1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Windows script file error

Discussion in 'Windows 8' started by gregory8391, Apr 23, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. gregory8391

    gregory8391 Thread Starter

    Joined:
    Aug 18, 2014
    Messages:
    35
    I am regularly getting a pop up message saying Windows cannot find a script file. It doesn't appear to stop anything working but is most annoying. Does anyone know how to stop it appearing and what causes it?
     
  2. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,233
    which script file please
    the message usually is - for example


    "Can not find script file AND then usually the indicated reference to the file it cannot find


    such as here
     
  3. gregory8391

    gregory8391 Thread Starter

    Joined:
    Aug 18, 2014
    Messages:
    35
    Will let you know when it comes up again.
     
  4. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,233
    OK then we should be able to make some progress
     
  5. gregory8391

    gregory8391 Thread Starter

    Joined:
    Aug 18, 2014
    Messages:
    35
    Cannot find script file c:/ProgramData\{F95e119D-A9DC-C01B-185A-B099C8D86317}\1.9.3.1\fiber.js". Hope this helps.
     
  6. gregory8391

    gregory8391 Thread Starter

    Joined:
    Aug 18, 2014
    Messages:
    35
    Just by chance found the above file put in my virus vault by AVG. Have now restored it and will see if the box reappears.
     
  7. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,233
    That was the wrong move
    The file is connected with adware usually acquired from some free download of other software
    The adware usually produces adverts for coupons to use - usually useless - on various sites for purchases or other advertising pop ups on your browser


    Check programs and features in control panel
    do you have listed any programs you do not recognise could be named
    Binkiland, Jamenize, Omniboxes or Taplika and WSE_Binkiland, WSE_Jamenize, WSE_Omniboxes or WSE_Taplika.


    or some similar title - they may not be there as AVG may have detected and removed some aspects but left some, resulting in the script error
     
  8. gregory8391

    gregory8391 Thread Starter

    Joined:
    Aug 18, 2014
    Messages:
    35
    I thought it would be OK as it was windows that was trying to find the file.I have no programmes with any of the names you mentioned. What is my best option now? Haven't had the box again so far.
     
  9. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,233
    Windows was trying to find it because there is some element of the adware left
    AVG had put it in the virus vault because it detected it as adware


    It is not now trying to find it as you have restored it from the virus vault


    Download the FREE malwarebytes, even although you are downloading the FREE one you still have to opt OUT of the offer of the 30 day trial of the paid for edition in the install process
    It is most important that you ensure you do opt out of this
    Here is the download
    http://www.malwarebytes.org/mwb-download/
    the right hand column download


    When you have it installed run a scan and then allow it to clean
    then on the GUI - the Guided user interface click the history tab then on the left click the application logs open the log from the scan and click to copy and then paste the log to your reply
     
  10. gregory8391

    gregory8391 Thread Starter

    Joined:
    Aug 18, 2014
    Messages:
    35
    Scan completed. During the scan AVG did a scheduled scan and returned the offending file to the virus vault

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 24/04/2015
    Scan Time: 15:50:42
    Logfile:
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.04.24.03
    Rootkit Database: v2015.04.21.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Richard

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 352555
    Time Elapsed: 45 min, 57 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 9
    PUP.Optional.Binkiland.A, HKLM\SOFTWARE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}, Quarantined, [194a6a065139bf77a7d87dc1a85b4eb2],
    PUP.Optional.Binkiland.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}, Quarantined, [194a6a065139bf77a7d87dc1a85b4eb2],
    PUP.Optional.Binkiland.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}, Quarantined, [194a6a065139bf77a7d87dc1a85b4eb2],
    PUP.Optional.Spigot, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}, Quarantined, [88dbde92ed9d86b046c1c605f40d11ef],
    PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, Quarantined, [243ff47ca8e2fc3abb9b8043a85bea16],
    PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, Quarantined, [8fd429470189290ded69ecd7fb08dc24],
    PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, Quarantined, [fc67a1cf7e0c5fd7520418ab27dcfe02],
    PUP.Optional.Binkiland.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\wse_binkiland, Quarantined, [68fb462ac0caa492866ee86a798c8c74],
    PUP.Optional.BrowserExtensions.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS, Quarantined, [fa6982eeb3d71a1c77ca10c8a16248b8],

