"Welcome to nginx". Linked to dead end site, help.

View previous topic View next topic Go down

"Welcome to nginx". Linked to dead end site, help.

Post by Jack Monaco on Wed Jul 18, 2012 9:00 pm

It started whenever i went to Youtube, and has just started on this site as well. Whenever i try to go to Youtube, and most times on this site, i get linked to a dead-end page with just "Welcome to nginx!!" on it. Help would be appreciated, pasting OST scan information below, will be following with the other scans this site linked.javascript:emoticonp('Thank You!')

Jack Monaco
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2012-07-18
OS : Windows 7

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Jack Monaco on Wed Jul 18, 2012 9:09 pm

OTL Extras logfile created on: 7/18/2012 3:35:39 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Monaco\Downloads\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.61 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 53.95% Memory free
7.21 Gb Paging File | 5.10 Gb Available in Paging File | 70.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 256.35 Gb Total Space | 195.99 Gb Free Space | 76.45% Space Free | Partition Type: NTFS
Drive D: | 314.82 Gb Total Space | 314.72 Gb Free Space | 99.97% Space Free | Partition Type: NTFS

Computer Name: MONACO-PC | User Name: Monaco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0219053B-1531-4A28-9804-68F6DD1E186C}" = lport=139 | protocol=6 | dir=in | app=system |
"{091E70E4-0291-4D05-9B5E-137226CC73D4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{12DAD2FD-54E3-4C47-A428-031A20205669}" = lport=138 | protocol=17 | dir=in | app=system |
"{146BFF1B-6A3E-4679-A943-FB7546186157}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1FDC9F3F-D562-4815-9566-9934B652CB40}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{251ED177-961D-4406-BFD7-077F70922235}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2D8057CB-FD61-46EC-9830-2ABD4DBA7B5A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3062B903-00AC-4BB6-8EE6-8B208D2D8256}" = lport=445 | protocol=6 | dir=in | app=system |
"{34FC5699-CB39-4A20-8459-B1DFEF7F14E7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{427259C8-9FC0-45D3-A403-DEB40813427A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4C2B54A8-AD77-48C7-961F-153D0D87D4A9}" = rport=138 | protocol=17 | dir=out | app=system |
"{5A657558-6A5D-4D1C-B185-156FCCA29D8E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5E7AAB63-2460-4267-84AD-E0232837B596}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7B5B70AB-6769-4E4E-ABEC-D4F79D07E77F}" = rport=139 | protocol=6 | dir=out | app=system |
"{8F3BBF56-6E38-4B8B-BB6F-3E4ADBB792FE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99F6FDBC-52B7-49B9-8AD9-22568265E0BC}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4CDFFC5-6980-49B9-947A-D8A1024AF123}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A4E82078-5075-429B-A685-4C970838F971}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1228D10-F5B1-4AC1-91B3-50B0DA3D080E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C375D5B9-DBC8-4E1D-AC81-462008CF4173}" = lport=137 | protocol=17 | dir=in | app=system |
"{CC44337B-A68E-4FAF-AA11-EC269B67C7EA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D98A8794-3012-4837-A5E4-8895710E849B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E99E1274-859B-4D23-A58F-594EED0388DE}" = rport=445 | protocol=6 | dir=out | app=system |
"{F2E98FA0-C1BD-47B8-8F2D-1ED831488936}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F5F92506-4554-4AB7-9780-48BB97389725}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{F955AB3A-9921-4825-9C37-2D44F76A5FD9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDC0586C-F63A-4633-A65D-E0B86B6908E4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E2C7730-942A-4496-B61D-922C8EF34851}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0FF52896-8A7F-430E-AEC0-3CCD3583CCF8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1001D896-2025-4757-B05E-8077EA607B72}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{18DB18C7-3D95-4F40-A082-C3E8A931B22F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2463B5AE-BC7F-4FDC-8D42-97654720A0D0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{24E4122C-D4BB-4B46-9F93-CD269DB48F4B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{268AE857-4943-4355-8F4B-151DFBEB1EE8}" = protocol=6 | dir=out | app=system |
"{29033A35-EA90-4371-B3F3-BE1F9886F0F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A7E274C-73FF-4136-87A5-9A8F4CF1B8FE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{44BB1937-F0C1-44EE-8205-33012AE20D78}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CC44FD6-5473-4845-91A3-C107CEACEE72}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4CEC3F9A-6F1D-4B0B-A9A1-E391CDFB1791}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{613470F2-F885-4860-ABAC-D2E7331C6710}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{635B9FEA-35BA-4EB3-BFF4-0F4AD639AE93}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6E4E1204-EB20-4A8C-9F06-EEE57E32652B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85215BCB-EE8C-4453-89F9-94FF197400A3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{95E18997-12C3-4996-BC43-79D71634880A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BC6A4656-B8C1-4B1F-8E69-C86A1C695486}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BD88EF84-B1FA-4F8A-9C0C-D943561C3134}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C0981429-13A4-4288-8FA9-765D33085733}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C0EC5341-213A-4817-BDD7-C0F48E31D12B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C1912587-14BB-4423-8B21-69BB21D65490}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C987576B-5CBE-48CC-99EB-47ED32CB029A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CBA3F3F6-6F8C-4B4C-BA50-8D1E9D7DEA1B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D358C5E2-7E77-4479-8AB8-0BDB69A82504}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1A3A1BE-159D-4E35-B540-6FCE7DB4285A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E266E3AE-7D21-4043-8C9C-2A3D28F022D9}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EE611C7D-8BE0-4CB4-8163-56F1EED8BD67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB33CC14-169E-4969-BF02-CC9C5D45D74A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FD023BFD-5A15-4AC9-B241-59F4FE47F0B9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5E9C8272-9487-7C4E-EE4E-EC3C9B833E80}" = ccc-utility64
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{876B19F3-EA56-4E12-64E0-A14921EE8AD9}" = AMD Fuel
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{911519EB-BD75-4B3B-BD17-BA3747C9B854}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E17025A7-39B6-375E-8F1E-20637D19549C}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"Elantech" = ETDWare PS/2-X64 8.0.5.1_WHQL
"EPSON WorkForce 310 Series" = EPSON WorkForce 310 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1E9C645B-86BF-78F4-D0B2-E1B629F4860B}" = CCC Help Czech
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{21B49B4A-BBC3-4A09-9C68-6C3CC0B1EA01}" = Windows Live Messenger
"{23181592-0ECD-4A16-81C6-F0424D2DCABF}" = Windows Live UX Platform Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D831C28-16D9-68F4-62B9-EF0FEE6810E8}" = CCC Help French
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{32C01DD0-3260-4D2B-BDB2-36CEC3E5B27A}" = Windows Live UX Platform Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34AEE149-348E-F96F-DD7E-E4AE8C0FA590}" = CCC Help Spanish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}" = Complemento Messenger
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{436043C1-EBF5-D328-5352-2ECE58FFF14E}" = CCC Help Italian
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E1F5F06-7739-C962-D1B9-A20352C315CF}" = CCC Help Dutch
"{603C0DC4-665E-4CC9-8ED1-7FE1F03AB943}" = Fantapper Updater
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B6FCFC7-F1DD-2938-7F13-A53AF185EAA6}" = CCC Help Danish
"{6B86B5EA-3FC4-B61F-BF39-00908F4B1914}" = CCC Help German
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D1031D9-E025-D81A-60BB-2438F1DAD403}" = CCC Help Russian
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6F35C64F-B969-4ECE-3C27-D4FF62D8B602}" = CCC Help Polish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{737E2E0B-906A-CBE1-9B65-79A034A540BD}" = CCC Help Chinese Standard
"{744BFB3C-CABB-2EA9-EC04-4DC4CF1853D7}" = Catalyst Control Center
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{76046298-768C-492C-8C93-2983C9E3719E}" = Windows Live UX Platform Language Pack
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77C40B17-C0DD-7DE8-992E-7759771E64A3}" = CCC Help Turkish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{79B368BD-9EC0-49D9-F9E4-75E4AD0AD447}" = CCC Help Greek
"{7A1F625C-2893-C711-E539-3CA45476B5E7}" = CCC Help Portuguese
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7F061FA8-5A87-4758-876B-17EE28B358D0}" = Messenger 浏览器插件
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{85487EE2-2A33-AA10-D70B-732B0C51D4C9}" = CCC Help Chinese Traditional
"{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885E5283-AC7B-A88E-562D-5CD7994FF862}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{939C80FA-96C9-44A6-B318-8E7D8BD8481B}" = Messenger Companion
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95E8725C-2238-999D-115D-F1EEE4F56EC7}" = CCC Help Korean
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B487939D-E296-3FF8-134B-FC936A164A3F}" = CCC Help Finnish
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA3E01A1-39B1-1F4C-1F9E-9E8AF675EF28}" = CCC Help English
"{CDACD4C9-F984-409A-9D26-DF77E003FD89}" = Fantapper Player
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}" = Messenger 分享元件
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}" = Atheros Client Installation Program
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D86F8870-992D-ADD6-CB10-C05346B05DFD}" = CCC Help Thai
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFB62071-F38C-04C8-825A-F715333DB24E}" = Catalyst Control Center Localization All
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E432F3F1-6BB0-E228-6138-900DE6EA5F23}" = CCC Help Norwegian
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E6592624-C28D-8406-CDE2-7E404D12CCC9}" = Catalyst Control Center Profiles Mobile
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC5836BE-32D1-4D45-9C04-B3980719DFBA}" = CCC Help Japanese
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ECD7A9A6-CDEC-E486-6992-7A26DAF28802}" = CCC Help Swedish
"{ED86C4AB-D1E5-42CF-BFA3-56BAAE617D4E}" = Windows Live UX Platform Language Pack
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB51A10-A57D-29AB-90D1-3EEE29BD388F}" = Catalyst Control Center InstallProxy
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"BucksBee Loyalty Plugin - 100884.rs for Chrome" = BucksBee Loyalty Plugin - 100884.rs for Chrome
"centurytoolbar" = CenturyLink Toolbar
"EPSON Scanner" = EPSON Scan
"Free Download Manager_is1" = Free Download Manager 3.8
"F-Secure Product 444" = CenturyLink™ Online Security
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"RealPlayer 15.0" = RealPlayer
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"Vid-Saver" = Vid-Saver
"Wajam" = Wajam
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 beta 3 (32-bit)
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Funmoods Web Search" = Funmoods Web Search

