Corrections & Notes: • The JS file is actually JScript, not Javascript
@yoyoyonono Жыл бұрын
Jscript is just JavaScript (ecmascript technically but who's counting)
@random_person618 Жыл бұрын
@@yoyoyononoI am counting 😂
@WiluckGD Жыл бұрын
@@random_person6181. 2. 3. 4.
@encycl07pedia- Жыл бұрын
"Run" is the past participle of "run." "Ran" is the simple past of "run." "I have ran" is wrong. The more you know, the less you don't.
@RealLava Жыл бұрын
WHAT
@wakaneut Жыл бұрын
Making file extension hidden by default is one of the worst mistakes MS did.
@CoolAsFreya Жыл бұрын
This got me the other day at university, was using windows server virtual machines to make a simple web server, couldn't figure out why index.html wasn't working until I remembered stupid hidden file extensions... and it was actually index.html.txt 😫
@AdityaRawat-f7e Жыл бұрын
not in the 90s
@Mario583a Жыл бұрын
To be fair, most people when they would rename a file, they would include the extension and later get upset that Word would be unable to read their Invoice Tax 1996 as there was no association for that Invoice Tax 1996.doc file.
@nmcli Жыл бұрын
many* not worst
@KatyaAbc575 Жыл бұрын
@@Mario583aWindows litterally warns you that you should not rename the file extension. Do people just ignore that pop up???
@random_person618 Жыл бұрын
I want to add a fact in your point that "sometimes hackers may hide the malicious files so that you can't see them by default." Even after you enable the "Show hidden files" option, sometimes they may hide it as a system file (by setting the -h and -s attribute to it). So if you're skeptical about such an item, make sure to enable the "Show hidden operating system files" as well.
@cycrothelargeplanet Жыл бұрын
Showing OS protected files is kinda risky though
@random_person618 Жыл бұрын
@@cycrothelargeplanet No it isn't risky if you know what you're doing. If that is for destroying a Windows installation, then it's bad otherwise it's not if you want to hunt malware down.
@swayingGrass Жыл бұрын
@@random_person618 "it isn't risky if you know what you're doing", I mean... duh!
@random_person618 Жыл бұрын
@@swayingGrass Well I'd like to say this to @cycroplanet.
@swayingGrass Жыл бұрын
@@random_person618No, I'm saying that is basically the same as saying "get gud so you're not bad" in a game. It doesn't address the concern, i.e. what is there to know so it won't be dangerous.
@gFamWeb Жыл бұрын
The fact that "Hide File Extensions" is SILL on by default baffles me.
@gFamWeb Жыл бұрын
STILL* lol
@crosssans9984 Жыл бұрын
tf is sill
@crosssans9984 Жыл бұрын
oh ok cool@@gFamWeb
@RealUniCat Жыл бұрын
He misspelled "still"@@crosssans9984
@jerelull9629 Жыл бұрын
Microsoft doesn't care, so takes the easiest, often least secure, path. I retired 15 years ago, so have been able to go MS-free even though I got pretty good at resurrecting MS work stations by then, taking less than a week to bring my machine back from the dead pretty regularly. I could have gotten more than 50% more coding done if it hadn't been for MS trashing itself every few weeks. I got pretty good about doing my thinking and design while waiting for various recovery/restore and re-install programs to do their work. Meanwhile, a 15 year-old Mac with Intel CPUs & GPUs cooked itself and trashed the internal HDD. Once I got the HDD to the point of alive, it took just an hour to restore the backup and have my Mac back up to where it had been before, including passwords on sites I didn't remember wanting to access.
@Kierownik223 Жыл бұрын
Fun fact, in older versions of Windows the .msp files were used by Microsoft Paint.
@KryzysX Жыл бұрын
I don't believe that!
@dsihacks Жыл бұрын
@@KryzysX It's true
@ExploringNew1 Жыл бұрын
MicroSoft Paint, makes sense
@random_person618 Жыл бұрын
I knew that. Good for me
@enderjed2523 Жыл бұрын
And .MSA files were used for Microsoft Agent
@DerLung Жыл бұрын
I absolutely don't understand why file extentions aren't shown by default in windows. It's not annoying and soooo important and also useful (for example if you have two files of different type (like a word document and a pdf export of it) with the same name and have to find the right one by icon)
@ThioJoe Жыл бұрын
Yea for real
@myfloor622 Жыл бұрын
probably because it looks smoother
@Lofote Жыл бұрын
For beginners they cant easily disable files by o erwriting file types. Pros usually use different programs than explorer, so they dont card, for the rest you can enable it
@DerLung Жыл бұрын
@@Lofote do you mean accidentaly overwriting the file extention when renaming a file? That‘s not that much of a problem becauee the extention doesn‘t get highlighted when renaming
@crosssans9984 Жыл бұрын
well you can select it manually after you press 'rename' and people who just got windows and don't know what file extensions do could just rename the whole thing and remove the extensions@@DerLung
@evanbelcher Жыл бұрын
Also worth mentioning, file extensions are just labels, and they can be manipulated at will regardless of the underlying data. So you might run a .cmd file or something, but the rest of the payload may be contained in a file with extension .docx exactly like a normal document, when really it's just a .dll with the extension changed.
