For the past week, my PCs have been suffering infection by an application named Omiga Plus. I have no idea how this application gets installed on my PC. It infected web browsers and changed their home page and default Search Engine. Omiga Plus has infected all browsers installed on my computer using the technique browser hijacking. Mozilla Firefox, Google Chrome, and Internet Explorer start showing Omiga Plus home page when I start. If I type a Search string on the default Search Engine, it is redirected to http://searches.omiga-plus.com/search/ where a lot of pop-ups and malicious ads are displayed. While checking their website, this software seems a cool product but it, in reality, it is nothing but a browser hijacking tool. This tutorial explains the steps to avoid the infection by this Potentially Unwanted Program and procedure to remove Omiga Plus forever.
First of all, you have to check whether your laptop is infected with this malicious application. All you have to do is to start a browser (Chrome, Internet Explorer, Firefox etc) installed on your laptop and check if you are redirected to a page like below.
Here I have started Mozilla Firefox and suddenly redirected to http://isearch.omiga-plus.com page where a lot of unwanted ads are displayed. If you check the picture shown above, the default search engine is changed from Google to their custom search. If you type a query and press enter button, you will see their search results page with a lot of advertisements.
Reason for This Infection
At first, I didn't have a clue about the origin of this infection. Omiga Plus is not a virus but it is a Potentially Unwanted Program (PUP) which hijack browsers and leads us to unwanted pages which are filled with tons of ads. By behavior, it can be classified as Adware. This PUP came with free software installed one week ago by my friend. He doesn't have much IT experience and I believe he forgot to uncheck the checkbox which offered extra tools where Omiga Plus was listed. So I strongly recommend you to check twice while installing free software on your computer because malicious products like Omiga Plus may be offered by them.
It is a multistage procedure and at first, we have to uninstall this application from our computer by using the Programs and Features tool in Control Panel. Once this application is deleted completely, we have to rectify the modifications it made on browser shortcuts. Now let us check each stages carefully.
1: Uninstall Omiga Plus
You can uninstall this program from Control Panel. Follow the steps below to learn how to complete this task.
2: How to Recover Browsers
Since Omigaplus infects browser shortcuts, we must right click on shortcuts and delete the extra entry added at the target location. Follow the steps below to recover web browsers from Omigaplus infection.
I have checked the Whois Record of their website OMIGA-PLUS.COM but it is under private registration. It is registered with Godaddy and no more contact details are available. See the image below to learn more about it.
Check Whether Your PC Is Infected With Omiga Plus
First of all, you have to check whether your laptop is infected with this malicious application. All you have to do is to start a browser (Chrome, Internet Explorer, Firefox etc) installed on your laptop and check if you are redirected to a page like below.
Here I have started Mozilla Firefox and suddenly redirected to http://isearch.omiga-plus.com page where a lot of unwanted ads are displayed. If you check the picture shown above, the default search engine is changed from Google to their custom search. If you type a query and press enter button, you will see their search results page with a lot of advertisements.
Reason for This Infection
At first, I didn't have a clue about the origin of this infection. Omiga Plus is not a virus but it is a Potentially Unwanted Program (PUP) which hijack browsers and leads us to unwanted pages which are filled with tons of ads. By behavior, it can be classified as Adware. This PUP came with free software installed one week ago by my friend. He doesn't have much IT experience and I believe he forgot to uncheck the checkbox which offered extra tools where Omiga Plus was listed. So I strongly recommend you to check twice while installing free software on your computer because malicious products like Omiga Plus may be offered by them.
Remove Omiga Plus Infection
It is a multistage procedure and at first, we have to uninstall this application from our computer by using the Programs and Features tool in Control Panel. Once this application is deleted completely, we have to rectify the modifications it made on browser shortcuts. Now let us check each stages carefully.
1: Uninstall Omiga Plus
You can uninstall this program from Control Panel. Follow the steps below to learn how to complete this task.
- Go to Control Panel
You can access the Control Panel from the Windows Start menu.
- Click Programs and Features in icon view (or click uninstall a program in Category view).
- Select the application and click the Uninstall button on the top
- It may ask word verification to proceed
2: How to Recover Browsers
Since Omigaplus infects browser shortcuts, we must right click on shortcuts and delete the extra entry added at the target location. Follow the steps below to recover web browsers from Omigaplus infection.
- Right click on browser shortcut
- click on properties
- Check Target
Now let us check the string shown at the target.
Here I can see a string "C:\Program Files\Internet Explorer\iexplore.exe" http://isearch.omiga-plus.com/?type=sc&ts=1402906043&from=epom2ampuid=SAMSUNGXHD161HJ_S0V3J90Q649140 is shown at the target.
- Delete Extra String
We have to delete the extra string after "C:\Program Files\Internet Explorer\iexplore.exe"
- Necessary String at Target
We should repeat the same steps for every browser installed. Here I am providing you the necessary string you should replace with the infection string at the target location.
- Internet Explorer
Correct Target string: "C:\Program Files\Internet Explorer\iexplore.exe"
- Mozilla Firefox
Correct Target String: "C:\Program Files\Mozilla Firefox\firefox.exe"
- Google Chrome
Change the infected string with the following string at target: C:\Users\arvie\AppData\Local\Google\Chrome\Application\chrome.exe
- Torch Browser
For torch browser, you may use the following string. C:\Users\arvie\AppData\Local\Torch\Application\torch.exe
- Internet Explorer
Who is Behind This Application
I have checked the Whois Record of their website OMIGA-PLUS.COM but it is under private registration. It is registered with Godaddy and no more contact details are available. See the image below to learn more about it.
Popular Tutorials
- Industry's Top Rated Free Antivirus
- WScript.exe is Infected By Malware and Firefox Opens Harmful Websites
- Doubleclick Doesn't Open a Folder
- Denial of Service (DOS) attacks Learning Tutorial
