V9 Redirect Virus

V9 Redirect Virus Description

V9 Redirect Virus Screenshot 1The V9 Redirect Virus is a browser hijacker that promotes V9.com – a link directory and search engine website. Although the V9.com’s currently does not appear to have any direct association with the malicious software that redirects your browser to the V9 Redirect Virus, SpywareRemove.com malware experts are unable to verify the safety of all of V9.com’s content and recommend that you browse the V9 Redirect Virus with caution. Meanwhile, the V9 Redirect Virus, like every browser hijacker, should be considered a danger to your PC’s web-browsing security. To make sure that your browser’s settings are restored to normal with a minimum of trouble on your part, removing the V9 Redirect Virus with appropriate anti-malware products is recommended.

Driving Along the V9 Redirect Virus’s Virtual Highway

As a generalized term that can apply to multiple browser hijackers, the V9 Redirect Virus can infect your PC through various routes and implement itself in several formats. However, SpywareRemove.com malware experts usually note the complicity of browser vulnerability exploits as the opening gambit in such attacks, which can install malware like the V9 Redirect Virus without your permission. Other viable infection vectors for the V9 Redirect Virus may include spam e-mail and links (often obfuscated) that are distributed through social network-based sites/apps.

Most variants of the V9 Redirect Virus aren’t specific to a single browser, and updating or changing your browser is unlikely to put a stop to any V9 Redirect Virus redirect attacks (although updating your browser can reduce vulnerabilities that could infect your PC in the first place).

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

SpywareRemove.com malware researchers have noted the major symptoms of a typical V9 Redirect Virus attack as follows:
  • Having your search engine settings changed to redirect you to V9.com whenever you try to search the web.
  • Having your default homepage set to V9.com, forcing that site to display whenever you open your browser.
  • Being unable to revert these changes through minor browser settings changes (since the V9 Redirect Virus often will change your default web-browsing settings).

Turning a V9 Redirect Virus into a Big V-Zero

The V9 Redirect Virus’s main effect of forcing you to use V9.com should not be considered to be immediately harmful to your PC. However, SpywareRemove.com malware experts often find that browser hijackers like the V9 Redirect Virus can include other system changes of an even more negative nature (such as attacks against your browser’s security zones or file-downloading settings) that could put your PC at risk during other online attacks.

Whether you acquired your V9 Redirect Virus from a toolbar or a less obtrusive method, SpywareRemove.com malware researchers always suggest removing a V9 Redirect Virus as quickly as you can after the V9 Redirect Virus has been detected. Most anti-malware applications should be able to delete the V9 Redirect Virus with negligible effort, although the same may not apply to any other malware that could be installed next to the V9 Redirect Virus.

V9 Redirect Virus Automatic Detection Tool (Recommended)

Is your PC infected with V9 Redirect Virus? To safely & quickly detect V9 Redirect Virus we highly recommend you run the malware scanner listed below.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}AppID\V9Loader.DLLSOFTWARE\Classes\AppID\V9Loader.DLLSOFTWARE\Classes\V9_ToolBar.V9_ToolBar.1SOFTWARE\Classes\V9Loader.BHOLoaderSOFTWARE\Classes\V9Loader.BHOLoader.1Software\Microsoft\Internet Explorer\Approved Extensions, value: {F386E548-C533-472E-8C61-C026FB14FEA9}Software\Microsoft\Internet Explorer\DOMStorage\v9.comSoftware\Microsoft\Internet Explorer\DOMStorage\www.v9.comSoftware\Microsoft\Internet Explorer\Toolbar\WebBrowser, value: {742E70CF-7770-412D-86CB-230B322E807C}SOFTWARE\Microsoft\Tracing\V9 Redirect_RASAPI32SOFTWARE\Microsoft\Tracing\V9 Redirect_RASMANCSSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DE0953E-490E-4D6F-BDDA-0516C372F3AF}SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F386E548-C533-472E-8C61-C026FB14FEA9}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4DE0953E-490E-4D6F-BDDA-0516C372F3AF}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{742E70CF-7770-412D-86CB-230B322E807C}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F386E548-C533-472E-8C61-C026FB14FEA9}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DE0953E-490E-4D6F-BDDA-0516C372F3AF}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{742E70CF-7770-412D-86CB-230B322E807C}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F386E548-C533-472E-8C61-C026FB14FEA9}SOFTWARE\v9magicSOFTWARE\V9SoftwareSOFTWARE\Wow6432Node\Google\Chrome\Extensions\bpeeepmahhfjiediknjejcmcfmjcjdckSOFTWARE\Wow6432Node\Google\Chrome\Extensions\gbdabnfmdemcjjadpkpjibhhacggangdSOFTWARE\Wow6432Node\Google\Chrome\Extensions\gjokjdicpfckeiihaniimbbmhadclefcSOFTWARE\Wow6432Node\Microsoft\Tracing\V9_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\V9_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F386E548-C533-472E-8C61-C026FB14FEA9}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\V9SoftwareSoftware\Wow6432Node\v9magicSOFTWARE\Wow6432Node\V9SoftwareV9_ToolBar.V9_ToolBarHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}v9 uninstallv9 uninstallerV9SoftwareHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}CheckRunv9_uninstaller
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path} {E7A19171-B1FA-460B-84A8-557C70A925CF}{DF35E8DC-7F5D-4503-B201-7239A46BEE20}{4DE0953E-490E-4D6F-BDDA-0516C372F3AF}{F386E548-C533-472E-8C61-C026FB14FEA9}{742E70CF-7770-412d-86CB-230B322E807C}{4F15CD3F-3B21-444F-838D-50F8CF62BAC2}{967CD81E-A11D-4706-AC78-8F17C8677B2A}
Posted: February 15, 2013 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (16 votes, average: 3.50 out of 5)
Loading ... Loading ...
Threat Metric
Threat Level: 5/10
Detection Count: 1,369,096

One Comment

Leave a Reply

What is 10 + 6 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)