Question

Locked

windows autoupdate will not die

By ironfist03 ·
i have autoupdate turned off and i am still seeing the users computer constantly communicating with microsoft.. on my intrusion logs i see this below over and over again,, does anyone have any idea how to put the kebosh on it at the users machine?? ,, xpp sp2;
wwwbaytest2.microsoft.com
wwwbaytest3.microsoft.com
wwwbaytest4.microsoft.com
wwwbaytest5.microsoft.com
wwwkttest4.microsoft.com

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Is this IE 7?

by gsquared In reply to windows autoupdate will n ...

Are they using IE 7 with automatic anti-phishing turned on? That communicates with MS to check web pages against their known list of phishing sites. When I tried that for a short bit (while beta testing IE 7 a while back), it caused huge performance problems and locked up IE pretty heavily.

If the user has IE 7, check to see if anti-phishing is turned on. If so, turn it off and see if that solves your problem.

(I'm kind of guessing here, since I don't know what those servers do, but it seems like it might be possible.)

Collapse -

not on ie7

by ironfist03 In reply to Is this IE 7?

no, we are on ie6 with newest updates for ie6.

Collapse -

My research on this

by Kiltie In reply to windows autoupdate will n ...

doesn't show many results (<50) and most are foreign, had to translate some.

But what I found points to WGA/Notify and these are flagged by firewalls in the logs.

So, if you have WGA etc, it could simply be M$ "phoning home"

That sound likely to you?

Collapse -

but how to stop

by ironfist03 In reply to My research on this

thanks,, sounds logical but how do you stop microsoft from phoning home?? is this a service that can be stopped or prevented from starting up in msconfig??

Collapse -

Many ways to stop Notify from phoning home

by Kiltie In reply to but how to stop

But the question is do you want to, or should you?

M$ regards this as a legitimate tool and is performing its required function.

Many do not agree, if you use a third party firewall, these can be set to block such actions, however Windows Firewall won't (obviously)

EDIT: At least I suspect it won't, I have no way of testing this myself, nor any inclination to do so. I would be most surprised to find out that you can configure Windows Firewall to block M$s own products, but there is no technical reason why not, other firewalls have no qualms about that.

A Google search for WGA Notify removal

like this:

http://tinyurl.com/yhkl8d

will get you loads of hits on the subject.

here is one tool, from SoftPedias site:

http://tinyurl.com/gwhhv

Although I do not approve of M$s malware on my machines, and I refuse to let it in at all, that is my personal security choice, I must point out that it is an officially approved tool from M$, used in it's attempt to combat piracy.

Be warned that if you have automatic updates on, it will get re-installed next time that happens.

I have my Automatic Update settings set to "Notify me but don't automatically download or install them"
I then scrutinise each download and reject those I don't want.

Collapse -

useful info

by ironfist03 In reply to Many ways to stop Notify ...

thanks.. pointed in the right direction now.. i don't mind microsoft products phoning home so to speak but to continously fire off throughout the day is unacceptable to me.. if we were a corporation with a network of thousands of machines i can see where this would definitly affect network performance.. i can't believe the redmond gang,, no,, take that back.. i can believe they are that arrogant.. i am going to log out of this discussion but would first say i appreciate very much all's assistance and thoughts.. johnb..

Back to Desktop Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums