How to remove Green AV ( Antivirus ) 2009 – Removal tips and tricks
Green AV 2009 or Green Antivirus 2009 is a fake anti-spyware software that instead to disinfect your computer, it infects it. This fake antivirus can be downloaded when searching for some common terms on Google, making use of Google Trends and other trend analytics.
The Green Antivirus 2009 creators state that they donate $2 from every sold software to protect the nature, though it’s only meant to convince people buy it. Green AV 2009 makes you think you are infected with other viruses in its attempt to convince you buy the software, though the scanning is fake and so are the alerts you see on the desktop.
So you should stay calm, because alerts of infection by Spyware.IEMonster and others are just fake.
Here is how to get rid of the Green AV 2009 ( after the image ):
Stop the process
Press the Start + R keys, then type “taskmgr” and press Enter. Find GreenAV2009.exe and gav.exe, select them and press “End Process”.
Delete the registry entry
Press Start + R, then type “regedit” and press Enter. Locate this registry entry “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Green Antivirus 2009″ and delete it. Be careful not to delete other entries by mistake because it may cause your computer to stop working.
Delete the Green Antivirus 2009 files
Find and delete the following files: greenav2009.exe, install[1].exe, gav.exe.
- THIS POST WAS WRITTEN BY:
- Alex Dumitru
Um, in the second step, I couldn’t find Green AV 2009. And in the third step, I couldn’t find the files.
Ley, I had the same trouble yesterday. Every site I went to echoed this article. I went into safe mode and searched for all files with dates within the last week cause I knew that was the time frame. Make sure when you search you include hidden files and folders. I found “gra.exe”. There was another related file and I apologize for not remembering the name exactly, but it is something like MRADLL.EXE. It had the same date as the executable. I also found a folder called GRA. Delete that too. If you have trouble email me. mikehaff@gmail.com.
I had the same problem. Out of nowhere it pops up say i have 44 or something viruses and it was saying Green AV. Searched and Searched and found nothing. I never went any further with it because couldn’t believe it since Mcafee hasn’t showed anything. But i can’t find anything on my computer that is associated with Green av or showed any of the programs listed above. I now have McAfee running again. If that say nothing then i dont know what to think.
I found that GRA file, but cant erase it ‘cuz my “acess is denied”…Someone please help
Jay
End the GRA process first then you will be able to delete it.
Nick, even though McAffee says nothing, you still need to get Green AV off of your system. Who knows what information it is recording.
I can’t get past the second step. Please help! It’s not there and i don’t know how to search hidden folders, or whatever. I don’t know what to do, but I need to get this off!
Adam, what operating system are you using? find me on yahoo IM, my id is “monte_carlo_1967″. If you don’t use yahoo, what do you use? email me at mikehaff@gmail.com.
Mike thanks so much i got rid of that damn thing.
Good information provided, I have helped several users delete Green AV in the past week. It’s easiest using automatic removal tools.
when i turn on my computer GREEN AV starts a fake scan. i deleted it out of my start and desktop, i aslo stopped it from running in my tskmg. but the second step finding the HKEY, i cant do. some one please help, this is a brand new computer. windows vista.
Mike,
I found the gra file, but I don’t have permission to delete it. How do I “end” the process?
I figured it out and got rid of the annoying thing. Thank you for all the postings, they were very helpful!
I did everything u said but in the unistall folder i couldnt find the green av thing but it still disapered from the bottom right of my screen by the clock. im not sure if it gonna stay off but how do i keep it off? can u email me at Noodleman007@msn.com i had troubles getting to this site cause the google search would only show it for a second then go to something else.
what i did was use the find tool in the cmd prop regedit find green av with gra.exe and the final one MRADLL.EXE just like mike said and they all went away
Mike,
Thank you so much for your suggestion. The pop-ups were driving me crazy. I successfully completed the 1st and the 3rd steps but was unable to complete the 2nd. I wonder if I’ll be fine with just the first and third steps. Please advise…
i can’t remove it i can’t find any of the files please help me
Here are the full instructions I used to get rid of it.
