Kick out Ahsan's Virus
What exactly is Ahsan's virus?
It is basically virus when you double click on your drive it attacks on your computer, if it is in the drive even you have installed antivirus like AVG, Macfee or Kaspersky. Some time this virus travels with USB and also infected CD or DVD. If you know there is Ahsan's virus in the drive and you have to access your data so always use browse from top side to prevent from spreading the virus.
What Ahsan virus do? or Infections of Ahsan's virus.
- My Computer change to Ahsan's Computer
- My Documents change to Ahsan's Documents
- Recycle bin change to G.W.Bush
- Run cammad will be disappear
- Folder option will not work
- You will not be able to run task manager
- You will not be able to install any antivirus software and installation will run in background
These are Ahsan's virus files
- Home video.avi
- Csrss.exe
- System.exe
- autorun
Solutions:Remove Ahsan's virus
- First and easy solution: Restore your system to before the point where you infected.These are the steps to restore system : Go to Start menu-All programs-Accesories-System tools- Click on System restore then make sure the option Restore my computer to an earlier point is selected then Click on Next and select the earlier date in the calender when your system was not infected.Click next and again next your computer will restart and it will be kick out from system.
- Formate your complete drive:If you can formate your drive because you don't have important data and have time so you can install your windows again with formatting all your drive.
- A person named shah gives a solution on blogsite it is this if you have good skills in computer try this on.
follow these steps to remove Ahsan's virus from your system.
1. start windows in safe mode in with command prompt.
2. use RRT Tool to enable run " if disabled". "Search in google"
3. Enable regediting if disabled with following reg key.
CODE:
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
4. Open regedit, search and delete all entries with name "Ahsan" , site 110mb.com and Bush.
5. If your folder option is disabled enable it with following reg key "
CODE:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\Policies\Explorer
Check if a DWORD value named NoFolderOptions exists in the pane on the right hand side of the screen Delete it.
6. If you are still unable to view the hidden files, which is disabled by virus, enable it with following proc and key.
CODE:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced. Find the value "Hidden" . Rightclick it and modify it to 1. If Key value hidden is not present create it
7. Check the following registery values and set the values given below in each registery key.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN]
"CheckedValue"=dword:02
"ValueName"="Hidden"
"DefaultValue"=dword: 02
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword: 01
"ValueName"="Hidden"
"DefaultValue"=dword:02
8. Now enable "show all hidden files / Hidden system files and folders", and search for following files and delete them all.
system.exe
csrss.exe
Home video.avi.exe
autorun
Note: these files will be in parrent drives (D:, C:) and in windows folder.
9. Dont worrie, you are done. now restart and Enjoy!
4. I asked from securitystronghold for romoving this virus they give me this link for downloading a tool which can remove Ahsan virus.
.jpg)
No comments:
Post a Comment