Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


How to Remove Ahsan and G.W.Bush virus

Posted on 2008-11-06
Medium Priority
Last Modified: 2013-11-22
how can remove Ahsan virus?
Question by:Razbaan
LVL 29

Expert Comment

ID: 22893288
this guy seems to have a solution...but I haven't tried it.
LVL 23

Expert Comment

by:Mohamed Osama
ID: 22893323
All solutions seem to direct to SDFix after the below solution


keep in mind all cleanup should be done in safe mode from a different user than the previously infected user, after cleanup of Ahsan , Combofix should be able to close this issue & remove the other one.

Good luck, as it seems like a nasty one.
LVL 47

Accepted Solution

rpggamergirl earned 2000 total points
ID: 22893727

Also called W32/Autorun.worm.ct

If problem persists,
Flash_Disinfector might also help.
but Combofix is a good idea, you also need to attach the log to make sure there are no other bad files left.

IF you had run rootkit scanners e.g IceSword etc on this session, you must reboot first before running Combofix.

Please download ComboFix by sUBs:

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to provide information to successfully add specific IIS 7.0 role services for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technol…
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question