Found some Malware While Searching for a Free Manny Pacquiao vs. Sugarshane Mosley Live Streaming

Many people must have gotten this while trying to find a free live streaming of their favorite sports. This one is certainly a Malware and must be removed from your computer.

You can start by running a HiJackthis scan and pick the ones in the screenshot then remove them. Next up, run Malwarebytes Anti-malware or any other malware scanner you have to clean the remnants.

Mozilla Firefox config

If you are using Mozzila Firefox, this infection changes some settings that are usually untraceable to regular Anti-Malware Software.

Type in About:Config in the Address bar and press Enter.
Find these settings: general.useragent.extra.scopes and keyword.URL and remove its current value.

That should do it. :)


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:16:05 AM, on 5/9/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\mspaint.exe
C:\Windows\System32\notepad.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
C:\Windows\system32\mspaint.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toolbar.blinkx.com?domainid=PIN05&version=0.5.64&toolbarid=afc5df05-b76f-4602-87ff-915270512312
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: the blinkx toolbar - {F08555B0-9CC3-11D2-AA8E-000000000567} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_shook.dll
O2 - BHO: The blinkx Toolbar - {0069B690-7A2B-41C5-98CA-9F535B4C8532} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_bho.dll
O2 - BHO: ShopperReports - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.1.69.0\ShopperReports.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O3 - Toolbar: The blinkx Toolbar - {E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.dll
O4 - HKCU\..\Run: [Google Update] "C:\Users\AdminOne\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [blinkx_toolbar] "C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.exe" -startservice
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.1.69.0\ShopperReports.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.1.69.0\ShopperReports.dll
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{74F10709-31CE-4D32-B5CD-E7D2F427A13C}: NameServer = 121.1.3.168 203.84.191.216
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ScanQuery Service - Unknown owner - C:\ProgramData\ScanQuery\scanquery129.exe

--
End of file - 3051 bytes