Skip to main content

Most Common Methods of Virus Infection

The Windows operating system will very likely be infected by a virus when one or more of the following conditions exist.  In almost all instances, the virus infection can be resolved using Windows System Restore.

  1. An infected floppy, infected USB drive or infected hard drive is connected to a computer without antivirus installed.

  2. Data is copied from an infected floppy, infected USB drive or infected hard drive without antivirus installed.

  3. An infected computer is connected to a network with computers that do not have antivirus installed and/or an enabled Windows Firewall and/or all Windows Updates.  Therefore, the other computers on the network have a higher probability of becoming infected.

  4. The previous antivirus was not properly uninstalled prior to installing the current antivirus.  Therefore, the current antivirus is corrupted and does not protect the computer.

  5. More than one antivirus has been installed on the computer.  Therefore, all antivirus have been corrupted since none now work properly.

  6. The current antivirus is expired or not up to date.  Therefore, the antivirus will not detect current viruses in the wild.

  7. The internet is browsed using an outdated web browser.  Therefore, the browser has greater security weaknesses.

  8. The internet is browsed without antivirus installed. 

  9. Email is received on the computer without antivirus installed. 

  10. An email attachment is opened without antivirus installed. 

  11. An email attachment is opened without first installing the appropriate Windows/Office Updates.

  12. A link in an email is clicked without antivirus installed.

  13. A game, screensaver or other application has been downloaded from a questionable source without antivirus installed.

  14. Windows has not been updated via Windows Update by installing all Updates.  Therefore, the Windows operating system has greater security weaknesses.

  15. The latest Service Pack has not been installed. Therefore, the Windows operating system has greater security weaknesses.

  16. In Security Center, Windows Update is not Enabled nor set to Automatic.  Therefore, the Windows operating system does not stay up to date.

  17. In Security Center, the Windows Firewall is Off or Disabled.  Therefore, Windows is more likely to be infected.

  18. In Security Center, the Monitoring of Antivirus has been Disabled.  Therefore, Windows has no method of determining if the current antivirus is Disabled, Expired or Out of Date.

  19. MSCONFIG has been set to Selective StartUp.  Therefore, vital Services have been Disabled.

  20. An extremely old version of Adobe Acrobat has been installed on the computer.  Old applications have greater security risks which increases the likelihood of the computer being infected.

  21. An extremely old verison of Adobe Flash has been installed on the computer.   Old applications have greater security risks which increases the likelihood of the computer being infected.

  22. An extremely old version of the Sun Java Runtime Environment has been installed on the computer.  Old Runtime Environments and Applications have greater security risks which increases the likelihood of the computer being infected.  Using Add/Remove Programs, all old versions of the Sun Java Runtime Environment should be removed.  The latest version of the Sun Java Runtime Environment should then be installed. 

  23. An extremely old application has been installed on the computer which has corrupted the integrity of Internet Explorer security as well as Windows Updates.

  24. More than one version of Microsoft Office has been installed on the computer which has corrupted the integrity of Office Updates.

  25. A security tool has been downloaded from a questionable source which compromises Windows ability to protect itself.  This could be a firewall product, an antivirus product, an antispyware product, registry cleaner, etc.  There are a large number of tools in the marketplace that claim to be of benefit to the Windows operating system when they actually corrupt, inhibit or disable Windows security.

    http://www.smartnetadmin.com
    Labels:

    Comments

    Post a Comment

    Popular posts from this blog

    Access Denied (policy_denied). Your system policy has denied access to the requested URL. For assistance, contact your network support team.

    While browsing the internet, you may encounter the message: "Access Denied (policy_denied).  Your system policy has denied access to the requested URL.  For assistance, contact your network support team."   This message indicates the internet traffic is being filtered.  The most common source of an internet traffic filter is in corporate environments that use a proxy server or a firewall appliance designed to filter web traffic.  Some businesses are configured as satellite locations using a VPN tunnel.  In these configurations, the VPN may be configured to filter internet traffic.  In rare instances, the Internet Service Provider is filtering internet traffic.  Typically though, your IT Department or a Network Management Team has configured your internet traffic to be filtered.  Isolating Source of Web Filtering In an environment that is unmanaged and the source of the filtering is unknown, following are some steps you may wish to peform: Th...
    3 comments
    Read more

    Event ID: 7001 - Source: VSS - Unable to create a shadow copy

    When using Microsoft Windows Server, you may encounter the error message: "Unable to create a shadow copy."  In the Event Viewer, you may find the following Event: "Event ID: 7001 - Source: VSS - Unable to create a shadow copy."  This event involves the Volume Shadow Copy Service (VSS).  Most likely the Server was rebooted while creating a Shadow Copy.  Many websites describe deleting or renaming the C:\WINDOWS\SYSTEM32\WBEM directory used by Windows Management Instrumentation to resolve this issue.  This is not correct.  Following are the steps to resolve this issue: Double-click My Computer. Right-mouse click the Hard Drive causing the problem. Click the Shadow Copies tab. Select the appropriate Volume. Click Disable. Click OK. Click Start - Control Panel - Administrative Tools - Scheduled Tasks. Delete all tasks related to the Volume Shadow Copy Service. Reboot the Server. Double-click My Computer. Right-mouse click the Hard Drive causing the problem. Cl...
    Post a Comment
    Read more

    How do you stop an unstoppable Windows Service?

    You may encounter a Windows Service in Services that has the buttons for Start, Stop, Pause and Resume greyed out.  If you attempt to stop the Service using sc stop [servicename], you encounter the error message: "The requested control is not valid for this service."  To resolve this issue, please perform the following steps: Click Start - Control Panel - Administrative Tools - Services. Double-click the relevant Service. Change the Service Start-Up Type to Disabled. Click Apply. Click OK. Hit CTRL-ALT-DEL on your keyboard. Select Task Manger. Perform an End Task on the relevant Service. This issue has been resolved. http://www.smartnetadmin.com
    Post a Comment
    Read more