Share via

DOES ANYONE RECOGNIZE THIS SERVICE, WHAT IT DOES AND WHY IT CAN'T BE MODIFIED OR STOPPED? CDPUserSvc_10a1f1

Anonymous
2016-08-05T15:29:57+00:00

I have never seen this one before and I spend enough time in services that I would if it was usual. Also, the fact I can't change it has me suspicious to say the least. McAfee total protection  and IObits Advanced System Care 9.4 Pro don't register any problems. I am running a few more tests now. I started looking at things when I was unable to install the Windows 10 Anniversary SDK and when my desktop started hiding the icons and right click function. I will be monitoring this if anyone needs more information to assist.  Thanks!!!

OK, Now I am sure of it, but no program ha found any issues. Only my manually searching found any evidence. I just ran MS Windows Malicious Software removal tool - Nothing.   Anyway, glad to know they work so well.  This is what I have found now.

Under services.msc - the mystery service description is - Service Description <Failed to Read Description. Error Code: 15100 >

So far, this is what I have found:

Registry search produces the following:

CDPUserSvc_10a1f1

Service Description <Failed to Read Description. Error Code: 15100 >

MS Windows Malicious Software removal tool finds no problem.

Registry search produces the following:

HKEY_CLASSES_ROOT\Interface{CCDB6F6C-E594-49BC-8953-8C5620ECD70D}

Value = IWMPCDPublishCallback

HKEY_CLASSES_ROOT\WOW6432Node\Interface{CCDB6F6C-E594-49BC-8953-8C5620ECD70D}

Value = IWMPCDPublishCallback

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cdpuvbhfzz.com

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface{CCDB6F6C-E594-49BC-8953-8C5620ECD70D}

Value = IWMPCDPublishCallback

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface{CCDB6F6C-E594-49BC-8953-8C5620ECD70D}

Value = IWMPCDPublishCallback

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost

Value = UnistackSvcGroup Value data = PimIndexMaintenanceSvc

UnistoreSvc

OneSyncSvc

UserDataSvc

MessagingService

WpnUserService

CDPUserSvc

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface{CCDB6F6C-E594-49BC-8953-8C5620ECD70D}

Value = IWMPCDPublishCallback

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CDPUserSvc

Value = (Default) - NO Value

Description - @%SystemRoot%\system32\cdpusersvc.dll,-101

DisplayName - @%SystemRoot%\system32\cdpusersvc.dll,-100

ErrorControl - 1

FailureActions - hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

ImagePath - %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup

ObjectName - LocalSystem

RequiredPrivileges - SeImpersonatePrivilege

ServiceSidType - 1

ServiceSidType - 2

Type - 60

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CDPUserSvc_10a1f1

Value = (Default) - NO Value

Description - @%SystemRoot%\system32\cdpusersvc.dll,-101

DisplayName - CDPUserSvc_10a1f1

ErrorControl - 1

FailureActions - hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

ImagePath - C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup

Start = 2

Type = e0

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

{FA68D803-C74B-4AA2-8F9D-33F9BB6DFFDC} Value = v2.26|Action=Block|Active=TRUE|Dir=Out|LA4=103.224.182.217|RA4=103.224.182.217|App=cdpuvbhfzz.com|Name=Block Attack above.com|Desc=Block Attack above.com| - This was me today.

{FA68D803-C74B-4AA2-8F9D-33F9BB6DFFDC} v2.26|Action=Block|Active=TRUE|Dir=Out|LA4=103.224.182.217|RA4=103.224.182.217|App=cdpuvbhfzz.com|Name=Block Attack above.com|Desc=Block Attack above.com|- This was me today.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDPUserSvc

Value = (Default) - NO Value

Description - @%SystemRoot%\system32\cdpusersvc.dll,-101

DisplayName - @%SystemRoot%\system32\cdpusersvc.dll,-100

ErrorControl - 1

FailureActions - hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

ImagePath - %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup

ObjectName - LocalSystem

RequiredPrivileges - SeImpersonatePrivilege

ServiceSidType - 1

ServiceSidType - 2

Type - 96

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDPUserSvc\Parameters

Value = ServiceDll     Data = %SystemRoot%\System32\CDPUserSvc.dll

ServiceDllUnloadOnStop = 1

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CDPUserSvc\Security

Value = "Security"=hex:01,00,14,80,a0,00,00,00,ac,00,00,00,14,00,00,00,30,00,00,00,02,\

