Green Antivirus 2009 ( FAKE CLIENT )

Remove Green Antivirus 2009

I just came across Green Antivirus 2009 the other day.  The main infection I came across was not the Green antivirus program but all the torjans that come down with it.  You most likely will notice that system restore as well as many other commands and the task manager are disabled.

There is a quick way around all this.  Boot into safe mode using F8 with networking and remover the following files.

Kill processes:  ( If you want a simple way to remove this then download and try Spyware Doctor with Antivirus )  This program worked for me when I use it.

  • greenav2009.exe
  • gav.exe
  • mgrdll.exe
  • Install[1].exe

Use the task manager to end these processes.  ( ctrl + alt + del ).  If your task manager is blocked by the virus then download process killer.  Remember you can always do a scan with www.removevirus.org/ to see if these file names have changed.

Delete registry values:

(  Editing the registry can cause system errors.  Ensure you only delete the correct files related to this virus.  Always backup the registry before making any changes.  RemoveVirus.org can not be held liable for any actions you take regarding the information on this site.  )

* HKEY_CURRENT_USER\software\avr lastd
* HKEY_CURRENT_USER\software\avr lastscan
* HKEY_CURRENT_USER\software\avr lastvfc
* HKEY_CURRENT_USER\software\avr virlist
* HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run advanced virus remover
* HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run advanced virus remover
* HKEY_CURRENT_USER\Software\AVR
* HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\CpMRU

Editing the registry can

Delete files:

  • C:\Programfiles\gav\  ( Delete all files in this section )  We need you help identifying these files so please take a second and write them down first and post a reply below so we can update this page.  If you get an error message stating that you can not remove the file because it is in use then you need to end that process first.

Delete directories:

  • C:\Programfiles\gav\

VISTA USERS:

Delete the directory and all files in

  • ProgramData\gav  (Thanks Gary)
Be Sociable, Share!