The official home of It's Geek to Me on the web!

Issue #315: August 4, 2013

Q: Something that I downloaded has infected my computer.  My browser’s home page got changed to, and I keep getting all these pop-ups that I can’t get rid of. Also, whenever I try to search for something, instead of Bing, I get V9 search.  The Norton Internet Security that came with my computer has expired, and the free version of Avast that I’m running must not be working, since it let this thing on my computer.  I’m thinking of paying to renew the Norton to get rid of this thing once and for all unless you can help.

– Melissa L.
Crestview, Florida

A:  The first thing you need to know is that yes, you’ve been infected.  The V9 Portal, as it’s called, is a browser hijacker, which does pretty much exactly what you described, plus it also attaches itself to random shortcuts on your desktop and Start menu.  While it is annoying you to death with pop-up ads, it is also busily collecting your search terms and results in an attempt to channel advertising that suits your interests.

In a column a few weeks ago, (I.G.T.M. #311, July 7, 2013) I talked about the difference between virus scanners, and Internet Security programs.  I have yet to find an Internet Security program that is effective enough at blocking attacks like yours to make it worth my while to purchase, and in my experience, there really isn’t much difference between the virus scanners that you pay for, and the ones you can get for free.  I like Avast! quite a bit, and use it on the computers I maintain.  But I don’t think you need to install Norton, or any other paid commercial anti-virus.  Here’s the real rub:  I doubt very much that any virus scanner – no matter how much you paid for it – would have protected you from this infection.  The reason is that the malware installer didn’t do anything that you didn’t give it permission to do.  What probably happened is that you downloaded some legitimate-looking program, and V9 was bundled along with something else that you intentionally downloaded.  Does an application called My Fast Free Video Converter sound familiar?  It’s one of the main downloads currently spreading V9.  When you downloaded it (or whatever it was that brought you this gift) it very likely popped up a box asking for permission to be installed, and you, of course, said “Yes” because you wouldn’t have downloaded it if you didn’t want it, right?  Well, having gotten your permission, the software was installed, along with this little passenger that you did NOT ask for.  The changes to your system would have appeared after a re-boot, and you’ve probably been struggling ever since to remove it from your computer.  Don’t feel bad – this kind of infection happens all the time to people, so you are not alone in your misery.

The steps to actually clean your system are long, and quite boring, so I’m not going to repeat them all in the column.  Instead, I found an excellent article online at on how to remove V9.  It includes lots of helpful screenshots, as well as links to some very nice tools that automate a good portion of the clean-up.  What I will spend the column space on is to once again offer advice on how to avoid these traps.

First of all, BEFORE you click the “Run” button on a download, make sure that you know where the file came from, and that it is what is called “Digitally signed”.  Your browser will tell you immediately if something is suspect by flashing up a dialog labeled “Security Warning” that contains the text “The publisher could not be verified.”  Don’t be in such a hurry to install something that you just click-through dialogs without reading them!  You may also see a dialog from “User Account Control” asking the question “Do you want to allow the following program from an unknown publisher to make changes on this computer?”  Don’t accept risk when you don’t understand the ramifications of your decision.  Second, don’t download software from “cracked” software sites.  There are a number of people out there who get their kicks by breaking the file protection on programs and then giving them away for free.  As someone who has made my living for the past 30 years as a software engineer, I can tell you that this is simply stealing a programmer’s hard work.  You wouldn’t steal someone’s CAR, would you?  Just because it’s easy to make a copy of software doesn’t make it a victimless crime, and if that’s not enough to motivate you, many of the so called “warez” sites that foist cracked programs use their site as a method of distributing viruses.  So stick with trusted sources, like CNet, TuCows, PCMagazine, and other well-known sites.  You can trust them for the simple reason that they stake their business on their reputation.  If they were distributing malware, it would make national headlines.

Leave a Reply

July 2024

Search the site


Copyright Notice

All content on this site is Copyright © 2007-2024 by Jeff Werner – All rights reserved.