Malicious software, or malware, is a generic term for computer programs designed to cause damage to a single computer, server or computer network. Common types of malware are viruses, spyware, trojans, rootkits etc.
Viruses are computer programs or scripts that attempt to spread from one file to another on a single computer and/or from one computer to another, using a variety of methods. Spyware is a program that runs on your computer and e.g. tracks your habits and tailors these patterns for advertisements, etc. Trojans typically do one of two things: they either destroy or modify data the moment they launch, such as erase a hard drive, or they attempt to ferret out and steal passwords, credit card numbers, and other such confidential information.
A malicious code scanner is the most common tool for prevention. They can provide real time protection against the installation of malware software on a computer. This type of anti-malware software scans all incoming network data for malware software and blocks any threats it comes across. Anti-malware software programs can also be used solely for detection and removal of malware software that has already been installed onto a computer. This type of anti-malware software scans e.g. the contents of the Windows registry, operating system files, and installed programs on a computer and will provide a list of any threats found, allowing the user to choose which files to delete or keep, or to compare this list to a list of known malware components, removing files that match.
Rootkits is a technique which allows concealment of the installed malicious program or intrusion of a human attacker, to avoid detection by an antimalware program, by modifying the host's operating system such that the malware is hidden for the user. Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read. Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem.
From WO-2009/148374-A1 a hardware protection device is known, which provides protection of the data storage of the computer system which is transparent to the computing system and to the user of the computing system. The device protects the user from malicious code by preventing its execution and the unauthorized or unwanted user data modification by making the contents of one of the storage devices read only. The operations of the device are not visible to the computer system or the user of the system. The device provides prevention of data modification and prevention of malicious code execution.
There is still a need for improvements in this area, to prevent intruders to get access to information on a computer system. The object of the invention is thus to provide an improved apparatus to prevent an intrusion into a computer system, or at least reduce the effects of an intrusion.