This may help isolate this issue: -
Scripts and Security (Courtesy of MS)
Much has been made about the security risks posed by Windows Script Host. The power and flexibility afforded by WSH can be used by forces of evil just as easily as they can be used to make your life simpler. Indeed, the infamous I Love You and Anna Kournikova e-mail worms were powered by VBScript attachments.
You can make some simple changes that reduce the chance that you’ll accidentally run a nefarious script.
As a first line of defence, be sure that the file name extension is always displayed for script files. (This would have tipped off many people who opened an e-mail attachment named Anna Kournikova.jpg.vbs. Because the extension is not displayed by default, many hopeful fans expected to see a picture of the tennis star.) Second, change the default action for scripts from Open to Edit. This causes the files to open harmlessly in Notepad if you double-click a file. To make these changes, follow these steps:
1. In Windows Explorer choose Tools, Folder Options.
2. Click the File Types tab.
3. Select the JS (JScript Script File) file type and then click Advanced.
4. Select the Always Show Extension check box.
5. In the Actions list, select Edit and click Set Default. Then click OK.
6. Repeat steps 3 through 5 for JSE (JScript Encoded Script File), VBE (VBScript Encoded Script File), VBS (VBScript Script File), and WSF (Windows Script File) file types.
7. Click Close when you’ve secured all the script file types.
Changing the default action to Edit makes it more difficult to run scripts that show up as e-mail attachments, which is one of the most likely places to find a malevolent script. However, it also makes it more difficult to execute legitimate scripts from trusted sources: You must save the attachment and then, in Windows Explorer, right-click it and choose Open. You can use this same technique (right-click and choose Open) to run any script stored on your computer, but if you want to avoid that inconvenience for a script that you know to be harmless, simply create a shortcut to the script. (Be sure the Target text in the shortcut’s properties dialog box begins with wscript.exe orcscript.exe; if you include only the script name, this trick won’t work.) Double-clicking the shortcut runs the script without further ado.