@Blast-Forward Жыл бұрын
True, but Windows won't run it by default in a way that the malicious content comes into effect. If not Windows itself is vulnerable.
@xavvvvxd8 ай бұрын
Windows uses the file extension to figure out what kind of file a file is, whereas Linux distros use the actual contents. I'm actually not too sure if Windows will allow you to link a non-DLL/LIB file.
@scrung2 ай бұрын
@@xavvvvxdat least on arch i seem to remember all of my file managers using the file extension to open my files - how is it possible to figure out using just the contents unless you write a function for every possible file format (new ones come into existence too)
@ultimate90562 ай бұрын
@@scrungpretty easy, if all your decoders return an error due to not being able to parse the file then the program knows that the file isnt encoded in a format that it is supposed to understand and it can pass an error onto the user.
@TheAndroidGingerbreadGuy Жыл бұрын
He may not be a OneDrive synced file, but never fails to upload 💯
@tfr Жыл бұрын
You can uninstall onedrive but you can’t uninstall thiojoe
@TheAndroidGingerbreadGuy Жыл бұрын
@@tfrthats right
@xXVibrantSnowXx Жыл бұрын
Who uses OneDrive? Lmao
@Lofote Жыл бұрын
@@xXVibrantSnowXxmany
@Lofote Жыл бұрын
@@tfryou cant install him in the first place :-D
@Freddy_Guy Жыл бұрын
I just love how ThioJoe makes the highest quality tech content on the platform He doesn't resort to clickbait or becoming a Linus clone He has his own style and I literally can't find anyone who makes similar content and at the same level of quality Keep up the good work
@deathtidegame Жыл бұрын
@@MasterCraft_48 he's dunking unoriginal people that clone linus' content
@MasterCraft_48 Жыл бұрын
@@deathtidegame im stupid nvm...
@just.nobody Жыл бұрын
Yep. Love him. Most people bring up his past videos. Bruh he changed. He is great with the information he provides. Very organised
@TheBenSanders Жыл бұрын
@@just.nobodyI do miss Joe’s old troll videos though lmao
@Ness199X Жыл бұрын
Bro forgot the windows 9 video 💀💀💀💀💀 edit: nvm that was linus who did thay
@MechPaul Жыл бұрын
I work in the antimalware industry! More common than changing file extensions or default programs for opening files, we edit local machine group policy to prevent execution on specific file types within a folder that we dedicate to malware. Also, to preserve file names to the extent possible (and to prevent execution and changing default program associations), we just add underscores to file extensions (.exe_, .js_, .scr_). I understand that given the sponsor you wouldn’t show how to edit defender settings, but you could have gone over how to use bitdefender to better protect yourself. Antiviruses have similar settings.
@MechPaul Жыл бұрын
@@Biwiyejowjs tarballs are essentially a zip file without any compression. They're just as safe as any other container (7z, zip, rar)
@markanderson2155 Жыл бұрын
I think the main thing or key from this is don't download things willy-nilly over the internet, use extreme caution with links in email, texting, IM's etc. Always exercise caution with attachments. Only go to reputable trustworthy sources with a careful eye. As much as I like open sources that's where you really have to be careful because of too many hands accessing the source code. But that does not mean that someone can't still attach or inject a malicious code to a paid licensed version either. Buyer/ end user beware! You are your own first line of defense, watch dog and security. Pay attention to everything, because you really have to. All the more reason to have backups should one slip past you, in hopes that you can recover. Thanks for the video Theo.
@sontapaa11jokulainen94 Жыл бұрын
What's an IM?
@ThatOneRobloxDev Жыл бұрын
You also have ".jar" which is an executable java application. It's basically an executable version of a zip file, where java classes are stored within. Any code that is inside a ".jar" file will be executed and ran when you execute it.
@cvk4488 Жыл бұрын
Yea, especially the games which use .jar, .dll files which can be played by the bat file
@FriedMonkey36211 ай бұрын
Java isn't a windows default program tho
@LetsArctix9 ай бұрын
Yes, I got some kind of malware trough a jar file. (Minecraft mod) It executet a powershell script which would have downloaded a RAT from github, fortunally that was blocked and the jar file itself „just“ stole my minecraft session token.
