(Directions are for users of Windows XP. The process will be slightly different with other versions of Windows. Mac OS/Mac OS X users, Linux/UNIX users, and users of other non-Windows Operating Systems are immune to this threat.)
- Open your Task Manager by pressing [Ctrl]+[Alt]+[Delete] on your keyboard.
- Switch to the "Processes" tab.
- Select the program "EXPLORER.EXE" (not "explorer.exe" ) from the list.
- Click the "End Process" button.
- On the dialog that appears, click the "Yes" button.
- Go to the folder "C:WINDOWSSystem32"
- Delete the following files:
- EXPLORER.EXE
- psecure20x-cgi-install.version6.01.bin.hx.com
- index.html
- aphex.jpg
- hwnd32.dll
- Go to the "Start" menu and choose the "Run..." command.
- Type "regedit" and press the "OK" button to launch the Registry Editor.
- On the left of the window, click the "+" button next to "HKEY_LOCAL_MACHINE".
- Continue expanding the tree to this path: "HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun"
- In the left of the screen, you should see listed "Explorer" (Name), "Reg_SZ" (type) and "C:WINDOWSSystem32EXPLORER.EXE" (data).
- Click this entry and press [Delete] on your keyboard.
- Click the "Yes" button on the dialog box that appears.
- Delete the "psecure20x-cgi-install.version6.01.bin.hx.com" file from the location where you originally saved it from the Internet.
- Also delete the "iphist.dat" file from that same location.
You are now free of the Aphex virus.
Be careful when using the Registry Editor—a mistake could render your computer inoperable.
0 Comments so far