Script files like Javascript are used by a number of different malicious attacks (think ransom) as a way to run code on your machine outside of the protection of an application, typically from email or website downloads, you can stop this quite easily.


On Windows 7/8 and 10 you have a number of ways to do this.

  1. Open Control Panel > Control Panel Home > Default Programs > Set Associations
  2. Select a file type ( js )in the list and click Change Program then select NotePad


  1. right-click the file whose association you want to change > Properties > General tab > Type Of File > Change > Choose a program from the list or recommended or other programs select NotePad

What happens now?

When you get a file with this extension rather than just run it will open NotePad, for most users you will never beware that anything has changed, if your are a developer then you should know how to make this work for you.

What else can I do?

If this is your own personal machine for business you might want to repeat the process for the following file extensions:

  • ps1 ps1xml, ps2, ps2xml, psc1, psc2
  • java
  • bat
  • py
  • cmd
  • vb, vbs
  • jse
  • ws, wsf
  • wsc, wsh
  • msh, msh1, msh2, mshxml, msh1xml, msh2xml