Because it is installed through stealth methods, one usually does not know their computer is infected, or even that a file which appears benign is in fact malware. Both IT professionals who manage enterprise networks and the individuals who manage desktop and laptop computers for their own use have options for installing and configuring software that prevents malware form being installed and that removes it if is has been installed. Regardless of the publisher, this software operates on the same model: When it is functioning, it scans files (applications, data, or operating systems components) and compares the contents to known malware. If a file is found to match known malware, then the software prevents it from being downloaded or attempts to remove it from the system or place it where it cannot affect the system.
While responsible computer users do install and use malware protection, there are well-known problems with it. Identifying malware requires the malware to be known and included in the library against which your data, applications, and system are compared. New malware is release daily… hourly even…so the libraries are always incomplete. Further, the malware programmers can include code that bypasses the methods used to remove or quarantine malware. The result is an arms race between malware programmers and IT security professionals; each group tries to out do what the other has done.
We know that no one single strategy is sufficient to ensure network security. Malware protection software is an excellent example of this reality. We should install and use it, but the protection from it is incomplete. As an educator, you probably have IT professions who are responsible for securing data and systems, and they often make recommendations for malware protection as they know the more secure your computer are, the more secure their systems are. No matter how good your malware protection is, it is not going to protect from all malware. It is a piece of a comprehensive plan for network security.