How to Remove Ahsan and G.W.Bush virus

Posted on 2008-11-06
Last Modified: 2013-11-22
how can remove Ahsan virus?
Question by:Razbaan
    LVL 28

    Expert Comment

    this guy seems to have a solution...but I haven't tried it.
    LVL 23

    Expert Comment

    All solutions seem to direct to SDFix after the below solution

    keep in mind all cleanup should be done in safe mode from a different user than the previously infected user, after cleanup of Ahsan , Combofix should be able to close this issue & remove the other one.

    Good luck, as it seems like a nasty one.
    LVL 47

    Accepted Solution


    Also called W32/Autorun.worm.ct

    If problem persists,
    Flash_Disinfector might also help.
    but Combofix is a good idea, you also need to attach the log to make sure there are no other bad files left.

    IF you had run rootkit scanners e.g IceSword etc on this session, you must reboot first before running Combofix.

    Please download ComboFix by sUBs:

    You must download it to and run it from your Desktop
    Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
    Double click combofix.exe & follow the prompts.
    When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
    Re-enable all the programs that were disabled during the running of ComboFix..

    Do not mouse-click combofix's window while it is running. That may cause it to stall.
    CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    12 Steps to a more secure Internet experience ( Everyone who is a licensed driver initially had to pass a driving test that consisted of taking:    1. a written test    2. a road test    3. a vision test Le…
    I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now