caustik's blog

programming and music

Windows Genuine Advantage hacking

with 11 comments

Windows has a great new feature which helps notify you when you may have inadvertently pirated your copy of the operating system. This feature is really handy, because sometimes people will slip and fall and accidentally steal a copy of Microsoft Windows.

Windows Genuine Advantage will detect this situation and provide you with valueable feedback so that you may address the issue by going out and buying a new copy of the operating system and reinstalling.

Here is a screenshot of WGA in action:

Now, I greatly appreciate this information. I for one would immediately take corrective action if my copy of Windows was actually pirated.

Fortunately, sometimes your situation is a little different. Maybe an innocent user has, one way or another, lost possession of their original product key. Tornado, earthquake, fire, air raid, black holes and ninja stars are some possible ways this could occur.

What do you do in this situation? Now, it seems rather silly to go buy another product key – just because you lost yours. It’s a simple misunderstanding.

Luckily, Microsoft was polite and left the binaries for WGA lightly protected. This means you can easily go in and inform WGA that you have, in fact, purchased your copy of Windows.

There are programs out there to make this modification for you. I took a slightly different approach, however, and decided that I would like to keep the warning message bubbles. I just wished to slightly modify the contents of those messages.

Now, whenever I come back to my computer – and sometimes just at random moments – WGA gives me a few words of appreciation. What used to be a depressing accusation of guilt, is now replaced with a friendly greeting! How nice.

The change is simple. Just pop open the WGA app in your favorite hex editor or resource editor, and search for the original messages. Replace with a message of your choice, and voila – your own personal motivational notification program.


Next, just open up task manager and kill the process “WgaTray.exe”. Don’t worry, it is such a user-friendly program that it will automatically restart itself!

Written by caustik

September 2nd, 2006 at 7:15 am

Posted in Hacking

11 Responses to 'Windows Genuine Advantage hacking'

Subscribe to comments with RSS or TrackBack to 'Windows Genuine Advantage hacking'.

  1. Friendly greeting are all well and good, however there is a more pressing question here – how can I put in the bubble an animated image?

    For example, for you I expect to see the following :

    And for me :

    Make it so!


    3 Sep 06 at 10:45 pm

  2. Wow, now thats nice stuff! I really love Windows satires 😉 Especially because im a Linux-User.


    25 Sep 06 at 6:25 pm

  3. Haha nice, I got a good laugh out of this one. 🙂


    18 Oct 06 at 4:37 pm

  4. lmao make it say:
    You stole your f#$@ing software what the hell….. I didn’t want to do this but windows….sigh will….. SELF DESTRUCT IN 2.34 seconds 🙁 WTF


    4 Nov 06 at 5:23 am

  5. There is a reason for this message. Some people sell copied Windows CDs as original, or a computer may come with Windows preinstalled, which is assumed to be valid.

    But… to more interesting matters. I see you also suffer from the annoying Z order problem of the taskbar (and tray) tooltip(s). Now THIS is something I’m waiting for someone to resolve (and it’s unlikely to be Microsoft, it seems).


    12 Nov 06 at 12:16 am

  6. Yeah. It’s especially annoying when the tooltip(s) fail to ever disappear. It takes a few clicks around to get them to go away. I’ve actually had the situation a few times where the tooltip would never go away. I had to write a tiny little app to remove it by hand (you could probably also use some generic window killer utility).


    12 Nov 06 at 2:56 am

  7. I just don’t get why MS can’t get their basic shell features (and bugs) right… They botchered the XP shell enough so that it’s too annoying to use for basic file operations. I wonder if Vista will be the time to ditch their shell altogether.


    13 Nov 06 at 12:04 am

  8. I feel bad that I actually paid for windows and don’t get the warning message, so I can edit it to say crazy stuff. Is that weird or what?


    29 Nov 06 at 6:25 am

  9. Hehehe! Excellent stuff!


    14 Dec 06 at 12:38 am

  10. yup ur all fukin dikhedz, much love – bill gates youf!


    bill gates youf

    23 Feb 07 at 4:03 pm

  11. 1. Inicie el administrador de tareas de windows
    2. Finalice el proceso wgatray.exe
    3. Reinicie la maquina en modo seguro presionando F8 durante el arranque
    4. Elimine el archivo wgatray.exe del la carpeta c:\Windows\System32.
    5. Elimine el archivo wgatray.exe del la carpeta c:\Windows\System32\dllcache.
    6. Inicie el Editor del Registro: Inicio > Ejecutar > Regedit
    7. Busque la siguiente clave:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
    8. Elimine la carpeta WgaLogon’ y todo su contenido
    9. Cierre el registro e inicie normalmente windows


    20 Mar 07 at 12:30 pm

Leave a Reply