Please note that this virus changes extremely frequently. The process names listed below are NOT accurate for any of the new variants of the virus. The virus has used dozens or process names and it is simply impossible to keep them updated on this page. The website name also changes just as frequently. If AIMFix does not work for you, your best course of action is simply to contact me so that I can help you.

This virus not only interferes with AIM, but also prevents task manager, regedit, or msconfig from staying open. Removing the virus will resolve this also.

This virus also uses auto-away messages such as:

If you see these, do NOT click the link, and if you believe you are infected, you will need to follow the removal steps and use the REMOVAL TOOL I have created. The virus is resetting Internet Explorer to "HIGH" security settings, which prevents you from downloading anything from anywhere that is not a trusted site. Go to Tools, Internet Options, and the "Trusted Sites" item. Then add jayloden.com as a trusted site and you will be able to download AIMFIx

1.) you will need to first download the removal tool, which is provided HERE.

Please do NOT select "open" when you click the link, but save it to your hard drive, preferably to your desktop so that you can find it later.

2) Run the removal tool (you may wish to try this twice if it fails the first time)

3) If the removal tool fails, please boot into Safe Mode and try running the tool in safe mode. For instructions on booting into Safe Mode, click here.

4) For manual removal of the virus files, you will need to first end the process "YahooMsgr.exe" or "YahooMsg.exe", using DS Software's Taskill utility (click save, not Open, and save to your Desktop) and open it to see a list of running programs. Choose the process and select "Kill".

5) Now you will need to search through the hard drive for the files "YahooMsgr.exe", or "YahooMsg.exe". These files would be hidden, and will require you to enable viewing of hidden files and folders. Please note that these are only the ORIGINAL names of the virus file, it has changed over a hundred times since then. You just have to use some judgement. If you see an item claiming to be "SECUREANTIVIRUS.EXE" an you never installed any such thing, then that's probably it.

To unhide files, click on the Tools menu in Explorer, then click Folder Options, and go to the View tab. (if you are on 98 this will be in the View menu) Now check the box next to "show hidden files and folders" and uncheck the "Hide protected operating system files" box. Now choose "apply to all folders" and click apply.

The files are usually located in C:\Windows\System or C:\Windows\System32, though it varies on computer to computer.

6) Delete "YahooMsgr.exe" or "YahooMsg.exe" if they exist. Again, these are only example file names.

IMPORTANT: If you are seeing many other effects like excessive pop-ups, "adult links" and extra toolbars in your Internet Explorer, the virus has also installed other programs called spyware and adware. To remove them download and run Spybot AND Ad-Aware then update and run a full system scan with each. For help using these programs, click Here.

Contact me

LEGAL STUFF: I am not affiliated with the makers of this virus in any way, nor am I affiliated with any anti-virus company. I merely provide this as a service for those who have been infected. I take no responsibility for any damage done by the virus or by those incorrectly following these removal steps, or those using my removal tools.

Main Page