W32.Winiga Description:

W32.Winiga, an obnoxious worm, is widely spread via mobile drives. The purpose of W32.Winiga is to steal the credit card data of the compromised PC. Once inside, W32.Winiga will generate some files on removable drives. It will also install some insecured files via the web site. W32.Winiga will modify Windows registry in order to keep itself running when the computer gets started. It also generates various registry keys as well. At the same time, W32.Winiga attempts to avoid system’s firewall via more registry keys and uses some command to alter firewall configurations. It is also capable of stealing other useful messages from instant messagers such as archive information, key strokes and profiles. Therefore, you need to detect and eliminate W32.Winiga from your workstation for the sake of your privacy and PC security.

How to Remove W32.Winiga Manually

Delete the associated registry files:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\”%System%\cmd.exe” = “RUNASADMIN”

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”AbGame” = “%SystemDrive%\Winis7\opera.exe”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\”AbGame” = “%SystemDrive%\Winis7\opera.exe”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\”AbGame” = “%SystemDrive%\Winis7\opera.exe”

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\”%SystemDrive%\Winis7\opera.exe”= “%SystemDrive%\Winis7\opera.exe:*:Enabled:Sudoku”

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\”%SystemDrive%\Winis7\opera.exe”= “%SystemDrive%\Winis7\opera.exe:*:Enabled:Sudoku”

Delete the associated files:

%SystemDrive%\Winis7\Data\sss.col

%DriveLetter%\new.exe

Please, note that manual removal of W32.Winiga Virus is a cumbersome procedure and could not always ensure a complete removal of W32.Winiga Virus, owing to the fact that some components may be hidden or might get reanimated automatically after unfinished removal. Furthermore, lack of the proper skills and even the slightest deviation from the removal tutorial may cause irreparable system instability. That’s why it’s strongly recommended automatic removal of W32.Winiga Virus, which can save your trouble and avoid any system malfunctions and guarantee the needed result.

Automatic W32.Winiga Virus Removal:

Step 2: Download the trusted W32.Winiga Automatic Remover, install the program and update its signature to the latest version. After that, reboot your machine in order to allow W32.Winiga Automatic Remover entirely functional. Repeat Step 1 into “Safe Mode with Networking” and start a Full Scan of your whole system so that W32.Winiga Automatic Remover can catch all hidden malware in your PC.

Tips: If you have difficulty installing the automatic remover, please download this correction script, unzip it and then double click to execute it. It can correct your registry configurations that the malware has altered. Then double click W32.Winiga Automatic Remover Setup file and complete the installation.

Step 3: After the Full Scan finishes, click on the detected malware to check that your important files are not contaminated and deleted by mistake. Ignore or select detected items and remove the malware. Reboot your machine and let W32.Winiga Automatic Remover remove all detected malware.