I can’t make any guarantees here because I’m using Windows XP. Hopefully the procedure would be similar. I can’t take any responsiblity for any resulting problems that occur if you follow my steps.
I’ve never used Vista. But hopefully it shouldn’t be a big deal. When you restart, you need to hold down the F8 key. At some point you will be prompted if you want to go into safe mode. You want safe mode without networking. Once you are in Windows safe mode, you need to search for EXE, search for modified files since the date that you last remember having a clean system. For instance I only searched for files in the last week cause I know that is when it started. Once you get a list, sort the window by data. GRA.exe might be back, if it is, note the date and delete it. Then look for a file that is SOMETHING like MRADLL.EXE. That was not the exact name but I cant remember exactly. It will have the same date as the GRA file.
Also, you may find a file on the same date that has a “pf” extension that has the letters GRA in it. If so delete it. Then search for GRA, and you will probably find a folder with that name. Delete it. Now when you restart, it should be gone.
If you have restarted and it appears to be gone, it would still be a good idea to download MALWAREBYTES. You can google it. Run it, it took almost an hour on my computer and found 16 malicious files that were probably unrelated to Green AV. Go ahead and delete files that it says are bad. Then make sure your antivirus software is up to date.
Now, if my procedure doesn’t work, you will need to either take it to an expert, or just be patient. This is fairly new, but I expect that within a few days, there will be several fixes available on the net. Keep an eye on the Malwarebytes website, they are pretty good at coming up with solutions to these malware problems quickly. Quite frankly, I’m surprised it has taken this long.
Good luck. Let me know what happens.
where do i search? in the registry? or just as if im searching for files?
Hi there: I am looking to write an article regarding the Green 2009 software debacle. I need some expert quotes. Would you be interested in quoting in my article? If so, please email me at samihartsfield@gmail.com.
Thanks,
Sami
anyone who have successfully remove the damn Green AV stuff, plz help me out, i’ve try all i can but still can’t get rid of it…can’t find anything about green Av 2009 on any of my file…how do i find all those hidden folder anyway and how do i suppose to know which file is hidden in which folder, too much to go one by one
plz contact me at:yang_nou_2@yahoo.com
Joy,
You are just searching for files.
I would like to make sure that everybody with whom I have been corresponding understands that I have no affiliation with SoftSailor.com. I came here the same way everyone else did looking for answers regarding Green AV. I just happened to get it figured out before a lot of other people. SoftSailor has no responsibility in regards to my posts.
That said, I’m glad that I had something to offer.
So I have tried pretty much all the suggestions listed here and on several other GReen AV help sites, and the program seems to have been removed from my computer. I am no longer getting those annoying fake scans or being sent to random website when I attempt to search the web. However, I am still unable to open up malwarebytes after I install it. I can get the program to begin scanning my computer but after like 3 or 4 seconds it shuts down and I cannot reopen it. It says something like “Windows cannot access the specific filepath, device, file. You may not have the appropiate permisson to access the the item.” Anyone out there have any suggestions on what to do?
Kyle,
The question would be best posted on the Malwarebytes website. They are quite responsive to issues with their software.
So I have done everything that has been suggested here (thank you – VERY helpful!) And it seems to have worked EXCEPT for on problem. At the top of all my webpages I have a pop up add that says ” Your system might be at risk, click here to protect your system with Green AV.” So obviously, its not all been removed. Do you have any suggestions on what else I should be looking for here? Please help!
Thank you!
Jessica
Jessica, what web browser are you using? It might be a registry issue. Download and run Ccleaner. It is free and very good.
Mike, I ran the Ccleaner but its still there. The browser I’m using is internet explorer. Any other suggestions? Thanks for all your help thusfar.
Jessica
Jessica,
I don’t know for sure. I recommend Firefox over IE anyway but that’s not what your asking. Make sure your browser is up to date. You already ran Malwarebytes?
Mike, I just ran malwarebytes and it is gone. Thank you so much for all the help. Obviously you have helped quite a few people. Many thanks!