@Algeriawindows692 ай бұрын
@FriedMonkey362 3 billion pcs got java in them
@LowQualityShitposts2 ай бұрын
@@ThatOneRobloxDev SO THATS WHAT THE MINECRAFT ADDON EXTENTION IS!!!
@LuigiMordelAlaume Жыл бұрын
Also, docx, xlsx, pptx, etc are actually encoded as zip files. If you change the extension to zip you can see the bundle of files. This can be exploited, unknown office files should be opened in zip explorers before office.
@Gauley_ Жыл бұрын
Thanks for having captions, sometimes i have to watch without audio like if my bluetooth headphones run out of battery, helps alot!
@charleshines2142 Жыл бұрын
Sometimes it does take one slip up. If you ever run a file that closes and doesn't seem to do anything there is a chance that depending on where it came from it may steal passwords and other things and send them to some random person who you most likely never met or knew existed.
@Blast-Forward Жыл бұрын
Win+R, ipconfig. Omg hacked. 😝
@faenethlorhalien Жыл бұрын
One type of annoying virus that I got back in 2001 was )and it was called redbot or redcode or redsomething, it got very spread back then...) that the file would arrive to you as a DOUBLE extension file, but Windows (2000 or xp or 98 or me or whatever you used) would only show you the LAST one, hiding the second to last extension which was the actual extension. So, the OS would show you it was a JPG, for instance, and mark it with the icon of a picture, but when you tried to open it, it was actually a VB script and it WOULD ATTEMPT TO RUN IT as a VB script, instead of failing to open it as a JPG, and then you were fucked. That virus would scour through your Outlook contact and sent mail list and send itself to everyone. I had to send SO MANY apology mails to people because of it!
@neoqueto Жыл бұрын
You shouldn't ever fully trust any file type really. If your picture viewer has a vulnerability, a hacker can take advantage of it by embedding malicious code to something like a JPEG. Video files, image files, sound files, game data files (it's not too uncommon for cracked games to have functions in them that allow them to load external files from the game directory and those are the real malware). Even text files aren't universally safe because theoretically a text editor (or its part, like a syntax highlighting library) can be susceptible to some kind of code injection.
@henrikpersson5420 Жыл бұрын
I got a virus through a pdf loaded in an open source pdf book reader. Ironically a programming textbook
@nameless......................2 ай бұрын
heck, someone made a PNGbomb, not a ZIPbomb, a PNGbomb.
@avishjha4030 Жыл бұрын
Something I was literally wondering about only a couple hours back when downloading an MP3 like the old days. Great timing!
@nutherefurlong Жыл бұрын
Thanks for this. Might be good to revisit PDFs some day since the landscape seems to have changed. Like a lot of people read in-browser now, with stuff like Firefox's built in browser that I guess approaches reading differently, but I don't feel like there's strong confidence in what are the preferred routes for using those files
@-MasterofChaos-3 ай бұрын
Conclusion : Don't open files.
@FlashkidsGaming2 ай бұрын
How does this not have a reply
@FlashkidsGaming2 ай бұрын
I subbed to u
@fafardh Жыл бұрын
The correct answer to "Which Kinds of Files Can Be Viruses?" (the title of the video at the time of this writing) is actually: "Any file that can be opened." The files listed in this video are merely the ones that can perform malicious actions on their own, i.e. without tricking the program opening them into doing things it's not intended to. I think that's important to keep in mind, because failing to do so may lead to letting one's guard down at the wrong moment.
@mgord9518 Жыл бұрын
Some files can even infect your computer without being opened with the right vulnerability. Pretty sure it's been patched but Windows Explorer had a real nasty vulnerability that would allow ACE via rich text documents being thumbnailed.
@fafardh Жыл бұрын
@@mgord9518 That's correct. Files don't necessarily have to be explicitly opened by the user. Some applications may automatically open a file without user intervention (e.g. by Windows Explorer for the purpose of generating thumbnail as you mentioned). I hadn't really thought of that, but you're right: that's also opening the file and therefore a potential attack surface.
@williamdrum989910 ай бұрын
I remember when I learned that changing the file extension has nothing to do with what the file is, and you can freely change it back without ruining it. It was like The Matrix
@TheGodOfAllThatWas Жыл бұрын
I wish you had mentioned in the summary at the end that technically at some level ANY file can become an issue if the program that opens it is ubiquitous enough and has a bug. This used to be a big problem although (maybe) DEP solved it back in the xp/vista days when MS had a bug that let a JPG run code (The GDI+ JPEG parsing vulnerability published in September 2004). With the amount of layers that need to fail for it to be an issue I wouldn't worry about it TOO much as long as you keep up to date on your updates. But it is a good reminder to keep up to date on your updates if nothing else.
@henke37 Жыл бұрын
DEP is a mitigation, not a solution. It makes the task more challenging for the attacker, it doesn't remove the vulnerability.
@TheGodOfAllThatWas Жыл бұрын
@@henke37 True. Which is why I feel he should have mentioned it in the video. It's a layer that tries to solve the issue of accidentally running bad code. Like the mark of the web (that he mentions in the video), UAC, windows defender, and remembering to keep up to date on your updates are all layers. But even with all these layers it's (maybe) just one bug away from being an issue.
@nameless......................2 ай бұрын
can a .wad file be dangerous? or a .🗿 file?
@yhfhdcf Жыл бұрын
literally every comment is "can we give a moment to appreciate how much work thiojoe puts into his videos"
@Ironyum99 Жыл бұрын
becuase they are all true!
@miomip Жыл бұрын
I would probably add jar files to the list purely because of how common it is to have the jdk installed. And for those who aren't familiar with the jdk or its executable, the jar file. Jar files are a combined executable and library, which is used in Java, Android, and Kotlin development. In other words, it's everywhere and can on a lot of devices (especially phones) run without you downloading the jdk manually.
@mgord9518 Жыл бұрын
Build once, infect anywhere
@coolulder Жыл бұрын
There are also xlsb files that can contain macros. It is the same as xlsm but instead of the XML format it is saved as Microsoft's Binary type.
@danikrimm99 Жыл бұрын
Important note: Windows can include meta characters into filenames, for example a right-to-left character. This can lead to characters in filenames being displayed in unusual orders. A common filename this is used in is something like nice-arcs.jpg is acutally a src file, not a jpg
@nameless......................2 ай бұрын
nice-gpj .src?
@portablecollector Жыл бұрын
CMD,ZIP,BAT and EXE are the ones to usually be thought of, no idea it went this deep!
@nameless......................2 ай бұрын
but can you make a .wad or a .🗿 file into a virus?
@MonochromeWench Жыл бұрын
DLLs can be a lot more dangerous than may be immediately obvious, you don't even need to directly do anything for there to be a problem. A malicious dll file in your download directory might be inadvertently used by some exe in your downloads that you run later, this is very dangerous if the exe is an installer running elevated calls into a malicious dll by accident. This is one reason why auto download exploits are a problem as the malicious file might cause trouble later even if it doesn't immediately cause a problem. You should never leave untrusted dlls in locations where programs might be run from. This can also be a problem with the temp directory so it is a good idea to clean out your temp directory regularly. Dlls in temp can be a general problem even if not malicious as poorly coded installers might leave dlls in the temp dir that interfere with other installers that also want to run from the temp directory. The Installers and dlls in temp problem is mostly an issue with older installers. More modern ones are coded better to try and avoid the temp dll problem. Microsoft over time has attempted to mitigate dll attacks but the solutions are not perfect.
@ivans.935 Жыл бұрын
Thanks for a thorough review. I wonder, if one has common sense, does one needs to run an antivirus software at all? I mean, there are huge privacy concerns - an antivirus runs all the time, has access to all of your files. Who knows what it’s doing with all that information…
@johnpatrickadem6294 Жыл бұрын
for example, i can *literally* rename *"executable.exe"* to *_"executable.txt"_* _(or any other file extension)_ and still be able to *run it* under *command prompt* by normal means, the "executable.txt" will be opened in notepad because it has the .txt extension which windows will interpret it as a "text file" (even viewable in the preview pane in explorer)
@Lofote Жыл бұрын
But then the code that is executed is not insde that file
@johnpatrickadem6294 Жыл бұрын
@@Lofote what do you mean by that?
@Lofote Жыл бұрын
@@johnpatrickadem6294 the exe is directly loaded into memory for the cpu to execute. So it contains cpu executable instructions, the txt will trigger notepad or a different program to read and parse
@johnpatrickadem6294 Жыл бұрын
hmm, four replies but only three replies, seems legit...
@cycrothelargeplanet Жыл бұрын
@@LofoteWhat does that mean
@IveTouchedGrass Жыл бұрын
Conclusion: literally anything can be malware
@nameless......................2 ай бұрын
it could be any one of us... it could be YOU! it could be ME! it could even be-
@minix07 Жыл бұрын
Respect for having good captions and chapters
@FightingTable Жыл бұрын
ThioJoe I really appreciate you adding subtitles to your videos, they are very useful
@ZafkeilGaming Жыл бұрын
nice drop bro, appreciate the warnings :) this stuff is really important. Your video helped me explain how to keep my parents safe and your videos helped us a lot in general really
@twistandsnout Жыл бұрын
Just get Linux and don't worry about any of this.
@ZafkeilGaming Жыл бұрын
my parents have used windows 8, 10 and 11 and i dont have the heart to force them to switch (also would get my ass whupped for trying)@@twistandsnout
@justas1600 Жыл бұрын
@@twistandsnoutyeah a nice idea to let old people/parents that don't know a lot about computers use linux....😂
@SotraEngine4 Жыл бұрын
It may be that Linux may be safer. Or it could be that the user base pf Linux are safer
@jongeduard Жыл бұрын
You did not mention HTA files, which are HTML applications. Although if I am right these don't work on modern Windows versions anymore, but on a bit older versions they worked and they are are basically just like VBS and JS files, because they have unrestricted system acces via VBScript or JScript, but then embeded in an HTML code and opening with a real window a bit like Electron applications do today, but then using Internet Explorer as their engine instead, since we are talking about a really old technology.
@petefrancisco3267 Жыл бұрын
HTML files or .txt ... I mean txt files can be executable...
@DingusYi Жыл бұрын
I’m surprised you didn’t mention .jar files. I’ve heard they have been used a ton by hackers/viruses and every time I download one my pc tells me it could be dangerous and I have to manually tell it to keep the file every time.
@underrated6902 Жыл бұрын
.jar files are .zip files in disguise, optionally with some metadata (as a file in the archive itself) for the Java Virtual Machine.
@DingusYi Жыл бұрын
@@underrated6902 The only reason I really know about them is because they are used for Minecraft mods. Other than that I haven’t really seen them used.
@jongeduard Жыл бұрын
In fact, these things like jar files, but also msi files and certain kinds of cab files are all just archive types with a file association, which makes them exacutable. Note that jar files do not work on every system, because Java needs to be installed for them, which is not the default, and even msi and cab need Windows Installer to be there, but which is normally the case. All these are normal archive types and don't have a PE header like exe or dll and are never executable by themselves. Self executing archives do also exist however, which contain a full PE application binary followed by the actual archive behind it as a payload. The application simply has the task of unpacking the actual archive, which may be in the form of an installer like approach, but it can also be an application that automatically unpacks the archive into a temporary location and starts another application that was packed inside the archive.
@mega_gamer93 Жыл бұрын
@@underrated6902 ???? no they aren't. They are self containing (except for the JVM) java programs. They are nothing alike zip files, which is an archive format that uses compression
@jongeduard Жыл бұрын
@@mega_gamer93 Yes they are. Jar files are just ZIP archives, with compiled class files inside it and a META-INF directory containing a MANIFEST.MF text file with extra information. Very simple. The trick is that the Windows registry has a java -jar command pre associated with the jar file extension. A thing created by the installer of the Java runtime environment.
@phizc Жыл бұрын
12:55 the zip file itself can't store the "mark of the web", but if the zip file has that mark, all extracted files will inherit it if you use Windows' built in extractor. 7Zip among others doesn't mark the extracted files, so you should still be careful. The mark of the web is actually an alternate data stream on the file called "Zone.Identifier". It's text data and you can even open it in notepad. The easiest is to use the command prompt. Notepad my-downloaded-file.zip:Zone.Identifier
@liforra9 ай бұрын
The more you know
@CMM4710 ай бұрын
Fun fact: Putting a file called AUTORUN.INF inside of an ISO file will make it execute as soon as you mount the image.
@ThexBorg Жыл бұрын
Hey Joe, have you done a video on the 'Hosts' file in many operating systems and some devices? It's quite handy and a lot of sites publish custom Hosts files to block online content and ads. A free alternative to spending money on ad blocking software.
@ThexBorg Жыл бұрын
Hosts file can be edited as admin and retains those changes and will not revert unless prompted. It is a root level DNS resolver pathway, not only on WinOS, but on MacOS and AndroidOS amongst many others. The only platform that locks out the user is iOS.
@Reed_Peer Жыл бұрын
I love how his recent videos are all genuine and not satire like his old videos back in 2015-2017
@Norman_Fleming Жыл бұрын
You should just assume ANY kind of file can be an exploit. Remember image formats can exploit weaknesses in the rendering programs. Etc
@darkfall7250 Жыл бұрын
For archived files, its pretty much unlimited. you are able to make a compressed folder and rename the 'zip' to just about anything, you just need a tool like 7zip, or winrar to open it.
@Arlus Жыл бұрын
Congrats on 3 mil!
