[go: up one dir, main page]

CN108133154B - Method and device for storing file - Google Patents

Method and device for storing file Download PDF

Info

Publication number
CN108133154B
CN108133154B CN201711418998.7A CN201711418998A CN108133154B CN 108133154 B CN108133154 B CN 108133154B CN 201711418998 A CN201711418998 A CN 201711418998A CN 108133154 B CN108133154 B CN 108133154B
Authority
CN
China
Prior art keywords
file
target file
target
storage space
space value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711418998.7A
Other languages
Chinese (zh)
Other versions
CN108133154A (en
Inventor
吕玉超
于志强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qax Technology Group Inc
Original Assignee
Qax Technology Group Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qax Technology Group Inc filed Critical Qax Technology Group Inc
Priority to CN201711418998.7A priority Critical patent/CN108133154B/en
Publication of CN108133154A publication Critical patent/CN108133154A/en
Application granted granted Critical
Publication of CN108133154B publication Critical patent/CN108133154B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

本发明的实施例公开了一种对文件进行存储的方法及装置,该方法在接收到目标文件后,获取目标文件的目标存储空间值,若目标存储空间值较小,则将该目标文件存储到文件读取速度较快的第一存储介质,在第一存储介质对该目标文件进行病毒查杀扫描,将不携带病毒的目标文件存储到文件读取速度较慢但存储容量较大的第二存储介质。该方法对存储介质的性质进行了考虑,使得目标存储空间值较小的目标文件在文件读取速度较快的第一存储介质中进行病毒查杀扫描,提高了病毒查杀扫描的速度,避免了在文件读取速度较慢的第二存储介质中进行病毒查杀扫描带来的IO开销的过度消耗的问题。

Figure 201711418998

The embodiment of the present invention discloses a method and device for storing a file. After receiving the target file, the method obtains the target storage space value of the target file, and if the target storage space value is small, the target file is stored. Go to the first storage medium with a faster file reading speed, perform virus detection and killing scanning on the target file on the first storage medium, and store the target file that does not carry viruses to the first storage medium with a slower file reading speed but larger storage capacity. 2. Storage medium. The method takes into account the nature of the storage medium, so that the target file with a smaller target storage space value is scanned for viruses in the first storage medium with a faster file reading speed, which improves the speed of virus detection and scanning and avoids the need for It solves the problem of excessive consumption of IO overhead caused by virus killing and scanning in the second storage medium with a slow file reading speed.

Figure 201711418998

Description

一种对文件进行存储的方法及装置A method and device for storing files

技术领域technical field

本发明涉及网络安全技术领域,尤其是涉及一种对文件进行存储的方法及装置。The present invention relates to the technical field of network security, and in particular, to a method and device for storing files.

背景技术Background technique

磁盘和内存均为计算机领域用于保存信息的载体,其中,磁盘包括硬盘和软盘。一般来说,磁盘的存储空间较大,但读取速度较慢,而内存的存储空间较小,但读取速度较快。通常,终端或者计算机接收到文件后,直接对该文件落盘处理,将该文件存储到磁盘中,再对该文件进行病毒查杀。Both the magnetic disk and the memory are carriers used for storing information in the computer field, wherein the magnetic disk includes a hard disk and a floppy disk. Generally speaking, disk has more storage space but slower reading speed, while memory has less storage space but faster reading speed. Usually, after a terminal or a computer receives a file, it directly places the file on the disk for processing, stores the file in the disk, and then performs virus checking and killing on the file.

基于此,虽然将接收的文件存储在磁盘中再进行病毒查杀是可行的,但是该方法导致磁盘的IO开销较大,尤其是当接收到的文件占用的存储空间较小时,更是对性能的消耗。Based on this, although it is feasible to store the received files in the disk and then perform virus scanning and killing, this method leads to a large IO overhead of the disk, especially when the received files occupy a small storage space, which is more critical to performance. consumption.

在实现本发明实施例的过程中,发明人发现现有的直接将文件存储在磁盘中进行病毒查杀的方法,未充分利用存储介质的性质,导致IO开销的过度消耗。In the process of implementing the embodiments of the present invention, the inventor found that the existing method of directly storing files in a disk for virus detection and killing does not fully utilize the properties of the storage medium, resulting in excessive consumption of IO overhead.

发明内容SUMMARY OF THE INVENTION

本发明所要解决的技术问题是如何解决现有的直接将文件存储在磁盘中进行病毒查杀的方法,未充分利用存储介质的性质,导致IO开销的过度消耗的问题。The technical problem to be solved by the present invention is how to solve the problem that the existing method of directly storing files in a disk for virus detection and killing does not fully utilize the properties of the storage medium, resulting in excessive consumption of IO overhead.

针对以上技术问题,本发明的实施例提供了一种对文件进行存储的方法,包括:In view of the above technical problems, embodiments of the present invention provide a method for storing files, including:

获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;Obtaining the target storage space value that needs to be occupied to store the target file, and if the target storage space value is less than the first storage space value, then storing the target file in the first storage medium;

对所述目标文件进行病毒查杀扫描,得到第一扫描结果;Perform virus killing scanning on the target file to obtain a first scanning result;

若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;If the first scan result is that the target file does not carry a virus, storing the target file in a second storage medium;

其中,所述第一存储介质中的文件读取速度大于所述第二存储介质中的文件读取速度。Wherein, the reading speed of the file in the first storage medium is greater than the reading speed of the file in the second storage medium.

可选地,所述对所述目标文件进行病毒查杀扫描,得到第一扫描结果,包括:Optionally, performing virus detection and killing scanning on the target file to obtain a first scan result, including:

若所述目标存储空间值大于第二存储空间值,则通过云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is greater than the second storage space value, perform virus scanning and killing scanning on the target file through cloud scanning and killing to obtain the first scanning result;

若所述目标存储空间值小于或等于所述第二存储空间值且大于第三存储空间值,则通过本地查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is less than or equal to the second storage space value and greater than the third storage space value, perform virus detection and killing scanning on the target file through local killing to obtain the first scan result;

若所述目标存储空间值小于或等于所述第三存储空间值,则通过本地查杀或云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is less than or equal to the third storage space value, perform virus detection and killing scanning on the target file through local scanning or cloud scanning to obtain the first scanning result;

其中,所述本地查杀为启发式查杀或QEX脚本查杀。Wherein, the local killing is heuristic killing or QEX script killing.

可选地,还包括:Optionally, also include:

若所述第一扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第一安全文件;If the first scan result is that the target file carries a virus, then determine whether the target file can be repaired as a first security file that does not carry a virus;

若所述目标文件能修复为所述第一安全文件,则将所述目标文件修复为所述第一安全文件,将所述第一安全文件存储到所述第二存储介质;If the target file can be repaired into the first security file, repairing the target file into the first security file, and storing the first security file in the second storage medium;

若所述目标文件不能修复为所述第一安全文件,则删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区。If the target file cannot be restored to the first security file, the target file is deleted or the target file is stored in the virus isolation area of the second storage medium.

可选地,还包括:Optionally, also include:

若所述目标存储空间值大于或等于所述第一存储空间值,则将所述目标文件存储到所述第二存储介质,对所述目标文件进行病毒查杀扫描,得到第二扫描结果;If the target storage space value is greater than or equal to the first storage space value, the target file is stored in the second storage medium, and the target file is scanned for virus killing to obtain a second scan result;

若所述第二扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第二安全文件,若是,则将所述目标文件修复为所述第二安全文件,否则,删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区If the second scan result is that the target file carries a virus, then determine whether the target file can be repaired to a second security file that does not carry viruses, and if so, repair the target file to the second security file , otherwise, delete the target file or store the target file in the virus quarantine area in the second storage medium

第二方面,本发明的实施例还提供了一种对文件进行存储的装置,包括:In a second aspect, an embodiment of the present invention also provides a device for storing files, including:

第一存储模块,用于获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;a first storage module, configured to obtain a target storage space value that needs to be occupied to store a target file, and if the target storage space value is less than the first storage space value, store the target file in the first storage medium;

扫描模块,用于对所述目标文件进行病毒查杀扫描,得到第一扫描结果;a scanning module, configured to perform virus killing scanning on the target file to obtain a first scanning result;

第二存储模块,用于若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;a second storage module, configured to store the target file in a second storage medium if the first scan result is that the target file does not carry a virus;

其中,所述第一存储介质中的文件读取速度大于所述第二存储介质中的文件读取速度。Wherein, the reading speed of the file in the first storage medium is greater than the reading speed of the file in the second storage medium.

可选地,所述扫描模块还用于若所述目标存储空间值大于第二存储空间值,则通过云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;若所述目标存储空间值小于或等于所述第二存储空间值且大于第三存储空间值,则通过本地查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;若所述目标存储空间值小于或等于所述第三存储空间值,则通过本地查杀或云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;其中,所述本地查杀为启发式查杀或QEX脚本查杀。Optionally, the scanning module is further configured to, if the target storage space value is greater than the second storage space value, perform virus scanning and killing scanning on the target file through cloud scanning and killing to obtain the first scanning result; The target storage space value is less than or equal to the second storage space value and greater than the third storage space value, then the target file is scanned for viruses through local anti-virus to obtain the first scan result; If the target storage space value is less than or equal to the third storage space value, the target file is scanned for viruses through local scanning or cloud scanning to obtain the first scanning result; wherein, the local scanning Kill is heuristic killing or QEX script killing.

可选地,所述第二存储模块还用于若所述第一扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第一安全文件;若所述目标文件能修复为所述第一安全文件,则将所述目标文件修复为第一安全文件,将所述第一安全文件存储到所述第二存储介质;若所述目标文件不能修复为所述第一安全文件,则删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区。Optionally, the second storage module is further configured to determine whether the target file can be repaired as a first security file that does not carry a virus if the first scan result is that the target file carries a virus; If the target file can be repaired as the first security file, then the target file is repaired as the first security file, and the first security file is stored in the second storage medium; if the target file cannot be repaired as the first security file the first security file, delete the target file or store the target file in the virus isolation area in the second storage medium.

可选地,所述第一存储模块还用于若所述目标存储空间值大于或等于所述第一存储空间值,则将所述目标文件存储到所述第二存储介质,对所述目标文件进行病毒查杀扫描,得到第二扫描结果;若所述第二扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第二安全文件,若是,则将所述目标文件修复为所述第二安全文件,否则,删除所述目标文件或者将所述目标文件存储所述第二存储介质中的病毒隔离区。Optionally, the first storage module is further configured to store the target file in the second storage medium if the target storage space value is greater than or equal to the first storage space value, and store the target file in the second storage medium. The file is scanned for virus killing, and a second scan result is obtained; if the second scan result is that the target file carries a virus, it is determined whether the target file can be repaired as a second security file that does not carry a virus, and if so, then Repair the target file as the second security file, otherwise, delete the target file or store the target file in the virus isolation area of the second storage medium.

第三方面,本发明的实施例还提供了一种电子设备,包括:In a third aspect, an embodiment of the present invention also provides an electronic device, including:

至少一个处理器、至少一个存储器、通信接口和总线;其中,at least one processor, at least one memory, a communication interface, and a bus; wherein,

所述处理器、存储器、通信接口通过所述总线完成相互间的通信;The processor, the memory, and the communication interface communicate with each other through the bus;

所述通信接口用于该电子设备和服务器的通信设备或者终端的通信设备之间的信息传输;The communication interface is used for information transmission between the electronic device and the communication device of the server or the communication device of the terminal;

所述存储器存储有可被所述处理器执行的程序指令,所述处理器调用所述程序指令能够执行以上任一项所述的方法。The memory stores program instructions executable by the processor, and the processor invokes the program instructions to perform any of the methods described above.

第四方面,本发明的实施例还提供了一种非暂态计算机可读存储介质,所述非暂态计算机可读存储介质存储计算机指令,所述计算机指令使所述计算机执行以上任一项所述的方法In a fourth aspect, embodiments of the present invention further provide a non-transitory computer-readable storage medium, where the non-transitory computer-readable storage medium stores computer instructions that cause the computer to execute any of the above the method described

本发明的实施例提供了一种对文件进行存储的方法及装置,该方法在接收到目标文件后,获取目标文件的目标存储空间值,若目标存储空间值较小,则将该目标文件存储到文件读取速度较快的第一存储介质,在第一存储介质对该目标文件进行病毒查杀扫描,将不携带病毒的目标文件存储到文件读取速度较慢但存储容量较大的第二存储介质。该方法对存储介质的性质进行了考虑,使得目标存储空间值较小的目标文件在文件读取速度较快的第一存储介质中进行病毒查杀扫描,提高了病毒查杀扫描的速度,避免了在文件读取速度较慢的第二存储介质中进行病毒查杀扫描带来的IO开销的过度消耗的问题。Embodiments of the present invention provide a method and device for storing a file. After receiving the target file, the method obtains the target storage space value of the target file, and if the target storage space value is small, the target file is stored Go to the first storage medium with a faster file reading speed, perform virus detection and killing scanning on the target file on the first storage medium, and store the target file that does not carry viruses to the first storage medium with a slower file reading speed but larger storage capacity. 2. Storage medium. The method takes into account the nature of the storage medium, so that the target file with a smaller target storage space value is scanned for viruses in the first storage medium with a faster file reading speed, which improves the speed of virus detection and scanning and avoids the need for It solves the problem of excessive consumption of IO overhead caused by virus killing and scanning in the second storage medium with a slow file reading speed.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作一简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description These are some embodiments of the present invention. For those of ordinary skill in the art, other drawings can also be obtained according to these drawings without creative efforts.

图1是本发明一个实施例提供的一种对文件进行存储的方法的流程示意图;1 is a schematic flowchart of a method for storing a file provided by an embodiment of the present invention;

图2是本发明另一个实施例提供的代理服务器中本地查杀的病毒库和文件扫描引擎升级的过程示意图;2 is a schematic diagram of a process of upgrading a virus database and a file scanning engine that are locally checked and killed in a proxy server provided by another embodiment of the present invention;

图3是本发明另一个实施例提供的一种对文件进行存储的装置的结构框图;3 is a structural block diagram of a device for storing files provided by another embodiment of the present invention;

图4是本发明另一个实施例提供的电子设备的结构框图。FIG. 4 is a structural block diagram of an electronic device provided by another embodiment of the present invention.

具体实施方式Detailed ways

为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purposes, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments These are some embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

图1是本实施例提供的一种对文件进行存储的方法的流程示意图,参见图1,该方法包括:FIG. 1 is a schematic flowchart of a method for storing a file provided in this embodiment. Referring to FIG. 1 , the method includes:

101:获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;101: Obtain a target storage space value that needs to be occupied to store a target file, and if the target storage space value is less than a first storage space value, store the target file in a first storage medium;

102:对所述目标文件进行病毒查杀扫描,得到第一扫描结果;102: Perform virus killing scanning on the target file to obtain a first scanning result;

103:若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;103: If the first scan result is that the target file does not carry a virus, store the target file in a second storage medium;

其中,所述第一存储介质的文件读取速度大于所述第二存储介质的文件读取速度;所述第一存储空间值小于或等于所述第一存储介质的可用存储空间值。Wherein, the file reading speed of the first storage medium is greater than the file reading speed of the second storage medium; the first storage space value is less than or equal to the available storage space value of the first storage medium.

需要说明的是,本实施例提供的方法由服务器或终端(例如,手机或者电脑)执行,例如,由代理服务器(如Nginx)执行。目标文件为欲存储在服务器或终端内的文件,目标文件可以是接收到的其他设备(服务器或终端)发送的文件,也可以是通过数据线上传的文件,本实施例对此不作具体限制。It should be noted that, the method provided in this embodiment is executed by a server or a terminal (for example, a mobile phone or a computer), for example, by a proxy server (such as Nginx). The target file is a file to be stored in the server or terminal. The target file may be a received file sent by other devices (server or terminal), or a file uploaded through a data line, which is not specifically limited in this embodiment.

接收到目标文件后,可以通过该目标文件携带的属性信息得到目标存储空间值,也可以通过软件检测出目标文件的目标存储空间值,本实施例对此不作具体限制。例如,目标文件的目标存储空间值为78M。第一存储空间值通常根据第一存储介质的可用存储空间值确定,其中,第一存储空间值小于或者等于第一存储介质的可用存储空间值(剩余存储空间值)。例如,第一存储介质的可用存储空间值为150M,则设定第一存储空间值为100M。通常,第一存储介质的存储容量(最大的存储空间值)小于第二存储介质的存储容量(最大的存储空间值),但第一存储介质对应的文件读取速度大于第二存储介质对应的文件读取速度。例如,第一存储介质为内存,第二存储介质为磁盘。After receiving the target file, the target storage space value may be obtained through attribute information carried by the target file, or the target storage space value of the target file may be detected by software, which is not specifically limited in this embodiment. For example, the target storage space value of the target file is 78M. The first storage space value is generally determined according to the available storage space value of the first storage medium, wherein the first storage space value is less than or equal to the available storage space value (remaining storage space value) of the first storage medium. For example, if the available storage space value of the first storage medium is 150M, the first storage space value is set to 100M. Usually, the storage capacity (maximum storage space value) of the first storage medium is smaller than the storage capacity (maximum storage space value) of the second storage medium, but the file reading speed corresponding to the first storage medium is greater than that of the second storage medium File read speed. For example, the first storage medium is a memory, and the second storage medium is a magnetic disk.

对目标文件进行病毒查杀扫描可以仅通过服务器或终端内的本地查杀对目标文件进行扫描,也可以仅通过云查杀对目标文件进行扫描,还可以既采用本地查杀又采用云查杀对目标文件进行扫描,本实施例对此不作具体限制。Scanning the target file for viruses can only scan the target file through the local anti-virus in the server or terminal, or scan the target file only through the cloud anti-virus, or use both local anti-virus and cloud anti-virus scanning. Scan the target file, which is not specifically limited in this embodiment.

本发明的实施例提供了一种对文件进行存储的方法,该方法在接收到目标文件后,获取目标文件的目标存储空间值,若目标存储空间值较小,则将该目标文件存储到文件读取速度较快的第一存储介质,在第一存储介质中对该目标文件进行病毒查杀扫描,将不携带病毒的目标文件存储到文件读取速度较慢但存储容量较大的第二存储介质。该方法对存储介质的性质进行了考虑,使得目标存储空间值较小的目标文件在文件读取速度较快的第一存储介质中进行病毒查杀扫描,提高了病毒查杀扫描的速度,避免了在文件读取速度较慢的第二存储介质中进行病毒查杀扫描带来的IO开销的过度消耗的问题。An embodiment of the present invention provides a method for storing a file. After receiving the target file, the method obtains the target storage space value of the target file, and if the target storage space value is small, the target file is stored in the file The first storage medium with a faster reading speed, the target file is scanned for viruses in the first storage medium, and the target file that does not carry viruses is stored in the second storage medium with a slower file reading speed but a larger storage capacity. storage medium. The method takes into account the nature of the storage medium, so that the target file with a smaller target storage space value is scanned for viruses in the first storage medium with a faster file reading speed, which improves the speed of virus detection and scanning and avoids the need for It solves the problem of excessive consumption of IO overhead caused by virus killing and scanning in the second storage medium with a slow file reading speed.

更进一步地,在上述实施例的基础上,所述对所述目标文件进行病毒查杀扫描,得到第一扫描结果,包括:Further, on the basis of the above embodiment, the virus detection and killing scan is performed on the target file to obtain a first scan result, including:

若所述目标存储空间值大于第二存储空间值,则通过云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is greater than the second storage space value, perform virus scanning and killing scanning on the target file through cloud scanning and killing to obtain the first scanning result;

若所述目标存储空间值小于或等于所述第二存储空间值且大于第三存储空间值,则通过本地查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is less than or equal to the second storage space value and greater than the third storage space value, perform virus detection and killing scanning on the target file through local killing to obtain the first scan result;

若所述目标存储空间值小于或等于所述第三存储空间值,则通过本地查杀或云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is less than or equal to the third storage space value, perform virus detection and killing scanning on the target file through local scanning or cloud scanning to obtain the first scanning result;

其中,所述本地查杀为启发式查杀或QEX脚本查杀。Wherein, the local killing is heuristic killing or QEX script killing.

需要说明的是,对目标存储空间值较大的目标文件进行本地查杀相较于进行云查杀用时较长,对目标存储空间值较小的目标文件进行本地查杀相较于进行云查杀用时较短。因此,为了提高对目标文件进行病毒查杀扫描的速度,本实施例提供了根据目标存储空间值的大小确定采用何种查杀方式对目标文件进行病毒查杀扫描。It should be noted that local inspection and killing of target files with large target storage space values takes longer than cloud inspection and killing, and local inspection and killing of target files with small target storage space values is longer than cloud inspection and killing. Killing time is shorter. Therefore, in order to improve the speed of virus detection and killing scanning on the target file, this embodiment provides determining which detection and killing method is used to perform virus detection and killing scanning on the target file according to the size of the target storage space value.

第二存储空间值和第三存储空间值均为根据本地查杀和云查杀用时和文件占用的存储空间之间的关系而设定的值,例如,第二存储空间值为100M,第三存储空间值为10M,本实施例对此不作具体限制。第一扫描结果为对目标文件进行扫描得到的目标文件是否携带病毒的结果。The second storage space value and the third storage space value are both values set according to the relationship between the local and cloud scanning time and the storage space occupied by the file. For example, the second storage space value is 100M, and the third storage space value is 100M. The storage space value is 10M, which is not specifically limited in this embodiment. The first scan result is a result obtained by scanning the target file whether the target file carries a virus.

本发明的实施例提供了一种对文件进行存储的方法,该方法对存储后的目标文件进行病毒查杀扫描的过程中,根据目标文件的目标存储空间值选取相应的病毒查杀方式,充分利用了各种病毒查杀方式的耗时特点,缩短了对目标进行病毒查杀的用时,提供了对目标文件进行存储的存储效率。The embodiment of the present invention provides a method for storing files. In the process of performing virus detection and killing scanning on a stored target file, the method selects a corresponding virus detection and killing method according to the target storage space value of the target file, and fully The time-consuming feature of various virus checking and killing methods is utilized, the time for virus checking and killing on the target is shortened, and the storage efficiency for storing the target file is provided.

更进一步地,在上述各实施例的基础上,还包括:Further, on the basis of the above embodiments, it also includes:

若所述第一扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第一安全文件;If the first scan result is that the target file carries a virus, then determine whether the target file can be repaired as a first security file that does not carry a virus;

若所述目标文件能修复为所述第一安全文件,则将所述目标文件修复为所述第一安全文件,将所述第一安全文件存储到所述第二存储介质;If the target file can be repaired into the first security file, repairing the target file into the first security file, and storing the first security file in the second storage medium;

若所述目标文件不能修复为所述第一安全文件,则删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区。If the target file cannot be restored to the first security file, the target file is deleted or the target file is stored in the virus isolation area of the second storage medium.

需要说明的是,判断携带病毒的目标文件是否能修复为不携带病毒的第一安全文件,以及将目标文件修复为第一安全文件,均可以由相应的软件来实现,本实施例对此不做具体限制。例如,该软件对目标文件中的病毒所在的位置进行检查,若该目标文件的文件头被病毒植入,则判定该目标文件不能修复。若病毒植入了目标文件中,并且删除该目标文件后不影响该目标文件的运行,则判定该目标文件能被修复。若判定该目标文件能被修复,则对该目标文件进行修复,得到不携带病毒的第一安全文件。It should be noted that, judging whether a target file carrying a virus can be repaired into a first security file that does not carry a virus, and repairing the target file into a first security file can be implemented by corresponding software, which is not the case in this embodiment. make specific restrictions. For example, the software checks the location of the virus in the target file, and if the file header of the target file is implanted by a virus, it is determined that the target file cannot be repaired. If the virus is implanted in the target file, and the target file is deleted without affecting the operation of the target file, it is determined that the target file can be repaired. If it is determined that the target file can be repaired, the target file is repaired to obtain a first security file that does not carry viruses.

若目标文件不能修复为第一安全文件,本实施例提供了两种处理方法,一种为直接将该目标文件从第一存储介质删除,另一种为将所述目标文件存储到所述第二存储介质中的病毒隔离区,可作为病毒样本。为了消除携带病毒的目标文件带来的安全隐患,本实施例提供的方法将其存储到第二存储介质的病毒隔离区内。其中,病毒隔离区一个安全的、被隔离的特殊文件夹,适合于存放一些特别的文件。病毒隔离区与操作系统完全隔离,其他进程不能操作病毒隔离区里的文件,在病毒隔离区里的文件也无法运行。If the target file cannot be restored to the first security file, this embodiment provides two processing methods, one is to directly delete the target file from the first storage medium, and the other is to store the target file in the first storage medium. 2. The virus isolation area in the storage medium can be used as a virus sample. In order to eliminate the potential safety hazard brought by the target file carrying the virus, the method provided in this embodiment stores the target file in the virus isolation area of the second storage medium. Among them, the virus isolation area is a safe and isolated special folder suitable for storing some special files. The virus isolation area is completely isolated from the operating system. Other processes cannot operate the files in the virus isolation area, and the files in the virus isolation area cannot be run.

可理解的是,为了释放第一存储介质的空间,保证服务器或者终端的正常运行,进一步地,将所述目标文件存储到所述第二存储介质中的病毒隔离区后,还包括:It is understandable that, in order to release the space of the first storage medium and ensure the normal operation of the server or terminal, further, after storing the target file in the virus isolation area in the second storage medium, the method further includes:

将所述目标文件从所述第一存储介质删除。The target file is deleted from the first storage medium.

更进一步地,所述若所述目标文件能修复为所述安全文件,则将所述目标文件修复为安全文件,将所述安全文件存储到所述第二存储介质之后,还包括:Further, if the target file can be repaired as the security file, the target file is repaired as a security file, and after the security file is stored in the second storage medium, the method further includes:

发出已经对携带病毒的所述目标文件进行修复的第一提示信息。Send out the first prompt message that the target file carrying the virus has been repaired.

所述若所述目标文件不能修复为所述安全文件,则删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区,还包括:Deleting the target file or storing the target file in the virus isolation area of the second storage medium if the target file cannot be repaired to the safe file, further comprising:

发出所述目标文件携带病毒,存储所述目标文件的可执行文件失败的第二提示消息。A second prompt message is sent out that the target file carries a virus and that the executable file of the target file fails to be stored.

本发明的实施例提供了一种对文件进行存储的方法,该方法针对第一扫描结果为目标文件携带病毒的情况,进一步判断目标文件是否能修复为安全文件,若能,则对目标文件进行修复,保证存储过程的正常进行,若不能,则删除该目标文件或者将该目标文件存储到第二存储介质的病毒隔离区,消除了携带病毒的目标文件带来的安全隐患。An embodiment of the present invention provides a method for storing a file. The method further determines whether the target file can be repaired as a safe file if the first scan result is that the target file carries a virus. Repair, to ensure the normal operation of the storage process, if not, delete the target file or store the target file in the virus isolation area of the second storage medium, eliminating the security risks brought by the virus-carrying target file.

更进一步地,在上述各实施例的基础上,还包括:Further, on the basis of the above embodiments, it also includes:

若所述目标存储空间值大于或等于所述第一存储空间值,则将所述目标文件存储到所述第二存储介质,对所述目标文件进行病毒查杀扫描,得到第二扫描结果;If the target storage space value is greater than or equal to the first storage space value, the target file is stored in the second storage medium, and the target file is scanned for virus killing to obtain a second scan result;

若所述第二扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第二安全文件,若是,则将所述目标文件修复为所述第二安全文件,否则,删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区。If the second scan result is that the target file carries a virus, then determine whether the target file can be repaired to a second security file that does not carry viruses, and if so, repair the target file to the second security file , otherwise, delete the target file or store the target file in the virus quarantine area in the second storage medium.

针对目标存储空间值大于或等于第一存储空间值的目标文件,受限于第一存储介质的存储容量的限制,将该目标文件直接存储到第二存储空间值,则第二存储空间值对该目标文件进行病毒查杀扫描。可理解的是,若第二扫描结果为所述目标文件不携带病毒,则不作处理。For the target file whose target storage space value is greater than or equal to the first storage space value, limited by the storage capacity of the first storage medium, the target file is directly stored in the second storage space value, then the second storage space value is equal to The target file is scanned for virus killing. It is understandable that, if the second scan result is that the target file does not carry a virus, no processing is performed.

本发明的实施例提供了一种对文件进行存储的方法,该方法对目标文件的目标存储空间值大于或等于第一存储空间值的情况进行限定,当目标存储空间值大于或等于第一存储空间值时,直接在第二存储空间值对该目标文件进行病毒查杀扫描,完善了对文件的存储方法。An embodiment of the present invention provides a method for storing a file. The method limits the situation that the target storage space value of the target file is greater than or equal to the first storage space value. When the target storage space value is greater than or equal to the first storage space value When the space value is set, the target file is directly scanned for viruses in the second storage space value, which improves the storage method of the file.

可理解的是,作为对目标文件进行本地查杀的病毒库和文件扫描引擎,本实施例以代理服务器为例,提供了代理服务器中本地查杀的病毒库和文件扫描引擎升级的过程。图2为本实施例提供的代理服务器中本地查杀的病毒库和文件扫描引擎升级的过程示意图,参见图2,在该代理服务器中包括文件扫描引擎、病毒库和引擎更新引擎。例如,代理服务器从云端服务器下载升级文件后,将本地病毒库文件和升级文件进行对比,判断是否需要对本地病毒库文件进行更新,并通过文件扫描引擎对目标文件进行扫描,判断该目标文件中是否携带了病毒。It is understandable that, as a virus database and a file scanning engine for local scanning and killing of target files, this embodiment takes a proxy server as an example to provide a process of upgrading the local scanning and killing virus database and file scanning engine in the proxy server. FIG. 2 is a schematic diagram of a process of upgrading a virus database and a file scanning engine in a proxy server provided by this embodiment. Referring to FIG. 2 , the proxy server includes a file scanning engine, a virus database, and an engine update engine. For example, after the proxy server downloads the upgrade file from the cloud server, it compares the local virus database file with the upgrade file to determine whether the local virus database file needs to be updated, and scans the target file through the file scanning engine to determine whether the target file is in the target file. whether the virus is carried.

其中,病毒库和引擎更新引擎用于根据更新规则对病毒库、扫描引擎进行更新。通过用户更新模块可以设定病毒库和引擎更新引擎获取新的病毒库或者引擎的时间或者触发条件。引擎、病毒库更新服务用于向病毒库和引擎更新引擎提供新的引擎或者病毒,以使得病毒库和引擎更新引擎获取新的引擎或者病毒后,对代理服务器的病毒库和引擎进行更新。The virus database and the engine update engine are used to update the virus database and the scan engine according to the update rules. The user update module can set the time or trigger conditions for the virus database and engine update engine to acquire new virus database or engine. The engine and virus database update service is used to provide new engines or viruses to the virus database and engine update engine, so that the virus database and engine update engine can update the virus database and engine of the proxy server after acquiring the new engine or virus.

图3示出了本发明的实施例提供的一种对文件进行存储的装置的结构框图,参见图3,本实施例提供的对文件进行存储的装置,包括第一存储模块301、扫描模块302和第二存储模块303,其中,FIG. 3 shows a structural block diagram of an apparatus for storing files provided by an embodiment of the present invention. Referring to FIG. 3 , the apparatus for storing files provided in this embodiment includes a first storage module 301 and a scanning module 302 and the second storage module 303, wherein,

第一存储模块301,用于获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;The first storage module 301 is configured to obtain the target storage space value that needs to be occupied to store the target file, and if the target storage space value is smaller than the first storage space value, store the target file in the first storage medium;

扫描模块302,用于对所述目标文件进行病毒查杀扫描,得到第一扫描结果;a scanning module 302, configured to perform virus killing scanning on the target file to obtain a first scanning result;

第二存储模块303,用于若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;A second storage module 303, configured to store the target file in a second storage medium if the first scan result is that the target file does not carry a virus;

其中,所述第一存储介质的文件读取速度大于所述第二存储介质的文件读取速度;所述第一存储空间值小于或等于所述第一存储介质的可用存储空间值。Wherein, the file reading speed of the first storage medium is greater than the file reading speed of the second storage medium; the first storage space value is less than or equal to the available storage space value of the first storage medium.

本实施例提供的对文件进行存储的装置适用于上述实施例中提供的对文件进行存储的方法,在此不再赘述。The device for storing a file provided in this embodiment is applicable to the method for storing a file provided in the foregoing embodiment, and details are not described herein again.

