Windows 7 How to fix NGINX error?

Discussion in 'Windows Security' started by ctech, May 3, 2012.

  1. ctech

    ctech New Member

    Joined:
    Apr 30, 2012
    Messages:
    4
    Likes Received:
    0
    [TABLE="width: 100%, align: center"]



    [TR]

    [TD="class: alt2"][/TD]
    [/TR]

    [TR]

    [TD="class: alt1"]Welcome
    to nginx! error on SOME webpages


    Welcome to
    nginx!


    Occassionally getting the above error to sites like Yahoo
    Mail, Trendsource.com, a few other sites. Seems to be an intermittent problem.
    Occurred shortly after downloaded some programs from cnet.com/download.com which
    I later learned has some malware attached to those files. SHAME ON CNET.COM!
    What should I do next?

    I didnt notice anything bad other than 1 unnamed
    toolbar.
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
    (no file)

    My Hijack this log:

    Logfile of Trend Micro HijackThis
    v2.0.2
    Scan saved at 10:39:03 AM, on 5/1/2012
    Platform: Unknown Windows
    (WinNT 6.01.3505 SP1)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot
    mode: Normal
    Running processes:
    C:\Program Files
    (x86)\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files (x86)\Intel\Intel(R)
    Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files
    (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files
    (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files (x86)\AVG Secure
    Search\vprot.exe
    C:\Program Files
    (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
    C:\ProgramData\Ad-Aware
    Browsing Protection\adawarebp.exe
    C:\Program Files
    (x86)\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files
    (x86)\Java\jre6\bin\javaw.exe
    C:\Program Files (x86)\Internet
    Explorer\iexplore.exe
    C:\Program Files (x86)\Trend
    Micro\HijackThis\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet
    Explorer\Main,Search Page = Bing
    R0 -
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
    R1 -
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
    R1 -
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 -
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 -
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R0 -
    HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 -
    HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 -
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 -
    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
    210.32.200.95:80
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet
    Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini:
    UserInit=userinit.exe
    O2 - BHO: &Yahoo! Toolbar Helper -
    {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files
    (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub -
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common
    Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer
    Download and Record Plugin for Internet Explorer -
    {3049C3E9-B461-4BC5-8870-4C09146192CA} -
    C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin
    .dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -
    {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files
    (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar -
    {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program
    Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.d
    ll
    O2 - BHO: Windows Live ID Sign-in Helper -
    {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common
    Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG
    Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files
    (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
    O2 - BHO:
    Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -
    C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) -
    {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: AVG Security
    Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG
    Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
    O3 - Toolbar: ZoneAlarm
    Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program
    Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.d
    ll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
    C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 -
    HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage
    Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files
    (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program
    Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run:
    [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    O4 -
    HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java
    Update\jusched.exe"
    O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG
    Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program
    Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    O4 -
    HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing
    Protection\adawarebp.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files
    (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\RunOnce:
    [InnoSetupRegFile.0000000001] "C:\windows\is-FE1O4.exe" /REG /REGSVRMODE
    O4 -
    HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files
    (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 -
    HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    /autoRun
    O4 - HKCU\..\Run: [cdloader]
    "C:\Users\user2\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
    O4 -
    HKCU\..\Run: [Messenger (Yahoo!)]
    "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
    O4 -
    HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
    /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin]
    C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 -
    HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
    /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin]
    C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup:
    OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org
    3\program\quickstart.exe
    O8 - Extra context menu item: E&xport to
    Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
    O8 -
    Extra context menu item: Google Sidewiki... - res://C:\Program Files
    (x86)\Google\Google
    Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O8
    - Extra context menu item: Search Image on TinEye - file://C:\Users\user2\Documents\TinEye 1.0\TinEye.js
    O9 -
    Extra button: @C:\Program Files (x86)\Windows
    Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 -
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows
    Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem:
    @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003
    - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows
    Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote -
