How to remove Green AV
Wednesday, August 26th, 2009 at 12:31 amHome » Rogue Antispyware » Green AV
Green AV description
Green AV is a rogue anti-spyware tool coming from the family of the notorious fake security programs Green Antivirus, Green Antivirus 2009 and GreenAntivirus2009. Most likely the creators of these bogus applications had the idea of deceiving the internet users by convincing them that the word green in the name of the program means that it has something positive in it. GreenAV performs no useful actions or processes. In fact, what it actually does is corrupt the system, weaken it’s security and make it available for other malware to enter.
Green AV itself gets into the system with the help of Vundo trojan, other malware or some viruses. Once inside the computer GreenAV reduces the system performance, generates fake security scans and warning messages issuing misleading results. Green AV pretends to be a legitimate system security software although it’s not. Please note that purchasing, downloading or installing GreenAV may lead to some serious system disorders or damages and put your private data at risk. It is highly recommended to remove Green AV upon detection.
Get rid of Green AV
Green AV is a Rogue Antispyware software
How to manually remove Green AV
To remove Green AV spyware you must block Green AV sites, stop and remove processes, unregister DLL files, search and delete all other Green AV files and registry utility. Follow the Green AV detection and removal instructions below.
The most typical software removal method is to remove Green AV by using "Add or Remove Programs" service. However there may be hidden Green AV files, running processes and registries in your computer, so Green AV may recreate all other files after reboot.
Green AV manual removal instructions
Block Green AV sites:
green-av.com
green-av-pro.com
Read more how to block Green AV sites
Stop and remove Green AV processes:
wtds05.exe
wsav.exe
mwrdll.exe
rwg.exe
Read more how to kill Green AV processes
Locate and delete Green AV registry entries:
HKEY_CURRENT_USER\Software\GAV
HKEY_CLASSES_ROOT\AppID\{29256442-2C14-48CA-B756-3EE0F8BDC774}
HKEY_CLASSES_ROOT\AppID\WStech.DLL
HKEY_CLASSES_ROOT\CLSID\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}
HKEY_CLASSES_ROOT\Interface\{051C9A06-FB08-486F-B09B-8B33B261637D}
HKEY_CLASSES_ROOT\TypeLib\{512E801E-2F02-4ADE-ACAA-58F08A22B2F8}
HKEY_CLASSES_ROOT\WStech.WStechB
HKEY_CLASSES_ROOT\WStech.WStechB.1
HKEY_LOCAL_MACHINE\SOFTWARE\GAV
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LanmanServer\Shares\0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB} "NoExplorer"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "03874569874596"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "37465982736455"
Read more how to delete Green AV registry entries
Download RegistryBooster 2010 to scan errors caused by Green AV
Search and unregister Green AV DLL libraries:
WStech.dll
Read more how to unregister Green AV DLL files
Detect and delete other Green AV files:
c:\Documents and Settings\All Users\Application Data\gwr\
c:\Documents and Settings\All Users\Application Data\gwr\mwrdll.exe
c:\Documents and Settings\All Users\Application Data\gwr\rwg.exe
c:\Documents and Settings\All Users\Application Data\gwr\Viruses.dat
c:\Documents and Settings\All Users\Application Data\gwr\wsav.exe
c:\Documents and Settings\All Users\Application Data\gwr\WStech.dll
c:\Documents and Settings\All Users\Application Data\gwr\wtds05.exe
c:\Documents and Settings\All Users\Desktop\ Green AV .lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Green AV
c:\Documents and Settings\All Users\Start Menu\Programs\Green AV\ Green AV .lnk
We strongly recommend you to use spyware remover to track Green AV and automaticaly remove Green AV processes, registries and files as well as other spyware threats.
Green AV
Trackbacks
- Remove Eco Antivirus, Eco Anti virus removal help
- eco-av.com rogue antispyware website
- Remove Eco Antivirus 2010, EcoAntivirus 2010 removal help
August 28th, 2009 at 7:31 pm
I think i did it!!!! I think I deleted Green AV!!!! Go to the task manager!! ( ctrl+alt+delete) on the process tab scroll down to gav.exe ( as stated on this web site) right click to see properties, file location. etc. go to file location. NOTE: YOU MUST GO TO THE FILE LOCATION FIRST OR YOU MIGHT NOT BE ABLE TO FIND IT AFTER!!! Bring up the task manager again. Right click on gav.exe and DELETE IT!!! Now bring up the file location again and delete the entire GAV folder ( It’ll go to the recycle bin) Go to the recycle bin and right click on that same folder and DELETE IT!!! and GONE!!!!!!!!!!!!
