which types of files can be infected by a virus?

Many types of files can be infected by viruses/malware. Malware can affect all operating systems, but most malware is written for Windows machines because of the very large user base. Apple and cell-phone Os virus are on the upswing though.

About 80-90% of viruses are in Windows PE (executable files--exe, dll, scr, etc.). The other 10-20% are in miscellaneous files, such a PDF, javascript, java, email, flash, rich text format files, and Microsoft Office files (doc, ppt, xls). Once in a long while you see malware in graphic files, such as gif, jpg, jpeg and sound files (such as mp3 and wav files). currently, I see a lot of malware htm/html hypertext files--often in a direct link or in a redirected web page.

You can do a search on Google for "dangerous file extensions" to get a good list (no list is ever complete) of infectable file extensions, but make sure it is no more than a year or so old. The little Clam Sentinel real-time front-end for ClamWin has a good default list of about 120 file extensions. Here is my personal list of file extensions that I watch in Clam Sentinel (remember no list is complete):

ExtToScan=.BAT,.BIN,.CLASS,.CMD,.COM,.CPL,.CRT,.DLL,.DOC,.DRV,.EML,.EXE,.FLV,.HTM,.HTML,.INF,.JAR,.JOB,.JS,.JSE,.LNK,.NT,.OCX,.PDF,.PHP,.PIF,.PPT,.RAR,.REG,.RTF,.SCR,.SWF,.SYS,.TMP,.VBE,.VBS,.WSF,.WSH,.XLS,.ZIP

Regards,

so, an antivirus controls the signature of ALL files?

Yes, most antiviruses (AV) today have signatures for all the types of files that will run under the operating system for which the AV is designed. Most AVs now have signatures for spyware, so you do not need to run a separate antispyware program, unless it has some protection you need that your AV does not have (such as behavior blocking or bad web site blocking).

Regards,

In this way, however, the search for signatures in the database can become very slow, is not it?

Computers are very fast at searching, and you can use different searching methods/algorithms to make them faster. AVs also can periodically eliminate old signatures, combine similar signatures, and get generic signatures that will recognize many viruses (sometimes one signature will recognize 1,000 or more viruses). In addition to signatures, most AVs have other ways to detect viruses--such as by behavior patterns and peculiar file structures. For the present, signature search slowdown does not seem to be as big of a problem as expected. As computers get more powerful, I do not think it will ever be a big problem. Clam AV/ClamWin now has 1,172,558 separate signatures and is faster than it was several years ago. Many AVs now have several million signatures.

Something else to consider: many AVs "control" a file while scanning for signatures until it matches a signature or is found to be "good." At that point, the AV will stop "control." The user does not usually notice any delay.

Regards,

it is possible that a harmless file can be recognized as a virus, through the verification of signatures?