[Resolved] windows update error: code 80244019

Home Forums Contact

Welcome! Register for a free account (or login) > How does it work?

Quickly register. It will only take 60 seconds.
Start a new topic. Ask your question. Wait for an email reply.
Is your system infected? Begin reading the malware removal guide.

register button

What the Tech > Spyware / Malware / Virus Removal > Infections Removal

Closed Topic

Start new topic

[Resolved] windows update error: code 80244019, My windows and antivirus software can not update

seriouscode View Member Profile	Jun 16 2009, 11:55 PM Post #1
Authentic Member Group: Authentic Member Posts: 75 Joined: 16-June 09 Member No.: 86,305 Operating System: Windows Vista	Ok here goes.... I am not a newb on the "puter," but I am completely and utterly stumped with this nasty virus which i believe is either a Trojan or a root kit. It all started when i was downloading a "Torrent" (which i will never do again cause it has scared me for life as you soon tell) when the sneaky badboy jumped up and bit me on the cyber ass. Its very sneaky in the sense that Norton, CA, or windows live anti virus programs could not catch it. This particular anomaly will not allow me to enter certain sites and no i am not talking about porn sites, this "Thing" as I call it will not even allow me to access Microsoft help sites, tool removal sites, or update sites for my anti viruses or OS. That was my first hint at it being a serious bad ass virus. Next, I don't know where to even start looking, seeing as to how Reg edit ( which i have not changed, nor will i touch for fear serious damage) and my self do not speak the same language. I have tried to update my OS and my (Various) anti virus programs, but with continuous failure. I have tried using a non infected computer and downloading the much needed updates so i can at least try to install them manually but whenever i try to install the updates on my computer an error pops up saying insufficient memory!!! WHY!!???? I have plenty of room i will let you know. The same goes for Microsoft approved tools! I don't know what else to do. Here is the HJT report, if you need any more info on the subject from what else I've tried please let me know. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:30:34 AM, on 6/17/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O13 - Gopher Prefix: O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...S/wlscctrl2.cab O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.185,85.255.112.193 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.185,85.255.112.193 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.185,85.255.112.193 O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 6546 bytes

Start new topic

Replies

Tomk View Member Profile	Jun 20 2009, 03:48 PM Post #2
Forum God / Classroom Admin Assistant Group: Classroom Teacher Posts: 12,278 Joined: 27-December 07 From: Sisters, OR Member No.: 75,503 Operating System: xp	seriouscode, Double-click SmitfraudFix.exe Select option #5 - Search and Clean DNS Hijack by typing 5 and press "Enter" to delete infected files. If you are prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection. The tool may need to restart your computer to finish the cleaning process. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply along with a new HijackThis log. The report can also be found at the root of the system drive, usually at C:\rapport.txt Are there any other computers hooked to your router? If so, would you please download and run Malwarebytes antimalware on the other computer and post the log here. If need be, do you know how to reset your router? What brand and model do you have? This post has been edited by Tomk: Jun 20 2009, 03:56 PM

Posts in this topic

seriouscode [Resolved] windows update error: code 80244019 Jun 16 2009, 11:55 PM

Tomk Hi seriouscode, My name is Tomk. I would be g... Jun 19 2009, 11:53 PM

seriouscode Tomk thank you so much for your reply to help me o... Jun 20 2009, 01:08 AM

Tomk seriouscode, What we are looking at in your logs ... Jun 20 2009, 07:37 AM

seriouscode Cool thanks Tomk, I understand computers enough to... Jun 20 2009, 02:17 PM

Tomk seriouscode, Double-click SmitfraudFix.exe Select... Jun 20 2009, 03:48 PM

seriouscode OK this is the new Smitfraudfix Log: SmitFraudFix... Jun 21 2009, 08:30 AM

Tomk seriouscode, Not knowing all of your required set... Jun 21 2009, 09:08 AM

seriouscode Tomk I did the router fixes and here is the Malwar... Jun 21 2009, 07:25 PM