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/16/2012 12:04:42 AM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Ignoring response received before we even
began probing: 16 Monaco-PC.local. AAAA FE80:0000:0000:0000:24D2:1549:53BA:ADA8

Error - 6/16/2012 12:04:42 AM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.1.67:5353 4 Monaco-PC.local.
Addr 192.168.1.67

Error - 6/16/2012 12:04:42 AM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Monaco-PC.local.
Addr 192.168.1.69

Error - 6/16/2012 12:04:42 AM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = Local Hostname Monaco-PC.local already in use; will try Monaco-PC-2.local
instead

Error - 6/16/2012 10:11:49 AM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/16/2012 10:11:49 AM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3666

Error - 6/16/2012 10:11:49 AM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3666

Error - 6/16/2012 2:59:08 PM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/16/2012 2:59:10 PM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 17243898

Error - 6/16/2012 2:59:10 PM | Computer Name = Monaco-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 17243898

[ Media Center Events ]
Error - 1/7/2012 7:29:33 PM | Computer Name = Monaco-PC | Source = MCUpdate | ID = 0
Description = 6:29:26 PM - Error connecting to the internet. 6:29:26 PM - Unable
to contact server..

Error - 2/18/2012 8:11:58 AM | Computer Name = Monaco-PC | Source = MCUpdate | ID = 0
Description = 7:11:58 AM - Error connecting to the internet. 7:11:58 AM - Unable
to contact server..

Error - 2/18/2012 8:14:05 AM | Computer Name = Monaco-PC | Source = MCUpdate | ID = 0
Description = 7:12:27 AM - Error connecting to the internet. 7:12:27 AM - Unable
to contact server..

Error - 2/18/2012 9:14:37 AM | Computer Name = Monaco-PC | Source = MCUpdate | ID = 0
Description = 8:14:37 AM - Error connecting to the internet. 8:14:37 AM - Unable
to contact server..

Error - 2/18/2012 9:15:11 AM | Computer Name = Monaco-PC | Source = MCUpdate | ID = 0
Description = 8:15:06 AM - Error connecting to the internet. 8:15:06 AM - Unable
to contact server..

Error - 5/25/2012 6:20:56 PM | Computer Name = Monaco-PC | Source = MCUpdate | ID = 0
Description = 6:20:56 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )

Error - 5/27/2012 8:25:02 PM | Computer Name = Monaco-PC | Source = MCUpdate | ID = 0
Description = 8:24:57 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )

Error - 6/7/2012 1:50:37 PM | Computer Name = Monaco-PC | Source = MCUpdate | ID = 0
Description = 1:50:01 PM - Failed to retrieve Broadband-2.enc (Error: HTTP status
400: The server cannot process the request because the syntax is not valid. )

[ System Events ]
Error - 6/16/2012 7:41:58 PM | Computer Name = Monaco-PC | Source = DCOM | ID = 10010
Description =

Error - 6/16/2012 7:43:18 PM | Computer Name = Monaco-PC | Source = NetBT | ID = 4321
Description = The name "MONACO-PC :0" could not be registered on the interface
with IP address 192.168.1.69. The computer with the IP address 192.168.1.67 did
not allow the name to be claimed by this computer.

