O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

You receive an "Administrators only" error message when you try to visit the Windows Update Web site or the Microsoft Update Web site

SYMPTOMS
When you try to visit the Windows Update Web site or the Microsoft Update Web site, you may receive an error message that is similar to the following:
Error number: 0x8DDD0002

To install items from Windows Update, you must be logged on as an administrator or a member of the Administrators group. If your computer is connected to a network, network policy settings may also prevent you from completing this procedure.
You receive this message even though you are already logged on as an administrator or a member of the Administrators group.



CAUSE
This behavior may occur for any one of the following reasons:

   1. You are not logged on as a user who belongs to the local Administrators group.
   2. You do not have permission to specific registry keys or folders.
   3. The operating system cannot read the data in the %Systemroot%\System32\Catroot2 folder.


RESOLUTION
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756  (http://support.microsoft.com/kb/322756/ ) How to back up and restore the registry in Windows


To resolve this issue, use one of the following methods. If Method 1 does not resolve the problem, use Method 2.

    *
      Method 1
      Verify that you are logged on as a user who belongs to the local Administrators group.

      Windows XP
      Click Start, click Run, type nusrmgr.cpl, and then click OK to open the User accounts window.

      If you are part of a network domain, follow these steps:
         1. In the User Accounts window, click to select your account from the list, and then click Properties.
         2. On the Group Membership tab, verify that you are in the Administrators group.
      If you are not part of a network domain, follow these steps:
         1. In the User Accounts window, click your account, and then verify that Computer Administrator appears under your account name.
      Windows 2000
         1. Click Start, click Run, type compmgmt.msc, and then click OK.
         2. In the Computer Management window, expand System Tools, expand Users and Groups, and then click the Users folder.
         3. In the right pane of the Computer management window, right-click the user whose user rights you want to verify, and then click Properties.
         4. On the Member Of tab, verify that Administrators is listed in the Member of box.
      After you logged on as an administrator, try to visit the Windows Update Web site or the Microsoft Update Web site again. If the problem is resolved, do not continue troubleshooting.
    *
      Method 2
      Delete temporary Internet files. To do this, follow these steps:
         1. Open the Internet Explorer window, click Tools, and then click Internet Options.
         2. In the Internet Options window, click the General tab, under Temporary Internet files, click Delete Files, and then click OK.
      Try to visit the Windows Update Web site or the Microsoft Update Web site again. If the problem is resolved, do not continue troubleshooting.
    *
      Method 3
      Verify the permissions on the registry keys that are used by the Windows Update client and the Microsoft Update client.
         1. Click Start, click Run, type regedit, and then click OK.

            Note In Microsoft Windows 2000 or in Microsoft Windows NT 4.0, type regedt32 instead of "regedit."
         2. Locate and select the following registry key:
            HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
         3. On the Edit menu, click Permissions, click Add, and then type everyone in the dialog box that appears.

            Note In Windows 2000 or in Windows NT 4.0, click Permissions on the Security menu.
         4. Click Check Names, and then click OK.
         5. Select Everyone in the Group or user names list.
         6. Under Permissions for Everyone, click to select the Full Control check box in the Allow column.

            Note that the Read check box in the Allow column is now also selected.
         7. Select each user, in turn, in the Group or user names list, and then verify that no check boxes are selected in the Deny column. Click to clear any check boxes that are selected in the Deny column.
         8. Click Advanced, click to select the Replace permission entries on all child objects check box, and then click OK.
         9. Click YES if you are prompted for confirmation, and then click OK to close the dialog box.
      Try to visit the Windows Update Web site or the Microsoft Update Web site again. If the problem is resolved, do not continue troubleshooting.
    *
      Method 4
      Verify the permissions for you on the folder structure used by the Windows Update client or by the Microsoft Update client.
         1. Click Start, click Run, type explorer, and then click OK.
         2. Expand My computer, expand System Drive, and then expand WINDOWS.
         3. Right-click SoftwareDistribution, and then click Properties.
         4. In the SoftwareDistribution Properties window, click the Security tab, and then verify that whether you are in the Group or user names list.
         5. In the Group or user names list, select Everyone. Under Permissions for Everyone, click to select the Full Control check box in the Allow column.

            Note that the Read check box in the Allow column is now also selected.
      Try to visit the Windows Update Web site or the Microsoft Update Web site again. If the problem is resolved, do not continue troubleshooting.
    *
      Method 5
      Rename the Catroot2 folder. To do this, type the following commands at a command prompt, pressing ENTER after each line:
      net stop cryptsvc
      ren %systemroot%\system32\catroot2 oldcatroot2
      net start cryptsvc
      Then, try to visit the Windows Update Web site or the Microsoft Update Web site again. If the problem is resolved, do not continue troubleshooting.
    *
      Method 6
      Rename the SoftwareDistribution folder. To do this, follow these steps.
         1. Restart the computer in Safe mode.
         2. Locate and then rename the Drive:\Windows\SoftwareDistribution folder to SoftwareDistribution.old.

            Note Drive is a placeholder for the system drive.
         3. Restart the computer in Normal mode.


MORE INFORMATION
You must be a local administrator to visit the Windows Update Web site or the Microsoft Update Web site. When you log on as a non-administrator, you cannot visit the Web site even if you use Run as to start Internet Explorer under an administrator account. This issue occurs because other system services are involved in the process. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
326686  (http://support.microsoft.com/kb/326686/ ) You receive one or more error messages when the system administrator disables Windows Update or Microsoft Update

APPLIES TO

    * Microsoft Windows Update Corporate Edition 1.0
    * Microsoft Update