I’m seeing a lot of searches for how to remove the rogue antivirus green AV. It looks like it’s the latest flavor of the minute in the rogue security application crowd. My usual path for removing a rogue antivirus or antispyware application is the same as any other malware, try to get other malware removal software on the system (such as malware bytes antimalware or super antispyware, AVG, spybot etc.) and get them running scans to eliminate it. (Make sure to get updates for the software first.) (Virus Removal Toolkit for links.) If that approach doesn’t get you anywhere then it’s time to find the name of the program file that’s running. It appears that with Green AV to remove it from the running processes you need to kill of the process called gav.exe. You may need to reboot into safe mode, then you can rename (or just delete) the offending program executable…. here’s a suggestion for you.
After booting into safe mode delete or rename C:Program FilesDocuments and SettingsAll UsersApplication DataGAVgav.exe since that’s the main program executable.
Look for mgrdll.exe and delete it and also take out the Application DataGAV folder.
From what I see, for some users they may find GRA instead of GAV for the filename.
Green antivirus 2009 may also go under the name greenav2009.exe in the process manager. Look for anything similar or related to this name if you can’t find one of the items specifically mentioned.
Also if it is named differently than above look to delete or rename the files that you find acting as green av to successfully remove it.
After you have a “foothold” of sorts and have made some progress against a pest like this continue to make sure you get respected malware removal like malware bytes antimalware, sypbot, AVG, etc. on the system and update them, run full scans and test with a few reboots to make sure the baddie doesn’t resurface.
I’m also now seeing a lot of people referring to this as the Green AV virus – which is fitting as these rogue security applications are as bad as a virus (if not worse than some.)
One path to getting things working again may be to use System Restore to roll back to a a system setting date before Green AV was installed on the system. If you are able to do that, go ahead and download the free tools as mentioned to make sure you clean any remaining files off the hard drive. System restore will not remove all the files from your drive associated with green AV, but it will roll back the registry and other applications that launch at boot back to that point in time which should give you a chance to disinfect.
Related PostsRelated Posts
- Rootscan.info? More Rogue Security Software on the horizon? To follow up the last post about watching google hot trends.... I noticed an unusual search in the trends for rootscan.info. It currently seems to redirect to a site talking about rogue antivirus removal so it might not be anything, but the related searches for virus doctor, virus doctor removal,......
- How to Remove Antivirus Live | Antivirus Live Removal Guide Antivirus Live is a rogue antivirus application that usually is installed without the permission of the owner of the computer. Simple web browsing may be enough when visiting the wrong site for this to introduce itself onto the machine via a trojan or even aggressive advertising within the page that......
- So who is behind Windows Police Pro Virus / Rogue Security Software? As I've seen the continuing FLOOD of searches for some way to Remove Windows Police Pro, I've been starting to wonder at the who is behind this particular piece of junk software. These programs aren't written by your average ordinary virus writer, there is really too much spit and polish......
- Installing a Utility Door Utility doors made of steel can be easily installed as a part of a room addition, barn, or garage makeover. With the frame properly sized, pre-hung jambs should fit quite nicely. With a bit of care during shimming, you should a good seal on the weather stripping, and a perfect......
- Free Spyware Removal Software I do not recommend using free spyware removal software for many reason but if your going to you might as well use the best free spyware products out there. In the end of this article we will tell you why not to use these programs as your main source of......
- File Sharing Applications: Another way to be a victim of identity theft… If you are using a peer-to-peer file-sharing program to download music and videos, you may be a prime candidate for Identity Theft. Applications such as Limewire, Edonkey and numerous others on the Internet may also allow individuals to download personal documents from your computer at will. The issue stems from......
- Remove Windows Police Pro
- How to Remove PCSProtector | PCSProtector Removal Guide
- How to Remove Anti-Virus Elite | Anti-Virus Elite Removal Guide
- How to Remove Guard Pro | Guard Pro Removal Guide
- How to Remove ActiveSecurity | Active Security Removal Guide