# autorun.vbs immediate cleaner



## Antzus (Feb 22, 2007)

I would just want to ask if there's somebody there still having autorun.vbs problem...I actually have been experiencing this problem this february until i studied its files and come up with my own solution...
this is a file identified by my avg antivirus as a trojan, trojan horse small a z particularly i think, with its file autorun.bat and affecting root directory of hd and rem disk and as u open the drive it is executed and copies itself to the system directory and also enter a registry entry, and modify the userinit of the windows...

i have created a program that would immediately remove this trojan from the root directory and system directory and from the registry....what u only need s to run the program and there u are!!!It removes the trojan...i hope this would help....i attached here the program...

Edit by DVK01_ I have removed the unsafe attachment in view of the comments by Mosaic1 below_


----------



## Mosaic1 (Aug 17, 2001)

Antzus,

I profiled your program and it changed my path in the registry pointing to userinit.exe from the correct path, to C:\windows\system32

That would have rendered me unable to sign into Windows.

My Windows is on D: and not C:

What about Win2k users? Their path would be winnt\system32 on the systemdrive.

Or XP users who have upgraded from Win2k? They would be using Winnt\system32 as well.

Your program could possibly do damage to systems using a different path from the path you hard coded.



I urge anyone reading this to take care and not download or use this program. 

Mosaic1


----------



## Antzus (Feb 22, 2007)

am sorry for that mr. mosaic and thank you for your response...that would be a way for me to revise the code of my program...don't worry that is counted...i'll just have to reconsider the system folder of different windows os...i'll post it again when i'm done...


----------



## JohnWill (Oct 19, 2002)

Please don't post it again. We have security experts for this very purpose, and they're quite capable of dealing with this issue.


----------



## escalader (Feb 5, 2007)

John:

You and I may too old to execute programs from well meaning members. 

But others aren't!

Is there not some way the forum can prevent this? 

We all have protection on our own PC's (or should) and this was an executable just like a virus/trojan.

It's sort of scary!


----------



## JohnWill (Oct 19, 2002)

We're working on the issue.


----------



## escalader (Feb 5, 2007)

Thanks, John figured you guys would be!


----------



## karamanlis (Apr 17, 2007)

finaly guys cause i have the same problem what must i do to resolve it?


----------



## escalader (Feb 5, 2007)

Describe your problem in detail on the security forum and wait for a gold shield guy to help you!


----------

