Home » News » Rogue Antispyware » Remove Green AV, GreenAV removal help

Remove Green AV, GreenAV removal help

By Luciana on August 28, 2009 | Rogue Antispyware, Green AV, GreenAV, Green Antivirus 2009 Remove Green AV, GreenAV removal help

Green AV is an updated version of Green Antivirus 2009 fraud. GreenAV presents itself as virus remover while it’s actually a poorly disguised computer infection.

Green AV is installed by trojans and it may download additional malware or make the system vulnerable to future infections. Once it gets on board a computer, GreenAV starts generating fabricated security alerts. The misleading warnings are meant to trick users into buying full version of the program. Do not trust messages displayed by Green AV! The paid version doesn’t exist and there’s no chance to get a refund since GreenAV is a scam.

Green AV websites

green-av.com
green-av-pro.com Learn how to block rogue websites

New processes created

wtds05.exe
wsav.exe
mwrdll.exe
rwg.exe Learn how to remove malicious processes

New Green AV registry entries created

HKEY_CURRENT_USER\Software\GAV
HKEY_CLASSES_ROOT\AppID\{29256442-2C14-48CA-B756-3EE0F8BDC774}
HKEY_CLASSES_ROOT\AppID\WStech.DLL
HKEY_CLASSES_ROOT\CLSID\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}
HKEY_CLASSES_ROOT\Interface\{051C9A06-FB08-486F-B09B-8B33B261637D}
HKEY_CLASSES_ROOT\TypeLib\{512E801E-2F02-4ADE-ACAA-58F08A22B2F8}
HKEY_CLASSES_ROOT\WStech.WStechB
HKEY_CLASSES_ROOT\WStech.WStechB.1
HKEY_LOCAL_MACHINE\SOFTWARE\GAV
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LanmanServer\Shares\0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB} "NoExplorer"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "03874569874596"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "37465982736455" Download RegistryBooster 2010 to scan your registry errors
Learn how to remove malicious registry entries

New files and directories created

c:\Documents and Settings\All Users\Application Data\gwr\
c:\Documents and Settings\All Users\Application Data\gwr\mwrdll.exe
c:\Documents and Settings\All Users\Application Data\gwr\rwg.exe
c:\Documents and Settings\All Users\Application Data\gwr\Viruses.dat
c:\Documents and Settings\All Users\Application Data\gwr\wsav.exe
c:\Documents and Settings\All Users\Application Data\gwr\WStech.dll
c:\Documents and Settings\All Users\Application Data\gwr\wtds05.exe
c:\Documents and Settings\All Users\Desktop\ Green AV .lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Green AV
c:\Documents and Settings\All Users\Start Menu\Programs\Green AV\ Green AV .lnk Learn how to unregister malicious DLL files

How to remove Green AV

To remove Green AV manually you must block rogue Green AV related websites, remove malicious processes and registry entries, unregister dlls and delete all malicious Green AV files from your computer.
Please note: cleaning your computer is a difficult and dangerous task, manually editing registry entries and removing processes and files may cause serious damage to your system. We strongly recommend scanning your computer with one of the legitimate antispyware scanners.

Scan your computer

More Rogue Antispyware news

Remove Win7 AV, Win7 AV removal

Remove Win7 AV, Win7 AV removal

Win7 AV is the latest rogue application promoted on win7av.com website. It should be avoided because the program is malicious and fraudulent as brower hijacker. Malware spreads via trojan which comes to the system through its flaws. The parasite downloads and installs itself automatically without user’s knowledge and consent. Once active it starts to scan your computer and displays fabricated security alerts. Read more.


News categories

Latest news