Potentially Unsafe File Types
WinZip® displays caution messages in some situations, such as when you double-click a .EXE file compressed within a Zip file, to warn that you are working with a file type that could potentially contain a virus. These warnings can be helpful for WinZip users who rarely or never need to use Zip files containing these potentially unsafe file types. WinZip users who frequently need to work with the file types involved can easily turn the caution messages off.
To help prevent virus infections on your computer, you should familiarize yourself with the information on this page. A little knowledge and some sensible security procedures will allow you to be comfortable working with the Zip files that you receive.
On this page:
One of the most common ways in which a computer becomes virus-infected is that its user actively causes the virus to run, not realizing that the file being opened could contain a virus. This can happen when, for example, you double-click a virus-infected attachment to an email message.
Viruses are sometimes compressed inside Zip files, which are then sent as email attachments. When you receive a Zip file as an email attachment, double-clicking the attachment will open the Zip file in WinZip (or whatever Zip utility is installed on your system). If, within your Zip utility, you then double-click the virus-infected file, the virus can run and your computer can become infected. (An up-to-date virus scanner, scanning files in real time, will stop most infections, but the newest viruses may escape detection.)
One reason that viruses are able to spread is that double-clicking a file has historically been a safe thing to do. It is easy to casually double-click a file received as an email attachment, or a file within a Zip file received as an email attachment.
Unfortunately, because of the recent proliferation of viruses, it is no longer safe to routinely double-click files, especially files received as attachments to suspicious email messages or downloaded from untrusted web sites. This issue has become so important that recent versions of Internet Explorer and of email programs such as Outlook, Outlook Express, and Windows Mail warn you when you are about to work with potentially unsafe file types.
Because Zip files can sometimes contain virus-infected files, this version of WinZip displays similar warnings in certain situations when a Zip file that you are working with contains files of potentially unsafe types.
The file type of a file, sometimes referred to as its extension, is the last portion of the name of the file. For example, if you have a file called "memo.doc", the last portion of the name of the file (that is, the portion following the final period) is "DOC". This file therefore has a file type of DOC, and would sometimes be referred to as a DOC file or a .DOC file.
Windows generally uses the file type to decide how the file will be handled when you double-click the file's icon. For example, DOC files most often contain Microsoft Word documents; if you double-click a DOC file and Microsoft Word is installed on your system, Windows will open the file in Microsoft Word.
As a second example, the file "game.exe" has a file type of EXE. This type of file normally contains a program, and if you double-click it, Windows will run the program.
The EXE file type is an example of a potentially unsafe file type. While the vast majority of EXE files that you are likely to encounter are safe and useful, malicious individuals sometimes write programs that can harm your computer and distribute them in the form of EXE files.
There are a number of other file types that are often considered to be potentially unsafe because they have been used to spread viruses. There is no definitive list of these file types that everyone would agree with, and to some extent the list is constantly changing, but here is the list that is used by this version of WinZip:
ADE, ADP, APP, ASA, ASP, BAS, BAT, CER, CHM, CMD, COM, CPL, CRT, CSH, DLL, EXE, FXP, HLP, HTA, HTM, HTML, HTR, INF, INS, ISP, ITS, JS, JSE, KSH, LNK, MAD, MAF, MAG, MAM, MAQ, MAR, MAS, MAT, MAU, MAV, MAW, MDA, MDB, MDE, MDT, MDW, MDZ, MHT, MHTM, MHTML, MSC, MSI, MSP, MST, OCX, OPS, PCD, PIF, PRF, PRG, REG, SCF, SCR, SCT, SHB, SHS, TMP, URL, VB, VBE, VBS, VBX, VSMACROS, VSS, VST, VSW, WS, WSC, WSF, WSH, XSL
All of these file types have legitimate uses under appropriate circumstances. The simple fact that a file is one of the types listed above does not mean that there is something "wrong" with the file or that it is infected with a virus. But if you receive a file with one of these types from an untrusted source or in unexpected or suspicious circumstances, you should not work with the file until you are sure that it is safe.
Of course, as mentioned above, there is no definitive list of which file types are safe or unsafe, so even with file types that are not on the above list, you should use appropriate cautions.
For some general security guidelines, see Security Hints and Tips below.
WinZip will warn you about some of the most common situations in which you could become infected by a virus compressed inside a Zip file.
If you double-click a file with a potentially unsafe file type, such as .EXE, WinZip will display a dialog warning you about the potentially unsafe file type. You can then decide whether you really want to open it. Note that this warning is only displayed when you double-click a file within a Zip file to open that file from within WinZip. You can still extract files from a Zip file to a folder on your disk without a warning, regardless of the file types involved.
WinZip also displays warning text when you try to install software contained within a Zip file. For example, when you use the Unzip and Install button to install software from a Zip file that contains a Setup program, WinZip will display a dialog reminding you not to install untrusted software.
Some WinZip users, especially "power users" who frequently work with some of the file types that WinZip considers potentially unsafe, will prefer not to see these warnings repeatedly. Therefore, all of the warning dialogs have check boxes that you can use to stop them from displaying again.
Know Your Source
- Never open a Zip file that is attached to email from an unknown source.
- If an unexpected Zip file is attached to email from someone you know, consider verifying with the sender that the attachment is legitimate. Some viruses spread by e-mailing copies of themselves to everyone in the contact lists of infected computers; this means that you can receive infected files even from people you know.
- Avoid downloading Zip files from untrusted web sites.
Of course, these guidelines don't apply only to Zip files; they apply equally to any file type.
Keep Your System Protected and Up-To-Date
- It is very important to have a good anti-virus program installed on your computer. We recommend that you configure your anti-virus program to scan all files that you work with in real time. Most virus scanners can also be configured to scan email as it arrives and quarantine infected messages. We also recommend that you enable this option. And, because new viruses are discovered almost daily, be sure to keep your anti-virus program up to date. Most anti-virus programs have an automatic update facility that can help with this.
- You should also use Microsoft's Windows Update feature to be sure that you have Microsoft's latest fixes for your version of Windows. Windows Update also has an automatic update facility that can help keep you up to date.
- To be sure that you find out about new WinZip updates or maintenance releases, sign up for the WinZip mailing list.
Disable Hidden File Name Extensions
All current versions of Windows are initially installed with an option called "Hide extensions for known file types" enabled. When this option is enabled, Windows will not display the file name extensions (.EXE, .DOC, etc.) for file types that it knows about.
This option is considered by many knowledgeable users to be dangerous, primarily because it can mislead you about the true nature of your files. For example, you might have a virus-infected file named "vacation.jpg.exe". If the hidden extension option is enabled, this file will appear on your desktop or in Windows Explorer as "vacation.jpg", leading you to think that it is a harmless vacation picture. In fact, it is an executable program, and opening it could infect your computer.
To disable hidden extensions:
- Open Windows File Explorer.
- Click Folder Options or Folder and Search Options, which will be located in either the Tools menu, the View menu, or the Organize menu, depending on your version of Windows.
- In the Folder Options dialog, click the View tab.
- Uncheck the box labeled Hide extensions for known file types and click OK.