中检测到有潜在危险的_Windows上有50多个潜在危险的文件扩展名
中检测到有潜在危险的
Most people know that .exe files are potentially dangerous, but that isn’t the only file extension to beware of on Windows. There are a variety of other potentially dangerous file extensions – more than you might expect.
大多数人都知道.exe文件潜在危险,但这并不是Windows上唯一要注意的文件扩展名。 还有许多其他潜在危险的文件扩展名-超出您的预期。
那么,为什么我想知道哪些文件是危险的? (So Why Would I Want to Know Which Files are Dangerous?)
It’s important to know which file extensions are potentially dangerous when deciding whether a file attached to an email or downloaded from the web is safe to open. Even screen saver files can be dangerous on Windows.
在确定是否可以安全打开电子邮件附件或从网络下载的文件时,务必要知道哪些文件扩展名潜在危险。 在Windows上,即使屏幕保护程序文件也可能很危险。
When you encounter one of these files, you should take extra care to make sure that you are protected. Scan with your preferred anti-virus product, or even upload it to a service like VirusTotal to make sure that there aren’t any viruses or malware.
遇到这些文件之一时,应格外小心,以确保受到保护。 使用您喜欢的防病毒产品进行扫描,甚至将其上传到VirusTotal之类的服务,以确保没有任何病毒或恶意软件。
Obviously you should always have your anti-virus software running and active, and protecting you in the background — but knowing more about some uncommon file extensions can be useful in preventing something bad from happening.
显然,您应该始终使防病毒软件运行并处于活动状态,并在后台为您提供保护-但是,更多地了解一些不常见的文件扩展名可能有助于防止不良事件的发生。
为什么文件扩展名潜在危险? (Why is a File Extension Potentially Dangerous?)
These file extensions are potentially dangerous because they can contain code or execute arbitrary commands. An .exe file is potentially dangerous because it’s a program that can do anything (within the limits of Windows’ User Account Control feature). Media files – like .JPEG images and .MP3 music files – are not dangerous because they can’t contain code. (There have been some cases where a maliciously crafted image or other media file can exploit a vulnerability in a viewer application, but these problems are rare and are patched quickly.)
这些文件扩展名潜在危险,因为它们可以包含代码或执行任意命令。 .exe文件可能会很危险,因为它是一个可以执行任何操作的程序(在Windows的“用户帐户控制”功能的限制内)。 媒体文件(例如.JPEG图像和.MP3音乐文件)并不危险,因为它们不能包含代码。 (在某些情况下,恶意制作的图像或其他媒体文件可以利用查看器应用程序中的漏洞,但是这些问题很少见,并且很快得到了修补。)
With that in mind, it’s important to know just what types of files can contain code, scripts, and other potentially dangerous things.
考虑到这一点,重要的是要知道什么类型的文件可以包含代码,脚本和其他潜在危险的东西。
程式 (Programs)
.EXE – An executable program file. Most of the applications running on Windows are .exe files.
.EXE –可执行程序文件。 Windows上运行的大多数应用程序都是.exe文件。
.PIF – A program information file for MS-DOS programs. While .PIF files aren’t supposed to contain executable code, Windows will treat .PIFs the same as .EXE files if they contain executable code.
.PIF – MS-DOS程序的程序信息文件。 虽然不应将.PIF文件包含可执行代码,但Windows将将.PIF与.EXE文件视为相同,如果它们包含可执行代码。
.APPLICATION – An application installer deployed with Microsoft’s ClickOnce technology.
.APPLICATION –使用Microsoft的ClickOnce技术部署的应用程序安装程序。
.GADGET – A gadget file for the Windows desktop gadget technology introduced in Windows Vista.
.GADGET – Windows Vista中引入的Windows桌面小工具技术的小工具文件。
.MSI – A Microsoft installer file. These install other applications on your computer, although applications can also be installed by .exe files.
.MSI – Microsoft安装程序文件。 它们可以在您的计算机上安装其他应用程序,尽管也可以通过.exe文件安装应用程序。
.MSP – A Windows installer patch file. Used to patch applications deployed with .MSI files.
.MSP – Windows安装程序补丁文件。 用于修补使用.MSI文件部署的应用程序。
.COM – The original type of program used by MS-DOS.
.COM – MS-DOS使用的原始程序类型。
.SCR – A Windows screen saver. Windows screen savers can contain executable code.
.SCR – Windows屏幕保护程序。 Windows屏幕保护程序可以包含可执行代码。
.HTA – An HTML application. Unlike HTML applications run in browsers, .HTA files are run as trusted applications without sandboxing.
.HTA – HTML应用程序。 与在浏览器中运行HTML应用程序不同,.HTA文件作为受信任的应用程序运行,而无需沙箱。
.CPL – A Control Panel file. All of the utilities found in the Windows Control Panel are .CPL files.
.CPL –控制面板文件。 Windows控制面板中找到的所有实用程序都是.CPL文件。
.MSC – A Microsoft Management Console file. Applications such as the group policy editor and disk management tool are .MSC files.
.MSC – Microsoft管理控制台文件。 组策略编辑器和磁盘管理工具等应用程序都是.MSC文件。
.JAR – .JAR files contain executable Java code. If you have the Java runtime installed, .JAR files will be run as programs.
