How To Disable WGA For Good

If the Windows OS is an illegal copy, the problem is manifested as a nag screen that is located in the lower right corner of the screen with the text ‘You may be a victim of software counterfeiting’. Also, a similar nag screen is visible on Windows login screen:

alt

alt

alt

There is no easy way to remove this nag screen and Windows Genuine Advantage, and we’ll try to describe the easiest way.

 

Easy Way To Disable WGA (Fight MS With MS)

The easiest way to disable WGA is to deny access to its files. Why? Because if access is denied for all users that can use this file, the file cannot be executed. Normally in Windows, you have these users:

‘BUILTINADMINISTRATORS’
‘BUILTINUSERS’
‘NT AUTHORITYSYSTEM’
‘NT AUTHORITYAUTHENTICATED USERS’

The normal way to deny access is to use Windows Explorer to open the C:WindowsSystem32 folder and find three files that WGA uses – WGATray.exe, WGALogon.dll and LegitCheckControl.dll. Right-click on each file, go to Properties->Security, click on each listed user, click on Deny All and Apply. But, since there is no Security tab, this can’t be done so easily.

Until now, of course. :)

Instead of disabling access to these files via Windows Explorer, use these simple command prompts:

1.    Start->Run
2.    Write ‘cmd’ and press Enter (or click OK)
3.    Write ‘cd C:WindowsSystem32
4.    Write the following commands:
a.    ‘cacls wgatray.exe /d everyone’; when asked if you’re sure, click ‘Y
b.    ‘cacls wgalogon.dll /d everyone’; when asked if you’re sure, click ‘Y
c.    ‘cacls legitcheckcontrol.dll /d everyone’; when asked if you’re sure, click ‘Y
5.    Reboot the machine (Start->Shutdown->Restart)

Please note that for Windows Vista you should use iCacls instead of Cacls command.

These files can be deleted, but don’t delete these files because it’ll stop Windows copying new files to this location. If you leave the files that cannot be accessed, then Windows cannot overwrite them – plain and simple logic.

That’s it folks, WGA is disabled. Happy auto-updating and everything else you want to do.

P.S. This guide can be used also when fighting with malware that cannot be deleted in the normal way.

Disclaimer: Author is not proposing piracy in any way. This text is for educational purposes only.

Greetings from Croatia,
Damir Lukic, B.Sc.E.E.
mailto: lukicenator@gmail.com
web: http://inovator.blog.hr