    Registry Values: 12
    PUP.Optional.Spigot.SID, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Extensions, "C:\Users\Richard\AppData\Roaming\Browser Extensions\CouponsHelper.exe", Quarantined, [77ec353b2c5eff37b56b340e4abc14ec]
    PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, http://binkiland.com/?f=3&a=bnk_dnl...yDzztD0CtAyCzy0D0D0DyC2Q&cr=1302301819&ir=&q=, Quarantined, [243ff47ca8e2fc3abb9b8043a85bea16]
    PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, http://binkiland.com/?f=3&a=bnk_dnl...yDzztD0CtAyCzy0D0D0DyC2Q&cr=1302301819&ir=&q=, Quarantined, [8fd429470189290ded69ecd7fb08dc24]
    PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, http://binkiland.com/?f=3&a=bnk_dnl...yDzztD0CtAyCzy0D0D0DyC2Q&cr=1302301819&ir=&q=, Quarantined, [fc67a1cf7e0c5fd7520418ab27dcfe02]
    PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Binkiland\\, Quarantined, [d88bb3bd3357c27476ea982ba95a0000]
    PUP.Optional.BrowserExtensions.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_Ver, 2.0, Quarantined, [fa6982eeb3d71a1c77ca10c8a16248b8]
    PUP.Optional.Spigot.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}|URL, https://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=201117&p={searchTerms}, Quarantined, [f073fe72a6e4ed49f735d6efb84b60a0]
    PUP.Optional.Binkiland.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{46D88CED-9BB6-404A-A886-4A06CBE20CCA}|URL, http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_dnldwz_15_13&cd=2XzuyEtN2Y1L1Qzu0EtDtA0FyEzy0Czy0D0ByEtC0A0EyDtDtN0D0Tzu0StCtCyBzytN1L2XzutAtFzztFtAtFtCtN1L1CzutCyEtBzytDyD1V1BtBtN1L1G1B1V1N2Y1L1Qzu2SyDtCtDzy0CyDtBtCtG0A0F0C0CtG0CyCyD0EtG0AyCtCyDtGtD0CtCyCtCyEyE0FzztB0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0CyByE0F0F0CzztGzz0C0AyEtGyEtAtA0CtG0AyCyB0BtG0CyDzztD0CtAyCzy0D0D0DyC2Q&cr=1302301819&ir=, Quarantined, [94cf125e0c7e3600a3a9ccfa1fe4a15f]
    PUP.Optional.Binkiland.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{46D88CED-9BB6-404A-A886-4A06CBE20CCA}|TopResultURLFallback, http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_dnldwz_15_13&cd=2XzuyEtN2Y1L1Qzu0EtDtA0FyEzy0Czy0D0ByEtC0A0EyDtDtN0D0Tzu0StCtCyBzytN1L2XzutAtFzztFtAtFtCtN1L1CzutCyEtBzytDyD1V1BtBtN1L1G1B1V1N2Y1L1Qzu2SyDtCtDzy0CyDtBtCtG0A0F0C0CtG0CyCyD0EtG0AyCtCyDtGtD0CtCyCtCyEyE0FzztB0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0CyByE0F0F0CzztGzz0C0AyEtGyEtAtA0CtG0AyCyB0BtG0CyDzztD0CtAyCzy0D0D0DyC2Q&cr=1302301819&ir=, Quarantined, [cb9891dfc3c7a492da72fbcbef140df3]
    PUP.Optional.Binkiland.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{46D88CED-9BB6-404A-A886-4A06CBE20CCA}|FaviconPath, C:\Users\Richard\AppData\LocalLow\Microsoft\Internet Explorer\Services\FavIcon.icoWSE_Binkiland, Quarantined, [3b28b4bcc6c4fc3a81cb5c6ae71c21df]
    PUP.Optional.Binkiland.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{46D88CED-9BB6-404A-A886-4A06CBE20CCA}, Binkiland, Quarantined, [d48f214ff496ad8953f95d6991724bb5]
    PUP.Optional.Binkiland.A, HKU\S-1-5-21-4260570457-546793334-1600268378-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{46D88CED-9BB6-404A-A886-4A06CBE20CCA}|DisplayName, Binkiland, Quarantined, [dd86e7892a60e353ca82745244bfe917]

    Registry Data: 0
    (No malicious items detected)

    Folders: 3
    PUP.Optional.Binkiland.A, C:\Users\Richard\AppData\Roaming\Wse_binkiland, Quarantined, [5310f47c335749ed1be3fbc2d72cb749],
    PUP.Optional.Binkiland.A, C:\Users\Richard\AppData\Roaming\Wse_binkiland\UpdateProc, Quarantined, [5310f47c335749ed1be3fbc2d72cb749],
    PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland, Quarantined, [9ac9ff71a3e7a78fe718427b7f8425db],

