SP1 installed without permission

[vesperdesign]

So I woke up this morning and walked into my home office only to see a message on the windows wallpaper which was not there before saying- windows SP1 successfully installed and all my settings were reset and the restore history service wiped out all my points I made over the past 3 months. The weird part is I have restricted WINUPD to only download and not install, it seems in this case it ignored that permission. I should not I left my PC running the whole night until I walked in to the office in the morning where I saw this issue.
I went into the installation history for the windows update and I saw no trace of an installation for SP1, as a matter of fact SP1 is already installed on this computer which only added to my confusion. I decided to go into the Event viewer (I understand very little in there) and I managed to catch something that reads : Microsoft (R) Windows (R) 6.01. 7601 Service Pack 1 Multiprocessor Free. See attachment marked SP1.jpg

This was the only thing I found related to the installation that I saw that said anything about SP1

I need to figure out what happened and since I am a novice in troubleshooting these issues I am hoping someone on here will kindly help me get to the bottom of this.

I am running a 64 bit win 7 enterprise edition of windows
I attached the specs of my PC in the image attachment called computer info.jpg

Could someone please guide me and help me find out what happened?

Thanks

 

[torchwood]

Hi Vesper,

you can check when SP1 was installed
goto windows update and select update history >>TOP<< left
it will also show if it has failed previously.

As your running Enterprise
DID you change the Group policy settings as well??
(if not these will override the user control settings on the windows update GUI)

as for those events 6005/6009 they are created at every logon.


Roy

 

[vesperdesign]

Hey Roy Thanks for replying, I looked at the update history and fail to see anything that looks like no update occured!!! Which is why I am confused. There is nothing there, but I clearly saw that it said windows updated the service pack 1. Proof is that my restore points were all deleted. I did a scan for the C drive in command prompt and said it found some errors but couldn't fix some of them.

How can an update occur and yet not show in the history??? this occured between 3:15 AM and 8 AM while
I was sleeping and the PC was left on. Is there a log I can upload that you could aid me review?

 

[torchwood]

Hi Vesper,

can you follow the instructions here,

Blue Screen of Death (BSOD) Posting Instructions - Windows 7 Help Forums


I know your not getting BSOD's, but the report contains a fair amount of info

Did/have you changed Group policy regarding updates???


Roy

 

[vesperdesign]

Hey Roy ?Sorry for not getting back yesterday was tied up all day. I zipped the BSOD report and attached it. As far as the group policy is concerned this is the first I ever heard of it, let me know what to check and where.

thanks
Elijah

 

[Snick]

What versions of Win7x64 are you using?

Group Policy Editor comes bundled with only a few selected Windows editions such as Professional, Enterprise and Ultimate editions. Other Windows editions such as Home (also known as Core), Home Basic, Home Premium, Starter and Single Language don't come with Group Policy Editor program.

[Windows Tip] How to Install and Enable “Group Policy Editor” (gpedit.msc) in Home Edition

 

[vesperdesign]

Hey there WIN 7 64 Enterprise

 

[Snick]

Windows 7 Enterprise is only available to businesses through volume licensing. Contact your company's Network Administrator.

 

[TheDarkgg]

We don't give any help for cracked version of windows !

 

[Alejandro85]

Nobody mentiones anything being cracked or similar, even the OP mentioned his "office" to begin with, which hints that Enterprise might have been provided for his use. Besides, he didnt asked for help cracking neither.

 

[Snick]

Alejandro85

 

[NoelDP]

The data dump shows SP1 having been installed on 5/9/2016
There are only 6 updates that have been installed this year -
KB4074598 - 3/13/18
KB4054998 - 1/27/18
KB3184143 - 1/28/18
KB2813347 - 1/27/18
KB2923545 - 1/27/18
KB2952664 - 1/27/18

Having said that, some Windows Updates are forced - and some may not appear in the listing- but there is nothing in the Windows Update long to indicate that anything has been installed BY WU since the beginning of May.

What mechanisms did you use for file-checking etc?