.JAR – .JAR文件包含可执行的Java代码。 如果安装了Java运行时 ,则.JAR文件将作为程序运行。
剧本 (Scripts)
.BAT – A batch file. Contains a list of commands that will be run on your computer if you open it. Originally used by MS-DOS.
.BAT –批处理文件。 包含如果您打开计算机将在计算机上运行的命令列表。 最初由MS-DOS使用。
.CMD – A batch file. Similar to .BAT, but this file extension was introduced in Windows NT.
.CMD –批处理文件。 与.BAT相似,但是此文件扩展名是Windows NT中引入的。
.VB, .VBS – A VBScript file. Will execute its included VBScript code if you run it.
.VB , .VBS – VBScript文件。 如果运行它,将执行其包含的VBScript代码。
.VBE – An encrypted VBScript file. Similar to a VBScript file, but it’s not easy to tell what the file will actually do if you run it.
.VBE –加密的VBScript文件。 与VBScript文件类似,但是要知道运行该文件的实际作用并不容易。
.JS – A JavaScript file. .JS files are normally used by webpages and are safe if run in Web browsers. However, Windows will run .JS files outside the browser with no sandboxing.
.JS –一个JavaScript文件。 .JS文件通常由网页使用,如果在Web浏览器中运行,则是安全的。 但是,Windows将在浏览器外部运行.JS文件,而不会进行沙箱测试。
.JSE – An encrypted JavaScript file.
.JSE –加密JavaScript文件。
.WS, .WSF – A Windows Script file.
.WS , .WSF – Windows脚本文件。
.WSC, .WSH – Windows Script Component and Windows Script Host control files. Used along with with Windows Script files.
.WSC , .WSH – Windows脚本组件和Windows脚本主机控制文件。 与Windows脚本文件一起使用。
.PS1, .PS1XML, .PS2, .PS2XML, .PSC1, .PSC2 – A Windows PowerShell script. Runs PowerShell commands in the order specified in the file.
.PS1 , .PS1XML , .PS2 , .PS2XML , .PSC1 , .PSC2 – Windows PowerShell脚本。 按照文件中指定的顺序运行PowerShell命令。
.MSH, .MSH1, .MSH2, .MSHXML, .MSH1XML, .MSH2XML – A Monad script file. Monad was later renamed PowerShell.
.MSH,.MSH1,.MSH2,.MSHXML,.MSH1XML,.MSH2XML -单子脚本文件。 Monad后来更名为PowerShell。
捷径 (Shortcuts)
.SCF – A Windows Explorer command file. Could pass potentially dangerous commands to Windows Explorer.
.SCF – Windows资源管理器命令文件。 可以将潜在危险的命令传递给Windows资源管理器。
.LNK – A link to a program on your computer. A link file could potentially contain command-line attributes that do dangerous things, such as deleting files without asking.
.LNK –指向计算机上程序的链接。 链接文件可能包含执行危险操作的命令行属性,例如不经询问就删除文件。
.INF – A text file used by AutoRun. If run, this file could potentially launch dangerous applications it came with or pass dangerous options to programs included with Windows.
.INF – AutoRun使用的文本文件。 如果运行,此文件可能会启动它附带的危险应用程序,或者将危险选项传递给Windows附带的程序。
其他 (Other)
.REG – A Windows registry file. .REG files contain a list of registry entries that will be added or removed if you run them. A malicious .REG file could remove important information from your registry, replace it with junk data, or add malicious data.
.REG – Windows注册表文件。 .REG文件包含注册表项的列表,如果您运行它们,将会添加或删除它们。 恶意的.REG文件可能会从注册表中删除重要信息,将其替换为垃圾数据,或者添加恶意数据。
办公室宏 (Office Macros)
.DOC, .XLS, .PPT – Microsoft Word, Excel, and PowerPoint documents. These can contain malicious macro code.
.DOC , .XLS , .PPT – Microsoft Word,Excel和PowerPoint文档。 这些可能包含恶意宏代码。
.DOCM, .DOTM, .XLSM, .XLTM, .XLAM, .PPTM, .POTM, .PPAM, .PPSM, .SLDM – New file extensions introduced in Office 2007. The M at the end of the file extension indicates that the document contains Macros. For example, a .DOCX file contains no macros, while a .DOCM file can contain macros.
.DOCM , .DOTM , .XLSM , .XLTM , .XLAM , .PPTM , .POTM , .PPAM , .PPSM , .SLDM – Office 2007中引入的新文件扩展名。文件扩展名结尾的M表示文档包含宏。 例如,.DOCX文件不包含宏,而.DOCM文件可以包含宏。
This isn’t an exhaustive list. There are other types of file extensions – like .PDF – that have had a string of security problems. However, for most of the file types above, there’s just no securing them. They exist to run arbitrary code or commands on your computer.
这不是一个详尽的清单。 其他类型的文件扩展名(例如.PDF)也存在一系列安全问题。 但是,对于上述大多数文件类型,没有保护它们的方法。 它们的存在是为了在您的计算机上运行任意代码或命令。
As if the amount of potentially dangerous file extensions to keep track of wasn’t enough, a vulnerability in Windows allows malicious individuals to disguise programs with fake file extensions.
仿佛要跟踪的潜在危险文件扩展名数量还不够, Windows中的漏洞使恶意人员可以伪造带有假文件扩展名的程序 。
翻译自: https://www.howtogeek.com/137270/50-file-extensions-that-are-potentially-dangerous-on-windows/
中检测到有潜在危险的