    {2670000A-7350-4f3c-8081-5663EE0C6C49} -
    C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem:
    S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
    C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research -
    {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP:
    c:\program files (x86)\common files\microsoft shared\windows
    live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files
    (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options
    group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O12 - Plugin for .fpx:
    C:\Program Files (x86)\Internet Explorer\PLUGINS\NPRVRT34.dll
    O12 - Plugin
    for .ivr: C:\Program Files (x86)\Internet Explorer\PLUGINS\NPRVRT34.dll
    O13 -
    Gopher Prefix:
    O15 - Trusted Zone: my.magicjack.com
    O15 - Trusted Zone:
    reg.talk4free.com
    O16 - DPF: {10000000-1000-1000-1000-100000000000} - http://cdn.betteradvertising.com/gho...l/ghostery.cab
    O16 -
    DPF: {3F0EECCE-E138-11D1-8712-0060083D83F5} (LPViewer Class) - http://www.iseemedia.com/downloads/a.../LPControl.cab
    O16 -
    DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-31-0.cab
    O16 -
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O16 -
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://alliantevents.webex.com/clie...r/ieatgpc1.cab
    O16 -
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18
    - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program
    Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: skype4com -
    {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
    C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: viprotocol -
    {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG
    Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
    O18 - Protocol: wlpg
    - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows
    Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe
    Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated -
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service:
    Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems
    Incorporated -
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 -
    Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner -
    C:\windows\System32\alg.exe (file missing)
    O23 - Service: AVGIDSAgent - AVG
    Technologies CZ, s.r.o. - C:\Program Files
    (x86)\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG
    Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23
    - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION -
    C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
    O23 - Service:
    ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files
    (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service:
    @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner -
    C:\windows\System32\lsass.exe (file missing)
    O23 - Service: Intel(R) Rapid
    Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files
    (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 -
    Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies -
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service:
    @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file
    missing)
    O23 - Service: Intel(R) Management and Security Application Local
    Management Service (LMS) - Intel Corporation - C:\Program Files
    (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service:
    @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file
    missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) -
    Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service:
    @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner -
    C:\windows\system32\lsass.exe (file missing)
    O23 - Service:
    @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner -
    C:\windows\system32\locator.exe (file missing)
    O23 - Service:
    @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner -
    C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Sunbelt VIPRE
    Antivirus Service (SBAMSvc) - Sunbelt Software - C:\Program Files (x86)\Ad-Aware
    Antivirus\Engine\SBAMSvc.exe
    O23 - Service:
    @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner -
    C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service:
    @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner -
    C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service:
    @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner -
    C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: TOSHIBA HDD
    Protection (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file
    missing)
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files
    (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA
    Optical Disc Drive Service (TODDSrv) - Unknown owner -
    C:\Windows\system32\TODDSrv.exe (file missing)
    O23 - Service: TOSHIBA Power
    Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power
    Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA eco Utility Service - TOSHIBA
    Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
    O23 - Service:
    TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program
    Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    O23 - Service: TPCH
    Service (TPCHSrv) - TOSHIBA Corporation - C:\Program
    Files\TOSHIBA\TPHM\TPCHSrv.exe
    O23 - Service:
    @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner -
    C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R)
    Management & Security Application User Notification Service (UNS) - Intel
    Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine
    Components\UNS\UNS.exe
    O23 - Service:
    @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner -
    C:\windows\system32\lsass.exe (file missing)
    O23 - Service:
    @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -
    C:\windows\System32\vds.exe (file missing)
    O23 - Service: TrueVector Internet
    Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files
    (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service:
    @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -
    C:\windows\system32\vssvc.exe (file missing)
    O23 - Service:
    @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner -
    C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service:
    @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner -
    C:\windows\system32\wbengine.exe (file missing)
    O23 - Service:
    @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner -
    C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service:
    @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown
    owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file
    missing)
    --
    End of file - 15087 bytes


    [/TD]
    [/TR]

    [/TABLE]
     

Share This Page

Loading...