  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\

  00,00,02,00,70,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\

  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\

  20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\

  00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\

  00,00,01,01,00,00,00,00,00,05,0b,00,00,00,01,01,00,00,00,00,00,05,12,00,00,\

  00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CDPUserSvc_10a1f1]

"Type"=dword:000000e0

"Start"=dword:00000002

"ErrorControl"=dword:00000001

"ImagePath"=hex(2):43,00,3a,00,5c,00,57,00,49,00,4e,00,44,00,4f,00,57,00,53,00,\

  5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,\

  00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,\

  55,00,6e,00,69,00,73,00,74,00,61,00,63,00,6b,00,53,00,76,00,63,00,47,00,72,\

  00,6f,00,75,00,70,00,00,00

"DisplayName"="CDPUserSvc_10a1f1"

"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

"Description"="@%SystemRoot%\system32\cdpusersvc.dll,-101"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CDPUserSvc_10a1f1\Security]

"Security"=hex:01,00,14,80,a0,00,00,00,ac,00,00,00,14,00,00,00,30,00,00,00,02,\

  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\

  00,00,02,00,70,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\

  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\

  20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\

  00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\

  00,00,01,01,00,00,00,00,00,05,0b,00,00,00,01,01,00,00,00,00,00,05,12,00,00,\

  00,01,01,00,00,00,00,00,05,12,00,00,00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CDPUserSvc_10a1f1

Value = "Type"=dword:000000e0

"Start"=dword:00000002

"ErrorControl"=dword:00000001

"ImagePath"=hex(2):43,00,3a,00,5c,00,57,00,49,00,4e,00,44,00,4f,00,57,00,53,00,\

  5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,\

  00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,\

  55,00,6e,00,69,00,73,00,74,00,61,00,63,00,6b,00,53,00,76,00,63,00,47,00,72,\

  00,6f,00,75,00,70,00,00,00

"DisplayName"="CDPUserSvc_10a1f1"

"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

"Description"="@%SystemRoot%\system32\cdpusersvc.dll,-101"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDPUserSvc]

"DisplayName"="@%SystemRoot%\system32\cdpusersvc.dll,-100"

"ErrorControl"=dword:00000001

"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\

  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\

  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\

  6b,00,20,00,55,00,6e,00,69,00,73,00,74,00,61,00,63,00,6b,00,53,00,76,00,63,\

  00,47,00,72,00,6f,00,75,00,70,00,00,00

"Start"=dword:00000002

"Type"=dword:00000060

"Description"="@%SystemRoot%\system32\cdpusersvc.dll,-101"

"ObjectName"="LocalSystem"

"ServiceSidType"=dword:00000001

"RequiredPrivileges"=hex(7):53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,\

  00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\

  65,00,00,00,00,00

"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDPUserSvc\Parameters]

"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\

  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\

  43,00,44,00,50,00,55,00,73,00,65,00,72,00,53,00,76,00,63,00,2e,00,64,00,6c,\

  00,6c,00,00,00

"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDPUserSvc\Security]

"Security"=hex:01,00,14,80,a0,00,00,00,ac,00,00,00,14,00,00,00,30,00,00,00,02,\

  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\

  00,00,02,00,70,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\

  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\

  20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\

  00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\

  00,00,01,01,00,00,00,00,00,05,0b,00,00,00,01,01,00,00,00,00,00,05,12,00,00,\

  00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDPUserSvc_10a1f1]

"Type"=dword:000000e0

"Start"=dword:00000002

"ErrorControl"=dword:00000001

"ImagePath"=hex(2):43,00,3a,00,5c,00,57,00,49,00,4e,00,44,00,4f,00,57,00,53,00,\

  5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,\

  00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,\

  55,00,6e,00,69,00,73,00,74,00,61,00,63,00,6b,00,53,00,76,00,63,00,47,00,72,\

  00,6f,00,75,00,70,00,00,00

"DisplayName"="CDPUserSvc_10a1f1"

"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\

  00,01,00,00,00,b8,0b,00,00,01,00,00,00,b8,0b,00,00,00,00,00,00,00,00,00,00

"Description"="@%SystemRoot%\system32\cdpusersvc.dll,-101"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDPUserSvc_10a1f1\Security]

"Security"=hex:01,00,14,80,a0,00,00,00,ac,00,00,00,14,00,00,00,30,00,00,00,02,\

  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\

  00,00,02,00,70,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\

  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\

HKEY_USERS\S-1-5-21-2573197228-2556295907-1172916569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cdpuvbhfzz.com

Name = * Value = 4

tracert www.cdpuvbhfzz.com

   Domain Name: CDPUVBHFZZ.COM

   Registrar: FABULOUS.COM PTY LTD.

