If geeks love it, we’re on it

Omegakiller

Omegakiller

Why you should consider it: Learn how to protect yourself and download our first free tool custom built to rid yourself of Omegasearch.com and its variants.


“How did this thing get on my computer? How do I make it go away??”

Omegasearch.com Prosearching.com. Search200.com. Mysearchnow.com. Searchexe.com. Those are just a few of its’ names. Thousands of users worldwide have become suddenly familiar with some of these domains. And it was not because they wanted to. It was because they had their browsers hijacked. Learn how to protect yourself and download our own free tool, custom-built, to rid yourself of Omegasearch.com and its variants.

omega_homepage

When a strange search page comes up as a homepage most users think “Oh, something has changed my homepage. I’ll just change it back.” That’s when they discover that it is not that simple. It may go away…temporarily. But after the next system reboot, when they launch Internet Explorer, there it is again. And perhaps this time it has a little friend…a small toolbar at the top of their browser.

omega_small_toolbar

Or, perhaps, they get a bigger friend…a big blue toolbar across the bottom of their computer screen.

omega_large_toolbar

A user may even acquire some new bookmarks to go with those toolbars.

omega_bookmarks

You can imagine what kind of stuff is in those top two bookmark folders. Some of those links you wouldn’t want your mother to see on your computer.

The user tries reset their homepage again and again. They delete the uninvited bookmarks. They close the toolbars over and over. But none of these fixes last. Each time the PC is rebooted the toolbar pops up. The bookmarks return and the homepage is hijacked again every time a browser window is opened. The frustration sets in.

“How did this thing get on my computer? How do I make it go away??”

If this is you, then fear not fellow Internet Explorer user, for there is help. If any of the above images have infested your computer you can remove Omegasearch and its’ evil cousins quickly and effectively with a small, simple and FREE program from your spyware-hating friends at href="http://www.short-media.com/" target="_blank">Short-Media.com. The program is called: OmegakillerSM.

Next page: History of the OmegakillerSM Project

Go to Page 3: Where to Get OmegakillerSM and How To Use It

Go to Page 4: Spyware – General Information and What You Can Do To Protect Your Computer

The History of OmegakillerSM size="2"> (click here to skip down to the latest updated information)

At Short-Media.com we hate spyware. We hate spyware, virii, trojans, adware, worms and all the other forms of “malware.” We hate it so much that we created the Short-Media.com SVT SWAT Team (SVT being spyware, viruses and trojans.) The SVT SWAT Team consists of six dedicated Short-Media staff members who lead a growing group of enthusiastic spyware-hunters at our href="http://www.short-media.com/forum/forumdisplay.php?f=55"
target="_blank">Security Forums. Visitors are able to seek free assistance and advice from our experienced group of users. They have a very high success rate in eliminating problems from user’s computers and, as a result, are ranking very high on major search engines for several different new spyware problems.

“Visitors are able to seek free assistance and advice from our experienced group of users.”

April 2004: a growing number of visitors to href="http://www.short-media.com/forum/forumdisplay.php?f=55"
target="_blank">Short-Media.com’s Security Forums were posting about problems with a browser hijacker known as Omegasearch.com. We began to notice patterns to the “random” file naming structure of the infection files as well as identify variations on the hijack (different web search pages which are basically just mirrors of the same search site) after helping several users manually remove this annoying hijack and the accompanying toolbar. After digging a little deeper into the background of Omegasearch.com website, we noted that Omegasearch was simply a new version of an old pest. The “old pest “was Lop.com; a well known hijacker which has run it’s course as its removal had become fairly easy for the enthusiastic spyware-hunters of the internet’s many technical forums. C2 Media Ltd, the company behind Lop.com, had simply reincarnated their site with a new name; Omegasearch along with several variants.

April 9th, 2004: target="_blank">Short-Media.com published a href="http://www.short-media.com/review.php?r=235" target="_blank">manual removal guide for the Omegasearch hijack. Within days our traffic spiked phenomenally. New users joined our href="http://www.short-media.com/forum/index.php" target="_blank">Forums in droves seeking help removing this annoying hijacker. We found more of the key words used in the “random” file naming structure and identified more of the variant “mirror” websites used in the home and search page hijacks: several versions with the name “Omega” in them plus the main variants Prosearching.com, Search200.com, Mysearchnow.com and Searchexe.com. Some of the other known variants are listed later in this article.