(If theirs no gav.exe on your computer you can try right clicking on all of the programs one by one to find the right program. This removal method would probably work with other malicious programs). I hav’nt yet restarted my computer yet but all pop ups and green AV files are gone. I could’nt wait to post this!!!
Reply
arciaga arjay Reply:
September 5th, 2009 at 11:31 pm
thanks for the help man it worked perfectly
Reply
kathy Reply:
September 12th, 2009 at 6:23 pm
I cannot find the GAV or Greenav anywhere on my computer. If I right click on the processes that aren’t named these, how will I know it is the green av process. Please help
Reply
Cassandra Reply:
September 20th, 2009 at 10:40 am
Mine was gra, not gav.
Reply
brittney Reply:
September 24th, 2009 at 9:49 pm
i cant find it on here to get it off my laptop someone help me please
Reply
Luciana Reply:
September 24th, 2009 at 10:32 pm
If you can’t find the malicious files manually, run an antispyware in safe mode, it will do the job for you.
Charles Reply:
September 12th, 2009 at 8:10 pm
i dont have any gav.exe anywhere. pls HELP me
Reply
Cassandra Reply:
September 20th, 2009 at 10:14 am
Dear Rober, Will you marry me?
Reply
jarvis Reply:
October 18th, 2009 at 12:58 am
mine was in (windows task manager) then (applications).
Reply
August 28th, 2009 at 7:54 pm
This is Robert again, I restarted my computer and green AV is definitly gone!!!!
Reply
Robert H Reply:
January 5th, 2010 at 4:40 pm
OMG i cant seem to find “documents and settings”
is it located on the windows vista?
Reply
August 29th, 2009 at 7:45 am
The problem is I can’t get to this website on the computer that has the green av. it has blocked it. And I can’t get to the add/remove programs place because it has deleted the shortcuts.
Reply
August 29th, 2009 at 9:55 am
I am going to try this! I really hope this removes Green AV. I most certainly am noticing it weakening my System!
Reply
August 29th, 2009 at 11:36 pm
it says that i have to buy the spyware for the viruses to be deleted
Reply
Luciana Reply:
August 30th, 2009 at 10:49 pm
Don’t purchase Green AV! It’s a hoax; it won’t remove any viruses and you won’t get a refund. The good thing is that viruses reported by GreenAV are not real. Anyway, I bet Green AV is annoying and you don’t want to keep it. Use the manual removal guide to deal with this infection.
Reply
August 30th, 2009 at 10:36 am
Thanks Robert it worked!
Reply
August 31st, 2009 at 3:47 pm
Renee, you did it!!! I feel good to help someone!!! Now, for the others. The virus alerts are fake you don’t have to buy anything. No need to go to their website. Going to their web site is like going to a drug dealers house to resolve an addiction problem. Now, Before following the instructions left above, Its’s assumed that you allready tried uninstalling the green av program by clicking the start button at your screens lower left, going to programs ( NOT add or remove programs) . right clicking on the folder and deleting it. Now after this you’ll go to the hidden folder that you can’t seem to find. Follow the above instruction I left.
Reply
September 7th, 2009 at 7:01 am
Yes i removed it !!!!!!!!!!!!!!!! thank u robert u helped so much may god bless u
Reply
September 7th, 2009 at 7:18 am
OK I tried to follow your directions but when it came to deleting the folder it said “you need permission to perform this action” Ahhhh this is driving me nuts. I’m not a computer genius so this is very difficult! ANy help would be appreciated.
Thanks!
Jenn
Reply
September 8th, 2009 at 7:16 am
I removed it from my computer system but it didn’t pop when I log back in. However when I am browsing the web (FireFox) a warning comes up and it directs me to purchase GreenAV. I just don’t get it. It seems like it has hijacked my browser.
Reply
Luciana Reply:
September 8th, 2009 at 10:34 pm
Apparently you hadn’t deleted all the files installed by Green AV. Follow the manual removal guide step by step and make sure you remove each item related to this malware.
Reply
September 8th, 2009 at 6:00 pm
yes hello am trying to find it on the process but i can find it there !!!greenav2009.exe
gav.exe help me!!!
Reply
September 9th, 2009 at 4:06 pm
to Judith I just unistalled this and the proccess is now called GAV.exe show all process and then disable it. I could not find the registry but since I found gav.exe I did see that there so I will get deleted. its now removed even with out reg edit.
