If a user has WGA installed, can it be safely removed and still get Automatic Critical Updates and manual MS Updates? How do you remove it? If it is better to leave WGA installed, what are the recommendations to restrict its behavior? In an outbound rules based firewall, should we just block it? Should we restrict its access? What are the restriction rule recommendations for wgatray.exe? In process guard, I've allowed it to execute on one system but it logs about 60 times that it tries to access physical memory. Should I allow wgatray.exe to access physical memory? I've paid for all licenses from reputable sources and they are legal. I've not received any false positives from WGA, but if I don't NEED this garbage, I don't want it on any systems.