June 2004: After helping an overwhelming number of users remove this infection manually using the indispensable diagnostic program href="http://www.short-media.com/getdownload.php?d=245" target="_blank">Hijack This, some members of the SVT SWAT Team kicked around the idea of creating an automated removal tool for the various Omegasearch hijacks. SVT member href="http://www.short-media.com/forum/member.php?u=92" target="_blank">Mondi, a self-proclaimed “real-time visual artist, musician and programmer”, started trying to obtain some of the infection files from users who had been to our site for aid. Once he obtained copies of the infection files, he was able to hack the files and obtain the complete list of infection file name variables, as well as the list of currently used search page variants.

From there Mondi spent a few nights compiling the results of various infections, wrote a basic remover and dug deeper into the core dumps of the infection files. In the classic stereotype of a programmer’s life Mondi lived on a standard diet of coffee and cigarettes. At 5:30 AM after an all-night coding binge testing and refining the removal tool, coding in C, Mondi came up with a version that he was comfortable with and posted it to the href="http://www.short-media.com/" target="_blank">Short-Media.com staff forum as a beta under the post title “Here Goes Nothing”. The OmegakillerSM program was born.

June / July 2004: Members of the Short-Media Moderating Staff proceeded to infect their own computers to test the beta version. They also worked on obtaining more varieties of the infection files from new users on our forums. Mondi was sent back to the code numerous times with bug fixes, suggestions and new variants that were not being removed by the original beta. It was truly a team effort.

“…the program performed flawlessly.”

The team eventually got to the point where they knew it was going to work safely and reliably but testing an anti-spyware program on the computers of experienced spyware-hunters was not a thorough beta test. How would the program work on the computer of an “average” user who, unlike most of us on the href="http://www.short-media.com/" target="_blank">Short-Media.com staff, may unknowingly have several different SVT problems on their computers? Would other SVT problems interfere with OmegakillerSM? We tested it in Windows XP and 2000 but would it work on other versions of Windows like 98, 95 or ME? So we set out to quietly and selectively test it with new users who visited our site for help. In almost every case the program performed flawlessly. When it did not we sent the file and URL variants to Mondi for addition to the database. OmegakillerSM version 1.0 was ready for public release after a track record was established of enough results to know that SM had a good app.

July 21, 2004: OmegakillerSM v1.0 is Released!

Update: We have discovered that OmegakillerSM will not work on Windows 95, 98, or ME. It will only work on Windows 2000 and XP at this time. We hope to have full 95/98/ME compatibility sometime in the future. Users with these operating systems are invited to join href="http://www.short-media.com/forum/forumdisplay.php?f=55"
target="_blank">Short-Media.com’s Security Forums for free, and receive help with manual removal, which is a quick and easy procedure.

“…the folks behind the Omegasearch hijacks do not want you to have control of your own computer…we happen to disagree with them…”

Update: August 8, 2004: OmegakillerSM version 1.1 is released!

Shortly after version 1.0 was released we began to see brand new variations in the Omegasearch hijacks. New domain name variants, new infectant application names, randomly named search pointers, and processes hiding themselves by masquarading as Internet Explorer windows. Was it coincidence that these new variants started showing up about one week after OmegakillerSM 1.0 was released? We don’t think it was a coincidence. How do we know that? Some of the new infectants actually undo the HOSTS blocks the Omegakiller 1.0 can set to block their domains from showing up on your computer. Their “undo” list matches our block list, right down to the order Mondi typed the domains in. What this means is simple: the folks behind the Omegasearch hijacks are watching us here at Short-Media, and they do not want you to have control of your own computer! Well, we happen to disagree with them…

OmegakillerSM 1.1 features several new additions and improvements, such as:

  • removal of all currently known domains (complete list on page 3 of this article)
  • improved variant scanning
  • removal of the random search pointers and masquerading processes
  • multi-pass cleaning
  • improved hosts file check and additions

Update:  August 18, 2004:  OmegakillerSM version 1.2 is released! 

The Omegasearch hijacks are mutating again.    This time it is different process names / file paths.  Some installations of the hijack get some uninvited new desktop icons installed on their system as well.  Our programmer Mondi has quickly found the solution to the latest variants, and another round of Short-Media vs scumware creators begins.