Reply
September 9th, 2009 at 4:09 pm
okay that was dumb Gav.exe we all know is the process but you need to find the files and delete them. What I did was search for green then back tracked the file and deleted the folder all the way file by file. I had problems but found all files I need to delete in the process area. Now I’m safe for the day woot.
Reply
September 9th, 2009 at 7:42 pm
Hi again. To jennifer, first go to the task manager (ctrl+alt+delete) go to the process tab, right click on the gav.exe then FIRST CLICK FILE LOCATION (important) to find the file location . minimize to tray. Right click again on the gav.exe ON THE PROCESS TAB, click delete. NOW go back to the file location ( maximize to screen) right click on the gav FOLDER ( by back spacing on the file location browser)and click delete. next go to the recycle bin right click on the gav.exe and delete. To Judith, try right clicking on each program on the process tab one by one to find the FILE LOCATION on the file location of that program double click on the program it sent you to to see what pops up. if it’s the green av or green av2009 etc. you found it!! go back to the task manager process tab to delete etc. To callie, all ACTIVE programs should show on the task manager process tab list. try doing what I left judith to do. To jennifer. follow instructions on reply 7 first above then reply 1 second. This green av drove me nuts too. I really want to help. I’ts my duty
Reply
September 12th, 2009 at 10:17 am
I cant locate the green av files to block/delete/remove…. I need help!!
Reply
Luciana Reply:
September 13th, 2009 at 11:49 pm
Run anti-spyware scan instead of looking for the files manually. This way is easier if you have problems deleting the malware on your own.
Reply
Cassandra Reply:
September 20th, 2009 at 10:43 am
This is how I was able to do it. I ran Norton first. Norton identified the names and locations then I ended the process in task manager and manually deleted the folder.
Reply
September 13th, 2009 at 3:14 pm
I didn’t see gav.exe in the process tab what will I do…Please help
Reply
September 13th, 2009 at 5:17 pm
I am at the process tab in the task manager but I can’t tell which of these programs is the green av file. how do i tell?
Reply
September 14th, 2009 at 11:54 am
i coudnt find it at all. its so frustrating.
Reply
September 16th, 2009 at 2:58 am
I have Norton anti virus, will that find the green av files?
Reply
Luciana Reply:
September 16th, 2009 at 3:51 am
Norton may help, but I wouldn’t place bet on that. Antivirus tools are not meant to deal with infections like Green AV, you need anti-spyware for that.
Reply
September 17th, 2009 at 9:32 am
Hi Robert, thanks for your help. I used an antivirus to uninstall most of greenav, but must have some files lingering because I often get a fake “malicious site warning” while browsing the internet.
I’m using Firefox, and I have no gav.exe or greenav.exe processes in my task manager. When I right click on any of the processes, I don’t get the “view file location” option (I get only these options: End Process, End Process Tree, Debug, Set Priority). I thought of searching my system for each process in turn, but at >5min per search, and over 50 apps running, it’s taking forever. Any suggestions?
Reply
Luciana Reply:
September 17th, 2009 at 10:54 pm
Boot your computer in safe mode and then use the manual removal guide.
Reply
diane Reply:
September 18th, 2009 at 10:32 am
I’ve tried the manual guide, but I encounter these problems:
1. the processes “greenav2009.exe” and “gav.exe” don’t exist in my task manager
2. I can get as far as “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\”, but “Green AV” is not an option to uninstall
3. The files “greenav2009.exe” and “gav.exe” don’t exist on my machine (or at least I’ve been unable to find them)
I suspect the files are there but are named something else. Any other tips?
Reply
yaya Reply:
September 20th, 2009 at 8:07 pm
green av keeps poping up i tryed what robert said but when i go to my task manager then to the processes the website doesnt show cuz cuz i deleted it from the folder but its on mine bottom left colomun where the battery meter is plz i need help what should i do
Reply
September 18th, 2009 at 11:27 pm
Hi, This is Robert again. To everyone that can’t solve this green av problem. Maybe some computers get hit differently than others and like for diane, maybe the options when right clicking are different just as well. hmn?
I don’t think green av is an actual virus. It seems to be an anoying misleading program. Anyway good luck to all.
