Ghost-Antivirus.com

By GoldSparrow in Rogue Websites

Translate To:

Ghost-Antivirus.com is a very deceiving web site that was created by hackers to advertise and sell the rogue security program called Ghost Antivirus. Ghost-Antivirus.com is not associated with the legitimate security program Ghost Antivirus from Symantec. Ghost-Antivirus.com can be very confusing in the way it describes the rogue Ghost Antivirus as a program that can detect and remove viruses. The rogue Ghost Antivirus cannot be trusted to perform any kind of helpful function on any computer. It is recommended that computer users avoid the Ghost-Antivirus.com website altogether.

Table of Contents

File System Details

Ghost-Antivirus.com may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%WINDOWS%\System32\[random symbols].dll
Name: %WINDOWS%\System32\[random symbols].dll Type: Dynamic link library
2.	%Program Files%\Ghost Antivirus\lib\WMILib.dll
Name: %Program Files%\Ghost Antivirus\lib\WMILib.dll Type: Dynamic link library
3.	%Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\unins000.exe
Name: %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\unins000.exe Type: Executable File
4.	%Program Files%\Ghost Antivirus\ghostav.exe
Name: %Program Files%\Ghost Antivirus\ghostav.exe Type: Executable File
5.	%Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Windows\services.exe
Name: %Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Windows\services.exe Type: Executable File
6.	%Program Files%\Ghost Antivirus\unins000.dat
Name: %Program Files%\Ghost Antivirus\unins000.dat Type: Data file
7.	%Program Files%\Ghost Antivirus\working.log
Name: %Program Files%\Ghost Antivirus\working.log
8.	%Program Files%\Ghost Antivirus\lib\ghost.sql
Name: %Program Files%\Ghost Antivirus\lib\ghost.sql
9.	%Program Files%\Ghost Antivirus\lib\version.db
Name: %Program Files%\Ghost Antivirus\lib\version.db
10.	%Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\Ghost Antivirus Home Page.lnk
Name: %Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\Ghost Antivirus Home Page.lnk Type: Shortcut
11.	%Documents and Settings%\All Users\Application Data\Ghost Antivirus\
Name: %Documents and Settings%\All Users\Application Data\Ghost Antivirus\
12.	%Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Windows\pguard.ini
Name: %Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Windows\pguard.ini
13.	%Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\
Name: %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\
14.	%Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\times.conf
Name: %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\times.conf
15.	%Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
Name: %Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
16.	%Program Files%\Ghost Antivirus\register.ico
Name: %Program Files%\Ghost Antivirus\register.ico
17.	%Program Files%\Ghost Antivirus\web.ico
Name: %Program Files%\Ghost Antivirus\web.ico
18.	%Program Files%\Ghost Antivirus\lib\
Name: %Program Files%\Ghost Antivirus\lib\
19.	%Program Files%\Ghost Antivirus\lib\listing.cfg
Name: %Program Files%\Ghost Antivirus\lib\listing.cfg
20.	%Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\
Name: %Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\
21.	%Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\Purchase License.lnk
Name: %Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\Purchase License.lnk Type: Shortcut
22.	%Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\uill.ini
Name: %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\uill.ini
23.	%Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\Uninstall Ghost Antivirus.lnk
Name: %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\Uninstall Ghost Antivirus.lnk Type: Shortcut
24.	%Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\properties
Name: %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\properties
25.	%Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
Name: %Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
26.	%Program Files%\Ghost Antivirus\
Name: %Program Files%\Ghost Antivirus\
27.	%Program Files%\Ghost Antivirus\uninst.ico
Name: %Program Files%\Ghost Antivirus\uninst.ico
28.	%Program Files%\Ghost Antivirus\Languages\
Name: %Program Files%\Ghost Antivirus\Languages\
29.	%Program Files%\Ghost Antivirus\lib\Infected.wav
Name: %Program Files%\Ghost Antivirus\lib\Infected.wav
30.	%Documents and Settings%\All Users\Desktop\Ghost Antivirus.lnk
Name: %Documents and Settings%\All Users\Desktop\Ghost Antivirus.lnk Type: Shortcut
31.	%Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\Ghost Antivirus.lnk
Name: %Documents and Settings%\All Users\Start Menu\Programs\Ghost Antivirus\Ghost Antivirus.lnk Type: Shortcut
32.	%Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\settings.ini
Name: %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\settings.ini
33.	%Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
Name: %Documents and Settings%\[User Name]\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
34.	%Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\links.txt
Name: %Documents and Settings%\[User Name]\Application Data\Ghost Antivirus\lib\links.txt
35.	%Documents and Settings%\[User Name]\Application Data\Microsoft\Internet Explorer\Quick Launch\Ghost Antivirus.lnk
Name: %Documents and Settings%\[User Name]\Application Data\Microsoft\Internet Explorer\Quick Launch\Ghost Antivirus.lnk Type: Shortcut

Registry Details

Ghost-Antivirus.com may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\FTP "SearchDir" = "%Program Files%\Ghost Antivirus\"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "3P_UDEC"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe "Debugger" = "?"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ghost Antivirus_is1

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Ghost Antivirus"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "RealLogonType" = "1"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run “onin”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent "URIAPRO[1.1.3.9]"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe "RealDebugger" = "?"

URLs

Ghost-Antivirus.com may call the following URLs:

93.174.95.194 Ghost-antivirus com

93.174.95.194 Ghost-pay com

93.174.95.194 Ghostantivirus com

93.174.95.194 Ghostpays com

93.190.140.165 Softwareanti com

93.190.140.165 Softwarejar com

93.190.140.165 Softwarerising com

93.190.140.165 Softwaresecure net

93.190.140.165 Softwarespam net

93.190.140.165 Softwarespyware net

93.190.140.165 Softwarethe net

93.190.140.165 Softwarethreats com

93.190.140.165 Softwarethreats net

93.190.140.165 Softwarexp net

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Ghost-Antivirus.com

File System Details

Registry Details

URLs

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen