Windows has a great new feature which helps notify you when you may have inadvertently pirated your copy of the operating system. This feature is really handy, because sometimes people will slip and fall and accidentally steal a copy of Microsoft Windows.

Windows Genuine Advantage will detect this situation and provide you with valueable feedback so that you may address the issue by going out and buying a new copy of the operating system and reinstalling.

Here is a screenshot of WGA in action:

Now, I greatly appreciate this information. I for one would immediately take corrective action if my copy of Windows was actually pirated.

Fortunately, sometimes your situation is a little different. Maybe an innocent user has, one way or another, lost possession of their original product key. Tornado, earthquake, fire, air raid, black holes and ninja stars are some possible ways this could occur.

What do you do in this situation? Now, it seems rather silly to go buy another product key – just because you lost yours. It’s a simple misunderstanding.

Luckily, Microsoft was polite and left the binaries for WGA lightly protected. This means you can easily go in and inform WGA that you have, in fact, purchased your copy of Windows.

There are programs out there to make this modification for you. I took a slightly different approach, however, and decided that I would like to keep the warning message bubbles. I just wished to slightly modify the contents of those messages.

Now, whenever I come back to my computer – and sometimes just at random moments – WGA gives me a few words of appreciation. What used to be a depressing accusation of guilt, is now replaced with a friendly greeting! How nice.

The change is simple. Just pop open the WGA app in your favorite hex editor or resource editor, and search for the original messages. Replace with a message of your choice, and voila – your own personal motivational notification program.


Next, just open up task manager and kill the process “WgaTray.exe”. Don’t worry, it is such a user-friendly program that it will automatically restart itself!

11 thoughts on “Windows Genuine Advantage hacking

  1. lmao make it say:
    You stole your f#$@ing software what the hell….. I didn’t want to do this but windows….sigh will….. SELF DESTRUCT IN 2.34 seconds 😦 WTF


  2. There is a reason for this message. Some people sell copied Windows CDs as original, or a computer may come with Windows preinstalled, which is assumed to be valid.

    But… to more interesting matters. I see you also suffer from the annoying Z order problem of the taskbar (and tray) tooltip(s). Now THIS is something I’m waiting for someone to resolve (and it’s unlikely to be Microsoft, it seems).


  3. Yeah. It’s especially annoying when the tooltip(s) fail to ever disappear. It takes a few clicks around to get them to go away. I’ve actually had the situation a few times where the tooltip would never go away. I had to write a tiny little app to remove it by hand (you could probably also use some generic window killer utility).


  4. I just don’t get why MS can’t get their basic shell features (and bugs) right… They botchered the XP shell enough so that it’s too annoying to use for basic file operations. I wonder if Vista will be the time to ditch their shell altogether.


  5. 1. Inicie el administrador de tareas de windows
    2. Finalice el proceso wgatray.exe
    3. Reinicie la maquina en modo seguro presionando F8 durante el arranque
    4. Elimine el archivo wgatray.exe del la carpeta c:\Windows\System32.
    5. Elimine el archivo wgatray.exe del la carpeta c:\Windows\System32\dllcache.
    6. Inicie el Editor del Registro: Inicio > Ejecutar > Regedit
    7. Busque la siguiente clave:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
    8. Elimine la carpeta WgaLogon’ y todo su contenido
    9. Cierre el registro e inicie normalmente windows


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s