本实施例提供了一种对文件进行存储的装置,该装置在接收到目标文件后,获取目标文件的目标存储空间值,若目标存储空间值较小,则将该目标文件存储到文件读取速度较快的第一存储介质,在第一存储介质对该目标文件进行病毒查杀扫描,将不携带病毒的目标文件存储到文件读取速度较慢但存储容量较大的第二存储介质。该装置对存储介质的性质进行了考虑,使得目标存储空间值较小的目标文件在文件读取速度较快的第一存储介质中进行病毒查杀扫描,提高了病毒查杀扫描的速度,避免了在文件读取速度较慢的第二存储介质中进行病毒查杀扫描带来的IO开销的过度消耗的问题。This embodiment provides a device for storing files. After receiving the target file, the device obtains the target storage space value of the target file. If the target storage space value is small, the device stores the target file in the file read. The faster first storage medium performs virus detection and killing scanning on the target file on the first storage medium, and stores the target file without virus in the second storage medium with slower file reading speed but larger storage capacity. The device considers the nature of the storage medium, so that the target file with a smaller target storage space value is scanned for viruses in the first storage medium with a faster file reading speed, which improves the speed of the virus detection and scanning and avoids the need for It solves the problem of excessive consumption of IO overhead caused by virus killing and scanning in the second storage medium with a slow file reading speed.

第三方面,图4是示出本实施例提供的电子设备的结构框图。In a third aspect, FIG. 4 is a block diagram showing the structure of the electronic device provided in this embodiment.

参照图4,所述电子设备包括:处理器(processor)401、存储器(memory)402、通信接口(Communications Interface)403和总线404;4 , the electronic device includes: a processor (processor) 401, a memory (memory) 402, a communications interface (Communications Interface) 403 and a bus 404;

其中,in,

所述处理器401、存储器402、通信接口403通过所述总线404完成相互间的通信;The processor 401, the memory 402, and the communication interface 403 communicate with each other through the bus 404;

所述通信接口403用于该电子设备和服务器的通信设备或者终端的通信设备之间的信息传输;The communication interface 403 is used for information transmission between the electronic device and the communication device of the server or the communication device of the terminal;

所述处理器401用于调用所述存储器402中的程序指令,以执行上述各方法实施例所提供的方法,例如包括:获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;对所述目标文件进行病毒查杀扫描,得到第一扫描结果;若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;其中,所述第一存储介质的文件读取速度大于所述第二存储介质的文件读取速度;所述第一存储空间值小于或等于所述第一存储介质的可用存储空间值。The processor 401 is configured to call the program instructions in the memory 402 to execute the methods provided by the above method embodiments, for example, including: obtaining the target storage space value that needs to be occupied to store the target file, if the target storage space If the value is less than the first storage space value, the target file is stored in the first storage medium; the target file is scanned for virus killing to obtain a first scan result; if the first scan result is the target file If no virus is carried, the target file is stored in the second storage medium; wherein, the file reading speed of the first storage medium is greater than the file reading speed of the second storage medium; the first storage space value less than or equal to the available storage space value of the first storage medium.

第四方面,本实施例提供一种非暂态计算机可读存储介质,所述非暂态计算机可读存储介质存储计算机指令,所述计算机指令使所述计算机执行上述各方法实施例所提供的方法,例如包括:获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;对所述目标文件进行病毒查杀扫描,得到第一扫描结果;若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;其中,所述第一存储介质的文件读取速度大于所述第二存储介质的文件读取速度;所述第一存储空间值小于或等于所述第一存储介质的可用存储空间值。In a fourth aspect, this embodiment provides a non-transitory computer-readable storage medium, where the non-transitory computer-readable storage medium stores computer instructions, and the computer instructions cause the computer to execute the methods provided by the above method embodiments. The method, for example, includes: obtaining a target storage space value that needs to be occupied to store a target file, and if the target storage space value is less than a first storage space value, storing the target file in a first storage medium; Virus killing scan, to obtain a first scan result; if the first scan result is that the target file does not carry a virus, the target file is stored in the second storage medium; wherein, the file of the first storage medium The reading speed is greater than the file reading speed of the second storage medium; the first storage space value is less than or equal to the available storage space value of the first storage medium.

本实施例公开一种计算机程序产品,所述计算机程序产品包括存储在非暂态计算机可读存储介质上的计算机程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,计算机能够执行上述各方法实施例所提供的方法,例如,包括:获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;对所述目标文件进行病毒查杀扫描,得到第一扫描结果;若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;其中,所述第一存储介质的文件读取速度大于所述第二存储介质的文件读取速度;所述第一存储空间值小于或等于所述第一存储介质的可用存储空间值。This embodiment discloses a computer program product, the computer program product includes a computer program stored on a non-transitory computer-readable storage medium, the computer program includes program instructions, and when the program instructions are executed by a computer, the computer program The methods provided by the above method embodiments can be executed, for example, including: obtaining the target storage space value that needs to be occupied by storing the target file, and if the target storage space value is less than the first storage space value, storing the target file in the target file. a first storage medium; perform virus killing scanning on the target file to obtain a first scan result; if the first scan result is that the target file does not carry a virus, store the target file in a second storage medium ; wherein, the file reading speed of the first storage medium is greater than the file reading speed of the second storage medium; and the first storage space value is less than or equal to the available storage space value of the first storage medium.

本领域普通技术人员可以理解:实现上述方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成,前述的程序可以存储于一计算机可读取存储介质中,该程序在执行时,执行包括上述方法实施例的步骤;而前述的存储介质包括:ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质。Those of ordinary skill in the art can understand that all or part of the steps of implementing the above method embodiments can be completed by program instructions related to hardware, the aforementioned program can be stored in a computer-readable storage medium, and when the program is executed, execute It includes the steps of the above method embodiments; and the aforementioned storage medium includes: ROM, RAM, magnetic disk or optical disk and other media that can store program codes.

以上所描述的电子设备等实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。本领域普通技术人员在不付出创造性的劳动的情况下,即可以理解并实施。The above-described electronic equipment and other embodiments are only illustrative, wherein the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, It can be located in one place, or it can be distributed over multiple network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution in this embodiment. Those of ordinary skill in the art can understand and implement it without creative effort.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到各实施方式可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件。基于这样的理解,上述技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行各个实施例或者实施例的某些部分所述的方法。From the description of the above embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus a necessary general hardware platform, and certainly can also be implemented by hardware. Based on this understanding, the above-mentioned technical solutions can be embodied in the form of software products in essence or the parts that make contributions to the prior art, and the computer software products can be stored in computer-readable storage media, such as ROM/RAM, magnetic A disc, an optical disc, etc., includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform the methods described in various embodiments or some parts of the embodiments.

最后应说明的是:以上各实施例仅用以说明本发明的实施例的技术方案,而非对其限制;尽管参照前述各实施例对本发明的实施例进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分或者全部技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明的实施例各实施例技术方案的范围。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the embodiments of the present invention, but not to limit them; although the embodiments of the present invention have been described in detail with reference to the foregoing embodiments, ordinary The skilled person should understand that it is still possible to modify the technical solutions described in the foregoing embodiments, or to perform equivalent replacements on some or all of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the present invention. The scope of the technical solutions of the embodiments of each embodiment.

