how to unhide file extensions in windows
TRANSCRIPT
8/3/2019 How to Unhide File Extensions in Windows
http://slidepdf.com/reader/full/how-to-unhide-file-extensions-in-windows 1/8
How to Unhide File Extensions in Windows
What Are File Extensions...
All file names have two parts- the file name and the file extension.
The file extension is simply the last characters after the last dot in the file name. Forinstance, a file named "XXX.EXE" has a file extension of ".EXE" and a file name of
"XXX". The file extension is whatever comes after the last "." (period or 'dot').
By default, if you look at the files on your PC using Windows Explorer ("My Computer"),
Windows "hides" the file extensions for most of your files. File extensions, in this case, are
also hidden when you look at file attachments in Outlook or Outlook Express or many other
email programs. This makes it very difficult to know if the attachment you are double-
clicking on is a picture or something bad that will run malware and infect your system.
Why MicroSoft ships Windows with its default Windows settings being as dangerous as they
can be in this regard is a mystery to all of us who provide computer support for ourcustomers. Well, I suppose it helps to keep the antivirus companies in business. Very sad.
We strongly recommend that you tell Windows that you want to see the FULL filenames of
ALL your files. If you choose not to follow these instructions about how to Unhide File
Extensions on your PC(s), then please at least be sure that you have the best AntiVirus and
AntiSpyware installed on your system(s).
The Hackers File Extension Hiding Trick and why it works...
By default, Windows is set to hide file extensions of known file types. What this means to
you is that you are easy prey to the most common type of email virus tactic, which is to email
an attachment to everyone with a filename that looks like something it is not.
The trick is that the virus authors will simply name the file in such a way as to make it appear
to be a JPG picture or some other harmless type of file because they know that most peoples'
systems will not show the actual file extension (those last 3 characters after the dot).
For example, if your system is hiding file extensions, when you get a file attachment called
"MyDog.JPG.VBS", your email program will show the attachment as "MyDog.JPG"
which leads you to believe that the attachment is simply a picture of someone's dog. But in
reality, the attachment is a VB script (a program that can do whatever the virus writer wants it
to if you double-click on it).
The Fix: One Simple Windows Setting To Unhide File Extensions...
Here are the steps you need to take in order to change the Windows system setting that
determines if file extensions are displayed or not.
To tell Windows to show all file extensions, do these simple steps:
Start Windows Explorer by pressing Windows+E (or use the Start Menu to start
Windows Explorer)
On the Windows Explorer menu bar, click View/Folder Options (or Tools/Folder
Options, depending on what version of Windows you have). A window will appear. Click on the View tab in that window and...
8/3/2019 How to Unhide File Extensions in Windows
http://slidepdf.com/reader/full/how-to-unhide-file-extensions-in-windows 2/8
In the list of checkboxes on that screen, you need to remove the checkmark in the
"Hide file extensions of know file types" checkbox.
Then click on Apply...
Then click on "Like Current Folder" to apply this setting to all folders (very
important).
Then click OK on all the windows that opened to get back to your Windows Explorerwindow.
You can then close the Windows Explorer window. You have told Windows to show
you the file extensions of all files.
Depending on which folder you were in when you started Windows Explorer, you might
immediately notice that you can now see the file extensions for all the files in that folder now
(that you couldn't see before).
Actually, there are still some file types that Windows insists on hiding from you, but for our
purposes today, this new setting will suffice. We'll cover the more advanced UN-hiding of
extensions in a future VACM.
File Types TO AVOID When Received As Email Attachments...
Now that you can see all of your files' file extensions, here are the ones to be very cautious of
when they arrive as email attachments:
".EXE", ".DOC", ".XLS",
".SCR", ".VBS", ".WSF",
".PIF", ".BAT", ".CMD",
".INF", ".SHE", ".SHB", and ".LNK"
Files ending in any of these file extensions are all capable of executing malicious code on
your system (ie- they could be viruses or spywares).