OmegakillerSM 1.2 features / improvements:

  • removal of new desktop icons installed by hijack
  • detection of spawned subsidiary process
  • user option to always run homepage reset feature

Next Page: Where to Get OmegakillerSM and How To Use It

Go to Page 4: Spyware – General Information and What You Can Do To Protect Your Computer

Where to Get OmegakillerSM

OmegakillerSM is available for free download at Short-Media.com’s href="http://www.short-media.com/download.php?dc=69">Security Downloads Page. Updated versions will be posted there occasionally as new variants of infection files and hijack domains are identified by the href="http://www.short-media.com/">Short-Media.com SVT SWAT Team.

Currently, OmegakillerSM vesion 1.1 identifies and fixes browser hijacks and toolbars pointing to the following domains:

omegasearch.com; omega-search.com; prosearching.com; search200.com; mysearchnow.com; searchexe.comactive-max.com; search.active-max.com; allaboutsearching.com; mazingautossearch.com; contexualsearch.com; crap2.com; dialup2.com; ecpm.com; find-quick.com; lop.com; maxexp.com; mp3search.com; netsearchsoft.com; rub.to; sbvr.com; searchweb2.com; spawnet.com; tdmy.com; tefs.com; tfil.com; tdko.com; wrn.net; lyricsdomain.com; trinityacquisitions.com; wethere.com; asearchforyou.org; errorfreesearch.com; intelesearch.com; isearchhere.com; iwantosearch.com; opensearch.org; searchbee.net; searchhotsex.com; ifsearch.com; mastersearcher.com; look-today.com; aavc.com; acjp.com; ecmh.com; wabu.com; wabq.com; maximumexperience.com

Many of those have alterations such as www.omega-search.com and best.omega-search.com. Listed here are just the domain names themselves for simplicity. However, the known variations on the portion of the URL preceding the domain are programmed into OmegakillerSM.

In some cases the domain you are hijacked to is unreachable. When this happens you get an “about:blank” home page with a page not found error on your screen. There are several hijacks which can cause “about:blank’s” and OmegakillerSM will not fix all of them. It will fix only the ones that are related to the domains in its’ database. If you are having an “about:blank” homepage problem then please try OmegakillerSM but be forewarned that it may not be able to 100% cure the specific problem.

Users who find variants not corrected by OmegakillerSM are encouraged to contact us. The program contains a link entitled “Didn’t work? Have a different problem? Need more help? Visit Short-Media.com’s Security Forums!” Clicking that will take you to our free forum, directly to the Security section. Simply join the forums with a username of your choice, then create a new thread in the Security forums explaining your problem. One of our many knowledgeable users will be happy to help you.

href="http://www.short-media.com/download.php?dc=69" target="_blank">Download the OmegakillerSM tool now

Caution: The OmegakillerSM tool has been thoroughly tested as safe to remove Omegasearch hijack files. We caution users to always keep a backup of important files in every event. Short-Media.com and its members and staff are not held responsible for incorrect or misuse of the OmegakillerSM tool or any associated event that may cause loss of data.

How to Use OmegakillerSM

Step One

Download the program from Short-Media.com’s href="http://www.short-media.com/download.php?dc=69" target="_blank">Security Downloads Page. I recommend you place it in it’s own unique folder such as C:OmegakillerSM or in its’ own folder in your My Documents folder. This is an important first step! If OmegakillerSM identifies any of the infection files or registry entrees it will create a sub-folder called “backup.” It will quarantine the files and entries in this backup folder. You have the option of later restoring any of these files from the backup if you encounter serious problems after removing them. If you run OmegakillerSM from your desktop then this backup folder will appear on your desktop adding to the clutter. If you run it from a temp directory or from immediately inside your My Documents folder then the backup folder will be created there. If you later move the the OmegakillerSM program it may not be able to locate these backups and will be unable to restore them. Do yourself a favor now and take 10 seconds to make an OmegakillerSM folder somewhere that is easy for you find and put the program in there before you run it.

When you run the program, you will get the main window:

killer_main_start

Step Two

If you have downloaded the program from somewhere other than Short-Media.com’s target="_blank">Security Downloads Page or if you are re-running this program some time after you downloaded it from us then you should click the button labeled Check for Updates. This will take you to Short-Media.com’s href="http://www.short-media.com/download.php?dc=69" target="_blank">Security Downloads Page. Compare the version number (v X.X) in your window to the version number listed on the download page. If the download page has a newer version then please download it, as that will contain the latest information on Omegasearch and its’ variants in the database. If the versions are the same then carry on.

