In this article, I am going to detail how the Ontonphu trojan injected into your personal computer, as well as how to delete Ontonphu trojan virus.
What is Ontonphu trojan?
Name | Ontonphu |
Infection Type | Trojan |
Symptoms |
|
Similar behavior | Monder, Redosdru, Karagany, Bedobot, Vafaj, Fakemplay |
Fix Tool | See If Your System Has Been Affected by Ontonphu trojan |
Trojan viruses are one of the leading malware kinds by its injection frequency for quite a long time. And now, during the pandemic, when malware became significantly active, trojan viruses enhanced their activity, too. You can see lots of messages on various sources, where users are grumbling about the Ontonphu trojan virus in their computer systems, and requesting for aid with Ontonphu trojan virus elimination.
Trojan Ontonphu is a sort of virus that infiltrates into your personal computer, and then performs different destructive functions. These features depend upon a sort of Ontonphu trojan: it might work as a downloader for many other malware or as a launcher for another malicious program which is downloaded together with the Ontonphu trojan. Throughout the last two years, trojans are also delivered with e-mail attachments, and in the majority of instances utilized for phishing or ransomware injection.
Ontonphu2 also known as
Bkav | W32.AIDetectVM.malware1 |
Elastic | malicious (high confidence) |
DrWeb | Trojan.DownLoader5.20824 |
MicroWorld-eScan | Gen:Trojan.ShellStartup.cGW@aeH2Zeo |
FireEye | Generic.mg.e88efe2784d996f9 |
ALYac | Gen:Trojan.ShellStartup.cGW@aeH2Zeo |
Cylance | Unsafe |
VIPRE | Trojan.Win32.Generic!BT |
Sangfor | Malware |
CrowdStrike | win/malicious_confidence_100% (D) |
BitDefender | Gen:Trojan.ShellStartup.cGW@aeH2Zeo |
K7GW | Trojan ( 7000000f1 ) |
K7AntiVirus | Trojan ( 7000000f1 ) |
BitDefenderTheta | AI:Packer.75B7B8B01E |
Cyren | W32/Barys.T.gen!Eldorado |
Symantec | ML.Attribute.HighConfidence |
TotalDefense | Win32/Dapato.F!generic |
APEX | Malicious |
Paloalto | generic.ml |
ClamAV | Win.Trojan.Ramage-1 |
Kaspersky | Backdoor.Win32.Ramagedos.pr |
NANO-Antivirus | Trojan.Win32.Agent.cqpzno |
ViRobot | Trojan.Win32.Generic.54784.E |
Tencent | Win32.Backdoor.Ramagedos.Alis |
Ad-Aware | Gen:Trojan.ShellStartup.cGW@aeH2Zeo |
Sophos | Mal/Onton-A |
Comodo | TrojWare.Win32.Agent.qzto@4rargp |
F-Secure | Trojan.TR/Patched.Ren.Gen |
Zillya | Tool.Ramagedos.Win32.2 |
McAfee-GW-Edition | BehavesLike.Win32.Sytro.ph |
Emsisoft | Gen:Trojan.ShellStartup.cGW@aeH2Zeo (B) |
SentinelOne | Static AI – Malicious PE |
Jiangmin | Trojan/Generic.rnqt |
Webroot | W32.Malware.Gen |
Avira | TR/Patched.Ren.Gen |
Antiy-AVL | Trojan/Win32.Agent |
Microsoft | Trojan:Win32/Ontonphu.A |
Arcabit | Trojan.ShellStartup.ED2267F |
AegisLab | Trojan.Win32.Rbot.ldtK |
ZoneAlarm | Backdoor.Win32.Ramagedos.pr |
GData | Gen:Trojan.ShellStartup.cGW@aeH2Zeo |
Cynet | Malicious (score: 100) |
AhnLab-V3 | Trojan/Win32.Agent.R51633 |
McAfee | Generic Dropper.afv |
MAX | malware (ai score=81) |
VBA32 | Trojan.Agent |
Malwarebytes | Malware.AI.1859274746 |
Panda | Generic Malware |
ESET-NOD32 | Win32/Flooder.Ramagedos.E |
TrendMicro-HouseCall | TROJ_PAM_0000030200.T3 |
Rising | Trojan.Generic@ML.98 (RDML:xcpGlri+K5Tj01NU4gip+g) |
Yandex | Trojan.GenAsa!ikTQWPnJtjA |
Ikarus | Trojan.Flooder.JBO |
eGambit | Unsafe.AI_Score_100% |
Fortinet | W32/Ramagedos.XS!tr |
AVG | Win32:Downloader-LWI [Trj] |
Avast | Win32:Downloader-LWI [Trj] |
Qihoo-360 | Win32/Trojan.1cd |
Domains that associated with Ontonphu:
0 | testse.in |
1 | kgjghh.in |
2 | lyam2zw.in |
What are the symptoms of Ontonphu trojan?
- Attempts to connect to a dead IP:Port (1 unique times);
- Possible date expiration check, exits too soon after checking local time;
- A process attempted to delay the analysis task.;
- Installs itself for autorun at Windows startup;
- Operates on local firewall’s policies and settings;
- Anomalous binary characteristics;
The typical indicator of the Ontonphu trojan virus is a gradual entrance of a wide range of malware – adware, browser hijackers, and so on. Due to the activity of these harmful programs, your personal computer ends up being really sluggish: malware uses up big amounts of RAM and CPU abilities.
An additional detectable result of the Ontonphu trojan virus presence is unknown operations showed in task manager. Often, these processes may try to mimic system processes, but you can understand that they are not legit by taking a look at the source of these processes. Quasi system applications and Ontonphu trojan’s processes are always listed as a user’s processes, not as a system’s.
How to remove Ontonphu trojan virus?
- Download and install Loaris Trojan Remover.
- Open Loaris and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Approve the reset pressing “Yes” button in the appeared window.
- Restart your computer.
To clean up Ontonphu trojan and ensure that all added malware, downloaded with the help of this trojan, will be wiped out, too, I’d advise you to use Loaris Trojan Remover.
Ontonphu removal guide
To spot and eliminate all malware on your PC using Loaris, it’s better to use Standard or Full scan. Removable scan, as well as Custom, will check only specified locations, so such checks are not able to provide the full information.
You can see the detects during the scan process goes. Nonetheless, to execute any actions against detected viruses, you need to wait until the scan is finished, or to stop the scan.
To designate the specific action for each detected malware, click the button in front of the detection name of detected viruses. By default, all malware will be moved to quarantine.
How to remove Ontonphu Trojan?
Name: Ontonphu
Description: Trojan Ontonphu is a kind of virus that infiltrates into your computer, and after that performs different destructive functions. These features depend upon a type of Ontonphu trojan: it can act as a downloader for many other malware or as a launcher for another destructive program which is downloaded in addition to the Ontonphu trojan. During the last two years, trojans are also dispersed via e-mail attachments, and most of situations utilized for phishing or ransomware infiltration.
Operating System: Windows
Application Category: Trojan