Green AV Virus

September 1, 2009
aka: Green AV, GRA

Green AV Virus, also called Green Antivirus 2009, is a kind of rogue antivirus program that tells users that it gives a portion of every Green AV software sold to environmental causes. Unfortunately, this Green AV software is a bogus antivirus application and users who purchase this AV Green virus are at risk of exposing their credit card information to fraudsters.


The green av antivirus will cause a stream of pop ups in the computer that result in slower computer performance. The Green av virus windows can also be very annoying to users who may be disturbed by the av green virus pop ups and warnings removing green av ASAP is highly recommended.


There is a removal tool available from a third party site to help clean up this malware:

  • Removal tool
  • Manual Instructions

    Log into Windows Safe Mode. To get to safe mode reboot your computer and start pressing the F8 key repeatedly until the Safe Mode options screen appears. You want Safe Mode which is the first option, not Safe Mode with Networking.

    If any user id's how up select the Administrator, if not don't worry about it. Once safe mode is up Click on My Computer and open your C: drive. Click on Tools/Folder Options/View. Then click on Show Hidden Files and Folders.

    Green AV is normally located by navigating to the following directories: C:\Program Files\Documents and Settings\All Users\Application Data\GAV\gav.exe

    1. Delete gav.exe which is the executable module for the virus
    2. Delete mgrdll.exe this is the messenger for gav that keeps sending you the messges and popups
    3. Delete the folder GAV (just hit your back arrow one time to get back to folder Application Data then you will be able to see and delete folder GAV
    4. Right Click on your Recycle Bin and select Empty Recycle Bin or Double Click on your Recycle Bin and select Empty Recycle Bin

    Now reboot your system and you should be rid of the pesky virus

    Note: The "Green AV" can also be called "GRA" instead of the "GAV" mentioned above. So look for either GAV or GRA names.