   Sponsoring Registrar IANA ID: 411

   Whois Server: whois.fabulous.com

   Referral URL: http://www.fabulous.com

   Name Server: NS1.ABOVE.COM

   Name Server: NS2.ABOVE.COM

   Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited

   Updated Date: 20-may-2016

   Creation Date: 17-jun-2009

   Expiration Date: 17-jun-2017

>>> Last update of whois database: Fri, 05 Aug 2016 15:51:40 GMT <<<

For more information on Whois status codes, please visit https://icann.org/epp

Queried whois.fabulous.com with "cdpuvbhfzz.com"...

Domain Name: cdpuvbhfzz.com

Registry Domain ID: 1559498516_DOMAIN_COM-VRSN

Registrar WHOIS Server: whois.fabulous.com

Registrar URL: http://www.fabulous.com

Updated Date: 2016-05-20T19:42:09Z

Creation Date: 2009-06-17T18:07:33Z

Registrar Registration Expiration Date: 2017-06-17T00:00:00Z

Registrar: FABULOUS.COM PTY LTD.

Registrar IANA ID: 411

Registrar Abuse Contact Email: ******@fabulous.com

Registrar Abuse Contact Phone: +61.282133005

Reseller: N/A

Domain Status: clientDeleteProhibited

Domain Status: clientTransferProhibited

Registry Registrant ID: N/A

Registrant Name: Domain Hostmaster, Customer ID : 71451798481856

Registrant Organization: Whois Privacy Services Pty Ltd

Registrant Street: PO Box 923

Registrant City: Fortitude Valley

Registrant State/Province: QLD

Registrant Postal Code: 4006

Registrant Country: AU

Registrant Phone: +61.282133009

Registrant Phone Ext: N/A

Registrant Fax:

Registrant Fax Ext: N/A

Registrant Email: ******@whoisprivacyservices.com.au

Registry Admin ID: N/A

Admin Name: Domain Hostmaster, Customer ID : 71451798481856

Admin Organization: Whois Privacy Services Pty Ltd

Admin Street: PO Box 923

Admin City: Fortitude Valley

Admin State/Province: QLD

Admin Postal Code: 4006

Admin Country: AU

Admin Phone: +61.282133009

Admin Phone Ext: N/A

Admin Fax:

Admin Fax Ext: N/A

Admin Email: ******@whoisprivacyservices.com.au

Registry Tech ID: N/A

Tech Name: Domain Hostmaster, Customer ID : 71451798481856

Tech Organization: Whois Privacy Services Pty Ltd

Tech Street: PO Box 923

Tech City: Fortitude Valley

Tech State/Province: QLD

Tech Postal Code: 4006

Tech Country: AU

Tech Phone: +61.282133009

Tech Phone Ext: N/A

Tech Fax:

Tech Fax Ext: N/A

Tech Email: ******@whoisprivacyservices.com.au

Name Server: ns1.above.com

Name Server: ns2.above.com

DNSSEC: unsigned

URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

>>> Last update of WHOIS database: 2016-08-05T08:00:00Z <<<

Network Whois record

Queried whois.apnic.net with "103.224.182.217"...

% Information related to '103.224.182.0 - 103.224.183.255'

inetnum:        103.224.182.0 - 103.224.183.255

netname:        TRELLIAN-AU

descr:          Trellian Pty. Limited

descr:          8 East Concourse, Beaumaris Victoria 3193

country:        AU

admin-c:        TPLA7-AP

tech-c:         TPLA7-AP

status:         ASSIGNED PORTABLE

mnt-by:         APNIC-HM

mnt-routes:     MAINT-TRELLIAN-AU

mnt-irt:        IRT-TRELLIAN-AU

remarks:        --------------------------------------------------------

remarks:        To report network abuse, please contact mnt-irt

remarks:        For troubleshooting, please contact tech-c and admin-c

remarks:        Report invalid contact via www.apnic.net/invalidcontact

remarks:        --------------------------------------------------------

changed:        ******@apnic.net 20140124

source:         APNIC

irt:            IRT-TRELLIAN-AU

address:        8 East Concourse, Beaumaris Victoria 3193

e-mail:         ******@trellian.com

abuse-mailbox:  ******@trellian.com

admin-c:        TPLA7-AP

tech-c:         TPLA7-AP

auth:           # Filtered

mnt-by:         MAINT-TRELLIAN-AU

changed:        ******@apnic.net 20140124

source:         APNIC

role:           Trellian Pty Ltd administrator

address:        8 East Concourse, Beaumaris Victoria 3193

country:        AU

phone:          +61395897946

fax-no:         +61395897946

e-mail:         ******@trellian.com

admin-c:        TPLA7-AP

tech-c:         TPLA7-AP

nic-hdl:        TPLA7-AP

mnt-by:         MAINT-TRELLIAN-AU

changed:        ******@apnic.net 20140124

source:         APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED)

