MBAM and RemoveWGA

Discussion in 'other anti-malware software' started by FanJ, Jan 26, 2010.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hi,

    Suddenly Malwarebytes' Anti-Malware is giving this warning on RemoveWGA:
    D:\RemoveWGA\Version 1_1\RemoveWGA.exe (HackTool.RemoveWGA)

    RemoveWGA was made in the past by gkweb, see:
    https://www.wilderssecurity.com/showthread.php?t=135257

    I know that gkweb later removed his tool.
    And I understand that.

    (Please note that I have a legit Windows !!!)

    I'm just wondering why MBAM is suddenly now giving a warning about it.
    And why, if MBAM wants to do that, it is only giving a warning on version 1.1 and not on 1.02 or 1.2
     
  2. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    A question that only MBAM can answer accurately?
    Did you report false positive?
    And why not get just get rid of the old version?
    :)
     
  3. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    From the detection name it does not look like a FP
     
  4. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    It's a tool to crack Windows 7 Activation. By Removing it all together. This thing has been floating around for a wile now. Aslo Mbam also detects Windows XP Activation cracks as I.Stole.Windows. You don't know how many keys I had to order for customers just because there windows was not Legit.
     
  5. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Last edited: Jan 26, 2010
  6. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    You cant post VT logs here but you can post how to look them up without the actual file .

    Google for "RemoveWGA.exe" in advanced mode on domain virustotal.com , the answer is there .
     
Loading...
Similar Threads
  1. FanJ
    Replies:
    10
    Views:
    783
  2. NonGeek
    Replies:
    10
    Views:
    1,670
Thread Status:
Not open for further replies.