Don't Trust Emails From Friends- Even if an email with an attachment is from someone
you know, be very careful because many viruses have the ability to send themselves to
everyone in the infected computer's Address Book. If you are not careful, you, too, will
become infected. Let's see why that is so. Suppose your friend's computer has a virus that
emails itself to all your the contacts in your friend's address book. If your email address is in
your friend's Address Book, you will receive an email that looks like it came from your friend
but was actually sent by the virus on your friend's computer. Scary, huh? Don't assume. Be
sure.
How Does This Help Me To Fear No Attachments?
Now that you know what types of attachments to stay away from and now that Windows will
be showing you the file extensions of all files, just follow a few simple rules when dealing
with your email attachments.
1. First, get in the habit...
Cultivate the habit of updating your AntiVirus and AntiSpyware software EVERY time you
turn on your computer. Most AntiVirus softwares update themselves automatically. But be
aware that, typically, only the paid versions of AntiSpyware softwares update themselves
automatically. You must remain vigilant if you rely on a free antispyware tool that requiresyou to manually get updates.
8/3/2019 How to Unhide File Extensions in Windows
http://slidepdf.com/reader/full/how-to-unhide-file-extensions-in-windows 3/8
2. ALWAYS know what files are dangerous...
Know what to double-click on and what to NOT EVER double-click on. You can use the list
of dangerous file types we gave you (above) and post it near your computer.
3. NEVER double-click attachments. Instead, do this and be safe... If you feel that you must open an attachment for some reason, then you should do it in a way
that lets your AntiVirus and AntiSpyware software scan the attachment first. [note: if you use
Outlook or Outlook Express or Thunderbird or any other email program, this applies to you.
Users of online webmail services like Hotmail, Gmail, Yahoo and others are less at risk
because these services are pretty good about virus scanning everything before they dump it
into your inbox.]
In order to be sure that your antivirus has a chance to scan any attachments you receive, all
you need to do is right-click on the attachment in your email message and when the menu
pops up, choose "Save As". Then, choose a folder (or the desktop) as a location in which to
save the file. Then click the "Save" button. This will save the attachment to your hard drive.
This does two things- (1) you get to see the entire, actual filename in the Save As dialog box
(including the file extension). (2) when you click the "Save" button in the "Save As" dialog
box, your antivirus software immediately scans the file as it is being written to your hard
drive. If the file is malware, your antivirus or antispyware software should detect the
problem during the save operation and remove the threat and trouble is averted.
When Is It OK To Click? Only if the virus scan reports no problems should you then
proceed to open the attachment. If you saved it to your desktop, it will be easy to find it so
that you can delete the file when you are done with it.
WARNING: a trick that is used by virus writers to fool you...
There is a simple technique used by purveyors of viruses that has come to be known as social
engineering. This is where you get an email that promises some kind of reward if you click
on a certain link or attachment in an email. If the email convinces you to click on a certain
something, you have been duped into running the "payload" of the virus email. As an
example, let's take a look at the virus known as "FUNNY.JPG" and see how and why it
worked.
The "FUNNY.JPG" virus was the result of some evil persons who created a VB Script that
would compromise people's systems when they ran it. All the virus authors had to do was gettheir virus script into the systems of as many people as possible and somehow get these
people to run their little virus script. Delivery was easy. They used spammer techniques to
send their virus payload to millions of people as an email. The email promised a vivacious
picture experience and contained an attachment (the virus executable posing as a sexy
picture).
This particular virus was delivered via email and the script file was simply an attachment in
that email. "Oh, but I know what attachments are safe to click on" you say? Victims
received this virus email and, those with knowledge and wisdom simply deleted it. The less-
informed persons simply saw an email promising a tantalizing picture and were somehow
unable to keep themselves from opening what they thought was a picture of something totallyamazing or sexy or whatever. Users who received the email AND double-clicked on the
8/3/2019 How to Unhide File Extensions in Windows
http://slidepdf.com/reader/full/how-to-unhide-file-extensions-in-windows 4/8
attached file actually ran this virus script (program) and compromised their systems because
of their poor choice. But it looked like the attachment was just a picture, right?
Bait And Switch Got People To Click...
