Saturday, July 6, 2013

Getting Rid of safe.v9.com Proper and Safely

What I Know about Safe.V9.com:

Safe.v9.com is a browser hijacker virus related with this V9 virus which can make a serious chaos in your computer. With the installing of this Safe.v9.com into your computer, you probably find that your browser is been messed up like the random changes of your homepages, search engine, malicious applications to your browser without your authorization. Basically, this stuff can also collect your personal data and monitor your online activity just like what the V9 virus do to victim’s computer. Besides, you may also suffer a situation that the performance of your computer will turn slower and slower. Sometime, it may even take you a couple a minutes waiting for the response of a program after you click it on your desktop.
Once more thing, even if you have tried to delete this infection with your antivirus program in your computer, but this stuff will always come back again and again. That is because that the relative files of this virus can hide deeply in your computer system to avoid being completely deleted. In this case, you can try with manual removal method which is much more safe and efficient than other ways. Follow the post, you will figure it out how to manually remove this thing.

Corruptions about Safe.V9.com:

* This redirect virus will constantly redirect your internet connection and tell you that you are browsing unsafely.
* Your computer is acting slowly. This web browser slows down your system significantly. This includes starting up, shutting down, playing games, and surfing the web.
* Searches are redirected or your homepage and desktop are settings are changed. This is an obvious symptom of this infection.
* The cyber threat will shut down your other anti-virus and anti-spyware programs. It will also infect and corrupt your registry, leaving your computer totally unsafe.
* You are getting pestered with lots of pop ups. The hijacker virus infects your registry and uses it to launch annoying pop up ads out of nowhere.

Spyhunter is a popular and useful antivirus program designed for cleaning up computer threats and infections. Meanwhile, it is also a trust-worthy guard for your computer. Check out how to remove infections with Spyhunter:
1. Download Spyhunter into your computer by clicking this icon; 
2. After you finished installation, you need to run a full scan with it;
3. Select all threats on the list and choose to remove.

Manual Removal Guide Step by Step:

Step 1- Reset Internet Explorer by the following guide (take IE as an example):
Open Internet Explorer >> Click on Tools >> Click on Internet Options >> In the Internet Options window click on the Connections tab >> Then click on the LAN settings button>> Uncheck the check box labeled “Use a proxy server for your LAN” under the Proxy Server section and press OK.

Step 2- Disable any suspicious startup items that are made by infections from Safe.v9.comFor Windows Xp: Click Start menu -> click Run -> type: msconfig in the Run box -> click Ok to open the System Configuration Utility -> Disable all possible startup items generated from Safe.v9.com.
For Windows Vista or Windows7: click start menu->type msconfig in the search bar -> open System Configuration Utility -> Disable all possible startup items generated from Safe.v9.com.

Step 3- Remove add-ons:
Internet Explorer
1) Go to 'Tools' → 'Manage Add-ons';
2) Choose 'Search Providers' → choose 'Bing' search engine or 'Google' search engine and make it default;
3) Select 'Search Results' and click 'Remove' to remove it;
4)  Go to 'Tools' → 'Internet Options', select 'General tab' and click 'Use default' button or enter your own website, e.g. Google.com. Click OK to save the changes.
Google Chrome
1) Click on 'Customize and control' Google Chrome icon, select 'Settings';
2) Choose 'Basic Options'.
3) Change Google Chrome's homepage to google.com or any other and click the 'Manage search engines...' button;
4) Select 'Google' from the list and make it your default search engine;
5) Select 'Search Results' from the list remove it by clicking the "Safe.v9.com" mark.
Mozilla Firefox
1) Click on the magnifier's icon and select 'Manage Search Engines....';
2) Choose 'Search Results' from the list and click 'Remove' and OK to save changes;
3) Go to 'Tools' → 'Options'. Reset the startup homepage or change it to google.com under the 'General tab';

Step 4- Open Windows Task Manager and close all running processes.
( Methods to open Task Manager: Press CTRL+ALT+DEL or CTRL+SHIFT+ESC or Press the Start button->click on the Run option->Type in taskmgr and press OK.)


Step 5- Open Control Panel from Start menu and search for Folder Options. When you’re in Folder Options window, please click on its View tab, check Show hidden files and folders and uncheck Hide protected operating system files (Recommended) and then press OK.

Step 6- Remove these associated Files on your hard drive such as:
%AllUsersProfile%{random}
%AllUsersProfile%{random}*.lnk

Step 7- Open the Registry Editor and delete the following entries:
(Steps: Hit Win+R keys and then type regedit in Run box and click on OK)
HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settingsrandom
HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerDisallowRun
HKCUSoftwareMicrosoftWindowsCurrentVersionRunrandom
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon "Shell" = "[random].exe"

Step 8-Restart your computer normally to check whether there is still redirection while browsing.

Note: This tricky virus just uses random file names in same system directories or even its mutating versions will use different directories to escape various security tools' detection and add more difficulty to manual removal.