Tomk seriouscode, Is that MBAM log from the computer w... Jun 21 2009, 11:29 PM

seriouscode the one we've been working on. The next one th... Jun 22 2009, 12:56 AM

Tomk seriouscode, Good. Please run Malwarebytes on th... Jun 22 2009, 01:54 AM

seriouscode Tomk just to sure this malwarebytes new log is sti... Jun 22 2009, 08:42 AM

Tomk seriouscode, Yes. You've given me the log fr... Jun 22 2009, 09:39 AM

seriouscode Logfile of Trend Micro HijackThis v2.0.2 Scan save... Jun 22 2009, 10:55 AM

Tomk seriouscode, Let's get an online scan to make... Jun 22 2009, 11:05 AM

seriouscode Tomk so far things on the homefront seem to be run... Jun 22 2009, 06:08 PM

Tomk seriouscode, This computer appears to be clean. ... Jun 22 2009, 06:39 PM

seriouscode Tomk this is the other computers Mbam log. I gotta... Jun 22 2009, 11:01 PM

Tomk seriouscode, That should have speeded it up. Let... Jun 22 2009, 11:34 PM

seriouscode Tomk here is the K log from that online scan you a... Jun 23 2009, 01:32 PM

Tomk seriouscode, Let's get a deeper scan of that ... Jun 23 2009, 02:29 PM

seriouscode Tomk you are like a computer tech gawd to me and a... Jun 23 2009, 07:27 PM

Tomk seriouscode, Thanks for the compliment but I... Jun 23 2009, 08:20 PM

Tomk Also, let's close out your original computer. ... Jun 23 2009, 08:22 PM

seriouscode Tomk, here is the java log: JavaRa 1.14 Removal L... Jun 24 2009, 01:29 PM

Tomk seriouscode, Mbam is a good program to keep. Run... Jun 24 2009, 02:14 PM

seriouscode Tomk dude I have got a seriously critically fatal ... Jun 24 2009, 08:18 PM

Tomk seriouscode, I notgood up. There are two entries... Jun 24 2009, 09:10 PM

seriouscode still dead. Very dead. All safe mode paths lead to... Jun 24 2009, 09:25 PM

Tomk seriouscode, Alright. This should take care of i... Jun 24 2009, 10:13 PM

seriouscode Tomk, this is what i see when i get into the rec... Jun 24 2009, 10:32 PM

Tomk seriouscode, I don't blame you a bit for bein... Jun 24 2009, 11:15 PM

seriouscode The files copy ok... But when i go back and try to... Jun 24 2009, 11:43 PM

Tomk seriouscode, You didn't know to capitalize CO... Jun 24 2009, 11:51 PM

seriouscode they did copy lol. And don't worry i don't... Jun 25 2009, 06:24 AM

Tomk seriouscode, Good morning. Glad to hear you... Jun 25 2009, 07:29 AM

seriouscode Tomk, Ok i logged via the admin log in in normal ... Jun 25 2009, 02:24 PM

Tomk seriouscode, That sounds like it may be related t... Jun 25 2009, 02:46 PM

seriouscode And there is that other snag... We're about to... Jun 25 2009, 02:55 PM

Tomk seriouscode, Please start the computer in safe mo... Jun 25 2009, 03:16 PM

seriouscode safe mode is good to go. Jun 25 2009, 03:39 PM

Tomk seriouscode, Ah. That means it's probably a ... Jun 25 2009, 03:55 PM

Tomk seriouscode, Please run DDS and post me the log a... Jun 25 2009, 04:41 PM

seriouscode Tomk, You are quickly becoming a really good frie... Jun 25 2009, 06:23 PM

Tomk seriouscode, If you have some time and an interes... Jun 25 2009, 06:35 PM

seriouscode no not yet. That was safe mode scan Jun 25 2009, 06:45 PM

seriouscode Normal mode still continues to flash refresh. I ca... Jun 25 2009, 06:50 PM