Step Three

If you are particular about reading license agreements then please click that button next. It will tell you that this program is copyrighted freeware. It will also tell you to use OmegakillerSM at your own risk as you do with any program. Standard liability limits apply here folks and we extend no warranties of any kind; express or implied. Take it from me that OmegakillerSM works well and should not pose any risk to your computer.

Step Four

Once you have read the legal-speak, or just ignored it at your own discretion, then your next step is to make a decision: “add omegasearch blocks to hosts file?” If you do not know what this means, click the link that says “what is this” for a quick lesson on your internet HOSTS file and how OmegakillerSM can block your computer from going to Omegasearch.com or any of their other domains ever again.

Once you have either read that explanation, or already knew what a HOSTS file is, choose whether or not to add the blocks to your HOSTS file. Check the box if you wish to add the blocks to your HOSTS file. I do recommend it – if you get re-infected by an Omegasearch hijack, this will at least keep their sites from showing up in your browser, an action which directly affects the owners of Omegasearch, as it reduces their overall traffic count, which reduces their attractiveness to their advertisers.

Either way, now you are ready to scan! Simply press the button conveniently labeled GO!!

OmegakillerSM will scan your active processes, system registry, BHO’s (Browser Helper Objects), browser toolbars and bookmarks. The scan takes only seconds to run on most computers. If the scan will find matches to known Omegasearch infection files you will see something like this:

killer_main_infections

The color highlights are not in the program, I have added them here for explanation only. Items highlighted in yellow are matches to OmegakillerSM’s database of known problems. Items highlighted in blue are the actions OmegakillerSM took to clean up the problem.

If any known Omegasearch variants are located in any of the scan areas, OmegakillerSM will terminate their process, remove the file, and remove any startup entries associated with the file. Omegakiller SM v 1.1 intorduces multi-pass scanning. It will run a second scanning pass, which will close all active Internet Explorer windows, and will stop and restart the Windows Explorer process. You will see your desktop flash off then back on, do not worry about this. If OmegakillerSM determines that it needs to run a third or even fourth pass to clean up your infection, it will do so.

Step Five

If a known Omegasearch browser hijack was detected, you will be given the following window:

killer_homepage_reset

Step Six

This window allows you to choose what to reset your homepage to. By default it will set your homepage to a blank page. You may alternately choose to set your homepage to target="_blank">Short-Media.com – a great homepage by the way. (Shameless plug – we have a really great site with loads of news, hardware and software reviews, people who can help you through all kinds of computer problems and a top-rated “Folding For a Cure” Distributed Computing team.)

Or you can choose to use the Other setting. By default “other” is set for MSN.com (the Internet Explorer default) but you may type in any page you want into that box. Just don’t type in Omegasearch.com… Hit OK to return to the main menu.

Step Seven

The dialogue window of the main menu should now say “all done.” You may scroll up the text in the window to see what OmegakillerSM found and what it did. When you are done reading click the Exit button to quit the program.

If your scan did not locate any known Omegasearch variants, you will see the following:

killer_main_clean

If it tells you that your system is clean but you know that you still have a problem of some sort then click the “Didn’t work” link to reach our user forums and post a thread as described earlier on this page.

Step Eight

If you find that your browser will not work after removing Omegasearch or its’ variants, or some other unforeseen problem occurs, you can re-run the program and click the Restore button to see a list of what was removed and placed in your backup folder:

killer_restore_page

You may then click any item and restore it. If you do encounter a problem and had to run the restore feature to make your browser work then please contact us via the “Didn’t work” link. In most cases you should never need to use this feature.

Step Nine

After running this program I recommend that users of Windows XP create a new System Restore point to flush out any remnants of the infection in case a system restore is required in the future. Click Start -> All Programs -> Accessories -> System Tools -> System Restore. When the System Restore Utility opens click “Create a Restore Point” then click Next.

system_restore_01

Enter a name for this Restore Point (I would just use the date or “After Sweeping Spyware” or something to that effect) and click Create. This will create a new restore point that should not have the Omegasearch items in it.

system_restore_02

That’s all there is to it. A free, safe, fast, effective tool to remove one of the more annoying pieces of adware / spyware on the web today. How do you prevent this, or other problems like it, from happening again? What is this stuff? Why do they do it? Read on, and learn.

