Hi PeaceLove,
To be a malware fighter you first have to grow into an excellent searcher (a good searcher is an animal to reckon with both on the white side as the grey and black one)) (go to
www.searchlores.org and learn from f.ravia's lessons, this guru died much, much too soon, but was a great inspiration and I was honored to have published on his site about cgi sec). Then see all the information you can find here and show some interest, learn to code or about code security (many web malware comes in through malcode javascript vectors e.g. via cross site scripting and iFrame hacks/abuse.)
To know how to protect, you should know how and what to protect against because we are up against a whole army of nowadays mainly cybercrime inspired evil malcreants, so these start out to read about software and bugs and exploits and the lower echelons use ready made toolkits to infect, the more apt can create specific tailored attacks that go under the radar altogether, they are dangerous polymorphists and obfuscators, these malcdreants are no beginners like script kiddies are. The people that try to cocktail and brew antidotes do that in labs with virtual machines disconnected from the Internet, with analysis for instance on wepawet and the use jsunpack inside a virtual browser with NoScript to block malcode script from spilling over to infect the researchers (do not do this unless an expert), some use the browser malzilla to detect malware redirects and script, they check online resources and they report malsites and malcode all sorts. If you are inspired enough and motivated you can do that or volunteer to be trained as a qualified malware eliminator at online bootcamps like geeks2go. Analyse, read, read, look here how we developed here over the years, what a qualified malware eliminator like essexboy is capable of doing, what Pondus does checking all the new malcode reported against VT (virustotal.com) etc,
polonus aka Damian (malware fighter)