Windows Advisor

Disable Windows Genuine Advantage Notifications

Your Windows is genuine, so why the constant disruption? Here's how to disable those pesky notices.

There's been a lot of talk about Microsoft’s Windows Genuine Advantage, with several security experts declaring it to be spyware or spyware-like. To make things worse, a software worm that disguises itself as WGA has been lurking out in the wild. As if that news wasn’t bad enough, a class-action lawsuit was filed against Microsoft claiming Microsoft is misleading consumers and that WGA was a spyware.

The basis of the Windows WGA program is to ensure that people are running genuine version of Windows. If a person uses a non-genuine version of Windows, that person is notified at logon that the copy of Windows appears to be non-genuine. The user is then directed to the WGA Web site for more information. If the user continues to use Windows, the user keeps receiving the same message periodically.

I should point out that even if users keep using a non-genuine copy of Windows, they will continue to access critical updates. However, they will be denied updates to non-critical updates, such as Internet Explorer 7.0 or Windows Defender until they validate their copy.

WGA actually consists of two components: WGA Validation and WGA Notifications. WGA Validation ensures that you are using a genuine copy of Windows, while WGA Notifications is responsible for periodically notifying you when your copy may not be genuine.

Tech Help—Just An
E-Mail Away

Got a Windows, Exchange or virtualization question or need troubleshooting help? Or maybe you want a better explanation than provided in the manuals? Describe your dilemma in an e-mail to the MCPmag.com editors at mailto:editor@mcpmag.com; the best questions get answered in this column and garner the questioner with a nifty MCPmag.com baseball-style cap.

When you send your questions, please include your full first and last name, location, certifications (if any) with your message. (If you prefer to remain anonymous, specify this in your message, but submit the requested information for verification purposes.)

As far as I know, no one has ever complained about Microsoft verifying the legitimacy of Windows version. The problem has to do with the way Microsoft deploys WGA and the spyware-like nature of the service. That’s not all. Consumers are troubled by the fact that Microsoft started to deploy WGA as a critical security update through Windows Update and Automatic Updates while the service seemed to be in beta. As the criticism grew, Microsoft decided to back down, making some changes to the WGA program. However, Microsoft denies that WGA is a spyware and has posted an FAQ here. More information on WGA Notifications is available here.

While there are too many other issues that can be covered on this topic, for now I'll describe how you can disable or manually uninstall WGA Notifications from your computer.

To disable WGA Notifications you need to logon as an Administrator account and make sure that the WGA Notifications version on your computer is a "pilot" version. To find out your version of WGA Notifications, go to Add or Remove Programs, select Windows Genuine Advantage Notifications, and click on "click here for support information." See Microsoft’s Knowledge Base article 921914 for more information. If you don’t see the Windows WGA Notifications listed, you may have to check the box "Show updates" (see Fig. 1).


[Click on image for larger view.]
Figure 1. How to tell which version of WGA you have; notice that the version here is numbered 1.5.0540.0, so it can not be removed.

The pilot versions have the format 1.5.0532.x. You can uninstall versions that range from 1.5.0527.0 to 1.5.0532.2.

Assuming your WGA version falls within the range listed above, you can then rename the following two files to something like .old and reboot your computer.

%Windir%\system32\WgaLogon.dll
%Windir%\system32\WgaTray.exe

Rather than disabling, you can also manually remove WGA Notifications by taking some additional steps:

  1. First follow the steps described above to disable WGA Notifications.
  2. Unregister LegitCheckControl.dll by typing the following at the command prompt:
    Regsvr32 %Windir%\system32\LegitCheckControl.dll /u
  3. Reboot the computer.
  4. Go to the command prompt and delete the following three files; this is assuming you renamed the two files listed above to .old: del %Windir%\system32\WgaLogon.old
    del %Windir%\system32\WgaTray.old
    del %Windir%\system32\LegitCheckControl.dll
  5. Start the registry editor, regedit.exe.
  6. Locate and then delete the WgaLogon and WgaNotify subkeys:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\
    CurrentVersion\Winlogon\Notify\WgaLogon
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    \CurrentVersion\Uninstall\WgaNotify

This should allow you to remove the WGA Notifications from your computer. Keep in mind that this process applies to the pilot versions and may not work for the released version of WGA Notifications.

About the Author

Zubair Alexander, MCSE, MCT, MCSA and Microsoft MVP is the founder of SeattlePro Enterprises, an IT training and consulting business. His experience covers a wide range of spectrum: trainer, consultant, systems administrator, security architect, network engineer, author, technical editor, college instructor and public speaker. Zubair holds more than 25 technical certifications and Bachelor of Science degrees in Aeronautics & Astronautics Engineering, Mathematics and Computer Information Systems. His Web site, www.techgalaxy.net, is dedicated to technical resources for IT professionals. Zubair may be reached at alexander@techgalaxy.net.

comments powered by Disqus

SharePoint Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.