@koopatroopa6882 Жыл бұрын
Translate: Congratulations on 3 thousand! 🤦
@Arlus Жыл бұрын
@@koopatroopa6882 hes at 3 mil subs lmfao
@curtisw0234 Жыл бұрын
Any file can be a virus if opened by a program with an exploit
@iluvpandas27556 ай бұрын
Thankfully most exploits are tightly kept secrets.
@iluvpandas27556 ай бұрын
I do not think the Chinese goverment will use their malware to infect a random person on the internet
@ultimate90562 ай бұрын
@@iluvpandas2755There's nothing to be thankful for about that...
@SunsetArchon Жыл бұрын
Thank you. I was just thinking about this very question earlier this week.
@cheeseparis1 Жыл бұрын
Thanks for these warnings! Did Windows patched the ability to have the actual extension _before_ the dot?
@TrineDaely Жыл бұрын
Thank you for being a stable voice in this wilderness.
@noahhill848311 ай бұрын
Nice video, I would however have added one extra thing to talk about the shortcuts. Inside a shortcut you aren't just limited to running other files, but you could make the shortcut point to something like 'C:\Program Files (x86)\[some web browser like IE]\*.exe [some website]/virus.bat' and then even without that file being on your system, that shortcut will download the file using Internet Explorer. With some extra editing via Notepad I think you might also be able to include the bad code right in the file without the use of other files or programs. Stay safe lol. Great video Thio
@tzarg Жыл бұрын
always love and appreciate those proper subtitles!
@WarriorRev6300 Жыл бұрын
This is the video we didn't know we need but needed.
@maxgafner6503 Жыл бұрын
That's great, sobriety can be something really difficult especially if you have a previous addiction. Stay safe
@thahrimdon Жыл бұрын
ThioJoe always dropping videos on my shower thoughts
@cheddars2 Жыл бұрын
Our lecturer showed us just how nuts a simple word macro is. Full remote access with some social engineering, and made stronger via obfuscation. Crazy.
@donbrunodelamancha1927 Жыл бұрын
Thank you for all your content, as it is unassailable and very valued. So I pose the question: are use system, mechanic, ultimate for both virus, malware, system maintenance combination, suit. I know Bit Defender is a superior program for defense and monitoring, can you recommend a program for system maintenance that can be integrated into Bit Defender?
@keithmonahan3788 Жыл бұрын
Thanks for the excellent video TJ ! Very well done as always. Clear, concise and to the point. Please keep up the amazing work. For I appreciate your content. !! 👍👍 ⭐️⭐️⭐️⭐️⭐️
@9xGPU Жыл бұрын
Don't open a random powershell script
@LydiaReiko Жыл бұрын
dont open a random file*
@Monkeymario.2 ай бұрын
0:14 YAY! PROPER SUBTITLES! :D
@ziefty Жыл бұрын
This guy always has good videos for years now
@deusprogrammer_thekingofspace Жыл бұрын
Short answer. Anything that is an executable with any access to the OS/File System or is openable by an executable with a vulnerability that can be exploited using the payload of the file. JavaScript in the context of the browser is really only able to be a “virus” is if the js interpreter or the browser itself has a vulnerability that can give it access to anything beyond the browser like the host file system. JavaScript in the context of the Node.js language is a whole other story because it has access to the local file system and operating system.
@camm344 Жыл бұрын
thanks for putting timestamps (i skipped the sponsor)
@jboblk Жыл бұрын
This guy used to trick me into taping batteries on my ethernet cable, now hes helping everybody out
@Insightfill Жыл бұрын
9:29 Love the zip-bomb and 7zip-bomb exploits. Nothing like a tiny file that unpacks into a few petabytes to ruin your day.
@PowerStar004 Жыл бұрын
Today I learned why ps1 game isos don't use ".ps1" as an extension.
@crosssans9984 Жыл бұрын
lol
@JohnGoard Жыл бұрын
Thanks Joe I did not know of all of these file extensions.
@Creative_YT Жыл бұрын
Virus or not, the worst file is by far the .WEBP file. Just lemme save the image!
@rowen342 Жыл бұрын
God I despise webp with a passion
@cycrothelargeplanet Жыл бұрын
Whats the point of WEBP?
@signesartandanimation2 ай бұрын
Hmm i just open them in krita then save them as either png or jpeg files
@Pohie Жыл бұрын
This guy’s merch is top notch
@TheRouteShow Жыл бұрын
pls make video on long-term personal data storage tips like mdisc etc...
@Monkeymario.2 ай бұрын
0:04 not me i scan every file i download on the internet and ya know whatever.jpg could have a virus! also dont forget .jar files you need to watch out for those especialy if you play Minecraft.
@user-wk9gu2 ай бұрын
What do you use to scan?
