| .386 |
Windows
Enhanced Mode Driver. A device driver is executable
code and, as such, can be infected and should be scanned. |
| .ADE |
Microsoft Access Project Extension. Use of
macros makes this vulnerable. |
| .ADP |
Microsoft Access Project. Use of
macros makes this vulnerable. |
| .ADT |
Abstract
Data Type. According to Symantec these are
database-related program files. |
| .APP |
Application File. Associated with a variety of
programs; these files interact with such things as database
programs to make them look like standalone programs. |
| .ASP |
Active
Server Page. Combination program and HTML code. |
| .BAS |
Microsoft Visual Basic Class Module. These are
programs. |
| .BAT |
Batch
File. These are text files that contain system
commands. There have been a few batch file viruses but they
are not common. |
| .BIN |
Binary
File. Can be used for a variety of tasks and
usually associated with a program. Like an overlay file it's
possible to infect .BIN files but not usually likely. |
| .BTM |
4DOS
Batch To Memory Batch File. Batch file that could
be infected. |
| .CBT |
Computer
Based Training. It's never been made clear why or
how these can become infected but Symantec includes them in
their default listing. |
| .CHM |
Compiled
HTML Help File. Use of scripting makes these
vulnerable. |
.CLA
.CLASS |
Java
Class File. Java
applets are supposed to be run in a "sandbox" and thus be
isolated from the system. However, users can be tricked into
running an applet in a mode that the sandbox considers
"secure" so Class files should be scanned. |
| .CMD |
Windows
NT Command Script. A batch file for NT. |
| .COM |
Command
(Executable File). Any executable file can be
infected in a variety of ways. |
| .CPL |
Control
Panel Extension. Similar to a device driver which
is executable code and, as such, can be infected and should be
scanned. |
| .CRT |
Security
Certificate. Can have code associated with it. |
| .CSC |
Corel
Script File. A type of script file that is
executable. Any executable should be scanned. |
| .CSS |
Hypertext Cascading Style Sheet. Style sheets can
contain code. |
| .DLL |
Dynamic
Link Library. Can be used for a variety of tasks
associated with a program. DLLs typically add functions to
programs. Some contain executable code; others simply contain
functions or data but you can't tell by looking so all DLLs
should be scanned. |
| .DOC |
MS Word
Document. Word documents can contain
macros that are powerful enough
to be used for viruses and worms. |
| .DOT |
MS Word
Document Template. Word templates can contain
macros that are powerful enough
to be used for viruses and worms. |
| .DRV |
Device
Driver. A device driver is executable code and, as
such, can be infected and should be scanned. |
.EML or
.EMAIL |
MS
Outlook Express E-mail. E-mail messages can contain
HTML and scripts. Many viruses and worms use this vector. |
| .EXE |
Executable File. Any executable file can be
infected in a variety of ways. |
| .FON |
Font.
Believe it or not, a font file can have executable code in it
and therefore can be infected. |
| .HLP |
Help
File. Help files can contain
macros. They are not a common vector but have housed a
Trojan or two. |
| .HTA |
HTML
Program. Can contain scripts. |
.HTM
.HTML |
Hypertext Markeup Language. HTML files can contain
scripts which are more and more becoming vectors. |
| .INF |
Setup
Information. Setup scripts can be changed to do
unexpected things. |
| .INI |
Initialization File. Contains program options. |
| .INS |
Internet
Naming Service. Can be changed to point unexpected
places. |
| .ISP |
Internet
Communication Settings. Can be changed to point
unexpected things. |
.JS
.JSE |
JavaScript. As script files become vectors more
often it's best to scan them. (.JSE is encoded. Also keep in
mind that these can have other, random, extensions!) |
| .LIB |
Library.
In theory, these files could be infected but to date no
LIB-file virus has been identified. |
| .LNK |
Link.
Can be changed to point to unexpected places. |
| .MDB |
MS
Access Database or MS Access Application.
Access files can contain macros
that are powerful enough to be used for viruses and worms. |
| .MDE |
Microsoft Access MDE database.
Macros and scripts make this
vulnerable. |
.MHT
.MHTM
.MHTML |
MHTML
Document. This is an archived Web page. As such it
can contain scripts which can be infected. |
| .MP3 |
MP3
Program. While actual music files cannot be
infected, files with .mp3 extensions can contain macro code
that the Windows or RealNetwork media players will interpret
and run. So, .mp3 files have expanded beyond pure music. |
| .MSO |
Math
Script Object. According to Symantec these are
database-related program files. |
| .MSC |
Microsoft Common Console Document. Can be changed
to point to unexpected places. |
| .MSI |
Microsoft Windows Installer Package. Contains codes
for installing all types of programs. |
| .MSP |
Microsoft Windows Installer Patch. Contains code. |
| .MST |
Microsoft Visual Test Source Files. Source can be
changed. |
| .OBJ |
Relocatable Object Code. Files associated with
programs. |
| .OCX |
Object
Linking and Embedding (OLE) Control Extension. A
program that can be downloaded from a Web page. |
| .OV? |
Program
File Overlay. Can be used for a variety of tasks
associated with a program. Overlays typically add functions to
programs. It's possible to infect overlay files but not
usually likely. |
| .PCD |
Photo CD
MS Compiled Script. Scripts are vulnerable. |
| .PGM |
Program
File. Associated with a variety of programs; these
files interact with such things as database programs to make
them look like standalone programs. |
| .PIF |
MS-DOS
Shortcut. Currently being used by email hackers to
spread viruses and worms. Email servers should block
this file format from all emails. If changed can run
unexpected programs. |
| .PPT |
MS
PowerPoint Presentation. PowerPoint presentations
can contain macros that are
powerful enough to be used for viruses and worms. |
| .PRC |
Palmpilot Resource File. A PDA program (yes, there
are rare PDA viruses). |
| .REG |
Registry
Entries. If run, these files can change the
registry. |
| .RTF |
Rich
Text Format. A format for transmitting formatted
text usually assumed to be safe. Binary (and infected) objects
can be embedded within RTF files, however, so, to be safe,
they should be scanned. RTF files can also be DOC files
renamed and Word will open them as DOC files. |
| .SCR |
Screen
Saver or Script. Screen savers and scripts
are both executable code. As such either may contain a virus
or be used to house a worm or Trojan. |
| .SCT |
Windows
Script Component. Scripts can be infected. |
.SHB
.SHS |
Shell
Scrap Object File. A scrap file can contain just
about anything from a simple text file to a powerful
executable program. They should generally be avoided if one is
sent to you but are routinely used by the operating system on
any single system. |
| .SMM |
Ami Pro
Macro. Rare, but can be infected. |
| Source |
Source
Code. These are program files that could be
infected by a source code virus (these are rare). Unless you
are a programmer these likely won't be a concern. Extensions
include, but are not limited to: .ASM, .C, .CPP, .PAS, .BAS,
.FOR. |
| .SYS |
System
Device Driver. A device driver is executable code
and, as such, can be infected and should be scanned. |
| .URL |
Internet
Shortcut. Can send you to any unexpected Web
location which can then execute or download any number of
programs. Read all pop-up boxes before selecting the OK
or Close buttons, some of these set opposite of what they
state. |
.VB
.VBE |
VBScript
File. Scripts can be infected. (.VBE is encoded.) |
| .VBS |
Visual
Basic Script. A script file may contain a virus or
be used to house a worm or Trojan horse virus that waits until
a specific action is performed and then infects the system |
| .VXD |
Virtual
Device Driver. A device driver is executable code
and, as such, can be infected and should be scanned. |
| .WSC |
Windows
Script Component. Scripts can be infected. |
| .WSF |
Windows
Script File. Scripts can be infected. |
| .WSH |
Windows
Script Host Settings File. Settings can be changed
to do unexpected things. |
| .XL? |
MS Excel
File. Excel worksheets can contain
macros that are powerful enough
to be used for viruses and worms. |
| |
|
| macros |
|
