Nginx Virus

Posted: July 11, 2012

Nginx Virus Description

Nginx Virus Screenshot 1The Nginx Virus is a casual name for a browser hijacker that blocks popular websites to display a Nginx server-based site instead of your normal content. Since Nginx is a popular open source program that can be used by both malicious and benevolent websites, SpywareRemove.com malware researchers recommend that you assume that your PC may have been exposed to potential browser-based attacks after contact with sites that resemble the end results of a Nginx Virus's hijack. In some cases, what looks like a Nginx Virus may be a simple server glitch that doesn't indicate that anything is wrong with your PC; you should verify this possibility with suitable anti-malware software on a case-by-case basis.

How the Nginx Virus's Most Famous Symptom is an Inadvertent Side Effect

The Nginx Virus (which, contrary to its nickname, is not a file-infecting virus insofar as SpywareRemove.com malware researchers have been able to determine) is a form of browser hijacker that promotes Nginx-based websites. As the second most popular form of server software globally that's used by even reputable sites like Google, Nginx and its errors can be associated with completely safe sites as well as harmful websites. However, sites that are promoted by browser hijackers like the Nginx Virus have a tendency to be malicious or include questionable content, and SpywareRemove.com malware researchers recommend that you interact with such sites with a high degree of caution.

The unifying symptom for a Nginx Virus style of browser hijacker is the appearance of Nginx error pages whenever you try to load various popular sites. Sites that have been blocked by the Nginx Virus include Facebook, Yahoo, Google and Yandex. A successful Nginx Virus redirect attack may redirect you to an unrelated and fully-functioning site, or one of the following error messages may be exhibit on a blank page:

'Welcome to Nginx!'

'404 Not Found / Nginx'

Browser hijackers should always be considered dangers to your PC that should be removed in anti-malware scans, and SpywareRemove.com malware researchers also recommend that you avoid transmitting personal information via your browser until your PC has been disinfected of the Nginx Virus.

When the Nginx Virus is Less of a PC Threat Than It is a Minor Server Malfunction

Not all appearances of the aforementioned Nginx Virus-style error messages are heralds of an infection on your computer. In some scenarios, a Nginx-based site may be having server issues that result in you seeing one of these Nginx errors. Then, is just a matter of time until the website being corrected by its webmasters.

However, SpywareRemove.com malware researchers generally recommend that you assume that your PC is infected by the Nginx Virus until your anti-malware software can determine otherwise. Browser hijackers like the Nginx Virus may be installed with other PC threats that show few or no symptoms, and, in some cases, can be high-level threats (such as DNS Changer and Alueron rootkits).

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Nginx Virus may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

Registry Modifications


The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\"Shell" = "[RANDOM CHARACTERS].exe"HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"

Related Posts

2 Comments

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.