1. Field of the Invention
The present invention relates to the protection of computer systems. More particularly, the present invention relates to a system and method of identifying and removing malicious software.
2. Description of the Related Art
Malicious software, sometimes called malware or malicious code, invades computer systems and causes harmful or annoying consequences. Malicious code typically includes any program or file that is harmful to a computer system or unwanted by a computer user, e.g., computer viruses, worms, Trojan horses, spyware, adware, and software code that gathers information about a computer user without authorization of the user or system administrator.
Once malicious code gains access to a computer system, it takes various actions resulting in a variety of undesirable results. For example, malicious code corrupts application software code, resulting in abnormal termination of the application. Malicious code corrupts operating system software code causing abnormal system hangs.
Removal of malicious code has undesirable consequences. For example, malicious code associates itself with a valid process executing on a computer system. Attempts to eliminate the malicious code result in an abnormal termination of the valid process and software program failure.
Further, complete and permanent removal of malicious code proves difficult. For example, malicious code stores a copy of itself in memory. Upon termination or removal of malicious code components, the stored copy of the malicious code restores and/or recreates the removed malicious code components.