DNS records

name class type data time to live

cdpuvbhfzz.com IN NS ns1.above.com 86400s (1.00:00:00)

cdpuvbhfzz.com IN NS ns2.above.com 86400s (1.00:00:00)

cdpuvbhfzz.com IN TXT v=spf1 ip6:fdcf:abda:4154::/48 -all 3600s (01:00:00)

cdpuvbhfzz.com IN MX 

preference: 1

exchange: mail.post-host.net

 3600s (01:00:00)

cdpuvbhfzz.com IN A 103.224.182.217 3600s (01:00:00)

cdpuvbhfzz.com IN SOA 

server: ns1.above.com

email: ******@trellian.com

serial: 2016080601

refresh: 10800

retry: 3600

expire: 604800

minimum ttl: 3600

 60s (00:01:00)

217.182.224.103.in-addr.arpa IN PTR lb-182-217.above.com 86400s (1.00:00:00)

182.224.103.in-addr.arpa IN SOA 

server: ns1.trellian.com

email: ******@trellian.com

serial: 2016080502

refresh: 3600

retry: 3600

expire: 604800

minimum ttl: 86400

 86400s (1.00:00:00)

182.224.103.in-addr.arpa IN NS ns1.trellian.com 86400s (1.00:00:00)

182.224.103.in-addr.arpa IN NS ns2.trellian.com 86400s (1.00:00:00)

Traceroute

Tracing route to cdpuvbhfzz.com [103.224.182.217]...

hop  rtt  rtt  rtt     ip address  fully qualified domain name

1  0  0  0     208.101.16.73  49.10.65d0.ip4.static.sl-reverse.com

2  0  0  0     66.228.118.153  ae11.dar01.sr01.dal01.networklayer.com

3  2  3  1     173.192.18.210  ae6.bbr01.eq01.dal03.networklayer.com

4  0  0  0     4.59.32.37  

5  61  117  89     4.69.146.70  vl-6.car1.sandiego1.level3.net

6  32  32  32     4.53.121.70  castle-acce.car1.sandiego1.level3.net

7  33  34  33     103.224.213.238  sw02-ae0-san.trellian.com

8  31  31  32     103.224.182.217  lb-182-217.above.com

Trace complete

Service scan

FTP - 21 Error: ConnectionRefused

SMTP - 25 Error: ConnectionRefused

HTTP - 80 HTTP/1.1 302 Found

Date: Fri, 05 Aug 2016 15:51:56 GMT

Server: Apache

X-Powered-By: PHP/5.4.45-0+deb7u4

Set-Cookie: __tad=1470412316.7161931; expires=Mon, 03-Aug-2026 15:51:56 GMT

Location: http://ww1.cdpuvbhfzz.com/

Connection: close

Content-Type: text/html; charset=UTF-8

POP3 - 110 Error: ConnectionRefused

IMAP - 143 Error: ConnectionRefused

HTTPS - 443 Error: ConnectionRefused

-- end --

URL for this output  |  return to CentralOps.net

I am continuing my search....

Windows for home | Windows 10 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2016-08-18T07:29:02+00:00

    Hi,

    I would suggest you to Reset Windows update components and place your computer in Clean boot state and try installing the update.

    To know how to place the computer in a Clean Boot please follow the below link:

    https://support.microsoft.com/kb/929135

    Note: Reset the computer back to Normal Mode once you are done with the troubleshooting by following the section "How to reset the computer to start normally after clean boot troubleshooting" from the same article.

    How do I reset Windows Update components?

    http://support.microsoft.com/en-us/kb/971058

    **Disclaimer:**Important this section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

    322756 (http://support.microsoft.com/kb/322756/)

    How to back up and restore the registry in Windows.

    Hope this information is helpful*.*Please do let us know if you need further assistance, we’ll be glad to assist you.

    0 comments
  2. Anonymous
    2016-08-05T21:21:45+00:00

    Just finished using the new "Windows 10 Insider Preview clean installation tool" and saved nothing, but still have this little sucker that no virus programs are picking up at all.  This sucks!!!   Help would be great!!!

    Mark

    0 comments