1. Field
Embodiments of the present invention provide a computer program, a method, and a system for prevention of infection or execution of viruses and malware on a computing device. More particularly, embodiments of the present invention prohibit infection or execution of all new applications or processes while a protected mode of the computer program of the present invention is activated.
2. Related Art
Infection of a computing device by a virus or item of malware is a significant problem for many computer users. Malfeasants initiating the virus/malware are skilled at cloaking the virus as a legitimate application, such that many computer users unknowingly allow execution of the virus on the user's computing device. To combat this problem, there are many types of virus/malware prevention computer programs. A first type of program attempts to track each new virus/malware, compare an application to be executed against a list of known viruses and items of malware, and block any application that matches the listing of known viruses and malware. This method of virus prevention has many detractions, however. For example, literally multiple thousands of viruses are known on any given day, and every day more viruses are added to the “virus list.” The upkeep of the virus list requires daily, if not hourly, monitoring and updating. Additionally, the processing time to compare an application attempting to execute on the user's computing device to the “virus list” is time consuming, as the list is usually very extensive. Thus, the processing time employed by the computing device's CPU and the memory and hard drive utilization are relatively larger for lengthy lists of viruses. Additionally, these virus prevention methods require scanning and filtering through numerous known viruses, which increases processing time and hard drive utilization.
A second type of virus/malware prevention approaches the problem by maintaining a whitelist of legitimate (i.e., non-virus) applications. Similar to the above example, any new application attempting to be executed is compared to the applications on the whitelist. If there is a match, then the application is allowed to execute. Although the whitelist of legitimate applications is not as numerous as the “virus list” described above, the whitelist is usually still several thousand applications, and more applications are routinely added. Because the whitelist is a universal whitelist for all computer users, if a particular computer user accesses a little known application, then the application may not be on the whitelist, even if it is legitimate. The user must then request the application be specifically executed via a series of advanced steps, and such selection of the advanced steps must be undertaken each time the application is accessed.
Accordingly, there is a need for a computer program, a method, and a system that prevents execution of a virus or item of malware quickly, without using significant computer resources, that is easy for the average computer user to use, and that is unobtrusive and does not interfere with the user's use of the computing device.