Tomk RE: [Resolved] windows update error: code 80244019 Jun 25 2009, 07:02 PM

seriouscode So where do we go from here? Jun 25 2009, 07:07 PM

Tomk I'm still working on it with some collegues. ... Jun 25 2009, 07:18 PM

Tomk seriouscode, Theoretically, win32k.sys should not... Jun 25 2009, 08:59 PM

seriouscode I got a dos window saying: File found Press any... Jun 25 2009, 10:37 PM

Tomk seriouscode, Well now. Please reboot and see wha... Jun 25 2009, 11:00 PM

seriouscode [size="5"]Tomk this is the Gmer log file... Jun 26 2009, 08:01 AM

Tomk seriouscode, The good news is no scary rootkit. ... Jun 26 2009, 08:17 AM

seriouscode just to be clear, can i run it on safe mode? Jun 26 2009, 08:23 AM

seriouscode Tomk, Here is the Mbam log: Malwarebytes' A... Jun 26 2009, 08:55 AM

Tomk seriouscode, Now I'd like you to go ahead and... Jun 26 2009, 10:37 AM

seriouscode and then? Jun 26 2009, 10:48 AM

Tomk seriouscode, And then I'd like to see the rep... Jun 26 2009, 11:02 AM

seriouscode Tomk, Here is the combo fix log in safemode no ne... Jun 26 2009, 11:24 AM

Tomk seriouscode, Aha... Your computer appears to h... Jun 26 2009, 02:06 PM

seriouscode Your a genius! it loaded in normal mode Jun 26 2009, 02:34 PM

seriouscode but its taken more then 10 mins to load and my nor... Jun 26 2009, 02:40 PM

Tomk seriouscode, Awesome. Now we have something ... Jun 26 2009, 02:54 PM

seriouscode tomk here is the fix file log ComboFix 09-06-2... Jun 26 2009, 03:53 PM

Tomk seriouscode, Looking good. Now will it allow you... Jun 26 2009, 03:57 PM

seriouscode yes i can download everything now. Norton, Windows... Jun 26 2009, 09:55 PM

Tomk seriouscode, Please post me a new HijackThis log ... Jun 26 2009, 10:04 PM

seriouscode Hey Tomk, Thank you for being so patient with me... Jun 26 2009, 10:20 PM

Tomk I don't like Norton. I think it isn't as ... Jun 26 2009, 10:42 PM

seriouscode Thank you Tomk. I will get started on those to do ... Jun 26 2009, 10:47 PM

Tomk seriouscode, Odd's are that I'll be aroun... Jun 26 2009, 11:05 PM

seriouscode Tomk, After a very thorough reading last night ... Jun 27 2009, 11:14 AM

Tomk seriouscode, Log looks good Time for some hous... Jun 27 2009, 11:40 AM

seriouscode Tomk, I'm still in the process of reading the... Jun 27 2009, 01:06 PM

Tomk seriouscode, I've changed my answer to this p... Jun 27 2009, 01:34 PM

seriouscode Tomk, I understand everything you've helped m... Jun 27 2009, 09:58 PM

Tomk seriouscode, You are very welcome. Good Luck and... Jun 27 2009, 10:06 PM

Tomk Since this issue appears to be resolved ... this T... Jun 27 2009, 10:08 PM

« Next Oldest · Infections Removal · Next Newest »

Closed Topic

Start new topic

Similar Topics

Similar Topics

Similar Topics

		Topic Title	Replies	Topic Starter	Views	Last Action
		Infections Removal [Resolved] CPU 100% constantly, csrss.exe taking it up, multiple blue	10	Vilya	24	19 minutes ago Last post by: LDTate
		Infections Removal [Resolved] Definitely infected, please help	11	Kilmez	131	Today, 05:08 PM Last post by: CatByte
		Microsoft Windows™ Windows XP Home SP3 booting slow, but runs fast once booted 12	104	Don't Spam Me	3,334	Today, 03:40 PM Last post by: arTech
		Infections Removal [Resolved] Help with what I think is a virus	6	powerfox	69	Today, 02:55 PM Last post by: LDTate

Display Mode: Switch to: Standard · Switch to: Linear+ · Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 15th March 2010 - 06:42 PM

Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy

Powered By IP.Board © 2010 IPS, Inc.