Jump to content

Utility Nukes Windows Genuine Advantage Callbacks


Marsden11

Recommended Posts

A private security company has found a way to nuke the controversial callback component in Microsoft's Windows Genuine Advantage anti-piracy tool.Firewall Leak Tester, a company that provides tools to test the quality of personal firewall software, has released a utility called RemoveWGA that blocks Microsoft from "phoning home" from Windows PCs on a daily basis."Once the WGA Notification tool has checked your OS and has confirmed you had a legit copy, there is no decent point or reason to check it again and again every boot," the company said in a note explaining its motive for releasing the tool.The WGA tool, which is a mandatory part of the Redmond, Wash., software maker's battle to curb Windows piracy, includes two separate components: WGA validation and WGA notifications. Validation determines whether the copy of Windows installed is pirated or not, and Notifications is set up to nag users whom Microsoft believes are not running "genuine Windows" and "suggest" where they can "learn more about the benefits of using genuine Windows software."However, Notifications has been "phoning home" to Microsoft's servers on a daily basis, and Windows users are up in arms over potential privacy and security risks. Microsoft insists the callbacks are a ""safety check" to ensure that WGA can be terminated quickly if things went amok, but this was never communicated to users until the week of June 4.On June 8, Microsoft announced plans to tweak the WGA to only check for a new settings file every 14 days.
www.eweek.com
Link to comment
Share on other sites

It seems the site hosting RemoveWGA is down for maintenance. However, long ago I found my own way to "nuke" WGA (needs XP Pro):1. Go to Tools>Folder Options in Windows Explorer and on the View tab unselect "Use simple file sharing".2. Go to C:\Windows\System32 and highlight WGATray.exe and WGALogon.dll. Right-click and select Properties.3. Under the Security tab click Advanced and unselect "Inherit...". Click Copy on the dialog that comes up.4. For every user, uncheck the Read & Execute permission, but leave everything else.5. Go to C:\Windows\system32\dllcache and repeat steps 2-4 for the WgaTray.exe and WgaLogon.dll there.6. Reboot. No more WGA! :DWhen you reboot, you can now delete those files if you want (though set automatic updates to notify beforehand so it doesn't come back) and/or re-enable Simple File Sharing.

Edited by mvent2
Link to comment
Share on other sites

Guest LilBambi

Yep ... it works. Corrine posted this info last week from WildersSecurity Forum in Security and Networking topic about WGA Notifications.

Link to comment
Share on other sites

I think we are breaking forum rules here...

Do not post any information, or link to any site that contains information, intended to violate the Terms of Service or End User License Agreement of any service, product, or application.
Link to comment
Share on other sites

I think we are breaking forum rules here...
The author specifically states about his tool:
RemoveWGA only remove the notification part, phoning home, and does not touch the Validation part.
http://www.firewallleaktester.com/removewga.htmWe are not discussing -- nor will we discuss -- how to update pirated versions of any software or how to remove the MS validation. Notification is quite another issue. In fact, similar discussions on this topic have occurred among MVP's in private locations "in front of MS employees". Highly respected owner of Calendar of Updates and an MVP, Donna Buenaventura, comments about it here: http://msmvps.com/blogs/donna/archive/2006/06/19/101842.aspxI also noted that the link to the removal tool has been added to COU. See Donna's post here.
Link to comment
Share on other sites

...or just don't install the WGA junk in the first place.
This can be a problem for people who don't know the dangers of the "recommended" automatic update setting, or for Joe and Mary PC user who think this update is beneficial and will give them "peace of mind" about their copy. :)
Link to comment
Share on other sites

Guest LilBambi

I thought there would be more time before they pulled that stunt.Well, I saw it coming and took care of that little problem. I am using Linux 98% of the time now.I don't even use Intuit's products because of this type of behavior. :teehee:

Link to comment
Share on other sites

Intuit does not do that anymore... they tried it and it backfired in their face and they gave it up. So in retaliation, you have thrown the baby out with the bath water...

Link to comment
Share on other sites

Guest LilBambi

Not at all ... thanks to Intuit, I found other products that cost less and do a great job and so I never needed to go back to Intuit.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...