Tuesday, October 14, 2008

OnFlow Adware

Removing OnFlow
Categories: Adware
Adware are programs that facilitate delivery for advertising content to the user and in some cases gather information from the user's computer, including information related to Internet browser usage or other computer habits
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\internet explorer\plugins\nponflow.dll
[%PROGRAM_FILES%]\internet explorer\plugins\onflowplayer0.dll
[%PROGRAM_FILES%]\internet explorer\plugins\onflowreport.exe
[%PROGRAM_FILES%]\intern~1\plugins\nponflow.dll
[%PROGRAM_FILES%]\intern~1\plugins\onflowplayer0.dll
[%WINDOWS%]\temp\of_stub_ins_w_2071.exe
[%PROGRAM_FILES%]\internet explorer\plugins\nponflow.dll
[%PROGRAM_FILES%]\internet explorer\plugins\onflowplayer0.dll
[%PROGRAM_FILES%]\internet explorer\plugins\onflowreport.exe
[%PROGRAM_FILES%]\intern~1\plugins\nponflow.dll
[%PROGRAM_FILES%]\intern~1\plugins\onflowplayer0.dll
[%WINDOWS%]\temp\of_stub_ins_w_2071.exe

How to detect OnFlow:

Files:
[%PROGRAM_FILES%]\internet explorer\plugins\nponflow.dll
[%PROGRAM_FILES%]\internet explorer\plugins\onflowplayer0.dll
[%PROGRAM_FILES%]\internet explorer\plugins\onflowreport.exe
[%PROGRAM_FILES%]\intern~1\plugins\nponflow.dll
[%PROGRAM_FILES%]\intern~1\plugins\onflowplayer0.dll
[%WINDOWS%]\temp\of_stub_ins_w_2071.exe
[%PROGRAM_FILES%]\internet explorer\plugins\nponflow.dll
[%PROGRAM_FILES%]\internet explorer\plugins\onflowplayer0.dll
[%PROGRAM_FILES%]\internet explorer\plugins\onflowreport.exe
[%PROGRAM_FILES%]\intern~1\plugins\nponflow.dll
[%PROGRAM_FILES%]\intern~1\plugins\onflowplayer0.dll
[%WINDOWS%]\temp\of_stub_ins_w_2071.exe

Folders:
[%PROGRAM_FILES%]\internet explorer\plugins\onflow
[%PROGRAM_FILES%]\internet explorer\plugins\ieonflow.dll
[%PROGRAM_FILES%]\onflow
[%WINDOWS%]\temp\onflow

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{0cef79cb-d373-11d3-a7d3-00062962bf17}
HKEY_CLASSES_ROOT\clsid\{0cef79d8-d373-11d3-a7d3-00062962bf17}
HKEY_CLASSES_ROOT\ieonflow.ieonflow1
HKEY_CLASSES_ROOT\ieonflow.ieonflow1.7
HKEY_LOCAL_MACHINE\software\classes\clsid\{0cef79d8-d373-11d3-a7d3-00062962bf17}
HKEY_LOCAL_MACHINE\software\classes\ieonflow.ieonflow1
HKEY_LOCAL_MACHINE\software\classes\ieonflow.ieonflow1.7
HKEY_LOCAL_MACHINE\software\classes\typelib\{0cef79cb-d373-11d3-a7d3-00062962bf17}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\plugins\extension\.ofb
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\onflow
HKEY_LOCAL_MACHINE\software\onflow

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\plugins\extension
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing OnFlow:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
DlToon Trojan Removal instruction
Bopninja Trojan Symptoms
Removing Klemfor Trojan
Removing All.in.One Spyware
Remove ClickTheButton Adware

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)