@oglothenerd6 ай бұрын
As a Linux user, I really don't have to worry. Because... Linux makes you give the file a permission that allows it to execute.
@Algeriawindows69 Жыл бұрын
batch files and vbs files are not an issue, there is a modify option when you right-click it
@kirkoneill1387 Жыл бұрын
Do a video explaining the origins of file extension types. Like how they chose or came up with executable, png, jpeg batch, etc etc.
@simontay485110 ай бұрын
All file extensions are abbreviations of words. PNG stands for Portable Network Graphics. JPEG is Joint Photographic Experts Group.
@kirkoneill138710 ай бұрын
@@simontay4851 interesting!
@RenTheFen Жыл бұрын
Literally what everyone using a computer should know!! I didn’t even know some of these!!!
@demonking252611 ай бұрын
I have Bitdefender. It's been protecting me for years. Another note is always keep the software up to date in case of vulnerability
@jul144010 ай бұрын
For archive files, .rar is just as common as .zip if not more so, and certainly .rar files with malicious code exist.
@Insightfill Жыл бұрын
I remember a great Win XP SP0 exploit where just hovering the mouse over an MP3 file could get you infected due to malformed ID3 tags and the mouse tip. Good times.
@Lampe2020 Жыл бұрын
One file type that I can definetly say is secure (because I am the one who wrote the file type specification) is .l2db (Lampe2020-DataBase), which is a simple, binary database. You can of course store malicious code in it (the same as you can in .zip files), but it is really non-trivial to execute that. And the format doesn't support encryption, so you cannot smuggle malicious stuff past a good antivirus inside one of those.
@mgord9518 Жыл бұрын
No file type is safe, it completely depends on implementation. If someone were to make a bad parser for your format, it could potentially lead to code execution. Of course this is primarily an issue with much more complicated file formats that probably have some feature regarding macros/scripting but anything is possible when buggy software is involved.
@Lampe2020 Жыл бұрын
@@mgord9518 If the parser is safe the file is safe, but theoretically you could of course also make an SQL database file dangerous with the "right" vulnerabilities in the parser.
@Oreo108GD Жыл бұрын
Yes, VBS 😅 ive created some loops myself and got scared of my own virus
@crosssans9984 Жыл бұрын
why. just why
@Xnoob545 Жыл бұрын
I made a bat forkbomb and waited too long to kill it and froze my laptop
@Oreo108GD Жыл бұрын
lol 😅@@Xnoob545
@zerotwoisreal Жыл бұрын
i made a program that repeatedly rickrolls you
@Oreo108GD Жыл бұрын
because its funny (it wasnt public i just made it for myself)@@crosssans9984
@ImDuck42 Жыл бұрын
I downloaded Polybridge 2 from some Russian Site. It was an .iso file. I mounted and ran the .exe file. Everything worked great 👍
@k8rgrl Жыл бұрын
Bro's flirting with disaster 😭
@ImDuck42 Жыл бұрын
@@k8rgrl nah PC still working 👍
@Blast-Forward Жыл бұрын
@@ImDuck42 That's what people stealing your data want.
@k8rgrl Жыл бұрын
@@ImDuck42 homeboy really found the one guy that actually had candy in his van
@MasterCraft_48 Жыл бұрын
Will you do a video about linux in the future or is Windows your primary focus?
@Lofote Жыл бұрын
I would generally always recommend to master ONE os, and not many just on the surface. There are however many linux experts on youtube :)
@crosssans9984 Жыл бұрын
linux bad
@MasterCraft_48 Жыл бұрын
@@Lofote im just suggesting maybe a pros / cons so ppl learn ab linux more
@MasterCraft_48 Жыл бұрын
@@crosssans9984 and why is that?
@androidlogin3065 Жыл бұрын
7:30 In long term that looks like a really bad idea, associate extensions to Notepad is not the bad part, the bad part is that you get upto use double-click on files ... any application can change the association inthe future and since you are using double-click it will be able to be run. I mean: Better never do any double-click on any file or folder, better allways use contextual menu. If you get used to allways use double-click you can not be sure what will be done someday, double-click action can change from time to time without you knowing it. What looks like a folder could be something really bad, like a ransomware, etc.
