Windows Security Tutorials - Herong's Tutorial Examples - Version 3.00, by Dr. Herong Yang
Common Ways of Getting Infected
This section provides a quick introduction of some common way malware (Malicious Software) can get installed on your Windows system.
In order to fight against malware more effectively, you need to understand how malware find ways to get into your Windows systems. Here are some common ways malware can get installed on your computer:
P2P (Peer-To-Peer) File Sharing - Millions of people use P2P (Peer-To-Peer) networks for sharing files to swap music, video, software and other files over the Internet. Shareaza, BitTorrent, Ares, BearShare and Kazaa are few examples of P2P networks. A large number of adware or other malware are bundled into P2P installation programs and share software.
Free Software Bundles - Sometimes adware or other malware are bundled in freeware or shareware distribution packages. When you install an application that claims to be free, but at the same time it will also install a secondary adware or malware.
"Drive-By" Download/Installation - "Drive-By" techniques are used by malware producers to hide malware under normal looking web pages, which presents deceptive message boxes, buttons or links to trick you to click on the page. This clicking action will then be used as your permission to allow the browser to run a small initial code, which will call back to the malicious server to do a full download and installation of actual malware.
Browser Security Holes - Web browsers are never 100% perfect. Security holes do exists and can be used by malware producers to set web sites with some special script. When you visit such a site, the special script will be executed to exploit the browser's security hole install malware to your browser or computer system.
Spamming Emails - Spamming emails are estimated to about 80% of total emails sent over the Internet. A big portion of spamming emails contains deceptive clickable links or images that trick you to download and install adware or other malware.
Malicious Documents - Microsoft Word and Excel files, Adobe PDF files and some other document files are known to have security holes that allow malware producers to hide malicious codes in those documents, which will be distributed spamming emails, free downloads, or free shared files. Those documents are usually having very interesting titles to trick you to open them, which triggers the execution of hidden malicious codes.
With the above understand, here are my recommendations to reduce the risk of getting infected by malware:
Table of Contents