I also wonder about the legal situation of manipulating registry entries to circumvent user decisions. There are a few laws in Germany which as if they could fit (but IANAL):
303a Data Manipulation
(1) Anyone who illegally deletes, supresses, renders unusable oder changes data shall be punished with imprisonment of up to 2 years or a monetary penalty
303b Computer Sabotage
(1) Anyone who significantly disturbs a data processing [process], which is of significant importance to someone else, by
* an act according to 303a
* injecting, entering or submitting data with the intention to create a disadvantage to someone else, or
* destroying, damaging, rendering unsuable or changing a data processing system or data storage medium
shall be punished with imprisonment of up to 3 years or a monetary penalty
(2) In case the data processing [process] is of significant importance for a (different) business, company, or a civil administration the punishment shall be imprisonment of up to 5 years or a monetary penalty.
(4) In especially serious cases of section (2) the punishment shall be imprisonment of no less than 6 month to 10 years. As a rule a specially serious case is if the culprit
2) acted businesslike or as member of a gang which formed for continuous perpetration of computer sabotage.
And according to 202c distributing computer software which is intended to commits such crimes is punishable, too.
[all my translation; definitely not authorative]
So now the questions are:
* Was the manipulation of the registry values illegal?
* Was a company or civil authority hit? (Note that the law does not say "Void if they should have set up a Domain")
* Is Microsoft's approach "businesslike"?
Because if all is answered yes, then anyone involved in programming and distributing GWX.exe should better avoid Germany for some time to come (I don't know the statue of limitation on this).