How to stop .js files from executing

Malware can arrive on your computer via different routes, but these days the most frequent way is through an infected e-mail. Lately, the malware, such as ransomware, is often disguised as a .js file, which means that it is delivered to you as a JavaScript file.

JavaScript inside email messages has been disabled by default for years in all major email programs, so emailed JavaScript are quite safe. Unfortunately, once a .js file has been saved to your hard disk, Windows will run it by default outside your browser. Which means that you can be in serious trouble.

To protect yourself against these malicious JavaScript attachments, you should set your system to open all .js files with Notepad by default. Via these easy steps you're safe again from these malicious attacts on your privacy.

[1] Rightclick on an empty space in your desktop
[2] Select 'New', select 'Text document'
[3] Rename that text document from .txt to .js via rightclick and 'Change name'
[4] Rightclick the .js file and select 'Open with', select 'Choose another app' and select 'More apps'
[5] Select 'Notepad'
[6] Somewhat down select 'Always use this app to open .js files'

[Update 13 February 2019] If you want to email a .js file to somebody for any reason, you cannot do so through Gmail anymore. The service now blocks JavaScript file attachments. It had\s added it to its list of restricted file types, which includes .exe, .msc and .bat.

If you do try to attach a .js file, you'll get a notification that says it's blocked "because its content presents a potential security issue."