Found a virus on my comp yesterday, it's called, 'rem163f.exe' (adware).. It's bringing up a 'passthrough' when I load IE and then opens up a little search bar at the bottom of my screen (omega-search).. I was able to kill the search bar by running 'HijackThis' however, when I reboot, it comes back again.. I have also tried running, 'Spybot Search And Destroy' and 'Ad-aware 6' but it's not being detected by them.. So far, only my Norton has picked it up, however, it wont let me delete it.. It always says to 'exclude'.. Anyone have any experience with this crap? Willing to help me out?


Thanks in advance

When you figure this one out, let me know...I have the same thing on my computer, nothings worked, not even stuff like XBlocker, which you have to pay for.

This might help:

Computer Cops Forum - Omega-search spyware (http://computercops.biz/postp250296.html)

Hey Matt, have you tried this?
http://www.soft32.com/download-CWShredder-19014-5.html

Hope this helps. Spyware sucks eggs.

go to run program in your start menu, type in msconfig, press ok. then go to the startup tab and see if it is listed, if it is uncheck it. also can do a search your computer for that program in your start menu and when it is found delete it. also delete all temp files, temp internet files and cookies on you computer by going to tools , internet options in internet explorer.. good luck

I had the same problem on my work comp with "Virtual Bouncer" It literally just installs itself on your comp and is difficult to get rid of because it automatically reinstalls after each reboot. I wish I could remember what I did to get it off the automatic installation, but perhaps someone else might know? I'll try and figure it out and get back to you!

If you are running off of Windows XP go to your control pannel > Add/Remove Programs then find it on the list and click un install :)

Thanks everyone. I have tried CW Shredder, didn't work.. I have gone to your link Hilde, same thing.. I have checked in Add/Remove Programs and it is not listed.. I will try Sweet's idea now.. Thanks guys, you rule..

-Matt

Hey Matt, spysweeper IMO Is by far the best adaware program. I run it periodically and it never ceases to amaze me with all the crap it finds. Have you tried it?

I found another forum where they give detailed info to remove the Omega-search. May as well try this one, see if it helps:
http://www.short-media.com/forum/showthread.php?t=14809

Should all else fail, if you don't have any registry cleaners, try installing one to see if you can track it down. I use RegCleaner (not Regclean by MS). RegSupreme (formerly called RegCleaner) (http://www.docsdownloads.com/regclean.htm) You can get the new or original version at this site. Even though it works on the registry, it's got lots of safety and backup features, I've never had problems with it. With RegCleaner, you can disable a program from running on start-up, and also uninstal.


The best thing to use is probably AIDA32, a free program that can tell you exactly what's on your computer (and it'll tell you more than you might want to know, or imagined there is to know about your PC). If you decide to download it, it can tell you where the Omega-search is, if it's registered as a service, run, run-once etc, so you can locate and delete/disable it.
AIDA32 - Personal System Information 3.93 download from MajorGeeks (http://www.majorgeeks.com/download181.html). Just go to the Registry entry on the 'treeview', and click on the various choices. It should show you where this 'virus' thingee is hiding. If nothing else, it can show you a lot of possible problems brewing that you never suspected.
The programmer has closed his site due job related reasons since I downloaded my copy, but it's still available on a few download sites.

I tried the first one you mentioned Hilde, and when i checked in safe mode, the files they say to delete, we'rent found..

I tried Reg Supreme, but it's honestly a bunch of jibberish to me.. LOL.. Im still trying to figure it out..

AIDA32 is more of the same to me...

You could allwasy try and search the registry for the file name. It has to be started from somewhere and all information about your OS is contained in the registry.

Please note that if you modify something in your registry it could completly hose your entire system, so if you don't feel comfortable doing it, don't bother.

Might be easier at the end of the day to just save your data somewhere and rebuild the OS. Most times spyware and pop ups and things like that really dig down deep in your system and are never really gone, it's better just to format the os and start over sometimes instead of just trying to bandaid the problem.

might also turn off your system restore, sometimes things can get backed up in it. To delete windows temp fies, go into safe mode and type in %temp% in explorer. also can check if the program is running in the background by hitting ctlr alt delete and check the processes tab (in regular mode not safe)

Matt- I wouldn't mess with the registery if you don't know what you are doing. These babies will hatch soon so worst case scenario, deal with it until my Matt can come save you when we come up! LOL :P :P

Marisa

Marisa, i was actually just thinking the same thing.. I think that definatly sounds like a plan..

Can anyone recommend something to prevent this crap from infecting the comp??? I have Norton Internet Security Professional 2004 right now.. Also have a crap load of spyware stuff. None of which seem to be good enough if it's all still there, huh???

Also, i have been trying to remove this virus from Norton and it wont let me.. It says, 'cannot delete file'.. I was going to call Norton, but they charge an arm, leg and other for their tech support.. Anyone know why this might be? (that i can't delete it)

Thanks everyone, your help is appreciated.

Yo Try a different anti virus like macafee since i hear it detects better then the norton. i dont know anything else i can think off unless you format your pc.

~NESSY~

a lot of times if the "virus" is running or is write protected it cant be deleted, you could try doing a virus scan while in safe mode to see if it can be removed that way. do you know how to get in safe mode?

