I’m seeing a lot of searches for how to remove the rogue antivirus green AV. It looks like it’s the latest flavor of the minute in the rogue security application crowd. My usual path for removing a rogue antivirus or antispyware application is the same as any other malware, try to get other malware removal software on the system (such as malware bytes antimalware or super antispyware, AVG, spybot etc.) and get them running scans to eliminate it. (Make sure to get updates for the software first.) (Virus Removal Toolkit for links.) If that approach doesn’t get you anywhere then it’s time to find the name of the program file that’s running. It appears that with Green AV to remove it from the running processes you need to kill of the process called gav.exe. You may need to reboot into safe mode, then you can rename (or just delete) the offending program executable…. here’s a suggestion for you.
After booting into safe mode delete or rename C:Program FilesDocuments and SettingsAll UsersApplication DataGAVgav.exe since that’s the main program executable.
Look for mgrdll.exe and delete it and also take out the Application DataGAV folder.
From what I see, for some users they may find GRA instead of GAV for the filename.
Green antivirus 2009 may also go under the name greenav2009.exe in the process manager. Look for anything similar or related to this name if you can’t find one of the items specifically mentioned.
Also if it is named differently than above look to delete or rename the files that you find acting as green av to successfully remove it.
After you have a “foothold” of sorts and have made some progress against a pest like this continue to make sure you get respected malware removal like malware bytes antimalware, sypbot, AVG, etc. on the system and update them, run full scans and test with a few reboots to make sure the baddie doesn’t resurface.
I’m also now seeing a lot of people referring to this as the Green AV virus – which is fitting as these rogue security applications are as bad as a virus (if not worse than some.)
One path to getting things working again may be to use System Restore to roll back to a a system setting date before Green AV was installed on the system. If you are able to do that, go ahead and download the free tools as mentioned to make sure you clean any remaining files off the hard drive. System restore will not remove all the files from your drive associated with green AV, but it will roll back the registry and other applications that launch at boot back to that point in time which should give you a chance to disinfect.
Related PostsRelated Posts
- Remove Proof Defender | Proof Defender Removal Proof Defender is another rogue security application that acts and claims to be antispyware/antivirus, but in reality is nothing more than a scam to get your dollars for a program that raises red flags over imaginary viruses and claims to clean them. It's related to the Perfect Defender 2009 family......
- How to Remove Anti-Virus Elite | Anti-Virus Elite Removal Guide Anti-Virus Elite is a rogue antivirus application. These rogue antivirus applications pose as a legitimate security application, but in reality is a scam to try to trick you out of money. They will find and claim that there are multiple security problems with your computer. They will claim that you......
- Rootscan.info? More Rogue Security Software on the horizon? To follow up the last post about watching google hot trends.... I noticed an unusual search in the trends for rootscan.info. It currently seems to redirect to a site talking about rogue antivirus removal so it might not be anything, but the related searches for virus doctor, virus doctor removal,......
- File Sharing Applications: Another way to be a victim of identity theft… If you are using a peer-to-peer file-sharing program to download music and videos, you may be a prime candidate for Identity Theft. Applications such as Limewire, Edonkey and numerous others on the Internet may also allow individuals to download personal documents from your computer at will. The issue stems from......
- Installing a Utility Door Utility doors made of steel can be easily installed as a part of a room addition, barn, or garage makeover. With the frame properly sized, pre-hung jambs should fit quite nicely. With a bit of care during shimming, you should a good seal on the weather stripping, and a perfect......
- Solidifying WP Security Designed with PHP, and powered by mySQL directories, WordPress is used by an amazing 8.5% of all websites. Web delivered spyware and web page hacking are becoming progressively more common. With such a lot of web content using WordPress as a CMS, any security weaknesses in the CMS structure or......
- Remove Windows Police Pro
- How to Remove PCSProtector | PCSProtector Removal Guide
- How to Remove Anti-Virus Elite | Anti-Virus Elite Removal Guide
- How to Remove Guard Pro | Guard Pro Removal Guide
- How to Remove ActiveSecurity | Active Security Removal Guide