Next page: Spyware – General Information and What You Can Do To Protect Your Computer

Spyware – General Information

Spyware and adware are two of the most rampant causes of computer problems worldwide. Companies are making money by monitoring what websites you visit and serving you advertising based on your browsing habits. Often these programs are disguised as cute, helpful tools, like weather information programs, download accelerators, e-mail smiley graphics, and more. Companies are making money by taking over your browser, forcing your homepage and search page to point to their site. Companies are making money by installing toolbars on your browser under the guise of being “helpful” menus. Companies are force-feeding you bookmarks to sites owned by their advertisers.

On the surface, it is all legitimate: when users willingly install one of their shell applications like the ones mentioned above, they rarely read the fine print, which vaguely mentions (in fancy “legal language”) that you are agreeing to install a program which will send you advertising based on your browsing habits. If you succumbed to the temptation to “add smilies to your Outlook E-mail” or were concerned that “Your computer’s date and time appeared to be incorrect” or you really, really, really wanted a “weatherbug” on your computer, chances are that the “free!” software you recently installed contained spyware.

“…spyware creators are not even so obvious, installing themselves in a true hijack fashion – performing a “drive-by” installation…”

Sometimes, spyware creators are not even so obvious, installing themselves in a true hijack fashion – performing a “drive-by” installation when your browsing habits cause you to stray across a questionable site. A slight pause of your browser window, a whir of your hard drive, and the next time you boot your computer, you are hijacked.

Spyware and adware is a battle for control of your computer. The battle is multi-faceted: they are not only fighting you for control of your computer, but the spyware / adware sites are fighting each other for control of your computer. Every hit on their pages is an increase in their traffic count. In the world of internet advertising, traffic is the single most important consideration. How many “eyeballs” you can deliver each day determines how many advertisers pay top dollar to be on your search page. If you do a search through the search engine of a hijacker’s site, the top search results will often have very little to do with your query terms, and will almost always be paid advertisers. If you click any of those links, you just put money in the hijacker’s pockets. Advertiser’s pay by the “click-through”, the more clicks that lead from the hijackers’ site to an advertiser’s site, the more money changes hands. A nickel here, a quarter there….with thousands or even millions of click-throughs per day, the hijackers can stand to make a nifty chunk of change. The stakes are high, with thousands, even millions of dollars in advertising revenue up for grabs. For that money, they have to get their pages and their software on to your computer by any means they can, and they have to make sure that their software is, for the average user, hard to find and hard to remove. They also have to make sure that their software or homepage hijack works better than the other site’s software. Multiple infections often means a clogged computer, with RAM and CPU resources strained by competing pieces of scumware. Many times this author has seen customers’ computers that could not even boot up at all because of different pieces of spyware and adware fighting for control of the computer at startup.

And the rub of it all: what they are doing is basically legal. They straddle a legal gray area, hide behind their privacy statements, disclaimers, and End User License Agreements. They deny installing anything on your computer without your knowledge. But the thousands or millions of users who have been “hijacked” know that this is not true. Or is it? Hidden installers, hard to remove software, random file names, redundant infections, multiple site name variants…it all points to a very methodical plan to make sure your computer visits their sites and that you see their advertisers’ goods. But in some cases, the website companies themselves may not have actually written the software that has infected your computer, at least not directly. They may have hired a 3rd party company to write it and distribute it for them. They distribute the infection files in various places on the net, one of the most common being peer-to-peer file sharing apps like Kazaa. Infection files masquerade as pornography, serial numbers for software, “cracked” versions of games, etc, and wait for naive users to download and open them on their computers.

In other cases, infection files wait for you not in the P2P world, but on the regular World Wide Web itself. In these cases, the infection files are often hosted by 3rd party websites. Usually, these are of questionable nature as well: pornography sites, music trading sites, “warez” sites hosting hacked and cracked free versions of sought-after software, especially games, or “serialz” sites offering shared serial numbers for the same. In these cases, hijack software often contains a “referrer ID”, a unique name or number which identifies where the infection came from. If your computer got infected while visiting “Jimmy’s house of dirty pictures and free software”, every time you end up at the hijackers’ search page and click an ad link, Jimmy gets paid a nickel, or a dime, or a quarter. There are websites where people like Jimmy trade information on which search site paid them this month, how much they got paid, and which sites are the best in terms of prompt and bountiful payment. If Jimmy made $50 this month from Omegasearch, then Johnny and Franky and Freddie are all going to want a piece of that action. They obtain the infection installer, with their own unique referrer ID, and then wait for you to visit the wonderful, free goodies they have at their own sites. A pause, a whir of your hard drive, and you got more than what you came for, and Johnny or Franky or Freddie are also making money at your expense.

