Turn Off Autoupdates!

http://support.microsoft.com/kb/905474/en-us

This kind of 'feature' should not be in auto updates from Microsoft. I'm going to turn off all my home computers' autoupdates even though they are legit. Screw Microsoft.

Also, autoupdate kills my GTK+ install, still can't figure out why, but every time it goes active I have to re-install.

I have Gaim installed in a few places that have autoupdates and don't have a problem.

I set autoupdates to notify before installation already. Can't trust Microsoft.

THE FIX
-------
If you think Windows starts up slowly enough as it is, you can disable WGA by removing the execute bit on WgaLogon.dll. That way, winlogon can't call it as a notification package at boot, and since WgaLogon is responsible for running and maintaining WgaTray.exe, no more tray popups either.

And since the read bit is still there, you won't trip Windows Update to force you to reinstall it; the DLL still matches with the WU catalog and all the WGA registry keys are still in place.


HOWTO
-----

If you're not familiar with how NT ACLs work, here's how you can break file permission inheritance. First of all, let's make sure Windows will let you access the ACL dialog from the GUI:

* In explorer, go to Tools > Folder Options. Then, go to View > Advanced Settings and uncheck "Use simple file sharing". Hit OK.

Now, let's change the permissions for WgaLogon:

* In the Address bar, type (without quotes) "%WinDir%\system32" and hit enter.

* Scroll down to WgaLogon.dll, right click on it, pick Properties. Go to Security.

* Hit the Advanced button, uncheck the Inherit box at the bottom, hit the Copy button, then hit OK.

Now we have a local copy of the ACL which we can modify.

* Go through each listed user/group and remove the "Read & Execute" permission for that file, leaving the "Read" permission as-is.

* Hit OK to apply the permission changes and close the file properties dialog. Restart the machine.

You can now turn "Use simple file sharing" back on, if you want.

Or install a real OS like Linux. +1 for you.

Thanks for that Chris. It will be helpful if the update gets pushed onto a machine.

Your comment is good as well Aron .

I often have to reinstall operating systems on machines because they get screwed up either by some spyware, a virus, a program that had too much fun during an install, windows just crapping out, drive dying, etc.

This is something that I have to do quite often for many other people. Up until this point, I would install the Corp VLK release just so I didn't have to deal with activation.

Here is my previous method:

1. Insert Windows XP Pro VLK Disc w/ SP2 + all latest updates included upto latest month
2. Insert unattended installation floppy disk
3. Walk away
4. Walk back, type in a username, done.

Here is my new install method (using the COA sticker on the user's case):

1. Insert Windows XP Pro OEM Disc w/ SP2
2. Insert unattended installation floppy disk
3. Walk away
4. Walk back, fix the crap that didn't work because the install is old on the OEM disk
5. Attempt to activate windows: FAIL, please call 1-800-INDIA-TECH
6. Talk to a computer (10 minutes)
7. Talking to computer fails, transferring you to someone who does not speak english (hold, 2 minutes)
8. Answer about 10 questions on what the system is that you're reinstalling Windows onto (5 minutes)
9. Provide CDKEY (2 minutes)
10. Provide installation id (2 minutes)
11. Listen to activation number (2 minutes)
12. Windows is activated
13. Download 46 windows updates.
14. Install 46 windows updates.
15. Reboot 2 or 3 times.

Then... Windows Genuine Advantage installs, and doesn't work, and wants me to call the number AGAIN.

-REPEAT PROCESS-

Then... Change a stick of RAM, a CPU, anything.

-REPEAT PROCESS-


It's sad when users come to you requesting a cracked copy of Windows for their Dell systems (with legit stickers), just to get away from all this crap.

I had a situation like that just the other day. A dell laptop that had a legit sticker of XP Pro came in to buy another version of XP Pro because Microsoft said his copy wasn't legit. Microsoft is stepping beyond their rights now, I fully support a cracked copy in those situations that people PAID for their product and now, because of DRM, doesn't work.

you mean NT supports UNIX-style (or close) file permissions and hides them by default ??
I mean, this means NT has built-in support for the most basic form of UNIX security, but uses win95-style (==absent) security by default.
/me backs off in disgust

NT has a POSIX layer for compatibility (and I hear it sucks).

The NT file permissions are not hidden and are more involved that unix permissions. I LIKE Unix permissions better because it is much easier to understand.

they are hidden from the mortal user at least
I only ever knew of the ro, hidden and archive bits. (if there are other bits like that, them as well). There were the bits Total Commander displayed, and they never bothered me in the slightest, i.e. I never had problems finding hidden files and similiar.

NT permissions have multiple groups and multiple owners. Stuff can be inherited or not, it is very strange.

That's correct. When coming from a Unix system with permissions such as Everyone, Group, Owner and dealing with infinite possibilities is crap.

I have my computer set to download the updates and haven't seen this one yet.