WGA - Removal Help from Microsoft

Don't get your hopes up! However, under pressure, Microsoft has posted a removal tool for the notifications part of Windows Genuine Advantage (WGA). It is for early versions of the tool and can be found here:

http://support.microsoft.com/kb/921914

Microsoft doesn't support the use of this and requires you to use it at your own risk.

I did not know if WGA had been installed on my computer or not. It is not listed in my add/remove programs or Windows Components. However, it appears in the programs list of Zone Alarm as being present under the name Microsoft Genuine Validation Diagnostic and in the description lists it as Windows Genuine Advantage. It was installed into an area of the computer which is not the normal place for a windows update to be installed or any other Windows program and the program has the name MGAdiag.exe, which stands not for Windows Genuine Advantage, but for Microsoft Genuine Advantage Diagnostic. Under AllUsers, there appears to be additionally an appearing/disappearing folder called OGA for Office Genuine Advantage. I expected it to appear in Windows Explorer today, because it appeared at exactly this time of day one week ago and I was looking for it. The last time I looked at it, it changed from a full color folder to a light-colored folder and then it disappeared altogether.

abri

 

As an additional note to the original post, when I pushed on properties for MGAdiag.exe, at the bottom of the properties window beneath the Attributes of "protected" and "hidden" is an extra entry next to the word "Security". Translated from German it reads "The file originates from another computer. Access has possibly been blocked for security reasons." There is an "Allow" button next to this, but it does not clarify if pushing this button will allow the program to function or if it will allow the blocking of this program to function.

Thanks.
abri

 

At this particular removal site, one of the instructions is to change the name %Windir%\system32\WgaLogon.dll to %Windir%\system32\WgaLogon.old

What is % ? Where is that in Windows Explorer? Or is it someplace else?
abri

 

um ... type it where? (I hate being ignorant ... it's an exercise in humilty, yes, that's it, humility)
abri

 

Hi Halo,
I studied my computer and read in different websites a bunch. I have a folder under C for WGA and another one for OGA. They're located under C:/Dok&Set/AllUsers/UserData. In each of these folders is a data.dat folder, one with 3 kb, the other with 4 kb, each with date of last change 22.6.2006. The OGA seems to be a version from March.
In a Tools folder I set up for Major Geeks, there's an .exe file called MGADiag.exe, which Zone Alarm describes as Window Genuine Advantage version 1.5.0530.2, indicating it's one of the early versions they are willing to let you deinstall.

When I go to Microsoft's website and look at what updates I have, both of these are listed as not being installed on my computer. They are not in either Add/Remove programs or Windows Components.

I'm wondering if these could be inactive remnants, but I don't remember having deinstalled them, and the only way I would have INstalled them was through this trick they use on the Shut-Down window. Also I don't find the files which need to be modified to "old" according to Microsoft's removal instructions. Those would be called WGATray.exe and WGALogon.dll.

I'm guessing that neither of these are active, but I wonder why they're in my computer at all. Any guesses?

The other question I have in this regard is that WGA seems to now be mandatory, if I understood what I was reading correctly, and if you don't have it in your computer, you cannot get updates. I think that refers to specific updates like for Windows Media Player, but not for the security updates. I haven't been able to figure that out yet.

Since I turned off my updates, my Shut-Down window went back to normal, removing the line Microsoft adds that they'll install your updates for you if you do a normal shut-down.

Thanks for your patience. I'm learning.
abri

 

What. Do they think people in a moment of boredom just change their OS every week? LOLOL!
The whole thing is too funny, but funniest, is that they are trying to use spam-tactics to convince people they want something they don't want. That's what spam is, isn't it?
lol
abri

 

Did you edit this thing while I was reading your link? Oh, there's your post. The article's great! And the worm they were talking about ... hehehe

But then seriously, do you think I could be dealing with a malicious virus posing itself as a worm? I will look into that.

abri

 

Here in a German article at the website of Silicon.de under
http://www.silicon.de/enid/cio/20342

...daneben kursieren Gerüchte, dass Microsoft ab September alle PCs, auf denen illegale Software erkannt wird, über einen Remote-Befehl heruntergefahren werden. Angeblich soll es zuvor eine 30-tägige Vorwarnfrist geben, die dem Anwender Zeit geben soll, ein legales XP zu erwerben. Von Microsoft gibt es dazu noch keine Stellungnahme.​

Roughly tranlated, ... rumors are circulating that starting in September Microsoft will use a Remote Command to shut down computers on which illegal software has been recognized. Allegedly a 30-day warning will be given beforehand to give the user time to get a legal copy. Microsoft offers no comment on this.
abri

 

Exactly.
I see LOTS of potential for problems, even though it's been their manner of going about it which I've found more condemning and offensive than anything else. I think at the base of all this is probably the fact that a company which has almost a monopoly is setting a price for their product and, if fighting piracy could generate as many jobs as they claim, then I have to think the price of the product is way too high. Just a thought.
abri

 

I don't use AOL or AIM, so if that's how it comes in, it's unlikely. What I just learned is that MGADiag.exe is a diagnostic tool to fix WGA when it doesn't install properly. hmmmm ...
abri

 

Microsoft will now start pushing it to users worldwide. All users of English, Spanish, French, German, Italian, Dutch and Brazilian Portuguese language versions of Windows XP will soon be offered the updated software, Microsoft said. While WGA Notifications won't "call home" to Microsoft, WGA Validation still periodically checks in with Microsoft, the software maker said.

So why do I already have some evidence of it in my computer? I'm sure I'm one of the guinea pigs. <squeals> They probably installed it and then when they got done testing, they deinstalled it. Maybe that's why my computer kept running and running in the background. I knew it had a sinister sound to it.

 

Would hiding the update be a way to allow the updates to continue to download without having that one included in the listing every time? Is that the sense of hiding it? Oh, and you're right, I have that .dll file.
abri

 

Updates ...
The last update I got was on the 30th of June. I only turned them off today. I will check this, however, I have to psyche myself up for a rejection by Microsoft.
abri

 

Imagine this ...
There's been a LAN pary going on behind me all day.
lolol
I'll try the validation. <prepares psyche>
Oh, I did this earlier today and I didn't push the continue button to validate, because it felt like I might be closing out an option I still have. I need a rest before I continue. I'm sorry I dragged you into this. It caught my attention and then kept it.
abri

 

Rummy? It's good I took a rest or I would have completely missed that, and your lovely humor would have been wasted! LOL (even though I also see the sense of your request.)
What I thought when I went to that page, is that if it asks for a validation check, then it is going to request the installation of WGA, but that's what you wanted me to check, isn't it. I don't think I knew that Windows Defender would fall into that category, because it sounds like a security update. I went into the updates and was able to download the malicious tool updates and other security updates. I didn't try the NZ Wallpapers though with the WGA star next to them. I have not been able to find my way back to the page we talked about, where MS lists what updates I accepted and which ones I refused. I have to find it again.
Thanks so much.
abri

 

As usual, I'm communicating with you through different threads. I think my comment to this was in your thread about the v6, interesting thread btw.
abri

 

If you want to deviate a bit from the original topic,the issue of drugs (at least for me), is that legalizing illegal drugs would provide people with quality control and labels. Not only are billions being lost in the U.S. trying to "control" the flow of the drugs, but that much more is being lost in tax money, some of which could be used to get people off of drugs and provide education along the lines of what has been done with the anti-smoking campaign.

I mean, pricing, quality control, economics and pharmaceuticals could each take up an entire thread of its own. Perhaps it would be worth starting one in the Lounge.
abri

 

its really annoying

now they provide a removal tool (maybe because of the "sue" they got and they dont like to get more)

and then "rumor" that they will give 30days to comply for a LEGAL and that 30days will give "hackers" time to crack/bypass this also

infoseeker

 

Actually, I just found that WGA Notify keeps its settings in plain-text (including the "30 days" seting) in c:\windows\temp\WGAnotify.settings! By default, an illegitimate version has 14 days to buy! Open with notepad, and you can edit the settings.

 

Hmmmm just curious would grabbing a copy of "Vista" while its still in BETA mode rule out all this curious dillema and possibly offer a far superior OS. Abri you seem more than sufficient to deal with any of the potential hiccups a BETA may through at you but I am not discounting this appaerent baseless imposition that MS is throwing at us.

I am considering on a new system (64bit) and have been considering what to do? With my backups securely undertaken and a little bit of nouss I am thinking this is a good option (selling my current OS w my sys). Worth a thought.

 

There are at least 3 posts going on about WGA. It is all a bit hard to keep up with.

@Halo@,
I just did a search on my PC and legitcheckcontrol.dll is present.
Can I delete this, or is it essential for MS updates?
Maybe I should just rename it, for a while, and see what happens?
Bazza

===

 

Thanks, Halo. Bazza

===