PDA

View Full Version : That darned wgatray.exe!



MTDay
06-01-2006, 02:07
The latest abuse of it's legitimate users by Microsoft sees wgatray.exe "running hidden" at every startup, not sure if you can avoid installing http://support.microsoft.com/?kbid=905474 if it's not already been forced on you, but it CANNOT BE REMOVED.

Faced with two equally unsatisfactory options...

1. Allow Winlogon to lanch any hidden processes it wants to, potentially letting slip by some unwanted behaviour.

2. Not see this again (which presumably denies any further hidden process launches without prompting)

I do hope the next major version has the "may launch THIS process" function, in fact, with this objectionable behaviour of wgatray.exe, it would be nice to see a more effective resolution of his sooner.

The other option, of course, is to join the "dark side", and seek out hacking info to disable wgatray.exe - not quite what Microsoft intended with this ill-considered update.

TheTOM_SK
06-01-2006, 02:38
User can decide (for now), if he wants to instal it (when automatic updates are disabled).

Disable Non Genuine Windows Warning Messages: WGA Workarounds remove WGATray.exe. (http://labnol.blogspot.com/2006/04/workarounds-to-disable-non-genuine.html)

I did not instal it, because I see no reason running it in systray doing nothing, it is ridiculous.

wat0114
06-01-2006, 03:28
I did not instal it, because I see no reason running it in systray doing nothing, it is ridiculous.

Agreed :) I spent good money on three legit copies of XP for three pc's so I don't need some silly hidden process checking the lawfulness of my O/S for me. However, I know I was given no choice about installing it in order to download some recent MS patches for my machines. If my memory serves, it was a "new" version of WGA because the previous version was easily bypassed by those who don't have legit O/S's.

fadetoblack
06-01-2006, 04:09
Stupid M$ stuff. They think that if we have RAM they can eat it with useless stuff, though half of that memory consumption is for nothing...

minoka
06-01-2006, 04:41
I too had to let windows update install the new version of WGA, but NOT the wga notification tool which in turn apparently installs this wgatray...

garry
06-01-2006, 05:48
u can remove it with "hijack this"

look down the list for WGALOGON.DLL, tick it then remove

FirePost
06-01-2006, 08:49
The Windows update site the other day stated that a new version "of the updater" was a critical update that would do all sorts of wonderful things. When I clicked the details though, it told me it was only the WGA tool that previously could be ignored. This was "hidden" under the details and obviously contradicted the "critical update" to the WindowsUpdate statement on the site.

Many of the useful tools or programs on the site required "Genuine Advantage" checks at that point. It is sad that not only does one need to activate the later Windows before use, (and one presumes authenticating it), but that regardless of the myriad checks already made they feel a need to deceitfully force a download to cover their own insecurities.

I am sure that Microsoft's market spiel is right and we all want to make sure repeatedly we are still running the same genuine Windows OS they checked already. Afterall, someone may have switched the OS when we were not looking.

wat0114
06-01-2006, 09:09
I am sure that Microsoft's market spiel is right and we all want to make sure repeatedly we are still running the same genuine Windows OS they checked already. Afterall, someone may have switched the OS when we were not looking.

:)

I suppose in Microsoft's defense, there are some pirated corporate versions floating around that don't require activation, so the WGA checks for legitimacy before allowing downloading of updates. But I do agree that it is annoying for those of us who paid for legit versions to get "checked up on" every time we need updates.

mozart
06-01-2006, 10:36
I also installed it and since doing so get several times a day OP alerts about some components being changed. This all relates to windows\system32 and so far only for some .dll (like atl.dll or mpr.dll)
Is this normal and how many more times will these changes appear?

wat0114
06-01-2006, 14:49
I also installed it and since doing so get several times a day OP alerts about some components being changed. This all relates to windows\system32 and so far only for some .dll (like atl.dll or mpr.dll)
Is this normal and how many more times will these changes appear?

Hi mozart,

there are many threads on Component Control in this forum. Hopefully this one http://outpostfirewall.com/forum/showthread.php?t=16580&highlight=component+control can clarify the feature for you.

MTDay
06-03-2006, 00:47
Thanks for the hijackthis tip... got rid of it so effectively that autoupdate tried to push this on me again, unable to make it go away (in download and then ask me mode), but went to the windowsupdate site, unchecked the update and then it did let me check "don't show me again", with dire warnings about refusing a critical update.

If those warned about being non-legit can silence it until the next update (defeats the point, as Joe Bloggs fly by night computer shop could be long gone), then surely legitimate users should not have an unneccessary task added to every startup.

It's worse than "every update", it is every startup that this new Microsoft warezcop checks up on you - and I know my system is legit, it's an OEM supermarket jobbie - Aldi / Medion (never thought I'd sink that low, but the price was good for the spec, better than what I could build, but I'd have built better).

MichaelJH
06-16-2006, 10:34
Just received a newletter, Windows Secrets, by Brian Livingston, that defines the WGA being forced on everyone as spyware.

Scroll down for the article, very interesting and disturbing info.

http://www.WindowsSecrets.com/comp/060615

wat0114
06-17-2006, 05:06
From the article:

"...A separate WGA Notification Tool is also downloaded. This program does not contact Microsoft's server, but merely displays warnings on a user's PC if a Genuine Advantage test is failed for whatever reason. After clicking several links in the manual download process, Berlind found only a vague explanation of WGA through what he calls a "circuitous route."

2. Transmits data to a central computer. The WGA Validation Tool contacts a Microsoft server every time a PC is booted up and every 24 hours after that."


Now I'm baffled :confused: Up 'til now, I have been under the impression that it is the Notification tool that contacts MS headquarters every bootup and 24 hrs, not the Validation tool?? If the article's information is true, this is even worse because the WGA Validation tool is required to get updates, at least without having to go to the Windows Download site.

BTW, how does it phone home? Is it using the svchost process to do so, because I don't ever get any warnings from Outpost regarding anything WGA or remotely related trying to connect out on the Internet?.

dissident
06-17-2006, 06:28
some of these copy protection schemes make me want to start pirating again. A good example is the game F.E.A.R. ... I feel I should be able to play the game without the CD in the drive out of the box, not jump through the hoops of having to download daemon tools, curerom, making a backup image, and still having it fail to start half the time. Do they actually think this stops the hardcore pirates from pirating? Most of the "pirated" versions on bittorrent are already cracked to eliminate this garbage.

You will never eliminate all pirates... don't make your paying users jump through hoops because of it. One system I've grown attached to is steam... no cds, can download all the games, etc. Logging in is no big deal. Another pet peeve of mine is game makers shipping games on CD's... this isn't 1995 anymore.. I don't need 6 discs to insert. If a user doesn't have a DVD rom drive, they shouldn't be gaming. Slightly off topic rant off. :)

Windows isn't winning any awards either with this new wgacheck nonsense. The only thing stopping potentially "hidden" programs from installing and accessing the internet without permission now is a good firewall. :)

MTDay
06-17-2006, 08:30
"Update tuesday" tried to sneak the darned thing in again, had to repeat the "do not show", personally, I don't care if it checks daily (windowsupdate seems to) , but its just another bit of nuisanceware. I'm no fan of the way the new ATI catalyst control centre works either, too much cack at startup.

Continuing the off-topicness, any system powerful enough to run current games can probably be assumed to have a DVD reading drive, be it DVD-ROM, Combo or DVD+/-RW.

hayc59
06-18-2006, 06:12
RemoveWGA v1.01 Released
Guillaume Kaddouch (gkweb)
ChangeLog

Added version information in the title of the popup
Added the command line parameter "-silent" to popup only if the WGA notification tool is found to be active

More Info: RemoveWGA (http://www.firewallleaktester.com/removewga.htm)

wat0114
06-18-2006, 06:51
Thank you hayc59. So it is, as I thought, the Notification tool that phones home and not the Validation tool.

Paranoid2000
06-18-2006, 09:44
...I'm no fan of the way the new ATI catalyst control centre works either, too much cack at startup.Going OT on another track, there are third party alternatives like the Omega drivers (http://www.omegadrivers.net/) which avoid having to have the CCC.

hayc59
06-18-2006, 16:18
Thank you hayc59. So it is, as I thought, the Notification tool that phones home and not the Validation tool.
Your welcome and removed all remints of the little
gremlin :D

MichaelJH
06-19-2006, 10:04
Thanks for the link to RemoveWGA, hayc59.

I had used HijackThis to remove the 2 startups, and running RemoveWGA showed it not active on my system.

minoka
06-27-2006, 11:27
Msft have just released a KB article on how to disable or uninstall Windows Genuine Advantage Notifications
http://support.microsoft.com/?scid=kb;en-us;921914

TLis
06-27-2006, 21:10
Yes, but these instructions concern the pilot release only, not the general release.

minoka
06-27-2006, 21:34
This article is somewhat confusing, it does say, for instance
"To safely and easily uninstall the pilot version, you must install the general release version of WGA Notifications. If you do not install this version, you can follow the steps in this article to disable or uninstall the pilot version."

hayc59
06-30-2006, 13:29
RemoveWGA v1.1 Released by Guillaume Kaddouch (gkweb)
See here:
http://outpostfirewall.com/forum/showthread.php?p=127770#post127770

http://i5.tinypic.com/169ry8i.gif

**Works oh so well :D

CharlyAR
07-01-2006, 10:04
Bah, just remove it and disable any future installation through updates: http://support.microsoft.com/kb/921914

mantrasiva
07-29-2006, 01:19
but if i remove it , can i perform automatic update?

Rickster100
07-29-2006, 01:29
but if i remove it , can i perform automatic update?

Hello,

Yep you should be fine. I usually set it up so that for Microsoft Updates its set for "Notify But Dont Automatically Download or Install" on my system. Then you can see what Microsoft "recommends" a user to install (OR NOT!). The WGA thing just shows you that you cant really trust Microsoft to install everything it recommends during their updates. The user really needs to make that choice... many users choose to switch off auto updates and do it manually.

Richie

mantrasiva
07-29-2006, 06:56
thanks

by the way i did notice that the WGA update(now i don't speak about wga notify ) doesn't to me upda automactly

i should update via explorer ,is normal?

CharlyAR
07-30-2006, 06:18
but if i remove it , can i perform automatic update?

Yes, it has nothing to do with the updates, is just an annoying program that installs itself in Windows.


thanks

by the way i did notice that the WGA update(now i don't speak about wga notify ) doesn't to me upda automactly

i should update via explorer ,is normal?

Yes. Because for MS is like an update for... errr... well, update. But WGA notify is a critical update :eek:

carioca
08-05-2006, 02:58
Take care of windows update - It maybe installs a hidden software to control you. I updated my windows a couple of days ago but fortunately I'm using agnitum outpost firewall and It blocked it at all. This was a software called "W Gatray.Exe". In my opinion, this a kind of trojan and Microsoft doesn't respect your privacy by acting like that. This software was made to check up if your windows is genuine. Thumbs down for Microsoft when acting like that. It's a shame! Thumbs up for Agnitum outpost firewall because accomplish what It promisses.
.:mad:

hayc59
08-05-2006, 03:15
carioca, hello
merged your post into an existing
thread on the subject matter

hayc59
08-05-2006, 03:21
=INFO ONLY=
RemoveWGA v.1.2 Released
http://www.outpostfirewall.com/forum/showthread.php?t=17650