How to Remove
   Leading Windows Vista Repair Site on the Web!

Computer Repair Security Tool Virus Removal Registry Cleaner Windows 7
Top Virus Threats

Do You Need Help?

www.onlinecomputerrepair.org can 100% remove all viruses and spyware online for you. The cost is low and they work fast.
 

Ghost Antivirus Removal

Having Trouble removing Ghost Antivirus?
Try Spyware Doctor With Antivirus » Download

If you find the removal guide below too hard to follow or just want an expert to remove this for you then consider www.onlinecomputerrepair.org. They are a great company and I know you will be taken care of. It's a very fast way to repair your computer with out you having to do anything.

Ghost Antivirus removal

Ghost Antivirus Removal Software » Download

What is Ghost Antivirus?

Ghost Antivirus is a rogue piece of software that behaves in a similar fashion to Internet Antivirus Pro. It tries to emulate a security application by showing various pop-ups in and mislead users into purchasing a license for the software. The most common way for Ghost Antivirus to get installed on a computer is via fake websites which advertise virus scans and try to convince users that their computers are affected with a number of viruses. These websites will repeatedly warn users that their computers are under threat and advise them to download and install Ghost Antivirus. If a user is tricked into downloading this software, it will load at system startup and start displaying various pop-ups claiming that the user’s system is affected by viruses, and that an immediate scan is necessary. It also claims that the currently installed ‘trial’ version of Ghost Antivirus is incapable of cleaning these viruses, and directs the user to purchase the ‘full’ version of the software. However, as this piece of software is completely fake there is no way that it could clean your computer in any way, so users should be careful not to fall for this form of trickery.

As soon as you find a copy of this rogue software on your system, you should take steps to remove it. The steps in the process of Ghost Antivirus removal are outlined in the following sections. Users should consider scanning the entire computer with a genuine antivirus product such as Spyware Doctor with Antivirus » download to make sure that there are no auxiliary infections present.

How to Remove Ghost Antivirus ?

File Removal Procedures

Before trying to remove files related to Ghost Antivirus, it is necessary to stop its running processes. For this, the following processes should be stopped:

  • Processes ending with onin.exe (e.g. 235asrstonin )
  • ghostav.exe
  • unins000.exe
  • services.exe

Next, the following DLLs which are related to Ghost Antivirus should be unregistered:

  • WMILib.dll
  • [random symbols].dll

Finally, the following files and folders should be removed:

  • ghostav.exe
  • register.ico
  • unins000.dat
  • uninst.ico
  • web.ico
  • working.log
  • ghost.sql
  • Infected.wav
  • listing.cfg
  • version.db
  • WMILib.dll [random symbols].dll
  • Ghost Antivirus.lnk
  • Ghost Antivirus Home Page.lnk
  • Ghost Antivirus.lnk
  • Purchase License.lnk
  • settings.ini
  • uill.ini
  • unins000.exe
  • Uninstall Ghost Antivirus.lnk
  • links.txt
  • times.conf
  • Ghost Antivirus.lnk
  • iGSh.png iMSh.png
  • iPSh.png
  • pguard.ini
  • services.exe
  • [random symbols]onin.exe
  • %Program Files%\Ghost Antivirus\
  • %Program Files%\Ghost Antivirus\Languages\
  • %Program Files%\Ghost Antivirus\lib\
  • %Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\
  • %Documents and Settings%\All Users\Application Data\Ghost Antivirus\
  • %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\

After you have completed these steps, you have completed the file removal phase of Ghost Antivirus removal.

Registry Removal Procedures

Removing files and folders alone is not sufficient to be completely rid of Ghost Antivirus. The following registry entries should also be deleted:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ghost Antivirus_is1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
  • HKEY_CURRENT_USER\Software\Microsoft\FTP “SearchDir” = “%Program Files%\Ghost Antivirus\”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run “onin”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Ghost Antivirus”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “3P_UDEC”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent “URIAPRO[1.1.3.9]“
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe “Debugger” = “?”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe “RealDebugger” = “?”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon “RealLogonType” = “1?

Once these registry keys and settings are removed, your system is completely free from Ghost Antivirus.

Conclusion

Manual Ghost Antivirus removal is not recommended for inexperienced users, as any wrong move could cause further damage to your computer. If you are an inexperienced user, it would be best to use a web-based repair service such as the one provided by www.onlinecomputerreoair.org or legitimate antivirus software such as Spyware Doctor with Antivirus » download.


Tags:

 Delete Ghost Antivirus | Ghost Antivirus Removal | How to Delete Ghost Antivirus | Remove Ghost Antivirus | Ghost Antivirus