There are several techniques you can employ to protect systems against malicious software.
Use antivirus software. Antivirus software is an application that scans ﬁles for executable code that matches patterns, known as signatures or deﬁnitions, that are known to be common to viruses. The antivirus software also monitors systems for activity that is associated with viruses, such as accessing the boot sector. Antivirus software should be deployed on various network systems as well as on individual computers, and the signature database and program updates should be downloaded and installed on a regular basis as well as whenever a new threat is active. Antivirus software does not usually protect against spam, but it can identify malware symptoms and can provide protection from adware and spyware. Antivirus updates must be managed as they are made available. Antivirus engine updates can include enhancements, bug-ﬁxes, or new features being added to the software engine, improving the manner in which it operates. Updates can be implemented automatically or manually depending on the software. Automatic updating refers to software that periodically downloads and applies updates without any user intervention, whereas manual updating means that a user must be involved to either initiate the update, download the update, or at least approve installation of the update.
Use adware and spyware detectors. If your antivirus software does not guard against adware and spyware, you can install separate tools to speciﬁcally protect against these types of threats.
Use email attachment protection. Many types of malicious software are introduced through email attachments. Users should not save or open attach- ments they do not recognize, are not expecting, or are from senders they do not recognize.
Use pop-up blockers. Malicious software can be attached to pop-up ads or other pop-up content on websites (Pop-ups are windows or frames that load and appear automatically when a user connects to a particular web page.) Blocking the appearance of pop-ups from sites that are unknown or untrusted can prevent the transfer of unwanted code to the local system. Most Internet browsers include some type of pop-up blocking feature. Another type of pop-up ad is referred to as a pop-under ad because it dis- plays under the target web page. This allows ads to not be seen until the target page is closed. The intent of a pop-under ad is to attract a user’s attention once the target web page is closed.
Use spam blockers. Spam can harbor malicious code in addition to ﬁlling up your inbox. You can protect your system against spam by implementing ﬁlters or installing a spam blocker.
Use trusted installation sources only. Even software you install deliberately can be infected with viruses. Do not install software just because a particular website or Internet page prompts you to do so.
Provide user awareness and education. The best protection against malicious software or any security threat is user awareness and education. Providing end user education will enable users to recognize and delete hoax email mes- sages, avoid unauthorized software, and keep antivirus deﬁnitions updated. This will be the best defense against data compromise or system damage.
Research malware types. In order to protect systems from infections, you must research all the possible malware types and symptoms. For example, using various virus encyclopedias, you can recognize possible malware types and develop solutions to ﬁx them.
Schedule scans and implement removal techniques. By scheduling regular system scans, you can detect potential system vulnerabilities before a full system infections occurs. Scanning systems regularly allows you to discover potential malware threats and to develop useful removal techniques accordingly. Once an infected system is discovered, you can then quarantine it and ﬁx it to prevent further spread of the virus to other systems.In some cases, you may need to employ additional measures beyond your usual removal techniques. For example, if viruses infect critical operating system ﬁles that are “in use” when the operating system is running, you may need to perform an alternate startup process in order to prevent the ﬁles from being locked against a clean and repair cycle. You may also need to boot into Safe Mode to clean the infected ﬁles, or it may be necessary to bootinto a completely different environment, such as from a CD or a USB stor- age device, in order to clean viruses that are deep-rooted into the core operating system ﬁles. If you suspect that the boot blocks have been affected by a virus, you may need to repair infected boot blocks using the Windows Recovery Console in Windows XP, or System Recovery in Windows 7.