File Extensions: Virus or safe

[mikmik]

Wondering if it is safe to open that e-mail attatchment? This list that I came across shows the extentions for files that must be openned with caution by following these guidelines:
#1. Do not open it if you weren't expecting the specific attatchment, even if the sender is someone that you know.
#2. Delete it if from someone named GGggjjaygsyqqqtr or any sender that you don't know.(The 'GGggjj...' name is a type of randomly generated e-mail address and is probably spam)
#3. Only after you have taken steps, like a phonecall or e-mail communication, to verify the origin of the mail containing the attatchment should you consider openning it - AND EVEN THEN YOU SHOULD SAVE IT TO YOUR HARD DRIVE AND SCAN IT FIRST!.

File
Extension Description
--------- --------------------------------------------
ADE Microsoft Access project extension
ADP Microsoft Access project
ASX Windows Media Audio / Video
BAS Microsoft Visual Basic class module
BAT Batch file
CHM Compiled HTML Help file
CMD Microsoft Windows NT Command script
COM Microsoft MS-DOS program
CPL Control Panel extension
CRT Security certificate
EXE Program
HLP Help file
HTA HTML program
INF Setup Information
INS Internet Naming Service
ISP Internet Communication settings
JS JScript File
JSE JScript Encoded Script file
LNK Shortcut
MDA Microsoft Access add-in program
MDB Microsoft Access program
MDE Microsoft Access MDE database
MDT Microsoft Access workgroup information
MDW Microsoft Access workgroup information
MDZ Microsoft Access wizard program
MSC Microsoft Common Console document
MSI Microsoft Windows Installer package
MSP Microsoft Windows Installer patch
MST Microsoft Windows Installer transform, Microsoft Visual Test
source file
OPS Office XP settings
PCD Photo CD Image, Microsoft Visual compiled script
PIF Shortcut to MS-DOS program
PRF Microsoft Outlook profile settings
REG Registration entries
SCF Windows Explorer command
SCR Screen saver
SCT Windows Script Component
SHB Shell Scrap object
SHS Shell Scrap object
URL Internet shortcut
VB VBScript file
VBE VBScript Encoded script file
VBS VBScript file
WSC Windows Script Component
WSF Windows Script file
WSH Windows Scripting Host Settings file


A lot of the viruses we get in attachments have no file extension or the
extension .in

This is just a quick post but if there is anything more that you would like explained, PM me or point it out in your replies!

[computers]

My advice would be:
Get a good anti-virus, one that has the capability to scan incomming and outgoing email. Never, never open an attachment from someone you don't know. Keep abreast on all the current email scams, alot to read, but well worth your while. There are many good sites including all the major anti-virus sites, that have a wealth of information.

[EdRust]

One big one and for quite awhile one of the most frequently used, is .dot

While seemingly innocent (the file type is created by ms-word for storing a document as a template for new doc's) it has for years been used by the "BAD GUY's" to send scripts/macro's which when started automatically by opening the document in ms-word carry out the included instructions to delete files/ rename files/ etc.

[mikmik]

From computers:

Quote:

My advice would be:
Get a good anti-virus, one that has the capability to scan incomming and outgoing email. Never, never open an attachment from someone you don't know. Keep abreast on all the current email scams, alot to read, but well worth your while. There are many good sites including all the major anti-virus sites, that have a wealth of information.

Yes, these days it can be challenging to keep abreast of all the threats, but your anti-virus never sleeps and that is paramount to have.(As opposed to Auntie Vera, but that's another story)

Also, EdRust makes a good point:

Quote:

One big one and for quite awhile one of the most frequently used, is .dot

, as I see that there are some others missing from the list as well. Another one that springs to mind is .zip - could contain anything. Can anybody else think of others?


Two more important points I'd like to make, and one has started happenning to me recently. Seems that a lot of people that I know like to send funny or provacative messages on to others , which is fine, email is for sharing stuff we enjoy with our friends too, but way to many have a sort of mass forwarding list that they just add before sending the message on to everybody. I don't know about others, but I have gotten e-mails that must have been forwarded this way at least a dozen times without the previous addresses stripped. We've had those kind ,eh?, that scroll and scroll past a list that has half the hotmail accounts on it by now, or four and five levels deep into attatchment purgatory! (Whew?)

Well each computer is storing those addresses in sent boxes, delete folders etc., so what happens? A worm comes along, scans the hard drive, and sends every one copies. Multiply that a few times and we're talking something potentially devastating happenning, like this last August (among other times),

Quote:

Yesterday marked an unprecedented new level in virus propagation and demonstrated the growing ability of virus writers to disrupt business around the globe," said MessageLabs chief technology officer Mark Sunner.

Quote:

The "Slammer" worm struck more than 75,000 computers in just 10 minutes in January, with the number of infected computers doubling every 8.5 seconds, according to researchers at the University of California and other institutions. It went on to infect hundreds of thousands more. E-mail viruses like Sobig can hit the same computer multiple times, so the number of infections is not directly comparable.

. From here, an article about the biggest outbreaks in history http://english.peopledaily.com.cn/20...2_122822.shtml.

As if that's not enough, your machine can be taken over these days just by openning a message in the preview pane, or visiting a website.
Say bye-bye to $50 to hire a tech to 'unglue' your machine.
For the first time ever this week, I got hit(they were all intercepted by Norton) by email viruses every day, and they are starting to come from people who forwarded my account info from someone mailing 'to me' and others at the same time. Ive had up to a 30% infection rate some days, and had my browser taken over on a re-direct to a site that then infected me.

It's gettin' scary.

[EdRust]

the most, in fact really #$%@^'s me off the most these days is the ones where they have stripped e-mail addresses from websites and then send virus's as if the stripped address was the originator. I have recv'd mail from people mad at me because they had gotten a virus from webmaster@whatever.com or info@whereever.com. I have even gotten an e-mail containing a virus from webmaster@buyaccountingsoftware.com to webmaster@buyaccountingsoftware.com, thankfully my antivirus software stopped it.

[computers]

It's a PIA that we get those emails forwarded a dozen times or more, and too bad that some don't learn or think about forwarding the original message stripped of the original recipients, it should be a prerequisite of forwarding anything via email!

[minstrel]

I didn't see DOC - or any of those MS Office or WordPerfect document types (XLS, WPD) that can run macros when you open them...

[mikmik]

minstrel noted out an important point:

Quote:

I didn't see DOC - or any of those MS Office or WordPerfect document types (XLS, WPD) that can run macros when you open them...

, and when I check the TrendMicro virus alerts, they had this on word doc's and excell :http://www.trendmicro.com/vinfo/viru..._VULNERABILITY.
So it looks like that 'double checking' the source of business, or any other documents that you receive is also wise.
That is how 'macro's' work, from my incomplete understanding. Correct me if I am wrong, but a macro is a routine, or like a 'function call' using any script (javascript, activeX, vbs...) that starts another 'routine' or program. Does this sound about right? And that they, the macro, are run by opening the 'document' that contains them?

[minstrel]

Quote:

Originally Posted by mikmik

Correct me if I am wrong, but a macro is a routine, or like a 'function call' using any script (javascript, activeX, vbs...) that starts another 'routine' or program. Does this sound about right? And that they, the macro, are run by opening the 'document' that contains them?

Yes, that's pretty much it...

[TrafficProducer]

If in doubt through it out.

There are a lot of attachments being posted including software patches that claim to be from Microsoft which are false and contain viruses.

[TrafficProducer]

If in doubt Throw it out.

(Should read) So much for good speelliing!!!