Jessica
so i have download malwarebyes Anti-malware and got everything it find deleted. All the pop up stuff is all gone, but how am i be sure that I have gotten rid of everything involving Green AV…so am i’m doing the right thing deleting all those stuff which i’m not even sure what it is? anything else i should do afterward…i heard something like to run a clean up and update…if so where can i download it from?
thank you for your help mike! i was able to remove it using malware bytes and it’s gone
It says to press the start + R keys. I don’t have a start key. what is that?
Brian, im running adanced system care to try and find everything wrong. it says there are alot of problems with spyware. can i fix that with system care?
hey i ran malwarebyte’s anti and it says everthing is gone but the stupid green av logo still appears when i pull up windows security center. wth, can someone fill me in on that
now i can’t acsess safe mode or anything.when i reboot it goes to the desktop with no icons or start button. i guess i’m so screwed. lost all my summer pics. any ideas?
Hi Mike you are awesome with this stuff. I tried to get rid of all of the gav stuff. I found a gav folder in the registry editor should I get rid of that and when I do a search for gav i found this something ill but I cant get rid of it any suggestions?
I had the unpleasant experience yesterday in getting the Green AV virus. I thought I had gotten rid of it by downloading and running anti-malware, but I am still having one nasty problem. When I use internet explorer, I get a bar on the top of the page that says “Your system might be at risk, click here to protect your system with Green AV”. I’ve run malware bytes and restarted my computer several times and the problem persists. Further, when I use Internet Explorer, every 5 minutes or so, I get bumped out of the webpage I am on and get a “microsoft looking” page and message that indicates I am on an unreliable site (refers to phishing) and gives me the option to exit from the site or stay on the site–I haven’t clicked on either because the third option is titled “more information” and when I click on that, I get the ad to purchase Green AV.
I am currently on Fire Fox, but I have to use Internet explorer for online courses that I teach so I really need to get this fixed.
Another nasty little thing that happens is when I type in a search term on google like “what is green AV”, it takes me to a list of websites that make you think Green AV is a legitimate program. It is evil!
Chris
Norton has not caught this either. I use Internet explorer and I had to go to my other computer to search for a fix. My infected computer will not even let me search for a fix it just keeps bumping me to the buy it pages!
I have used spyware doctor, Norton and everything in Safe mode and regular and nothing seems to work! I have Vista. Don’t know if that is the problem. I was on with a “tech” from microsoft who took me through an hour of deleting files and still it does not work! It stil come up. I wonder if there is anyway we can boycott this company? Any other help will be appreciated. I will continue to look at this site and try again (8 hrs trying).
I’m having the same problem Chris is having. I downloaded Malwarebyets it removed the green av folders etc so they are no longer on my comp but I am getting that gold bar above any website I visit that states I have infected files download Green AV blah blah. It also messes with my google searches when I try to find a fix for it, showing me sites that promote it. My webpages also have to be refreshed after going blank for no reason.
I’m very frustrated. If anyone knows how to fix this problem, please be kind enough to post.
Funny thing, when i use IE, i never run into GAV2009. Its only when i use Firefox that i get stuck on that @#&%’n page that pretends to scan my system.
Spamers and Virus making twats should all be taken out and shot. Nothing but useless leeches of society.
Just had this problem myself. My computer has vista, and the files were in a hidden folder called gwr, and the processes that needed to be ended were called rwg.exe and mradll.exe, if that helps anybody.
Hi,
I’m trying to remove Green AV. I press start and R and get listings but neither GreenAV2009.exe or gav.exe are listed. Would appreciate any suggestions.
first go to control-alt-delete then pick TASKMASTER,when the screen comes up delete:AVGREEN
then go to FILE HIPPO
download AD-AWARE for free! and it will get rid of your problem and continue to get rid of your problem.
I am happy with AD-AWARE,all the rest of the programs said they were free and then they were not
Mike and Luke — thanks for the all the advice. I followed everything you said and it seems that my computer is GreenAV-free. Thanks again.
Ok, i couldn’t find the files that it says to find but I did find one and it was rwg.exe that one is the only file i could find to end in task manager, but now where do i find it to delete?