What file did you click on?!?

When did you last download a file from the internet? A month ago? Last week? Today?

What was it? Are you sure it was EXACTLY what you wanted?

Honestly, if it came from the internet, for free, chances are 50/50 it may not have been entirely what you wanted or expected, depending on where it came from of course. Even then, data can be compromised.

But I have an ANTIVIRUS! That’s a great first step, however… an antivirus potentially only detects what it KNOWS exists! Idiots and geniuses alike are creating new code everyday! Your antivirus can’t possibly know about a program that was written after it was written. That’d involve some time travel or something.

How can you protect yourself from letting someone or something into your PC? To be honestly honest*, you can’t! [* It’s my blog, I can use these terms together if I want to!] However you can REDUCE your contact with problem files, if you know what they are.

The way Windows works is that almost every file on your computer ends with a DOT and some specific letters. Commonly 3 letters are used, but that’s if you stick with traditions. Any number of letters are possible in a file extension, that’s what the dot and letters are called. example “SomeCoolMusic.MP3” the .MP3 (see the dot in front of the M?) is the extension.

This type of file is well known, it’s a music file. When you open it, usually music (sound/noise) plays. This works because your PC running Windows, sees the file, ending in MP3 and knows to open your program to play the music. The MP3 file itself is not a program (usually) and cannot run by itself, it requires a program to use it. This makes MP3 files generally safe(ish) to download.

Now if you download or obtain another type of file, the results can be different. The program that Windows runs to play the MP3 is another type of file. These files, programs make the computer do things directly. Even things you didn’t intend for it to do. You should only download files from safe places on the internet.. that said, it’s the internet…. no sugar coating it, safe can be VERY much meaningless.

So here is a list of extensions for programs and scripts than can do anything with or to your PC. DANGEROUS files for a PC (Windows) are below:

  • EXE, COM – programs
  • PIF, LNK, INF – can be used like a program
  • MSI – install program
  • SCR – screensaver program
  • HTA – HTML program
  • CPL – control panel program
  • MSC – Managment program
  • JAR – requires JAVA, program
  • GADGET – program
  • APPLICATION – installer

Some more DANGEROUS file types:

  • BAT, CMD, SCF – List of programs to run
  • VB, VBS, VBE – visual basic script
  • JS, JSE – javascript (not related to java)
  • WS, WSF, WSC, WSH – windows script
  • PS1 PS1XML, PS2, PS2XML, PSC1, PSC2, MSH, MSH1, MSH2, MSHXML, MSH1XML, MSH2XML – power shell script
  • REG – registry changing
  • DOC, XLS, PPT, DOCM, DOTM, XLSM, XLTM, XLAM, PPTM, POTM, PPAM, PPSM, SLDM – potential Microsoft word scripts
  • PDF – potentially vulnerable too

Phew, that’s a long list… I will also point out that you should NOT go poking around on your hard drive all willy nilly deleting these! Windows requires many of the above file types (programs and script) to work! I will also say that this is not EVERY extension that can harm your PC, it’s just a list of common ones and some less common ones. if you don’t know what you are running, just don’t run it!

Stay safe!

Leave a Reply

Your email address will not be published. Required fields are marked *