Here's a quick tip that takes all of 30 seconds to implement yet can go a long way towards helping prevent you from inadvertently installing malware onto your computer. It's so quick in fact, it'll take you longer to read why you should do it than the process itself.
Windows Explorer that comes with Microsoft Windows has many settings that dictate how it displays files and folders on your computer. There is one default setting that you should change. It's called "Hide extensions for known file types".
Note: this tip applies to Windows Vista and above.
Most files in Microsoft Windows have what's called an extension at the end of the file name. For example, for the file called JuneTimetable.doc, the ".doc" part at the end is called the File Extension. Windows uses file extensions as a way of determining what application it should use to open or edit the file. In this example, Windows sees the .doc file extension and determines that Microsoft Word is the appropriate application. So when you double-click that file, Word will fire up and open the file for you.
When the "Hide extensions for known file types" setting is turned ON (which it is by default), Windows Explorer will hide the file extension (the ".doc" in our example) from you, so all you see in Windows Explorer is the file name portion ("JuneTimetable").
The following two screenshots demonstrate what I mean. The first is how Windows Explorer displays files with the setting turned ON, and the second when the setting is turned OFF.
Here's the problem. Have a look at the following screenshot:
That's a virus sitting there. You may have been emailed it. You may have found it on a Web site. It may have been brought into your club on someone's USB key. Now obviously you're unlikely to do anything with a file called "HelloI'mAVirus.doc". But what if it was called something else, like "ClientListing.doc"?
With the "Hide extensions for known file types" turned on, you won't see the real file extension. In the example above, it is showing ".doc" as the file extension, but in reality, it's actually ".exe". You don't know that, because Windows is hiding it from you. All you will see is "ClientListing.doc". So you happily double-click the file to have a look, and Wham! You're computer is now hosed. Why? Because the ".exe" file extension is an application, not a Word document. It only looks like a document.
This is obviously quite undesirable, and you can help prevent such mistakes by turning off this setting.
Fire up Windows Explorer (that's Windows Explorer, not Internet Explorer).
Click the Organise button on the toolbar, then Folder and search options in the drop-down menu.
This will bring up the Folder Options screen. Navigate to the View tab, then scroll down the list of settings under Advanced settings until you locate the option called Hide extensions for known file types.
UNTICK this option.
Click OK, and you're done.
Now let's look at our virus...
Yep, it's still a virus, but at least now you have a much better visual indication that it's NOT the Word document you thought it was.
Do not, under any circumstances, double-click or in any way open a file that has a file extension with any of the following file extensions, unless you are absolutely sure about what it is and where is came from!
These are the typical file extensions that viruses and malware have. So unless you know for sure that the file you are about to open is trusted, delete it. If your mother sent it to you in an email, delete it. If your priest sent it to you on a golden disk gift-wrapped in silk, delete it.
You must be absolutely sure you know exactly what the file is and why it has been given to you. Otherwise, delete it. And no, a file named "SuperDuperImportantDataFromYourBoss.exe" doesn't count. If you succumb to temptation and open that file that promises photos of Venus Williams' skirt flying up at the tennis, you're computers are in for a world of hurt.
But just in case you do fall for it, read this.
Have fun!
Mike.Ryan
You can follow any responses to this entry through the RSS feed. You can leave a response, or trackback from your own site.