The internet was created on the principle of free and safe exchange of information. It stopped being that long ago. But as long as users fight back, take the time to educate and protect themselves, practice safe browsing habits, and make sure that they are not unwittingly spreading security problems themselves, then at least we can make it that much harder for those who profit from scumware.

What Can You Do to Protect Your Computer?

  1. Educate yourself: a good place to start is right here at Short-Media.com, with this article on target="_blank">Defeating Spyware. It discusses ways to improve your browser security and use programs to protect yourself from these kinds of problems.
  1. Get the tools to protect yourself: start at Short-Media.com’s href="http://www.short-media.com/download.php?dc=69" target="_blank">Security Downloads Page for adware / spyware scanning, prevention and removal tools.
  1. Get expert help if you need it: and it doesn’t even have to cost you money. Log into href="http://www.short-media.com/forum/forumdisplay.php?f=55"
    target="_blank">Short-Media.com’s Security Forums for answers to questions, advice for protection, and assistance with removal of spyware / virus / trojan infections.
  1. Practice safe browsing habits: if something sounds too good to be true, it probably is. Free porn, software, or music is often financed by foisting scumware onto your computer. Think twice before you visit these kinds of sites, download this type of material from file-sharing services, or click “YES!” to any pop-up offers of free utility software.

  1. Change internet browsers. Internet Explorer is used by around 90 to 95% of web surfers today. It follows logically that most spyware applications will be tailored to IE. But there are other excellent browser options available for free such as Mozilla, Firefox and Opera. These are covered in the href="http://www.short-media.com/review.php?r=132" target="_blank">Defeating Spyware article, and download links are available there as well.

It is our hope that we have helped you clean up some problems with your internet browsing experience, or simply educated you about potential risks and how to secure your computer against them. Safe and happy browsing to you all!

Comments

  1. primesuspect
    primesuspect Dexter! What a great article! EXCELLENT WORK!

    Mondi - my hero :) I love you guys!
  2. mmonnin
    mmonnin Nice article Dex. Awesome program, Mondi.
  3. Lincoln
  4. Unregistered
    Unregistered please tell me how to download this program, im not a member but would love to get this thing off my computer
  5. Dexter
    Dexter
    Unregistered said:
    please tell me how to download this program, im not a member but would love to get this thing off my computer
    Due to some technical difficulties, we have had to temporarily suspend guest access to our file downloads area. We are in the process of upgrading the security of our downloads server due to having been the victim of some attacks on the server by uknown coward(s) who have been trying to cripple our site...unsuccessfully, I might add.

    We invite you to register for our forums (it's free, painless and takes only seconds.) Upon registration, you will receive access to the downloads section.

    Otherwise, please wait a few days and check again. Our server administration team is upgrading the security protocols, and we hope to have guest access restored soon.

    Dexter...
  6. SL_
    SL_ I've registered, but I still can't download it. I click the download button on http://www.short-media.com/download.php?dc=69, and it opens a new window which goes to http://www.short-media.com/getdownload.php?d=294, but it just shows a blank page, and view source doesn't show anything at all either. :(
  7. shwaip
    shwaip check your private messages.
  8. Shorty
    Shorty There is still a pending issue with downloads that Im working. Bare with me please :)
  9. EyesOnly
    EyesOnly Nice article. I'm gonna give that omegakilller a try even though i don't think i'm infected. BTW am i the only one who thinks that the creators of omega search should be happy about all the advertisment they've gotten for free from shortmedia. :)
  10. Shorty
    Shorty I somehow don't think they like the Short-Media type of publicity that provides a tool to rid your machine of their potential spyware ;)
  11. EyesOnly
  12. sami66
    sami66
    Dexter said:
    Due to some technical difficulties, we have had to temporarily suspend guest access to our file downloads area. We are in the process of upgrading the security of our downloads server due to having been the victim of some attacks on the server by uknown coward(s) who have been trying to cripple our site...unsuccessfully, I might add.

