Undesired programs, such as malware, are computer programs or software that perform actions on a computer (or computer system) without the consent of the computer user. Malware can include, for example, viruses, worms, Trojan horses, backdoors, spyware, adware, botnets, or other malware or other programs that can have a malicious effect (or perform other undesired functions) on a computer. A malicious effect on a computer is, for example, when the computer (or computer resources or objects) becomes damaged, disrupted, corrupted, undesirably burdened, or otherwise affected in an undesirable manner. As known to those skilled in the art, what is undesirable to a user may actually be desirable to another user or may even be a viable software product of a vendor or software tool in the malware testing procedures.
As some specific examples, botnets are software agents used to create and send spam, malware, or viruses, or flood a network with messages such as a denial of service attack. Spyware is a type of malware that can be installed on computers and collects information about users without their knowledge. Viruses are programs that can damage or disrupt programs or computers, and can reproduce itself and infect other programs or computers.
Current approaches to cleaning (e.g., removing, deleting, or quarantining) of undesired programs or preventing infections of undesired programs require, for example, the use of software agents, active running code (processes), or behavioral blocking software. For example, firewalls are used to block known malware, but uses computer resources to function. Conventional malware protection solutions may often be expensive and difficult for large businesses (or organizations) to maintain.
Some specific non-malicious computer programs may also be undesired by a business. For example, a business (e.g., a large corporation) may not want peer-to-peer filesharing programs (or other types of computer programs) in the network of the business. Additionally, these non-malicious undesired programs can consume computer resources such as, for example, hardware resources (e.g., memory space and/or processor resource) and/or software resources (e.g., operating system tasks). Therefore, a computer user may desire to prevent the installment of particular computer programs that are not necessarily malicious code.
When a user discovers the presence of an undesired computer program in a computer (or the presence of an undesired program in devices in a network, or the presence of an undesired program in a portable computing device such as, for example, a personal digital assistant, smart phone, iPad, or iPhone), the user can usually remove the undesired program by use of a currently available solution. For example, current software programs are available to remove malware or viruses in a computer. However, the computer can often be re-infected by the same undesired program. If the re-infection rate is high (e.g., approximately 50% or greater), then the cost of maintaining the computer will become expensive for a business, particularly if multiple computers become re-infected with the same undesired program.
This increased cost is likely incurred if the business uses an “enterprise system” which is a large-scale, organization-wide, integrated application-software package. For example, if a business is re-imaging a computer for use with or as part of the enterprise system, and after analyzing the re-imaged computer, the re-imaged computer is found to be infected or re-infected by an undesired program (e.g., malware or virus) that has previously infiltrated the computers of the business, then the procedure of having to remove the re-infection will lead to increased costs for the business.
The current technology does not provide a less complicated and less expensive approach to preventing the re-infection of computers or networked devices. Therefore, the current technology is limited in its capabilities and suffers from at least the above constraints and deficiencies.