In order to get you to run their little virus program, the virus authors simply disguised theirvirus script file as a picture by naming it "FUNNY.JPG.VBS".
You might think "That doesn't look like the name of a picture cuz it has .VBS on the end of
it...". But here's the trick. Since virus authors know that most people's systems are
configured to hide file extensions of known file types (Windows default), they relied on the
fact that most people would not ever see the ".vbs" on the end of the filename. To them, it
looked like the file was named "FUNNY.JPG" and so they naturally thought that the
attachment was just a picture and they proceeded to try to open it. After all, the email said it
was an amazing or sexy or nude or whatever photograph. In fact, the file was not a
picture. The filename really ended with ".VBS", so it was an executable script. When they
double-clicked on it, they were actually running this dangerous script virus (program) thatdamaged their systems and/or compromised their identity and other private information.
The virus writers were very successful in getting people to double-click on their file
attachment or "payload" because most PCs are set to hide file extensions. That is how
Windows is configured by default ( for reasons known only to Microsoft in their infinite
wisdom). Therefore, many people ended up trying to open what they thought was a salacious
picture of some sort and, instead, they ran the virus script and infected their systems. This is
the basic bait and switch technique that was used and is the reason why you should waste no
time in setting Windows to always show the file extensions of all known file types.
My system is now SHOWING all the file extensions...
What else do I need to know?
Once you unhide file extensions as detailed above, you will easily be able to spot what kind
of file attachments you are dealing with. In our FUNNY.JPG example, you would now be
able to see the ".VBS" on the end of the file "FUNNY.JPG.VBS" and you would know to
avoid opening it.
All that is left to do now is to know that files ending with certain file extensions are
dangerous and should never be opened if received as email attachments.
You already know that ".VBS" is on the list of executable files that you should never touch
and we have seen how this was used by the authors of the FUNNY.JPG virus. There are lots
of other file extensions that are indicative of files that will execute something when double-
clicked. We gave you a list of file extensions to avoid earlier in this article. It would be a
good idea to print the list and post it near your computer. With your list always close at hand,
now you just need to remember to always be aware of the FULL and complete filenames and
extensions of all attachments you receive and be very sure the attachments are safe before
opening them. And remember, do not just double-click attachments. Instead, use the "right-
click, Save As" method we gave you in step #3, above, so that you know your antivirus
actually has a chance to scan the attachment first.
8/3/2019 How to Unhide File Extensions in Windows
http://slidepdf.com/reader/full/how-to-unhide-file-extensions-in-windows 5/8
Virus Writers tactics to get around "unhide file extensions" solution...
So, you have set Windows to always show all file extensions and now you are safe, right?
Not quite. There is another simple little trick used by the evil spammers and hackers and
virus writers that gets around the fact that smarter Windows users may have configured their
systems to show all file extensions instead of hide them. The evil malware authors came upwith a very simple way to hide the file extension even from these smarter people.
The only thing the virus writers had to do to hide the file extension from the "smarter" user,
even if their system is set to show file extensions, was to use a filename that contains a huge
number of spaces right before the end of the file name (the file extension). Very simple, but
quite effective.
The effect of padding the virus file's name with lots of spaces is that it becomes harder for
you to see the file extension, or, at least, easier to miss it. Even if file extensions are being
shown by Windows, if the filename is so long that you don't see the ".VBS" or ".EXE" or
whatever way out on the end of the filename, you are at risk of feeling safe to open theattachment.
This is what the virus mongers count on. With this later tactic, even if your system no longer
hides file extensions, you still might decide that the file is OK to open because you cannot see
the ".VBS" or ".EXE" at the end of the filename because the filename is so long that you
cannot see the file extension way out at the end of the filename.
Let's take a more detailed look at how this works. We will use our FUNNY.JPG virus as an
example and we will show how long filenames with lots of spaces were used to conceal the
fact that there is a ".VBS" extension at the end of the virus script's filename. In fact, you
could say that this was an enhanced version of the FUNNY.JPG virus that was designed to
fool people regardless of whether Windows was hiding file extensions or not.
The virus writers needed you to think that there was just an innocent JPG picture attached to
the email even if you have Windows setup to show file extensions. Their solution was
painfully simple. They took their virus file "FUNNY.JPG.VBS" and changed the filename
by adding lots of spaces to it, like this:
"FUNNY.JPG.VBS" was simply renamed to
"FUNNY.JPG .VBS"
By adding all of that "white space" inside the filename, it makes it more difficult to
see that there is a "hidden" file extension way out there at the end of the
very long filename.
You Can Still Be Safe- Not a problem, though, if you use the right-click / "Save As"
technique we described above, you will see the filename in a fairly wide field AND you can
use your keyboard's Right-Arrow key to scroll all the way to the right of the filename if
needed. That way, you will know with absolute certainty what the entire filename really is.
Also, if you use the Save As trick, your antivirus software is hopefully good enough to catch
the fact that it is a malware and will remove it from your system.
8/3/2019 How to Unhide File Extensions in Windows
http://slidepdf.com/reader/full/how-to-unhide-file-extensions-in-windows 6/8
Summary:
Email attachments can easily be viruses even if they look like harmless pictures. You
definitely should invest in the best Antivirus and AntiSpyware softwares. You should also
learn a few simple tricks to dealing with attachments that will help ensure you only open
attachments that are safe to open. And even if you have real-time anti<whatever> software
installed on your system, you really should tell Windows to NOT hide any part of anyfilename. Knowing the real, full and complete filenames of every file in your computer
makes good and total sense for many reasons.
Ravmone
Instructions
1. Step 1
Click the Windows "Start" button and click "All Programs." Click "Accessories"and click "System Tools." Click "System Restore."
2. Step 2
Click "Create a restore point" on the "Welcome to System Restore Page" andclick "Next." Type in a name for your restore point and click "Create." Click"Close." This will back up your system using a restore point you can come back
to in case of system errors.
3. Step 3
Open the Task Manager by pressing "Ctrl," "Alt," and "Delete" together. Click the"Processes" tab.
4. Step 4
Scroll down and click "RavMonE.exe." Click "End Process."
5. Step 5
Click the Windows "Start" button and click "Run." Type "regedit" (without quotes)and press "Enter" to open the registry.
6. Step 6
Click "HKLM" on the left panel and click "Software." Click "Microsoft" and click"Windows." Click "CurrentVersion" and click "Run." On the right panel, delete thevalue "RavAV ="%WINDIR%\RavMonE.exe." Close the registry.
7. Step 7
8/3/2019 How to Unhide File Extensions in Windows
http://slidepdf.com/reader/full/how-to-unhide-file-extensions-in-windows 7/8
Click the Windows "Start" button and click "Run." Type %WINDIR% (withpercentage signs) and press "Enter" to open the Windows folder. Delete the file"RavMonE.exe" if it is still there.
8. Step 8
Empty the recycle bin and restart your computer to complete the removalprocess.
How to Remove Win32/Gaelicum.A Virus
Instructions
1. Step 1
Go to Thecooltools.blogspots.com. Click the "Download link for AVGWin32/Gaelicum.A removal tool" link in the middle of the page.
2. Step 2
Click on "Save" in the pop-up dialog window.
3. Step 3
Double click on the downloaded file, which will be opened by WinRar
automatically.
4. Step 4
Double click on the "avg_win32gaelicum_removal_tool."
5. Step 5
Double click on the "rmgael.exe" file. The downloaded tool will detect and removeWin32/Gaelicum.A virus automatically.
How to Remove Trojan Win32 Off Cmd
Instructions
1. Step 1
Click on the "Start" menu.
2. Step 2
8/3/2019 How to Unhide File Extensions in Windows
http://slidepdf.com/reader/full/how-to-unhide-file-extensions-in-windows 8/8
Click on "Run."
3. Step 3
Type "cmd" into the open box. The Command Prompt window will open.
4. Step 4
Type "regsvr32 /u system32.dll" into the Command Prompt window and press"Enter."
5. Step 5
Restart your computer.