Make Your Computer More Secure By Displaying File Extensions in Windows

typing into a safe laptop
Reading Time: 5 minutes

If you’ve used the file explorer app to browse files stored on your Windows computer, you might have noticed that file extensions are hidden by default. It is important to understand what type of file you’re clicking on, and file extensions are very useful for quickly determining a file type. This is important because many of the malicious software that gets onto your computer require you to actually click on the file in order for the malware’s payload to be activated.

What is a file extension?

There are many different file types on a computer, and each file has it’s own extension. A file extension is a three, sometimes four letter abbreviation at the end of a file. It begins with a period, and allows the computer to open the file with the right program whenever you want to use the file.   

What is the usefulness of a file extension?

A file extension helps you to identify what type of document it is. For example, a file with an extension of .docx is a Microsoft Word file, and a file extension of .exe tells you that the file is an executable program. By default, Windows hides the file extension so you would have no way of knowing what type of file it is.

Since long file names that were capable of containing multiple full stops are perfectly valid in Windows, hackers soon figured out that they could get users to run malicious programs through the use of hidden file extensions. This means that a suspicious looking executable file that is actually named ‘goodphoto.jpg.exe’ would be perfectly fine, and would appear in file explorer as an innocent looking ‘goodphoto’.

This means you could get an email with an attachment such as funnyphotoofpete.jpg, which looks like an innocent photo. In reality, the actual name of the attachment is a suspicious looking funnyphotoofpete.jpg.exe – not a photo at all, but a malicious program. But since the .exe would be hidden, you wouldn’t notice anything suspicious. And since the attacker is using the name of someone that may be familiar to you, you might be persuaded to double-click on the attachment, thinking it was a photo of Pete. The malicious program would run, compromising the computing device. These types of attacks are very common.

How can I keep prevent these types of malware attacks?

The best way to protect yourself from these types of attacks is to switch on the display of file extensions. By doing that, you’ll be able to see what type of file it really is before deciding whether to open it or not.

Follow the steps below to display file extensions for your version of Windows:

Windows 7

  1. Right-click the start button and select Windows Explorer from the context menu.
  2. In Explorer, click on Organize.
  3. Click Folder and search options
  4. Click the View tab
  5. Scroll down and uncheck the box next to Hide extensions for known file types.
  6. Click OK to finish the process.

Windows 8.1 & 10

  1. Right-click the start button and select Windows Explorer from the context menu.
  2. Select the View tab.
  3. Check the box next to File name extensions.

How can I scan a suspicious looking file in Windows?

If you’ve downloaded a file or received an email with an attachment and are not sure of it’s validity, Windows Defender allows you to scan specific files and folders to make sure they are safe before you open them. As soon as you scan the file, you’ll be notified immediately if it is something to worry about. To scan the file or attachment, simply right-click on it and select ‘Scan with Microsoft Defender.’ When the scan is complete, you’ll see the Scan options page, letting you know the results of the scan.

Most people are aware that .exe files are often used to distribute viruses and other types of malware, but those are not the only file extensions to be wary of in Windows computers. Malware is very dynamic, and changes every day. There are several different file extensions that can contain code, scripts and other potentially dangerous stuff. Read on to increase your malware awareness so you are better prepared to deal with malicious software if it arrives on your computer.

.EXE executable files:

.EXE files are traditionally associated with malware and often sent as malicious email attachments. The use of .exe files to spread malware is not as widespread today because they are often blocked when detected by email providers.

.DOC, .DOCX, .DOCM and other Microsoft Office files.

These files have become very popular method of spreading malware through the use of malicious macros that are embedded within the files. This makes it a lot easier to get past any antivirus software and email attachment protection software.

.HTA, .HTML and .HTM application files.

These HTML web applications have been linked to different ransomware variants and some have been found to be the most effective malware against the Windows 10 operating system.

.JS and .JAR files.

These types of files contain malicious JavaScript code that is notorious for infecting computers with malware. .JS files in particular have been associated with ransomware viruses.

.VBS and .VB script files.

Visual basic files have been associated with some of the biggest and most notorious malware names over the past few years.

.PDF Adobe Reader files

Cybercriminals conceal malware in .PDF files as spam message attachments and these .PDF files have been very effective against unsuspecting victims because these types of files are not traditionally associated with malware.

.SFX archive files

.SFX (Self-Extracting) archive files have been used to infect computing devices by notorious malware families.

.BAT files

Batch files are one of the most widespread files used to spread malware. They can contain a list of malicious administrative commands that will be executed on your computer if they are opened. 

.DLL files

.DLL or Dynamic Link Library files are often Microsoft system files that have been infected with malicious code to perform all types of destructive functions such as deleting essential Windows files, executing dangerous code and modifying registry files.

.TMP temporary files

.TMP files are temporary files that hold important info related to the nefarious activities that will be performed by malicious software on the computer.

.PY python files

These types of files are associated with ransomware, and are used to encrypt the files (pictures, videos, documents, etc.) on your computer so that they cannot be opened again.

Other potentially malicious files you may come across:

The following files may not be often encountered, but they have the potential to infect your computing device with malware. You should scan them before double-clicking them on your computer.

Programs:

.MSI files

These files are used in the installation, maintenance and removal of software on Windows 10 computers.

.MSP files

These are files that are used to patch any application installed with Windows Installer. Any malware in this type of file may pose as fake updates.

.COM files

These files are similar to .BAT files, and are also used to insert commands. They were often used to spread viruses and worms in Windows XP, but can still be used to spread malware today.

.GADGET files

If you use a Windows type with floating gadgets on the desktop, you should look out for these types of files.

Script files:

 .CMD files

These are old-school Windows Command Prompt files. They are similar to batch files in that they can insert malicious commands that will run on your computer if the files are clicked.

.VBE Files

These are encrypted VBS files. You can determine whether a .VBE file is malicious by dragging and dropping the file onto the decode VBS script, and then checking out the code.

.JSE files

These are encrypted JavaScript files. It is difficult to detect a virus in a .JSE file. There is no need to take a risk by opening this file on your computer. A better option would be to delete the file.

.PS1, .PS1XML, .PS2, .PS2XML, .PSC1, .PSC2

These are potentially dangerous Windows PowerShell script files as they are ran with administrative privileges.

0 Shares:
Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like