If it says cannont delete, check the path of the file, very well could be that the file doesn't exist as it was already deleted the second norton found it (don't ask me why it doesn't say it deleted it, but I find that Mcafee does that as well)

As for preventing spyware and junk, best way is to be proactive. Don't surf stupid sites, ones with tons of pop ups. Crack sites, porn sites, sites you don't know very well, any site that asks you to install anything. NEVER click "yes" when anything asks to register or install, allways click the "X" in the upper right hand corner. Firewalls are allways good, BlackIce works well for me, let me know and I'll hook you up with a copy. Virus scanners like norton and Mcafee are good for viruses, they not the greatest for preventing spyware and pop ads and crap like that.

Sweet: Yeah, i know how to boot in safe mode :D

Vengence: Thanks, I have Norton Pro, so i have the Virus scan and the Firewall.. I never install stuff i don't recognize.. Pop sites, the only one i frequent is suprnova, i can't live without my movies..

Looks like i'll try the scan in safe mode, then just give up if that doesn't work.. I'll have Marisa's BF fix it for me, the guy is a freaking NERD.. :D Besides, it would be nice to start fresh again..

Thanks again for all the help,
-Matt

i started using mozilla firefox instead of internet exploroer because of all the crap spyware i was getting. you can get it here
http://www.mozilla.org/products/firefox/

i started using mozilla firefox instead of internet exploroer because of all the crap spyware i was getting. you can get it here



http://www.mozilla.org/products/firefox/

Thanks Sweet.. I got rid of the Omega crap, honestly, i have no idea what did it, but it's gone now.. Im still going to reformat and Marisa has me seriously considering Linux now..

-Matt

I use a program called zone alarm pro... I love it. Keeps everything out. It acts as a gate to the internet and anytime something in your comp tries to access the net it blocks it and asks for permission to let a said program access. For frequently used programs you can give them a permenent pass so it isn't popping up all the time...;)

I like SUSE Linux

I have a similar thing on my computer...except it's mysearchnow. I think it was added when i had put msn plus on my computer (not sure though) it's a pain in the butt to get rid of i haven't yet :( and those trojan viruses aren't helping either!!! Grrr i hate computers!

For other people reading the thread:

Ad-Aware - www.lavasoftusa.com

Spybot Search and Destroy - http://security.kolla.de

Free antivirus software - www.grisoft.com

Free virus scans via Web (requires IE or Netscape, doesn't seem to work in Mozilla or Firefox)
http://housecall.antivirus.com
http://www.pandasoftware.com

Emergency Boot CD:
http://ebcd.pcministry.com/
The EBCD contains tools for recovering deleted files, managing partitions, and generating hardware inventories, and recovering Windows passwords. Contains other useful stuff too.

Knoppix: www.knoppix.de
A linux distro that runs from a bootable CD. Great for people who want to check email or surf from someone else's machine without risk of passwords being grabbed by infectious software on the machine in use. Help forums can be found at www.knoppix.net

Windows Registry Tutorial - http://www.winguides.com/article.php?id=1&guide=registry

If you have to edit the registry to get rid of the last traces of a virus or worm, it's best to go in knowing what you're doing. This can help.


How to Start Your Computer in Safe Mode:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406?OpenDocument&src=sec_doc_nam

My advice-sledge hammer:D I have so many problems I don't know where to begin! Missing this, got that, virus here, and over there. Crap! The only thing I do know is that I don't know anything about computers lol I'm taking everyone's advice on this thread and will fix these problems if it kills me. Grrrrr........

Julie

Mike, Awesome post bro.. Thanks for that.. I Knew of most of those sites, but the rest were new to me.. Can never have to many links like that.. :D

Hey, I had the same problem and was able to fix it. I know what some of you are going to say but it works so you might want to try using mcafee. I have got may trojan and all other types or viruses and mcafee has always detected them and deleted then for me. I only heard bad things about mcafee but tried it anyway and low and behold it really works. go figure. after you have done that go into add/remove and look really hard (not that you have not done that) but sometimes you dont see it right away they are sometime inside other programs but look again and if you find it remove it. I hope this helps well it helped me so good luck. i have found with all my computer schooling that sometimes it is just as easy as pie and sometime it is right there.

Matt,

Here's a few for ya to check out



http://www.free-av.com/
Antivir
Regular definition file updates

Better then NOrton and McAfee
Note make sure you strip out Norton completely from your system before installing, don't forget to check the Services section on your system as well for automatic start-ups. YOU will find stuff from norton there, even after a removal. Do your initial system scan disconnected from the net

http://www.ada-ware.com/
Ad-aware 6.0
Signature files updated regularly
Catches Spyware and Adware


and

http://www.safer-networking.org/en/spybotsd/index.html
Spybot Search and Destroy
Use with the above to catch it all


http://www.sygate.com/
Personal Firewall Protection


http://www.iolo.com/sm/
System Mechanic, lots of very useful Tools


This is what keeps me safe. Hope these help ya. I would suggest doing the system wipe out and OS rebuild and then immediately installing these programs. Some are free, some are purchaseable, all are good. If you need a hand, drop me a PM

Good luck

Jim