Answer:
Basically, anything that is executable (able to run). You’re generally safe with picture files, text files, and the like. However, it still pays to scan first.

Here is a (very) short list of the most common to watch out for:

exe
zip
scr
vbs
bat
com
pif
asp
doc
xls

Those are the most common. Please, please, I beg you, don’t misinterpret this to mean that if you get one of these files it’s automatically a virus. A “.zip” file may be nothing more than a set of compressed files your friend sent you to look at. A “doc” or “xls” file may simply be an MS Office file. It’s just that these type of files could also be viruses.

A couple other virus tricks you need to be aware of. First, MS Office files can contain what are called “Macro Viruses”. Without getting into too much detail, these files can run a “macro” (a macro is a mini-program run from within another program) that can be as destructive as any “regular” virus. So, my advice on MS Office attachments is not to open them unless you are expecting them. If they just show up, verify with the sender first.

The other trick you need to look out for is an extra extension added to an attached file. For example, you may have something like “mypicture.jpg.vbs”. In fact, if you don’t have your computer set to view file extensions, it may just look like “mypicture.jpg” and omit that last “vbs” part.

This may appear to be a jpg picture file, but it’s actually a Visual Basic Script file. If executed, it will happily infect your computer with a virus.

So, be careful out there.
Article from worldstart.com