Claims (10)

1.一种对文件进行存储的方法,其特征在于,包括:1. a method for storing a file, is characterized in that, comprising: 获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;Obtaining the target storage space value that needs to be occupied to store the target file, and if the target storage space value is less than the first storage space value, then storing the target file in the first storage medium; 对所述目标文件进行病毒查杀扫描,得到第一扫描结果;Perform virus killing scanning on the target file to obtain a first scanning result; 若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;If the first scan result is that the target file does not carry a virus, storing the target file in a second storage medium; 其中,所述第一存储介质的文件读取速度大于所述第二存储介质的文件读取速度;所述第一存储空间值小于或等于所述第一存储介质的可用存储空间值。Wherein, the file reading speed of the first storage medium is greater than the file reading speed of the second storage medium; the first storage space value is less than or equal to the available storage space value of the first storage medium. 2.根据权利要求1所述的方法,其特征在于,所述对所述目标文件进行病毒查杀扫描,得到第一扫描结果,包括:2 . The method according to claim 1 , wherein the virus detection and killing scan is performed on the target file to obtain a first scan result, comprising: 2 . 若所述目标存储空间值大于第二存储空间值,则通过云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is greater than the second storage space value, perform virus scanning and killing scanning on the target file through cloud scanning and killing to obtain the first scanning result; 若所述目标存储空间值小于或等于所述第二存储空间值且大于第三存储空间值,则通过本地查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is less than or equal to the second storage space value and greater than the third storage space value, perform virus detection and killing scanning on the target file through local killing to obtain the first scan result; 若所述目标存储空间值小于或等于所述第三存储空间值,则通过本地查杀或云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;If the target storage space value is less than or equal to the third storage space value, perform virus detection and killing scanning on the target file through local scanning or cloud scanning to obtain the first scanning result; 其中,所述本地查杀为启发式查杀或QEX脚本查杀;第二存储空间值和第三存储空间值均为根据本地查杀和云查杀用时和文件占用的存储空间之间的关系而设定的值。Wherein, the local checking is heuristic checking or QEX script checking; the second storage space value and the third storage space value are based on the relationship between the time used for local checking and cloud checking and the storage space occupied by files and set value. 3.根据权利要求1所述的方法,其特征在于,还包括:3. The method of claim 1, further comprising: 若所述第一扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第一安全文件;If the first scan result is that the target file carries a virus, then determine whether the target file can be repaired as a first security file that does not carry a virus; 若所述目标文件能修复为所述第一安全文件,则将所述目标文件修复为所述第一安全文件,将所述第一安全文件存储到所述第二存储介质;If the target file can be repaired into the first security file, repairing the target file into the first security file, and storing the first security file in the second storage medium; 若所述目标文件不能修复为所述第一安全文件,则删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区。If the target file cannot be restored to the first security file, the target file is deleted or the target file is stored in the virus isolation area of the second storage medium. 4.根据权利要求1所述的方法,其特征在于,还包括:4. The method of claim 1, further comprising: 若所述目标存储空间值大于或等于所述第一存储空间值,则将所述目标文件存储到所述第二存储介质,对所述目标文件进行病毒查杀扫描,得到第二扫描结果;If the target storage space value is greater than or equal to the first storage space value, the target file is stored in the second storage medium, and the target file is scanned for virus killing to obtain a second scan result; 若所述第二扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第二安全文件,若是,则将所述目标文件修复为所述第二安全文件,否则,删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区。If the second scan result is that the target file carries a virus, then determine whether the target file can be repaired to a second security file that does not carry viruses, and if so, repair the target file to the second security file , otherwise, delete the target file or store the target file in the virus quarantine area in the second storage medium. 5.一种对文件进行存储的装置,其特征在于,包括:5. A device for storing files, comprising: 第一存储模块,用于获取存储目标文件需要占用的目标存储空间值,若所述目标存储空间值小于第一存储空间值,则将所述目标文件存储到第一存储介质;a first storage module, configured to obtain a target storage space value that needs to be occupied to store a target file, and if the target storage space value is less than the first storage space value, store the target file in the first storage medium; 扫描模块,用于对所述目标文件进行病毒查杀扫描,得到第一扫描结果;a scanning module, configured to perform virus killing scanning on the target file to obtain a first scanning result; 第二存储模块,用于若所述第一扫描结果为所述目标文件不携带病毒,则将所述目标文件存储到第二存储介质;a second storage module, configured to store the target file in a second storage medium if the first scan result is that the target file does not carry a virus; 其中,所述第一存储介质的文件读取速度大于所述第二存储介质的文件读取速度;所述第一存储空间值小于或等于所述第一存储介质的可用存储空间值。Wherein, the file reading speed of the first storage medium is greater than the file reading speed of the second storage medium; the first storage space value is less than or equal to the available storage space value of the first storage medium. 6.根据权利要求5所述的装置,其特征在于,所述扫描模块还用于若所述目标存储空间值大于第二存储空间值,则通过云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;若所述目标存储空间值小于或等于所述第二存储空间值且大于第三存储空间值,则通过本地查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;若所述目标存储空间值小于或等于所述第三存储空间值,则通过本地查杀或云查杀对所述目标文件进行病毒查杀扫描,得到所述第一扫描结果;6 . The device according to claim 5 , wherein the scanning module is further configured to perform virus checking and killing on the target file through cloud checking and killing if the target storage space value is greater than the second storage space value. 7 . Scan to obtain the first scan result; if the target storage space value is less than or equal to the second storage space value and greater than the third storage space value, then perform virus inspection and killing scanning on the target file through local inspection and killing , to obtain the first scan result; if the target storage space value is less than or equal to the third storage space value, perform virus scanning and killing scanning on the target file through local or cloud scanning to obtain the the first scan result; 其中,所述本地查杀为启发式查杀或QEX脚本查杀;第二存储空间值和第三存储空间值均为根据本地查杀和云查杀用时和文件占用的存储空间之间的关系而设定的值。Wherein, the local checking is heuristic checking or QEX script checking; the second storage space value and the third storage space value are based on the relationship between the time used for local checking and cloud checking and the storage space occupied by files and set value. 7.根据权利要求5所述的装置,其特征在于,所述第二存储模块还用于若所述第一扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第一安全文件;若所述目标文件能修复为所述第一安全文件,则将所述目标文件修复为第一安全文件,将所述第一安全文件存储到所述第二存储介质;若所述目标文件不能修复为所述第一安全文件,则删除所述目标文件或者将所述目标文件存储到所述第二存储介质中的病毒隔离区。7 . The device according to claim 5 , wherein the second storage module is further configured to determine whether the target file can be repaired as a non-recoverable file if the first scan result is that the target file carries a virus. 8 . The first security file that carries the virus; if the target file can be repaired as the first security file, then the target file is repaired as the first security file, and the first security file is stored in the second storage medium; if the target file cannot be repaired as the first security file, delete the target file or store the target file in the virus isolation area in the second storage medium. 8.根据权利要求5所述的装置,其特征在于,所述第一存储模块还用于若所述目标存储空间值大于或等于所述第一存储空间值,则将所述目标文件存储到所述第二存储介质,对所述目标文件进行病毒查杀扫描,得到第二扫描结果;若所述第二扫描结果为所述目标文件携带病毒,则判断所述目标文件是否能修复为不携带病毒的第二安全文件,若是,则将所述目标文件修复为所述第二安全文件,否则,删除所述目标文件或者将所述目标文件存储所述第二存储介质中的病毒隔离区。8. The apparatus according to claim 5, wherein the first storage module is further configured to store the target file in the target storage space if the target storage space value is greater than or equal to the first storage space value The second storage medium performs virus detection and killing scanning on the target file, and obtains a second scan result; if the second scan result is that the target file carries a virus, it is judged whether the target file can be repaired or not. The second security file carrying a virus, if so, repair the target file to the second security file, otherwise, delete the target file or store the target file in the virus isolation area of the second storage medium . 9.一种电子设备,其特征在于,包括:9. An electronic device, characterized in that, comprising: 至少一个处理器、至少一个存储器、通信接口和总线;其中,at least one processor, at least one memory, a communication interface, and a bus; wherein, 所述处理器、存储器、通信接口通过所述总线完成相互间的通信;The processor, the memory, and the communication interface communicate with each other through the bus; 所述通信接口用于该电子设备和服务器的通信设备或者终端的通信设备之间的信息传输;The communication interface is used for information transmission between the electronic device and the communication device of the server or the communication device of the terminal; 所述存储器存储有可被所述处理器执行的程序指令,所述处理器调用所述程序指令能够执行如权利要求1至4任一项所述的方法。The memory stores program instructions executable by the processor, the processor invoking the program instructions to be able to perform the method as claimed in any one of claims 1 to 4. 10.一种非暂态计算机可读存储介质,其特征在于,所述非暂态计算机可读存储介质存储计算机指令,所述计算机指令使所述计算机执行权利要求1至4任一项所述的方法。10. A non-transitory computer-readable storage medium, characterized in that the non-transitory computer-readable storage medium stores computer instructions, the computer instructions cause the computer to execute the computer described in any one of claims 1 to 4 Methods.
CN201711418998.7A 2017-12-25 2017-12-25 Method and device for storing file Active CN108133154B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711418998.7A CN108133154B (en) 2017-12-25 2017-12-25 Method and device for storing file