    We invite you to register for our forums (it's free, painless and takes only seconds.) Upon registration, you will receive access to the downloads section.

    Otherwise, please wait a few days and check again. Our server administration team is upgrading the security protocols, and we hope to have guest access restored soon.

    Dexter...
    Hi!
    I have tried to download and it says it is a zipped file and it can't open it. What do I do? I have searchweb2.com in my internet options that keeps reappearing. I just spent $30 for a computer tech to do absolutely nothing except remove the toolbar. They told me the only way to remove it is to reinstall windows. I am pretty much computer illiterate, so please type slowly. LOL
    Thanks!
  13. Dexter
    Dexter
    sami66 said:
    Hi!
    I have tried to download and it says it is a zipped file and it can't open it. What do I do? I have searchweb2.com in my internet options that keeps reappearing. I just spent $30 for a computer tech to do absolutely nothing except remove the toolbar. They told me the only way to remove it is to reinstall windows. I am pretty much computer illiterate, so please type slowly. LOL
    Thanks!

    1 - A ZIP file is an archive file that allows us to compress the size of the file to make it smaller, and to put multiple files into one archive. This is a VERY commonly used application. To un-Zip something, you need to download Winzip. It's free. Install it, then double click the OmegakillerSM ZIP file. Winzip will open with a dialog box asking you if you want to buy it, use the evaluation version, or exit. Click the Evaluation button. Then you will see the Omegakiller app and a Readme.txt file. Make a new folder on your C: drive called Omegakiller, and drag those 2 files from the Zip window to your Omegakiller folder. Then you can close the zip file, launch OmegakillerSM and let it do it's job. Download Winzip here:

    http://www.download.com/WinZip/3000-2250-10265341.html

    2 - You need to go back to your computer tech, tell him/her that he/she is incompetent, and ask for your money back. Some simple Google searching would have pointed them to the answer. While there, give them the address of our website, maybe they can learn a thing or two from us :)

    3 - When you get your money back, take it to your bank, get a registered
    money order for the same amount, and send it to my attention, care of Short-Media. ;) ;D

    4 - If you need further help, please send me a private message by clicking on my user name (up by my kitty-cat picture.)

    Dexter...
  14. Shorty
    Shorty Sami,

    Click on this thread here:

    http://www.short-media.com/forum/showthread.php?t=14915

    It will guide you with how we can help you :)

    Edit:: Dexter beat me to it again.. damn spyware geek :p ;D

    :thumbsup:
  15. primesuspect
    primesuspect Sami, we charge $50 for the same service at my company, but we actually do it right.. :) However, at short-media we help you do it yourself, for free. I agree with dexter. Point your "tech" to this site and demand your money back, for obviously he doesn't quite have all the skills to call himself a tech. "Reinstall windows" is a very bad answer to give somebody.
  16. Shorty
    Shorty
    primesuspect said:
    Sami, we charge $50 for the same service at my company, but we actually do it right.. :) However, at short-media we help you do it yourself, for free. I agree with dexter. Point your "tech" to this site and demand your money back, for obviously he doesn't quite have all the skills to call himself a tech. "Reinstall windows" is a very bad answer to give somebody.
    But that's Geeky1's response to every problem :wtf: ;D

    No wait. This is Geeky we are talking about ;D
  17. MediaMan
    MediaMan Omegakiller article updated and the $50 comes to the admins. I can drive over to Dexter's house and beat him up for it...that's providing he hasn't spent it on diapers yet. ;D
  18. sunlee
    sunlee Hello all,

    My browser is hijacked by MySearchNow. I have followed the forum instructions and downloaded OmegaKiller at http://www.short-media.com/download.php?dc=69

    I have unzipped the files to a new folder. But when I try to execute OmegaKiller.exe on Windows2000, an error message "The procedure entry point GetProcessImageFileNameA could not be located in the dynamic link library PSAPI.DLL." is displayed.

