Hi Igor,
I am not stating there that the list is complete, it is just to let people think about what can take place.
How does malware get onto a computer? Well with everything that can be used to transmit data. All that can transport data, can transport malicious nodes (mail, CD, DVD, diskette, active modem, ISDN, Network Cable, remote drives etc. etc.)
However malware must be run to turn into malicious, ergo the recipe must be prepared to be poisonous, this is done through vulnerabilities in an OS or by trick, (buffer-overflow - cross-site scripting-SQL injection, SQL manipulation) but the biggest vulnerability always sits in front of the keyboard, and also developers of software make errors. This is the human factor.
How you can be protected against this?
preventing programs from executing malware automatically. Browser pop-ups and messages should be critically met and addressed by the user, and not just clicked away, never execute or run things that you cannot trust or could know that it cannot be trusted. Never use any programs you do not really need. Check all software that could run or execute non-trusted data (mail, office programs like Word etc.). Do not use software with bad security policy and do not use programs with full user rights if you do not absolutely need to use Admin Rights.
These are some of the things users can do the prevent being infested,at least to minimize the risk of being infested.
polonus