The word "virus" is really a serious misnomer because it implies biology.
It implies something that you must constantly defend against; something against which you would otherwise be defenseless.
Computers do not have, and do not get, AIDS.
Pragmatically speaking, you cannot prevent a "rogue program" from finding its way to your computer somehow
and executing ... with your privileges, in your environment. There are simply too-many ways for a rogue to find its way in.
... you can
arrange things so that it is impossible(!) for the rogue to do any permanent damage. (This applies to Windows, to OS/X, to Linux, or to anything else.) Here's how:
- Do not routinely use any account that has "elevated privileges," except when you are actively doing something which requires them. Computers live in a world of '1' and '0' and nothing in-between: they are not "smart." They cannot interpret your "intent." They do not know what the programs that they run "do." All they know is that programs make requests of the operating-system, and those requests are either carried-out or rejected, using inflexible bright-line rules. But their word is law: if the operating-system refuses to carry out a request, applications can't "do it anyway."
- Every one of these systems have automated backup-facilities which can not-only back up everything, but can keep multiple "generations" of anything that they back up. (Microsoft has an excellent "Microsoft Backup" tool...) When the backup system is properly configured, the backups cannot be tampered-with.
- Even if you "wear many hats" in your organization, set up several (non-privileged) userids for yourself... one for each "hat." The files owned by each user are neatly protected from the others. Since the users are non-privileged, the operating system is protected from all of them.
So a "rogue" comes in... and it fizzles. It tries its very best to do nasty-things, and it ... can't. It wipes out all your
files, somehow... and you restore them.
(P.S. There are other advantages: you have a "senior moment" and wipe-out something. Nothing
beats the feeling that you have when you click a few buttons and magically restore "this morning's version" (or "yesterday's version") of that file...)