How to Remove “WGASETUP.EXE”

What is Wgasetup.exe?

Originally developed by Microsoft Corporation, Wgasetup.exe is a legitimate file process. This process is known as Windows Genuine Advantage Notification Setup and it belongs to Microsoft Genuine Advantage. It is located in C:\Windows\System32 by default. Wgasetup.exe virus is created when malware authors write virus files and name them after Wgasetup.exe with an aim to spread virus on the internet.

Affected Platform: Windows OS

How to check if your computer is infected with Wgasetup.exe malware?

If your system is affected by Wgasetup.exe malware, you will notice one or several of the symptoms below:

  • Wgasetup.exe occupies an unusually large CPU memory
  • Erratic internet connection
  • Your browser is bombarded with annoying popup ads
  • Computer screen freezes
  • PC's processing speed suffers
  • You are redirected to unknown websites

To pinpoint the virus file location, take the following steps:

Step 1: Press CTRL+ALT+DEL keys at once to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, you should run an antivirus scan to get rid of the malware.

How to remove Wgasetup.exe malware from system using Comodo Cleaning Essentials?

You can either choose to remove Wgasetup.exe and other malwares using Comodo Antivirus, or Comodo Cleaning Essentials (CCE) – both of which are absolutely free to download! CCE is a set of computer security tools designed to help you identify and remove malwares and unsafe processes from an infected computer.

To remove malwares using CCE, take the following steps:

1. Check the system requirements and download the feature-rich CCE suite for free.

2. After installation, choose the type of scan you want to perform. CCE offers 3 scan options to get rid of malwares from a PC:

  • Smart Scan: Does a scan on critical areas of your system.
  • Full Scan: Does a complete scan of your system.
  • Custom Scan: Does a scan only on selected items.

The process to initiate the above mentioned scans are self-explanatory and thus, easy-to-use. 
Additionally, it's recommended that you approve of any updates that the CCE will prompt you about to ensure it does a better job of identifying all the latest threats.

3. Click 'Next' to view the results.
Regardless of the type of scan you choose, the results will sometimes show false positive (flagging files that are actually safe), which has to be ignored. Only select the files you want to get rid of.

4. Click 'Apply' to apply the selected operations to the threats. The selected operations will be applied.

36

Malware Entries

First Seen: 07 March 2009 at 8:59 am
No. Company File Type SHA1 MD5 Malware
Name
Digitally
Signed
File
Version
Product
Version
Submitted
From
Malware Behavior
1 N/A Executable 027f20165ffc8b31
5706d64a22224d3b
7ca5025d
53a8d8d2d3d257b2
70852026f2c27621
Backdoor.Win
32.Poison.as
No N/A N/A Israel N/A
2 Microsoft Corporation Executable 7023d4c78b7679dd
b4fb30da44b420f9
b8f870e4
86c488c4852eb10b
6bdbdec5c44afbce
Virus.Win32.
Sality.gen
No 1.9.0012.0 1.9.0012.0 Turkey N/A
3 Microsoft Corporation Executable 16558187ddb80117
0570270825d533fd
3f88076d
027986130e1e95ff
17b1b84f351d6298
Virus.Win32.
Parite.~B
No 1.9.0040.0 1.9.0040.0 Indonesia N/A
4 N/A Executable 770e39c1be007e10
f391999cd0581a82
78d90cfc
02d0128c3ebfc57a
49e33bc3b08839b7
Unclassified
Malware
No N/A N/A Internal Submission N/A
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
39

Safe Entries

First Seen: 03 April 2009 at 7:00 pm
No. Company File Type SHA1 MD5 Digitally
Signed
File
Version
Product
Version
Submitted
From
1 Microsoft Corporation Executable ce61f4e43df841c6
0fd7b0dc24817fea
b2a1a982
5a2a6970d0953da6
8ac5ba489348d5e1
Yes 1.9.0012.0 1.9.0012.0 Denmark
2 Microsoft Corporation Executable 93b10d661f09bd34
c31a2140f166db2d
c44fba08
f993f4b18494b519
685f6a080297733b
Yes 1.9.0012.0 1.9.0012.0 Greece
3 Microsoft Corporation Executable 37bd641730e4a69a
830c1222b80ddae7
4a52cbcc
25b3c33381e0da1d
c5b51c3cef9f0ba4
Yes 1.9.0012.0 1.9.0012.0 Hong Kong
4 Microsoft Corporation Executable f1efaece98fbd175
00ae710484308d3e
0d1ac610
0d34ebae11dd33f8
61f6f101d4d63ef8
Yes 1.9.0012.0 1.9.0012.0 Internal Submission
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
 
Exclusive Offer
Get Free Endpoint Protection
Get Advanced
Endpoint
Protection

Award-Winning Security to Protect Your Clients from Cyber Attacks

Comodo Internet Security Pro

Antivirus Protection protection from hackers! Get the ultimate Antivirus solution to keep your PC clean and to remove viruses from a slow or infected PC. Improve the PC performance at home or use it on-the-go!

Get Comodo Internet Security Comodo Internet Security