TSPY_ONLINEG.OMU is a malicious Trojan virus with high damage potential and information exposure capabilities just like what the kind of rogue Spywares can do. This virus was found to be hosted on certain compromised websites, which can be downloaded and dropped by other malware when you surf the Internet. When you click on some coupons/ads/other pop-up box with attractive features and download needed program on unsafe website, the virus can be installed with a automatic and impalpable way at the same time. For being a member of trickily designed malicious viruses, the Trojan virus can’t be allowed you to discover itself identity nor do you realize it is in your computer until various detected alerts displayed on your anti-virus program. Its destructive abilities are quite beyond your imagination as it never sends out apparent indications what it has done on the infected computers. It would make you very passive and scared because you don’t know what damage have the Trojan virus done and what will it do. Aside from stealing credentials from specific online games, it also downloads backdoor detected as TSPY_ONLINEG.OMU. Which allows hijackers accessing to the infected computer and let they exert themselves to damage target computers and steal confidential personal data. To get a one-Glance comprehensive view of the harm behavior of this TSPY_ONLINEG.OMU Trojan virus, refer to the Threat list shown as below:
1) Malicious routines of the downloaded files can be exhibited on the infected system and the virus moment by moment tampers with system registry entries through infected files so that it can spread all over system and destructive the infected computer.
2) The most obvious phenomenon is that the virus aims at degrade your computer performance and keep exploiting vulnerabilities into infected system, slowdown and freeze problems must become commonplace, and the computer always shows you Not Responding or a waiting hourglass instead of following your commands.
3) Intentionally compromises and changes default Internet settings and then tracks your browser’s cookies, browsing history to collect your online activities thereby easily stealing your money.
4) Your crucially essential files would be encrypted or hidden by the evil TSPY_ONLINEG.OMU Trojan virus.
5) Terminates core processes so that disable a plenty of programs like anti-virus programs/ Internet connection/on the infected PC, and even more pop-up a serial of blue screen codes so that you can do nothing to rescue your computer.
6) More seriously, steal confidential information such as user names and passwords, Credit Card number and password, Email account and Password, and other personal privacy may be used by cybercriminals for malicious activities. Especially to gain illegal profits.
For the virus has disabled a lot of programs on the infected computer, you have to do the first step- Booting up the infected computer with safe mode with networking. This safe mode plays a key role on partly enabling some needed programs, and then you can proceed to fix the TSPY_ONLINEG.OMU virus.
First step- Safe mode with networking
For Windows 7& Windows Vista & Windows XP-Access to Safe Mode with Networking
Totally shut down the infected computer that has TSPY_ONLINEG.OMU virus, when it is finished you need press power button to start it again, but the difference is that it requires you press F8 key on the first line of keyboard constantly before Windows launches on. Later after that, Windows Advanced Options menu with all kinds of safe modes may shows up. Like Safe Mode, Safe Mode with Networking, Safe Mode with Command Prompt. When you see on this menu, press up-down key to highlight Safe Mode with Networking, then press Enter key. Please wait for a moment until the Windows is booted into system.
For Windows 8-Access to Safe Mode with Networking
1. Start and login the infected computer.
2. Press the Ctrl+ Alt+ Del combination key, it will brings you to the Switch User interface.
3. Always hold down the “Shift” key on the keyboard by your left hand, click on “Shut down” button once on the bottom right corner of the page via your right hand.
4. There will be three options there: Sleep, Shut down and Restart. Click on Restart option.
5. It will bring you to the next window says ‘Choose an Option’ screen,” then you need select “Troubleshoot.”
6.On the troubleshoot page click on ‘Advanced Options’, then in the following window choose ‘startup settings
7. Choose ‘restart,’ and then wait for a minute. Windows will automatically display Safe mode options. At last press F5/5 key to highlight Safe Mode with networking option, hit enter key as well. That’s all steps to make Windows 8 Operating system booted up with safe mode with networking. Continue the following steps to fix TSPY_ONLINEG.OMU Trojan virus.
Second step- End TSPY_ONLINEG.OMU virus process
Together Press Ctrl+ Shift+ Esc or Ctrl+ Alt+ Del keys, then in the Windows Task Manager window select on Process tab. Scroll down and locate to suspicious file (random), then click on End process. If you find more than one suspicious files, you can end them process one by one.
Third step- You should show the hidden files at first that you can easily find the TSPY_ONLINEG.OMU files. Click on Start button-> Click on Control Panel->Double click on Files and Folder Option->Select View tab->Check “Show hidden files, folders and drives”->Uncheck “Hide protected operating system files (Recommended). Then click ok to finish the changes. Later after that, open Local system disk, delete virus files.
C:\windows\system32\services.exe (randomly named).
C:\Documents and Settings\{user name}\Local Settings\Temp\del{random}.bat
Fourth Step- Delete registry entries associated with TSPY_ONLINEG.OMU virus.
Click on start button, type regedit in search box, hit enter key. Registry Editor pops-up. Delete the below registries.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “.exe”HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “DisableTaskMgr” = ’1′
The TSPY_ONLINEG.OMU virus is exactly a huge threat for the target victims no matter it is financial loss and spiritual panic. Many computer users have experienced such bad things. More importantly, it is not easy to get rid of such Trojan virus especially to those people who don’t have much knowledge about computers. More importantly, the virus constantly varies its files every time, so there won’t have some particular virus file and registry entries you can follow. The files and registry mentioned above are the mainly helpful reference information. Please be careful when you remove the virus files with yourself, if you have more questions about removing the TSPY_ONLINEG.OMU virus, you can contact VilmaTech Online support to consult.