Reply
September 21st, 2009 at 10:07 am
Here we go….i have windows vista on a dell laptop. this is EXACTLY what I did using much of the info from this sight. I searched for “wtds05″(listed as one of the Green AV processes above.) It came up! I right clicked it to find the pathway. The pathway was “c:/programdata/gwr/wtds05.exe. I deleted wtds05. I then entered the pathfile into search. gwr appeared. I right clicked and chose explore. Then I right clicked on each file/folder that appeared and deleted, (mrwdll.exe, rwg, viruses.dat, wsav, wsn, WStech.dll.) When i tried to delete “grw” it said that i needed permission from windows to proceed. I gave it permission, but it said I did not have permission so it appeared I was unable to delete the final file “grw.” I restarted my computer and there is no sign of Green AV!! I’ve searched for each of these components and there is no sign of them. Good luck!
Reply
September 21st, 2009 at 11:24 am
I went though the whole nine yards following everything that the website said to do and to no avail I was back to where I started. I went to task manager like Robert said and recognized rwg.exe as something I had to delete earlier. So that was the name of my little bundle of joy I suppose. I located the file and was not able to delete the folder. Imagine me not having permission to my own computer. Anywho I opened the folder and deleted all the files inside of it and emptied the Recycle Bin. I went back to Task Manager and stopped the process. I went back to the folder and was then able to delete it and emptied the Recycle bin again. Thank God and thanks Robert!!!!
Reply
judy Reply:
October 5th, 2009 at 5:09 pm
Thank you SMH and robert it took me a while but i finally found it under rwg.exe also and had the same problem as smh but followed your directions and it WORKED.
Reply
September 22nd, 2009 at 4:22 pm
Friend had this on her Windows Vista. The subdirectory was hidden – seemed to take care of things when I ran through all of the steps.
Reply
September 25th, 2009 at 5:41 pm
Hi, This is Robert again. It’s been a month now since I deleted green av and It never came back. It feels good to have helped out some people get rid of this green av problem. God Bless
Reply
September 26th, 2009 at 2:44 pm
Please help. I did all the steps above and I seemed to get rid of it. I can’t find the icons anywhere. But when I go to websites I still get the infected website warning. So I purchased the anti spyware program above and it still does the same thing. Is there anything else I can do?
Reply
September 26th, 2009 at 8:15 pm
I think i got rid of Green av off of my computer. But when i go to any website, it sometimes says fake “malicious site warning” while browsing the internet. Sorta like Dianes problem. I need help getting rid of this.
Please help if u know how to resolve this problem. Thank you~
Reply
Luciana Reply:
September 27th, 2009 at 11:29 pm
Make sure that all files and registry entries related to Green AV are gone. The alert may be displayed by adware or trojan instead of the original GreenAV infection. Run antispyware tools to delete all the infections.
Reply
October 11th, 2009 at 12:35 pm
I can’t find gav or gra or whatever on my windows task manager. what do i do now?! HELPPPPPPPP
Reply
DAWN Reply:
October 12th, 2009 at 3:08 pm
Hi Manuela. In your start menu, click search. Do a search for one of the Green Av process listed here: wtds05.exe, wsav.exe, mwrdll.exe, rwg.exe. I searched for “wtds05″(listed as one of the Green AV processes above.) It came up! I right clicked and clicked properties. This gave me the exact pathway where the Green AV processes were. The pathway was “c:/programdata/gwr/wtds05.exe. I deleted the file wtds05. I then entered the pathfile “c:/programdata/gwr/wtds05.exe” into search. gwr appeared. I right clicked gwr and chose explore. Then I right clicked on each file/folder that appeared and deleted, (mrwdll.exe, rwg, viruses.dat, wsav, wsn, WStech.dll.) When i tried to delete “grw” it said that i needed permission from windows to proceed. I gave it permission, but it said I did not have permission so it appeared I was unable to delete the final file “grw.” I restarted my computer and there is no sign of Green AV!!
Reply
October 14th, 2009 at 1:23 pm
THANK YOU OH SO MUCH!!! i got rid of this within like 15min. i had green av in my computer for almost 2 months now.. now i finally got a way to get rid of it!! thanks to you!! and i’ve noticed an improvement in my computer speed.. it seems faster. and also my internet doesn’t seem to lag like it was with green av in my computer!! =D
Reply
October 21st, 2009 at 12:12 pm
Hey just go to task manager and wait at applications and when one of it windows appears like security fake page comes up right click it and scrool to go to process and it will take you to process page and the one that is high lighted is the file and just click end process
Reply
October 28th, 2009 at 1:30 pm
I have Windows Vista and it may be under this file:
msra.exe thats the one mine was under!
Reply
January 30th, 2010 at 1:17 pm
OMG! Thanks! I think I got it off!
Reply