and methods for preventing internal network attacks
WO2021217652A1 (en) Method and apparatus for controlling mobile storage device, and computer-readable medium
US8621632B1 (en) Systems and methods for locating malware
CN115086081B (en) Escape prevention method and system for honeypots
EP3800567B1 (en) Systems and methods for countering removal of digital forensics information by malicious software
KR20160100626A (en) Computing device executing malicious code with using actual resources, server system managing information of malicious code, and electronic system including the same
CN105224871A (en) Virus removal method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: KINGSOFT CORPORATION LIMITED BEIKE INTERNET (BEIJI

Effective date: 20130503

C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20130503

Address after: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8

Applicant after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd.

Applicant after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd.

Applicant after: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd.

Applicant after: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd.

Address before: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8

Applicant before: Zhuhai Juntian Electronic Technology Co.,Ltd.

C14 Grant of patent or utility model
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 519070 Guangdong city of Zhuhai Province town Harbour Road Technology Road No. 10 building six layer 601F

Co-patentee after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd.

Patentee after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd.

Co-patentee after: Beijing Cheetah Mobile Technology Co.,Ltd.

Co-patentee after: Beijing Cheetah Network Technology Co.,Ltd.

Address before: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8

Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd.

Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd.

Co-patentee before: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd.

Co-patentee before: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20191125

Address after: Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province

Patentee after: Zhuhai Leopard Technology Co.,Ltd.

Address before: 519070, No. 10, main building, No. six, science Road, Harbour Road, Tang Wan Town, Guangdong, Zhuhai, 601F

Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd.

Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd.

Co-patentee before: Beijing Cheetah Mobile Technology Co.,Ltd.

Co-patentee before: Beijing Cheetah Network Technology Co.,Ltd.