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711418998.7A CN108133154B (en) 2017-12-25 2017-12-25 Method and device for storing file

Publications (2)

Publication Number Publication Date
CN108133154A CN108133154A (en) 2018-06-08
CN108133154B true CN108133154B (en) 2020-03-24

Family

ID=62392834

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711418998.7A Active CN108133154B (en) 2017-12-25 2017-12-25 Method and device for storing file

Country Status (1)

Country Link
CN (1) CN108133154B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112417529B (en) * 2020-10-28 2021-06-25 深圳市东方聚成科技有限公司 A Trusted U Disk Implementation Method for Virus Filtering
CN115758360B (en) * 2022-11-25 2025-07-25 北京安天网络安全技术有限公司 File management and preservation system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8302193B1 (en) * 2008-05-30 2012-10-30 Symantec Corporation Methods and systems for scanning files for malware
CN103593451A (en) * 2013-11-19 2014-02-19 乐视致新电子科技(天津)有限公司 File scanning method and device
CN104317955A (en) * 2014-11-13 2015-01-28 北京奇虎科技有限公司 File scanning method and device for storage space of mobile terminal

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7836505B2 (en) * 2006-06-05 2010-11-16 Eacceleration Corporation Accelerated file scanning
JP4943278B2 (en) * 2007-09-06 2012-05-30 株式会社日立製作所 Virus scanning method and computer system using the method
CN101441551B (en) * 2007-11-23 2012-10-10 联想(北京)有限公司 Computer, external memory and method for processing data information in external memory
CN102346827B (en) * 2011-09-19 2014-11-05 奇智软件(北京)有限公司 Method and device for dealing with computer virus

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8302193B1 (en) * 2008-05-30 2012-10-30 Symantec Corporation Methods and systems for scanning files for malware
CN103593451A (en) * 2013-11-19 2014-02-19 乐视致新电子科技(天津)有限公司 File scanning method and device
CN104317955A (en) * 2014-11-13 2015-01-28 北京奇虎科技有限公司 File scanning method and device for storage space of mobile terminal

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Windows文件系统过滤驱动在防病毒方面的应用;刘伟,胡平;《计算机工程与设计》;20090702;第30卷(第11期);全文 *

Also Published As

Publication number Publication date
CN108133154A (en) 2018-06-08

Similar Documents

Publication Publication Date Title
CN107748668B (en) Method and device for upgrading application program
US9888019B1 (en) System and method for detecting malicious links in electronic messages
CN110826064B (en) A method, device, electronic device and storage medium for processing malicious files
US8635700B2 (en) Detecting malware using stored patterns
CN107370747A (en) A kind of method and device for preventing malicious file from propagating
WO2011112348A1 (en) System and method for host-level malware detection
CN104243214B (en) Method, device and system for data processing
CN104640092A (en) Method, client, cloud server and system for identifying spam messages
CN102982284A (en) Scanning equipment, cloud management equipment and method and system used for malicious program checking and killing
CN108280347A (en) A kind of method and device of virus scan
US20180341769A1 (en) Threat detection method and threat detection device
EP2998902B1 (en) Method and apparatus for processing file
US8701196B2 (en) System, method and computer program product for obtaining a reputation associated with a file
CN108133154B (en) Method and device for storing file
US9626676B2 (en) Secured online transactions
CN111400712A (en) Virus scanning and killing method, device, device and computer storage medium for files
CN113641388A (en) Cloud mobile phone update method, related device and computer program product
CN102915359B (en) File management method and device
CN104239795B (en) The scan method and device of file
EP3059692A1 (en) System and method for antivirus checking of objects from a plurality of virtual machines
CN101340680B (en) Method and apparatus for implementing virus defending and virus killing by bi-core terminal
CN102930209B (en) The document handling method of movable storage device and document handling apparatus
CN109829303A (en) A kind of Intranet cloud checking and killing method, console and client based on system file
KR101896824B1 (en) Apparatus and method for pre-detecting virus using isp
CN111262846B (en) Control method of bus controller, bus controller and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 100088 Building 3 332, 102, 28 Xinjiekouwai Street, Xicheng District, Beijing

Applicant after: QAX Technology Group Inc.

Address before: 100015 Jiuxianqiao Chaoyang District Beijing Road No. 10, building 15, floor 17, layer 1701-26, 3

Applicant before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant