Windows Tips: For Security Reasons, It Pays to Know Your File Extensions

Scott Dunn
From the February 2011 issue of PC World magazine

Computer viruses sometimes masquerade as harmless e-mail attachments. The fastest way to spot the interlopers is by their file extension--the letters (usually three) following the final period in the file's name. This extension is an essential aspect of nearly every file on your computer; without it, Windows doesn't know whether to open the file in your word processor or another app, to launch it as a program, or to let other programs use it as a system resource. Knowing a file's extension can also help you customize your system and clean out the dross.

Unfortunately, Microsoft started hiding file extensions in Windows 95. To make sure your file extensions are visible, open Windows Explorer or any folder window and choose View, Folder Options or Tools, Folder Options (depending on your version). Click the View tab, make sure the option to 'Hide extensions for known file types' is unchecked (the exact wording will vary depending on your version of Windows; see FIGURE 1), and click OK. Now extensions will be visible for nearly every file on your desktop and in your Explorer and folder windows.

The File Types tab in the Folder Options dialog box lists the extensions registered on your system ("registered" means that Windows knows what to do with that type of file; see FIGURE 2). It also shows the file descriptions you would see if you looked in the Type column of Explorer's Details view (choose View, Details). Note that in Windows 9x, you must select one of the registered file types to see its extension displayed in the area below.

If you're willing to edit the Registry, you can display most file extensions but hide a few of your choice. Or you can show the extensions of only the file types you select. Here are the file extensions you need to be aware of.

An eye on executables: An executable (.com or .exe) lists machine-language instructions that a computer can understand and execute. Don't launch executable files that you receive from an unknown source (such as via an unsolicited e-mail), since the sender could have a malicious purpose. Also, many worms propagate via e-mail address books, so you may know the purported sender of an infected file. Don't open any executable file until you have confirmed by phone or e-mail that the file is legit. By extension (pun intended), .bat (batch files) and .cmd (Windows 2000 batch files) include executable commands and may contain malicious code.

Script teasers: Scripts are pieces of human-readable programming code that services translate into machine-code instructions and execute. Windows will launch one of its many script services when you double-click a script file (just as Windows will open Word to display a word processing document if you double-click a .doc file). You encounter scripts frequently while Web browsing and performing other PC tasks, but you probably don't want to let just any old script file run on your computer. The script file extensions to be wary of include those that work with Windows Script Host (.ws, .wsc, .wsf), JavaScript (.js), and Visual Basic (.vb, .vbe, .vbs).

Other service-launching extensions: If you double-click a file whose extension is associated with a Windows service, that service will open and run, using the information in the file you double-clicked to tell the service what to do. Such extensions include .pif (a program information file that tells Windows how to run an old DOS app), .msi (a Windows installer database), .hta (an HTML application), and .scr (a screen saver).

Space savers: If you're tired of the screen savers on your system, save disk space by searching for all of your system's .scr files (enter *.scr as the file name you're searching for) and deleting the ones you don't want (see FIGURE 3). For instant privacy, use the right-mouse button to drag any .scr file to your desktop or the Start menu (or one of its submenus), and choose Create Shortcut(s) Here. Just click the shortcut to launch the screen saver, and tap a key or wiggle your mouse to turn it off.

Control Panel icon elimination: Readers frequently ask how to remove icons from their Control Panel window. When the culprit is not one of Windows' own control panels but an uninvited intruder installed by some other program, it's useful to know that most Control Panel icons represent files with the .cpl extension. Enter *.cpl in the file-name field of Windows' search function to list the Control Panel applets on your system. Double-click each file until you find the one that you don't need. Move the unwanted file to another folder, or make a backup copy and delete the original. Note that in some cases multiple icons in the Control Panel window may represent a single .cpl file. For example, removing main.cpl will eliminate the Fonts, Keyboard, Mouse, and Printers icons.

System secrets: Some system file types don't run by themselves and don't open in an application; other programs on your PC use these files to get information about your settings, special programming functions, and other resources. You can customize your system by editing certain .ini, .inf, and other system files. For example, changing your sysoc.inf file gives you more control over uninstalling components of Windows 2000 and XP. Or edit your desktop.ini file to add wallpaper to XP's folder windows.

One common system file type is the dynamic link library, or .dll. Sometimes multiple applications will install one .dll file, potentially causing conflicts. To help advanced users and IS pros sort through .dll-related snafus, Microsoft has set up a searchable database that they can use to ferret out the purpose of any Microsoft .dll file.

Wascally Wegistwy files: Exported portions of the Windows Registry have the .reg extension. When you edit the Registry, these files serve as small, targeted backups of the portion you'll be working on. Click Start, Run, type regedit, press Enter, navigate the tree pane on the left (or use the Edit, Find feature), and click the section of the Registry you plan to edit. Choose Registry, Export Registry File, make sure that 'Selected branch' is highlighted, specify a name and a location to store it in, and click Save. The settings for that portion of the Registry will be saved as a file with the .reg extension. If you make a boo-boo, you can restore that portion of the Registry to its prior state by double-clicking the backup file and then following the on-screen prompts. You're not likely to encounter a problem with .reg files that you make yourself, but beware of unknown or unsolicited .reg files! If you merge a corrupt, outdated, or malicious .reg file, you can damage your Windows settings.

Joe Henriques of Etobicoke, Ontario, reinstalled Microsoft Windows XP Home Edition, but now a menu asks him to choose 'Microsoft Windows XP Home Edition' or 'Microsoft Windows XP Setup' before Windows will start. Since the default option is Setup, he gets an error if he doesn't select XP Home within a short time. The underlying problem: An entry has been added to his boot.ini file, a system file in the root of the start-up drive.

Henriques could edit the file to leave only the correct option, but it's easier to tell Windows to ignore the unwanted entry. In Explorer, right-click My Computer and choose Properties. Click Advanced, Settings (under Startup and Recovery). Choose the OS from the 'Default operating system' drop-down list to switch the default. To suppress the menu entirely, uncheck Time to display list of operating systems. Click OK twice.

To make your files private without resorting to the NTFS file system, look no further than AxCrypt, a handy little utility that lets you lock your files by clicking your right-mouse button. After you install the program, right-click a file and choose AxCrypt to see a submenu of commands for protecting or accessing your files using the utility's 128-bit encryption. Encrypting a folder protects all of the files it contains. You can even have AxCrypt remember a single password and use it by default so you only have to enter it once per log-on and/or reboot. Secure and simple: What's not to like? Though AxCrypt is completely free, its makers encourage a $5 or $10 donation if you like it.

Send Windows-related questions and tips to scott_dunn@pcworld.com. We pay $50 for published items. Click here to view past Windows Tips columns. Scott Dunn is a contributing editor for PC World.