    Please shed some lights here to resolve the problem. Thank you.
  19. mondi
    mondi sorry to take so long to answer this... it turns out theres 2 major versions of the psapi dll floating around ... you have the old one :(

    Ive included the new one in the OmegaKillerSM download, please redownload and you should be good..

    m
  20. sunlee
    sunlee Now I could install and run it. Thanks man...
  21. Unregistered
    Unregistered Hello,

    My browser is hijacked by MySearchNow. I have followed the forum instructions and downloaded OmegaKiller as well.
    I have unzipped the files but when I try to execute OmegaKiller.exe on Windows Me, an error message "The PSAPI.DLL file is linked to missing export NTDLL.DLL:wcslen" is displayed.
    Please give me some advise to resolve the problem. Thank you.
  22. Necropolis
    Necropolis Unregistered, are you running Windows Me, 98 or 95. Omegakiller only works with Windows 2000 + Windows XP. A version for the other OS is on its way its just taking longer to sort out.
  23. Dexter
    Dexter
    Unregistered said:
    Hello,

    My browser is hijacked by MySearchNow. I have followed the forum instructions and downloaded OmegaKiller as well.
    I have unzipped the files but when I try to execute OmegaKiller.exe on Windows Me, an error message "The PSAPI.DLL file is linked to missing export NTDLL.DLL:wcslen" is displayed.
    Please give me some advise to resolve the problem. Thank you.

    And if you are running Win 2000 or Xp and get this error, note that there is a PSAPI.dll file in the Zip archive. Move both the OmegakillerSM.exe and the PSAPI.dll file into a folder called OmegakillerSM, and then run the program. It will find the PSAPI.dll file, and work fine.

    Dexter...
  24. Unregistered
    Unregistered Originally posted by Unregistered

    --------------------------------------------------------------------------------

    Hello,

    My browser is hijacked by MySearchNow. I have followed the forum instructions and downloaded OmegaKiller as well.
    I have unzipped the files but when I try to execute OmegaKiller.exe on Windows Me, an error message "The PSAPI.DLL file is linked to missing export NTDLL.DLL:wcslen" is displayed.
    Please give me some advise to resolve the problem. Thank you.
    --------------------------------------------------------------------------------





    And if you are running Win 2000 or Xp and get this error, note that there is a PSAPI.dll file in the Zip archive. Move both the OmegakillerSM.exe and the PSAPI.dll file into a folder called OmegakillerSM, and then run the program. It will find the PSAPI.dll file, and work fine.

    Dexter...

    Hi,
    I did all of that right away, however, i still get the same error message. Is there any other way to get this program running?
    Thanks again.
  25. primesuspect
    primesuspect What version of windows do you have?
  26. Unregistered
  27. primesuspect
    primesuspect Sorry, OmegaKiller just won't work with Windows ME. What you should do is register to our forums, visit our Spyware, Virus, and Trojan discussion area, read these first steps and then post a log for review, and we will be able to get rid of this thing for you.
  28. Unregistered
  29. Unregistered
    Unregistered OMEGAKILLER has sorted out my HiJack... and I've now enabled SpyBot's TeaTimer function so that I can spot those registry key hacks whenever they are attempted.

    Thanks SVT.
  30. Shorty
    Shorty
    Unregistered said:
    OMEGAKILLER has sorted out my HiJack... and I've now enabled SpyBot's TeaTimer function so that I can spot those registry key hacks whenever they are attempted.

    Thanks SVT.
    Good, glad we could help :)
  31. Unregistered
    Unregistered You guys are simply amazing!! The mysearchnow.com toolbar was driving me to the brink of suicide! OMEGAKILLER rules!!!!

    Thanks!!
  32. primesuspect
    primesuspect :eek:

    wow. suicide? I know omegasearch is aggreivating, but wow ;D

    Thanks for the kind words :)
  33. hulagirl
    hulagirl aloha,
    I'm trying to download omegakiller, but cannot .. the messsage says that it is invalid or corrupted. Any advice?
  34. primesuspect
    primesuspect Try using a different browser to download it. Try FireFox (available from my signature)
  35. Unregistered
    Unregistered Hi, i have been plagued by the blue toolbar for many months, i have tried hijackthis and manually deleting registary entries some sites suggest and have got rid of it on a few occasions for a couple of days, now with one click of omega got rid of it in 5 seconds lol, absolutly brilliant program that i will be telling everyone about cheers! i have also read the article and will be taking steps to prevent this happening again.
  36. Unregistered
    Unregistered I have just run omegakiller on my daughter's laptop which was infested with all the material mentioned in your introduction. All the problems now seem to have gone - hopefully for good.
    Thanks very much for the programme and for making it available.