Home » News » Rogue Antispyware » Remove Green AV, GreenAV removal help

Remove Green AV, GreenAV removal help

By Luciana on August 28, 2009 | Rogue Antispyware, Green AV, GreenAV, Green Antivirus 2009 Remove Green AV, GreenAV removal help

Green AV is an updated version of Green Antivirus 2009 fraud. GreenAV presents itself as virus remover while it’s actually a poorly disguised computer infection.

Green AV is installed by trojans and it may download additional malware or make the system vulnerable to future infections. Once it gets on board a computer, GreenAV starts generating fabricated security alerts. The misleading warnings are meant to trick users into buying full version of the program. Do not trust messages displayed by Green AV! The paid version doesn’t exist and there’s no chance to get a refund since GreenAV is a scam.

Green AV websites

green-av.com
green-av-pro.com Learn how to block rogue websites

New processes created

wtds05.exe
wsav.exe
mwrdll.exe
rwg.exe Learn how to remove malicious processes

New Green AV registry entries created

HKEY_CURRENT_USER\Software\GAV
HKEY_CLASSES_ROOT\AppID\{29256442-2C14-48CA-B756-3EE0F8BDC774}
HKEY_CLASSES_ROOT\AppID\WStech.DLL
HKEY_CLASSES_ROOT\CLSID\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}
HKEY_CLASSES_ROOT\Interface\{051C9A06-FB08-486F-B09B-8B33B261637D}
HKEY_CLASSES_ROOT\TypeLib\{512E801E-2F02-4ADE-ACAA-58F08A22B2F8}
HKEY_CLASSES_ROOT\WStech.WStechB
HKEY_CLASSES_ROOT\WStech.WStechB.1
HKEY_LOCAL_MACHINE\SOFTWARE\GAV
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LanmanServer\Shares\0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB} "NoExplorer"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "03874569874596"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "37465982736455" Download RegistryBooster 2010 to scan your registry errors
Learn how to remove malicious registry entries

New files and directories created

c:\Documents and Settings\All Users\Application Data\gwr\
c:\Documents and Settings\All Users\Application Data\gwr\mwrdll.exe
c:\Documents and Settings\All Users\Application Data\gwr\rwg.exe
c:\Documents and Settings\All Users\Application Data\gwr\Viruses.dat
c:\Documents and Settings\All Users\Application Data\gwr\wsav.exe
c:\Documents and Settings\All Users\Application Data\gwr\WStech.dll
c:\Documents and Settings\All Users\Application Data\gwr\wtds05.exe
c:\Documents and Settings\All Users\Desktop\ Green AV .lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Green AV
c:\Documents and Settings\All Users\Start Menu\Programs\Green AV\ Green AV .lnk Learn how to unregister malicious DLL files

How to remove Green AV

To remove Green AV manually you must block rogue Green AV related websites, remove malicious processes and registry entries, unregister dlls and delete all malicious Green AV files from your computer.
Please note: cleaning your computer is a difficult and dangerous task, manually editing registry entries and removing processes and files may cause serious damage to your system. We strongly recommend scanning your computer with one of the legitimate antispyware scanners.

Scan your computer

More Rogue Antispyware news

Remove Malware Protection Center fraud

Remove Malware Protection Center fraud

Malware Protection Center is designed to look like a decent security program but the looks are deceiving. The tool is actually malicious and fraudulent. If Malware Protection Center reports "infections" on a screen of your PC, it’s Malware Protection Center itself that should be deleted with no hesitation.Malware Protection Center is quite pesky as it loads enormous amounts of counterfeit security alerts. Read more.


News categories

Latest news