@0ZeldaFreak Жыл бұрын
One important thing is that you still should be suspicious of files you are waiting for. This happend to my mother. She requested some documents and got them via mail. She asked me for help, because office was having issues (it was cracked and the Crack broke and it took ages to open it). It was a word document. I was kinda suspicious and asked about the email. She requested some documents and it was an answer to that request and I thought computer noobs sending documents via word, instead of a PDF. I tried to open it and I got the same error. I realized that Windows defender silently deleted the file, because of an virus. I stopped and told her to call this person and ask them. As it turned out, they got hacked. This shows that you still need to be cautious when getting files from anyone. Also files could be altered. What I didn't knew that even PDF files could have macros. I knew that a PDF has some features but macros was new to me. What I want to know what files could break your privacy. I know that with music and video, Metadata could get pulled from the internet. I also know about Playlist files that open a webstream. These do break privacy, because they connect you to a server. But I'm not sure if there are certain pictures, movies or music files, that could show you the content but also connect to a server. Also there are some things missing. A zip file itself could be harmful. It could be a zip bomb. They work in a simple way. They have a huge amount of data extremely high compressed. Your computer will crash, because it exceeds every memory limit. It's more of a prankster file but opened at the wrong time, it could do some damage due to the crash. Also file extensions don't matter at all. These only matter for your OS and tells it to how handle the file. You could rename an archive file as .jpg and open it with an archive program and it works. It's up to the program to determine if it wants to open the file and to check its content. There is a trick and you can combine an image and an archive file. You can open the file as image and see the image and open it as archive and you see the archive. Programs might just look for the fike headers they can handle and ignore the rest. This way you can even hide a payload in plain sight.
@gergelyvarju6679 Жыл бұрын
I would add a 6th and a 7th category. If an attacker knows that you use some outdated piece if software (including OS components) with a security hole allowing an attacker to execute any code it can be used to deliver malware. It can be a targeted attack specific to you, or can target everyone who is a registered user on a web page (forum, etc) about the outdated piece of software. I have also seen malicious code in source code form. Targeting people who would copy lots of code from questionable sources to their own solutions.
@CoolPupilgamere562 ай бұрын
YOu Are My Favrouite KZbinr Of All Time!
@WolfkunDotInfo Жыл бұрын
Fun fact. I had set the poweshell limitation i saw in his poweshell video and it breaks visual studio installer. It gives a completely arbitrary error, so if you are failing to install or upgrade visual studio after applying poweshell security settings, remove themand retry. It is to bad as it is easy to do a simple bat file that can temporarily clear and reset (run as admin) which means ms could have done the same since vs installer also requires admin.
@iirekm10 ай бұрын
In certain situations (e.g. software with buffer overflows, script injection volnurabilities, bugs causing denial of service, not checking input file size), ANY file (image, audio, video, ...) opened in such a program can be dangerous (although of course it's less common).
@endercrafto3 Жыл бұрын
Thanks proper subtitles
@mohammed_02 Жыл бұрын
this is gonna filled with information thank you so much
@bhargavjitbhuyan9394 Жыл бұрын
The savior of our laptops(or desktops).
@Z4KIUS Жыл бұрын
while most of js files you encounter are JavaScript the built in host actually runs JScript, the MS implementation of ancient ECMAScript spec
@elementalgamers863 ай бұрын
The fact that you point out, the only file on good at coding in bat is considered a virus since I code viruses and I’m like one of the main productions of viruses using bat
@Rocky_Rickaby1011 ай бұрын
Actually certain dll files can be run! In system32 a program called rundll32 can be used to run certain dll files. The run box is actually a dll. It is inside of C:\Windows\System32\shell32.dll. As said in the video they do contain multiple things. This one is also commonly known to contain a number of icons files. (When selecting an icon for a shortcut type it in. There is also a nirsoft program called iconextract). The command to open the run diagloge is actually rundll32.exe shell32.dll,#61 (61 shows what part of shell32 to open)
@ianm00n Жыл бұрын
I didn't know all of these, good video!
@filipjukelson7144 Жыл бұрын
Basicly all files
@raquelromero-p3f Жыл бұрын
Corrections & Notes:• The JS file is actually JScript, not Javascript. Protect this man at all costs.
@tacticalnoob2599 Жыл бұрын
Best tip out there: just assume that all files could have a chance of having viruses. It's that simple.
@depannenkoekjesman Жыл бұрын
.xlsb-files in Excel also support macros!
@comaiscool Жыл бұрын
Education is the best preventative, Thank you for sharing and informing.
@wolphin732 Жыл бұрын
ZIP isn't the only common compressed file type, RAR is very common, and windows is getting a extractor from some stuff I have heard... there's also 7z, and many others.
@petefrancisco3267 Жыл бұрын
Was popular during the floppy disc ..
@LazyNVersions Жыл бұрын
Okay, you are extremely amazing because I not only didn’t know what type of files these were, and am always grateful for knowledge, but also I thought .zip files were safe Apparently not all that safe lol, I’ll only be opening those if they’re from trusted sources, like my mom after double checking she sent that.