Ugh. I was using hijackthis to clean some stuff up. After I rebooted. The wgatray.exe came up within comodo and asked if I wanted to accept it or deny it access. At first I couldnt remember about that file. It did look familiar. So I opened up my firefox and in the search area. I put in the file name and clicked enter. Dumb move on my behalf. Because I didnt pick an option to allow or deny it. But as soon as I pressed enter on the kb when searching about the file. The comodo prompt vanished into thin air. Is there a way to get the prompt back or anything? Or was it let through?
Security > Adv > Misc > Config > How long should an alert remain on the screen if left unanswered?
If you don’t answer within the specified time the result is an alert denial. Default deny principle. Security first.
To get the prompt back wgatray.exe has to attempt internet access again. Since that ■■■■■■ is disabled on my pc, I don’t know how often or what time it connects out. Try a reboot.
It attempts to connect on every startup. As it tries to connect through svchost.exe using OLE automation, you don’t want to deny it as you’ll block svchost at the same time. (actually, it would be nice to have check boxes “ban application”, “ban parent” and “ban OLE application” that would add whichever chosen to the banned applications list).
The solution is to go into tasks and define a new banned application and to add the WGA programme. I have also done the same for setup_wm.exe (which uses OLE automation too, supposedly to check for updates for windows media player, but who knows…).
What I find odd is that windows programmes try to connect to the internet in ways that most firewalls won’t pick up on…
I’m having a similar experience with WGAtray on start up with asking accept or deny, the parent application being winlogon or something like that. I was wondering if anyone could provide any insight as to what’s going on, just started the whole connection thing today. Oh and denying it apparently has no harmful affects as far as I can see.
Denying will only provided beneficial effects AFAIK ;D. There are lots of ways to remove WGA, but I think Microsoft banned a lot of websites from showing how to.
Thanks for the reply, I suppose I’ll just tell comodo to remember to perma block it then.
You can prevent wga to start when computer boots, by using a software that checks for start-up items. Spybot S&D works.
If you use Spybot S&D, disable System.ini WgaLogon WgaLogon.dll, think that should fix it. Works for me at least.
Ragwing