How to detect virus of Java Script.

[jean11919]

How to detect virus of Java Script.

[djr33]

Your question is unclear. What do you mean? Javascript cannot include a virus-- it is not that kind of code. There can be other security threats, but not viruses.

Other threats include XSS (cross-site scripting) and ActiveX (IE-only) attacks, where ActiveX allows direct access to the computer.

[keyboard]

Your question is unclear. What do you mean? Javascript cannot include a virus-- it is not that kind of code. There can be other security threats, but not viruses.

Other threats include XSS (cross-site scripting) and ActiveX (IE-only) attacks, where ActiveX allows direct access to the computer.

Also are you trying to detect a virus made in javascript or trying to detect a virus with javascript.

Agreeing with Daniel, you can't make a virus out of javsacript. It just doesn't have enough power over the computer.

[jscheuer1]

An Active X attack can introduce a virus (more likely a trojan that carries with it a virus) but isn't in and of itself a virus. XSS can trick you into downloading a virus or virus laden files.

The best solution is to have a good up to date resident shield (or equivalent - resident shields are now being replaced by more efficient methods) and keep security settings in IE high enough to prevent installation of Active X without your permission. The default levels are sufficient as long as you don't say OK to their installation when prompted, which you should never do unless you 100% trust the site and are 100% certain you are on the official site it appears you are on.

Generally reputable sites like banks and merchants will not require these anyway. Avoid warez sites and sites that say they will give you copyright material like movies and music for free. These often require you to do things that will install viruses or trojans on your computer.

Keep your Flash, Quicktime, Java, Adobe Reader and any other plugins you use regularly up to date on their own (most will prompt you at startup when updates are ready or do so automatically, depending upon your settings), so that you will know if prompted to update one of those by a website that it's probably an attack.