    Files: 21
    PUP.Optional.Spigot.SID, C:\Users\Richard\AppData\Roaming\Browser Extensions\CouponsHelper.exe, Quarantined, [77ec353b2c5eff37b56b340e4abc14ec],
    PUP.Optional.Spigot.SID, C:\Users\Richard\AppData\Roaming\Browser Extensions\Button.exe, Quarantined, [045f531d22680e28d050dc66ca3c48b8],
    PUP.Optional.Spigot.SID, C:\Users\Richard\AppData\Roaming\Browser Extensions\Button64.exe, Quarantined, [f56e8ee2325857df9090ba88eb1b3bc5],
    PUP.Optional.Spigot.SID, C:\Users\Richard\AppData\Roaming\Browser Extensions\ButtonWrap.dll, Quarantined, [69fa0b65bbcf270faf712f1374928b75],
    PUP.Optional.Spigot.SID, C:\Users\Richard\AppData\Roaming\Browser Extensions\ButtonWrap64.dll, Quarantined, [97cc8be52862f145d9471e2439cdab55],
    PUP.Optional.Spigot.SID, C:\Users\Richard\AppData\Roaming\Browser Extensions\Coupons.dll, Quarantined, [a1c29fd18dfde452b070fd4512f4ba46],
    PUP.Optional.Spigot.SID, C:\Users\Richard\AppData\Roaming\Browser Extensions\Coupons64.dll, Quarantined, [81e2b3bd0b7f290d60c00240f4126997],
    PUP.Optional.Spigot, C:\Users\Richard\AppData\Roaming\Browser Extensions\Uninstall.exe, Quarantined, [88dbde92ed9d86b046c1c605f40d11ef],
    PUP.Optional.Binkiland.C, C:\Users\Richard\AppData\LocalLow\Microsoft\Internet Explorer\Services\FavIcon.icoWSE_Binkiland, Quarantined, [570cbbb537534cea3219dfe4ca39b050],
    PUP.Optional.Spigot.A, C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0pfwis4w.default\searchplugins\yahoo_ff.xml, Quarantined, [7be8c4ac7a100a2c59ca1fb5e61dc33d],
    PUP.Optional.Binkiland.A, C:\Windows\System32\Tasks\Binkiland tese, Quarantined, [69fa1f512b5f6dc92dc4d67c798c6f91],
    PUP.Optional.Binkiland.A, C:\Windows\Tasks\Binkiland tese.job, Quarantined, [abb872fe5e2c5dd9d0229bb7ee1748b8],
    PUP.Optional.Binkiland.A, C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0pfwis4w.default\searchplugins\Binkiland.xml, Quarantined, [fa697ff1bfcb162008ebb2a072930000],
    PUP.Optional.Binkiland.A, C:\Users\Richard\AppData\Roaming\Wse_binkiland\UpdateProc\config.dat, Quarantined, [5310f47c335749ed1be3fbc2d72cb749],
    PUP.Optional.Binkiland.A, C:\Users\Richard\AppData\Roaming\Wse_binkiland\UpdateProc\info.dat, Quarantined, [5310f47c335749ed1be3fbc2d72cb749],
    PUP.Optional.Binkiland.A, C:\Users\Richard\AppData\Roaming\Wse_binkiland\UpdateProc\STTL.DAT, Quarantined, [5310f47c335749ed1be3fbc2d72cb749],
    PUP.Optional.Binkiland.A, C:\Users\Richard\AppData\Roaming\Wse_binkiland\UpdateProc\TTL.DAT, Quarantined, [5310f47c335749ed1be3fbc2d72cb749],
    PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland\config.dat, Quarantined, [9ac9ff71a3e7a78fe718427b7f8425db],
    PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland\Sqlite3.dll, Quarantined, [9ac9ff71a3e7a78fe718427b7f8425db],
    PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland\uninst.dat, Quarantined, [9ac9ff71a3e7a78fe718427b7f8425db],
    PUP.Optional.Spigot.A, C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0pfwis4w.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=201117&p=");), Replaced,[6df675fb7317dd59f9b79ea5a85e8080]

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  11. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,233
    I presume you have seen it from malwarebytes
    in numerous entries.



    although not listed in your programs and features it was certainly there

    Test it now please
    I suggest you keep malwarebytes and use it as a supporting scan for AVG
     
  12. gregory8391

    gregory8391 Thread Starter

    Joined:
    Aug 18, 2014
    Messages:
    35
    Yes I saw it. Can I delete all the files in malwarebyes quarantine and will the box pop up again now that AVG has quarantined it again? What do I test?
     
  13. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,233
    AVG had not done the job properly
    Malwarebytes has hopefully found it all

    AVG failed to do the job properly, otherwise the system could not have been looking for the script if AVG had removed all aspects of the Binkiland etc
    do not delete them until you KNOW all is OK

    Test it by using it and see if you still get the script pop-ups

    If all is OK in a couple of days come back and mark the topic solved by clicking the mark solved button on your post
     
  14. gregory8391

    gregory8391 Thread Starter

    Joined:
    Aug 18, 2014
    Messages:
    35
    Will give it a couple of days and come back to you. Thanks for all your help.
     
  15. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,233
    Cheers
    You are welcome
    Often in Stockport area years ago
    Strawberry ? a pub on the A6 cannot remember the name now - as I am going back 30 yrs or so
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1147104

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice