Quote:

The tool, called Windows Genuine Advantage Notifications, is designed to validate whether a copy of Windows has been legitimately acquired. However, it also checks in with Microsoft on a daily basis, the company confirmed Wednesday.

http://news.com.com/2100-1016_3-6081286.html?part=rss&tag=6081286&subj=news

Hello,
So, my constant nagging them finally bears some fruit.
But this is the last dime I will ever spend on MS products.
Never again. I'm no criminal to have a legitimate trojan phoning home out of my computer. That's what "Always Deny" function in the firewall is for.
Mrk

What dose it show up as in the logs? Useing ZA here and I do not see WGA listed or making attempts to exit.

Might be using "generic host process"???

Don't really know as I use that "other" way to update windows.;)

Hello,
This piece of "legit" crap:
Runs in the background without the process showing at all.
Cannot be uninstalled.
Has a dll that injects the process every 30 sec or so in case you delete something.
Tries to phone home once a day or so using port 80.
I wrote about this almost a month ago and no one seemed to care.
I even contacted Microsoft. I'm waiting for their official response, as I have 6 licences.
I will be satisfied if they release a new version that does not install itself on legit pcs or if they provide me with a unique uninstaller. If not, boot cd and then surgical removal are always an option.
What's certain is that Big Brother won't own me...
Mrk

You are right, it is just a junk. Those, who use illegal version of Windows will get rid of it anyway and those, who have legal have to have running it in systray forever?! http://www.wilderssecurity.com/images/smilies/wacko.gif

Hello,
It does not show in systray, that's the beauty.
I'm having a phone call with MS almost daily. They have yet to give me a satisfying answer.
Mrk

There is a tool to remove it now. :)

Click here. (http://www.firewallleaktester.com/removewga.htm)

-{ Quote: "
Tries to phone home once a day or so using port 80.
Mrk" }-
Any idea what address it uses Mrk. on port 80, I have tried watching
Curr Ports but don't manage to catch the phone home.

It shows as 16 on HJT and I was going to ask HJT to delete it but

reading on A.C.F says I won't be able to D\L any updates.

TIA,

Kind Regards.

-{ Quote: "Any idea what address it uses Mrk. on port 80, I have tried watching
Curr Ports but don't manage to catch the phone home.

It shows as 16 on HJT and I was going to ask HJT to delete it but

reading on A.C.F says I won't be able to D\L any updates.

TIA,

Kind Regards." }-

Hello,
This tool does not show up as 016 - that's the Validation Tool which you must always pass to be able to download updates.
WGA Notification Tool is the one that gets installed and it shows up under 020 Winlogon Notify. Mind, two different things.
It phones home to go.microsoft, stat.microsoft etc.
Mrk

-{ Quote: "Hello,
This tool does not show up as 016 - that's the Validation Tool which you must always pass to be able to download updates.
WGA Notification Tool is the one that gets installed and it shows up under 020 Winlogon Notify. Mind, two different things.
It phones home to go.microsoft, stat.microsoft etc.
Mrk" }-
Thanks again Mrk., I was misunderstanding the diff.

Kind Regards.

If you go to the link I posted, it will get rid of it. ;)

Their antipiracy tool seems unneeded on most computers, assuming that most have genuine versions of windows. Anyway, we don't know what kind of information Microsoft collects, personally identifiable or not seems to be the big question.
This tool's only for those who use pirated copies of windows.

I would say this tool is written with the legitimate user in mind.
Anybody with a pirated version of windows isn't going to install this.
The data, if any, that is collected will be collected from the legit users.

This is just spyware and should be treated as such, you can't remove it in a 'normal' way, you don't have any control over what it might send out.

If coolwebsearch pulls a stunt like this, and they do of course, then everybody is screaming trojan, spyware and such, so i hope it will be in the definitions of the well known AV/AT-software.

Lamehand

-{ Quote: "I would say this tool is written with the legitimate user in mind.
Anybody with a pirated version of windows isn't going to install this.
The data, if any, that is collected will be collected from the legit users.

This is just spyware and should be treated as such, you can't remove it in a 'normal' way, you don't have any control over what it might send out.

If coolwebsearch pulls a stunt like this, and they do of course, then everybody is screaming trojan, spyware and such, so i hope it will be in the definitions of the well known AV/AT-software.

Lamehand" }-

Hello,
There is a good side to WGA.
It helped so many people decide NOT to try Vista ever.
Mrk

-{ Quote: "I would say this tool is written with the legitimate user in mind.
Anybody with a pirated version of windows isn't going to install this.
The data, if any, that is collected will be collected from the legit users.

This is just spyware and should be treated as such, you can't remove it in a 'normal' way, you don't have any control over what it might send out.

If coolwebsearch pulls a stunt like this, and they do of course, then everybody is screaming trojan, spyware and such, so i hope it will be in the definitions of the well known AV/AT-software.

Lamehand" }-

Isn't this odd? Microsoft is 'special'. Really. I thought they also had a section dedicated to fighting spyware/malware, eg windows defender, malicious software removal tool. LOL. They fight spyware and they also make spyware. Weird.

You can make money in several ways as a software-company and collecting our personal information seems one of the methods of generating cash these days.
Yes, your personal identifiable information has become a commodity.

Lamehand

Hello,
Well if Aluria and Claria can participate on the anti-spyware board, then everything is possible.
Mrk

It seems that their profits are of higher priority to them than their customers' concerns.
They're just working for the money only.

Hello,
Here's my prophecy and Wilders' posters be my witnesses:
In 10 years time, Google will overcome Microsoft with their OS. And Linux will fare also quite high. People are by nature suckers, by they will suck only so much.
Mrk

nadirah

It wasn't so long ago that you where sounding really pleased with getting your PC with XP on it, what's happened to change your mind ?


StevieO

-{ Quote: "It seems that their profits are of higher priority to them than their customers' concerns." }-Well, that's not really surprising by Microsoft's standards, is it?

Has anyone used this uninstall tool yet?? and how did you fair?

If anybody wants to see what is going out in WGA and to where try using Comodo Personal firewall. As i was quite suprised to see block allow entries on boot up to WGA applications wanting to give out info to cetain ip addresses.

I blocked them but i dont know what that means, if it will stop windows updates.

Anthony, can you give us those IP's where it tried to send to?
I don't have this notifier installed in XP.

Lamehand

-{ Quote: "nadirah

It wasn't so long ago that you where sounding really pleased with getting your PC with XP on it, what's happened to change your mind ?


StevieO" }-

Yeah I'm quite satisfied with Windows XP, but not with the company that makes it. Because Microsoft appears to be a topsy-turvy company to me. They can make good products but always seem to lose out on SECURITY.

And I learned of this WGA issue only after reading several sites raising concerns over its functions.

Well, I agree - this "tool" is spyware IMO. Security vendors will not detect it because of legal risks, however, if every single security company does detect it, M$ cannot sue them all and hope to win. At least Symantec or McAfee will kick them where it hurts most.

While I have not come across WGA yet, I don't like Microsoft's antics as of late.

nadirah

I see, but on your sig it says "Exploits, security problems, spyware... the list goes on. Get other Operating Systems"

That's why i wondered why you still use XP, and are you thinking of getting another one yourself, if so which one ?


StevieO

-{ Quote: "nadirah

I see, but on your sig it says "Exploits, security problems, spyware... the list goes on. Get other Operating Systems"

That's why i wondered why you still use XP, and are you thinking of getting another one yourself, if so which one ?


StevieO" }-

My Hard Drive: 80GB
Used up: 11GB

I think I can divide it into several partitons if I have the space available, XP is on my primary or should I say main partition. Next partition I think its linux or mac, I'm not sure if a mac OS from the delicious apple can work on a Intel processor...
If the situation merits it, I shall blast off the primary partition you know what I mean. But research comes first before that.
My comp is pre-built by an OEM so I don't know if I can or should put in another hard drive.

nadirah, to test if your computer can run, lets say Ubuntu linux just get a live-CD and shove it in the CDROM player, boot from it and you will know if your hardware is compatible, nothing will be installed on your computer, it will run from the CDROM-drive.
I see you have enough space on your harddrive and when you're able to install it you can repartition that drive anyway you want, the installer has a feature for that.

The sweet part of this all is it won't be phoning home and it's way out of this microsoft prisoncell they try to create.

This could explain what's behind all this constant checking;

http://arstechnica.com/news.ars/post/20060702-7178.html

Lamehand

WGA may encourage piracy as users begin to feel more secure with cracks than legal software.

MS probably already knows this but feels there is more profit in data mining among normal citizens than trying to curtail hackers. How then could WGA be anything but spyware?

I was reading a thread on DSLreports when i saw this link, this is what WGA will lead up to in the near future, and it's not a pretty sight.

http://en.wikipedia.org/wiki/NGSCB#Curtained_Memory

Yes, you will be allowed to pay for all this crap, but don't ever think you own it.
And this scheme will not be implemented to improve safety or security on the average system,you can do that now with what's available, but to drain your wallet from hard earned cash.

Lamehand
(running of to the computerstore to buy the last pentium 4. :) )

It just goes to show you should not trust windows update facility.
I didnt and thankfully I dont have windows WGA on my PC.

Another Nice Story (http://www.gripe2ed.com/scoop/story/2006/7/24/8477/16185):ouch: :-\ :(