Error - 6/16/2012 7:43:31 PM | Computer Name = Monaco-PC | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.0 service failed to start due to the following error:
%%3

Error - 6/16/2012 9:08:27 PM | Computer Name = Monaco-PC | Source = NetBT | ID = 4321
Description = The name "MONACO-PC :0" could not be registered on the interface
with IP address 192.168.1.69. The computer with the IP address 192.168.1.67 did
not allow the name to be claimed by this computer.

Error - 6/16/2012 10:06:46 PM | Computer Name = Monaco-PC | Source = NetBT | ID = 4321
Description = The name "MONACO-PC :0" could not be registered on the interface
with IP address 192.168.1.69. The computer with the IP address 192.168.1.67 did
not allow the name to be claimed by this computer.

Error - 6/16/2012 10:09:25 PM | Computer Name = Monaco-PC | Source = NetBT | ID = 4321
Description = The name "MONACO-PC :0" could not be registered on the interface
with IP address 192.168.1.69. The computer with the IP address 192.168.1.67 did
not allow the name to be claimed by this computer.

Error - 6/16/2012 10:35:20 PM | Computer Name = Monaco-PC | Source = NetBT | ID = 4321
Description = The name "MONACO-PC :0" could not be registered on the interface
with IP address 192.168.1.69. The computer with the IP address 192.168.1.67 did
not allow the name to be claimed by this computer.

Error - 6/16/2012 10:38:26 PM | Computer Name = Monaco-PC | Source = NetBT | ID = 4321
Description = The name "MONACO-PC :0" could not be registered on the interface
with IP address 192.168.1.69. The computer with the IP address 192.168.1.67 did
not allow the name to be claimed by this computer.

Error - 6/16/2012 10:38:26 PM | Computer Name = Monaco-PC | Source = NetBT | ID = 4321
Description = The name "MONACO-PC :0" could not be registered on the interface
with IP address 192.168.1.69. The computer with the IP address 192.168.1.67 did
not allow the name to be claimed by this computer.

Error - 6/18/2012 7:41:51 PM | Computer Name = Monaco-PC | Source = DCOM | ID = 10010
Description =


< End of report >

Jack Monaco
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2012-07-18
OS : Windows 7

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Jack Monaco on Wed Jul 18, 2012 9:59 pm

Here's my security check, sorry it took so long, my router tends to jump around.
:

Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
CenturyLinkT Online Security 9.01
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 10 Flash Player out of Date!
Google Chrome 20.0.1132.47
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
CenturyLink Online Security Anti-Virus fsgk32st.exe
CenturyLink Online Security Anti-Virus FSGK32.EXE
CenturyLink Online Security Anti-Virus fssm32.exe
CenturyLink Online Security Anti-Virus fsav32.exe
windows defender MpCmdRun.exe
CenturyLink Online Security Common FSMA32.EXE
CenturyLink Online Security Common FSHDLL32.EXE
CenturyLink Online Security Common FSHDLL64.EXE
CenturyLink Online Security ORSP Client fsorsp.exe
CenturyLink Online Security FWES Program fsdfwd.exe
CenturyLink Online Security Common FSM32.EXE
CenturyLink Online Security Spam Control fsscoepl_x64.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````


Jack Monaco
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2012-07-18
OS : Windows 7

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Jack Monaco on Wed Jul 18, 2012 10:29 pm

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-18 15:28:44
-----------------------------
15:28:44.829 OS Version: Windows x64 6.1.7601 Service Pack 1
15:28:44.830 Number of processors: 2 586 0x100
15:28:44.833 ComputerName: MONACO-PC UserName: Monaco
15:28:46.342 Initialize success
15:30:11.013 AVAST engine defs: 12071800
18:01:53.518 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006e
18:01:53.531 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 11
18:01:53.545 Disk 0 MBR read successfully
18:01:53.550 Disk 0 MBR scan
18:01:53.814 Disk 0 Windows 7 default MBR code
18:01:53.814 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
18:01:53.845 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 262506 MB offset 52430848
18:01:53.892 Disk 0 Partition - 00 0F Extended LBA 322373 MB offset 590043136
18:01:53.923 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 322372 MB offset 590045184
18:01:54.048 Disk 0 scanning C:\Windows\system32\drivers
18:02:20.217 Service scanning
18:03:03.296 Modules scanning
18:03:03.296 Disk 0 trace - called modules:
18:03:03.328 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
18:03:03.328 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004baa420]
18:03:03.328 3 CLASSPNP.SYS[fffff8800199c43f] -> nt!IofCallDriver -> [0xfffffa8004a3b040]
18:03:03.328 5 amd_xata.sys[fffff880011048b4] -> nt!IofCallDriver -> \Device\0000006e[0xfffffa8004a3e060]
18:03:05.543 AVAST engine scan C:\Windows
18:03:11.065 AVAST engine scan C:\Windows\system32
18:09:44.923 AVAST engine scan C:\Windows\system32\drivers
18:10:08.215 AVAST engine scan C:\Users\Monaco
18:10:41.086 Disk 0 MBR has been saved successfully to "C:\Users\Monaco\Documents\MBR.dat"
18:10:41.102 The log file has been saved successfully to "C:\Users\Monaco\Documents\Virus scan log.txt"
18:17:40.639 AVAST engine scan C:\ProgramData
18:18:35.478 Scan finished successfully
18:28:04.181 Disk 0 MBR has been saved successfully to "C:\Users\Monaco\Documents\MBR.dat"
18:28:04.212 The log file has been saved successfully to "C:\Users\Monaco\Documents\Virus scan log.txt"
18:28:20.974 Disk 0 MBR has been saved successfully to "C:\Users\Monaco\Documents\MBR.dat"
18:28:20.974 The log file has been saved successfully to "C:\Users\Monaco\Documents\Virus scan log 1.txt"


Jack Monaco
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2012-07-18
OS : Windows 7

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Superdave on Wed Jul 18, 2012 11:00 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from [You must be registered and logged in to see this link.]
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download Combofix from any of the links below, and save it to your DESKTOP.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [You must be registered and logged in to see this link.] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Jack Monaco on Thu Jul 19, 2012 12:05 am

When I attempt to go to the link for SuperAntiSpyware, i get:
404 not found
nginx/0.6.32

Jack Monaco
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2012-07-18
OS : Windows 7

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Superdave on Thu Jul 19, 2012 1:48 am

You may need to download those programs on another computer and transfer them to the computer using one of the methods I've described in my first post.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Jack Monaco on Thu Jul 19, 2012 3:23 am

Alright, thank you very much my good sir.

Jack Monaco
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2012-07-18
OS : Windows 7

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Jack Monaco on Sat Jul 21, 2012 4:56 am

Malwarebytes Anti-Malware 1.62.0.1300
[You must be registered and logged in to see this link.]

Database version: v2012.07.21.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Monaco :: MONACO-PC [administrator]

7/20/2012 11:32:22 PM
mbam-log-2012-07-20 (23-32-22).txt

Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 369530
Time elapsed: 1 hour(s), 7 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 44
HKCR\CLSID\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044344491} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055345591} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0003491.BHO.1 (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr.1 (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr (PUP.FunMoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.dskBnd (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\f (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0003491.BHO (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0003491.FBApi (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0003491.FBApi.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0003491.Sandbox (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0003491.Sandbox.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCU\Software\Cr_Installer\3491 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: -> Quarantined and deleted successfully.
HKCU\Software\InstalledBrowserExtensions\215 Apps|3491 (PUP.CrossFire.SA) -> Data: Vid-Saver -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll (PUP.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\Monaco\AppData\Local\Temp\air89F8.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Users\Monaco\AppData\Local\Temp\vfd-adk.exe (PUP.Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Monaco\Downloads\playalotgames_1347.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Monaco\AppData\Local\funmoods.crx (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Monaco\Local Settings\Application Data\funmoods.crx (PUP.Funmoods) -> Quarantined and deleted successfully.

(end)

Jack Monaco
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2012-07-18
OS : Windows 7

View user profile

Back to top Go down

Re: "Welcome to nginx". Linked to dead end site, help.

Post by Superdave on Tue Jul 24, 2012 12:39 am

I would like to see the other scans if you can run them.

Superdave
Captain
Captain

Status :
Online
Offline

Posts : 4202
Joined : 2010-02-01
Gender : Male
OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum