Microsoft's antipiracy tool phones home daily

Discussion in 'privacy general' started by Franklin, Jun 7, 2006.

Thread Status:
Not open for further replies.
  1. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    So, my constant nagging them finally bears some fruit.
    But this is the last dime I will ever spend on MS products.
    Never again. I'm no criminal to have a legitimate trojan phoning home out of my computer. That's what "Always Deny" function in the firewall is for.
    Mrk
     
  3. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    What dose it show up as in the logs? Useing ZA here and I do not see WGA listed or making attempts to exit.
     
  4. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Might be using "generic host process"o_O

    Don't really know as I use that "other" way to update windows.;)
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    This piece of "legit" crap:
    Runs in the background without the process showing at all.
    Cannot be uninstalled.
    Has a dll that injects the process every 30 sec or so in case you delete something.
    Tries to phone home once a day or so using port 80.
    I wrote about this almost a month ago and no one seemed to care.
    I even contacted Microsoft. I'm waiting for their official response, as I have 6 licences.
    I will be satisfied if they release a new version that does not install itself on legit pcs or if they provide me with a unique uninstaller. If not, boot cd and then surgical removal are always an option.
    What's certain is that Big Brother won't own me...
    Mrk
     
  6. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    You are right, it is just a junk. Those, who use illegal version of Windows will get rid of it anyway and those, who have legal have to have running it in systray forever?! [​IMG]
     
  7. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    It does not show in systray, that's the beauty.
    I'm having a phone call with MS almost daily. They have yet to give me a satisfying answer.
    Mrk
     
  8. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
  9. MICRO

    MICRO Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    1,020
    Any idea what address it uses Mrk. on port 80, I have tried watching
    Curr Ports but don't manage to catch the phone home.

    It shows as 16 on HJT and I was going to ask HJT to delete it but

    reading on A.C.F says I won't be able to D\L any updates.

    TIA,

    Kind Regards.
     
  10. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    This tool does not show up as 016 - that's the Validation Tool which you must always pass to be able to download updates.
    WGA Notification Tool is the one that gets installed and it shows up under 020 Winlogon Notify. Mind, two different things.
    It phones home to go.microsoft, stat.microsoft etc.
    Mrk
     
  11. MICRO

    MICRO Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    1,020
    Thanks again Mrk., I was misunderstanding the diff.

    Kind Regards.
     
  12. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    If you go to the link I posted, it will get rid of it. ;)
     
  13. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    Their antipiracy tool seems unneeded on most computers, assuming that most have genuine versions of windows. Anyway, we don't know what kind of information Microsoft collects, personally identifiable or not seems to be the big question.
    This tool's only for those who use pirated copies of windows.
     
  14. Lamehand

    Lamehand Registered Member

    Joined:
    Mar 2, 2006
    Posts:
    428
    Location:
    the Netherlands,very near to the North sea
    I would say this tool is written with the legitimate user in mind.
    Anybody with a pirated version of windows isn't going to install this.
    The data, if any, that is collected will be collected from the legit users.

    This is just spyware and should be treated as such, you can't remove it in a 'normal' way, you don't have any control over what it might send out.

    If coolwebsearch pulls a stunt like this, and they do of course, then everybody is screaming trojan, spyware and such, so i hope it will be in the definitions of the well known AV/AT-software.

    Lamehand
     
  15. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    There is a good side to WGA.
    It helped so many people decide NOT to try Vista ever.
    Mrk
     
    Last edited: Jun 23, 2006
  16. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    Isn't this odd? Microsoft is 'special'. Really. I thought they also had a section dedicated to fighting spyware/malware, eg windows defender, malicious software removal tool. LOL. They fight spyware and they also make spyware. Weird.
     
  17. Lamehand

    Lamehand Registered Member

    Joined:
    Mar 2, 2006
    Posts:
    428
    Location:
    the Netherlands,very near to the North sea
    You can make money in several ways as a software-company and collecting our personal information seems one of the methods of generating cash these days.
    Yes, your personal identifiable information has become a commodity.

    Lamehand
     
  18. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    Well if Aluria and Claria can participate on the anti-spyware board, then everything is possible.
    Mrk
     
  19. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    It seems that their profits are of higher priority to them than their customers' concerns.
    They're just working for the money only.
     
  20. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    Here's my prophecy and Wilders' posters be my witnesses:
    In 10 years time, Google will overcome Microsoft with their OS. And Linux will fare also quite high. People are by nature suckers, by they will suck only so much.
    Mrk
     
  21. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    nadirah

    It wasn't so long ago that you where sounding really pleased with getting your PC with XP on it, what's happened to change your mind ?


    StevieO
     
  22. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Well, that's not really surprising by Microsoft's standards, is it?
     
  23. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    784
    Location:
    UK
    Has anyone used this uninstall tool yet?? and how did you fair?
     
  24. AnthonyG

    AnthonyG Registered Member

    Joined:
    Aug 3, 2004
    Posts:
    614
    If anybody wants to see what is going out in WGA and to where try using Comodo Personal firewall. As i was quite suprised to see block allow entries on boot up to WGA applications wanting to give out info to cetain ip addresses.

    I blocked them but i dont know what that means, if it will stop windows updates.
     
  25. Lamehand

    Lamehand Registered Member

    Joined:
    Mar 2, 2006
    Posts:
    428
    Location:
    the Netherlands,very near to the North sea
    Anthony, can you give us those IP's where it tried to send to?
    I don't have this notifier installed in XP.

    Lamehand
     
Loading...
Thread Status:
Not open for further replies.