Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account
Photo

Removal instructions for Best YouTube Downloader

- - - - -

  • Please log in to reply
No replies to this topic

#1
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 32,307 posts
Content is republished with permission from Malwarebytes.

What is Best YouTube Downloader?

The Malwarebytes research team has determined that Best YouTube Downloader is a browser hijacker. These so-called "hijackers" manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements. Best YouTube Downloader is a member of the Neobar family, infamous because of their policy changes on victimms' computers.

How do I know if my computer is affected by Best YouTube Downloader?

You may see this entry in your list of installed software:

warning4.png

and these warnings during install:

main.png

warning1.png

warning2.png

these browser add-ons:

warning8.png

warning6.png

warning7.png

warning9.png

these Scheduled Tasks:

warning3.png

How did Best YouTube Downloader get on my computer?

Browser hijackers use different methods for distributing themselves. This particular one was offered as a download manager.

How do I remove Best YouTube Downloader?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan Now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
Is there anything else I need to do to get rid of Best YouTube Downloader?
  • If you are using Chrome, you may have to remove the Extension manually under Tools > Settings > Extensions. Remove the checkmark and click on the bin behind the Best YouTube Downloader entry.
  • If you are using Opera, you may have to remove the Extension manually under Opera > Extensions click the x behind Best YouTube Downloader and click OK in the prompt to confirm.
  • Please visdit our Restore Browser page. You can read there how to fix additional browser redirect methods.
  • This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the Best YouTube Downloader hijacker. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.


protection1.png


Technical details for experts

Signs in a HijackThis log:


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.mystart.com/?pr=systma&id=byd&v=1_0
R3 - URLSearchHook: BYD - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll
O2 - BHO: BYD - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll
Possible signs in FRST logs:
 
 GroupPolicy: Restriction - Chrome <======= ATTENTION
 CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0
 URLSearchHook: HKCU - BYD - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll ()
 URLSearchHook: HKCU - BYD - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll ()
 SearchScopes: HKCU -> DefaultScope {EB6628CF-0675-4DAE-95CE-EFFA23169743} URL = 
 BHO: BYD -> {EB6628CF-0675-4DAE-95CE-EFFA23169743} -> C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll [2015-11-27] ()
 BHO-x32: BYD -> {EB6628CF-0675-4DAE-95CE-EFFA23169743} -> C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll [2015-11-27] ()
 FF DefaultSearchEngine: MyStart
 FF SelectedSearchEngine: MyStart
 FF Homepage: hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0
 FF Keyword.URL: 
 FF SearchPlugin: C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\searchplugins\mystart.xml [2015-12-24]
 FF Extension: BYD - C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\Extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743} [2015-12-24] [not signed]
 CHR HomePage: Default -> hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0
 CHR StartupUrls: Default -> "hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0"
 CHR DefaultSearchURL: Default -> hxxps://www.mystart.com/results.php?pr=systma&id=byd&v=1_0&p={searchTerms}
 CHR DefaultSearchKeyword: Default -> mystart
 CHR Extension: (BYD) - C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl [2015-12-24]
 OPR Extension: (BYD) - C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem [2015-12-24]
 C:\Users\{username}\AppData\Roaming\BYD
 C:\Windows\System32\Tasks\Update Service for Best YouTube Downloader2
 C:\Windows\System32\Tasks\Update Service for Best YouTube Downloader
 C:\Windows\Tasks\Update Service for Best YouTube Downloader2.job
 C:\Windows\Tasks\Update Service for Best YouTube Downloader.job
 C:\Program Files (x86)\Best YouTube Downloader

BYD (HKLM-x32\...\Best YouTube Downloader) (Version: 1.5.56 - Company Inc.)
Task: {5E2E4EA2-AB92-402B-9C65-02BB3F75F82C} - System32\Tasks\Update Service for Best YouTube Downloader => C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe [2015-11-27] ()
Task: {78C4C23D-32C1-4591-BA84-E3D1D6FD9345} - System32\Tasks\Update Service for Best YouTube Downloader2 => C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe [2015-11-27] ()
Task: C:\Windows\Tasks\Update Service for Best YouTube Downloader.job => C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe
Task: C:\Windows\Tasks\Update Service for Best YouTube Downloader2.job => C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe
Alterations made by the installer:
 
File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files (x86)\Best YouTube Downloader
       Adds the file CMDDAEa.exe"="27/11/2015 11:11, 157328 bytes, A
       Adds the file uninstall.exe"="27/11/2015 11:11, 1635456 bytes, A
    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF
       Adds the file 74peN47FXpKy.exe"="27/11/2015 11:11, 761488 bytes, A
       Adds the file b8n3XqM4Xglt.dll"="27/11/2015 11:11, 337040 bytes, A
       Adds the file HdU3bnfVwGRl.dll"="27/11/2015 11:11, 427152 bytes, A
       Adds the file icon.ico"="27/11/2015 11:11, 1150 bytes, A
       Adds the file icon16.ico"="27/11/2015 11:11, 1150 bytes, A
       Adds the file Lqmf0pEc1wCX.dll"="27/11/2015 11:11, 255120 bytes, A
       Adds the file tByRpVyMj5CU.dll"="27/11/2015 11:11, 212112 bytes, A
    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF\files
       Adds the file background.html"="27/11/2015 11:11, 129 bytes, A
       Adds the file BrowsersFix.js"="27/11/2015 11:11, 534 bytes, A
       Adds the file Kernel.js"="27/11/2015 11:11, 20789 bytes, A
    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\_locales
    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files
       Adds the file background.js"="27/11/2015 11:11, 28667 bytes, A
       Adds the file foreground.js"="27/11/2015 11:11, 120938 bytes, A
       Adds the file main.css"="27/11/2015 11:11, 2340 bytes, A
       Adds the file proxy.js"="27/11/2015 11:11, 364 bytes, A
    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube
       Adds the file arrow.png"="27/11/2015 11:11, 2951 bytes, A
       Adds the file arrow2.png"="27/11/2015 11:11, 235 bytes, A
       Adds the file plus.png"="27/11/2015 11:11, 2904 bytes, A
    In the existing folder C:\ProgramData
       Adds the file ntuser.pol"="24/12/2015 09:32, 626 bytes, RHSA
    In the existing folder C:\Users\{username}
       Adds the file ntuser.pol"="24/12/2015 09:32, 484 bytes, RHSA
    In the existing folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default
       Alters the file Preferences
        11/12/2015 08:40, 183859 bytes, A ==> 24/12/2015 09:32, 197806 bytes, A
       Alters the file Secure Preferences
        11/12/2015 08:40, 40931 bytes, A ==> 24/12/2015 09:32, 72652 bytes, A
       Alters the file Web Data
        11/12/2015 08:39, 63488 bytes, A ==> 24/12/2015 09:32, 63488 bytes, A
       (-)(FILE) Web Data-journal"="11/12/2015 08:39, 0 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0
       Adds the file BrowsersFix.js"="27/11/2015 11:11, 1294 bytes, A
       Adds the file Content.js"="27/11/2015 11:11, 1413 bytes, A
       Adds the file Kernel.js"="27/11/2015 11:11, 22801 bytes, A
       Adds the file manifest.json"="24/12/2015 09:32, 1204 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\_locales
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\files
       Adds the file background.js"="27/11/2015 11:11, 36219 bytes, A
       Adds the file foreground.js"="27/11/2015 11:11, 120205 bytes, A
       Adds the file main.css"="27/11/2015 11:11, 2289 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\files\com.YoutubeDownloader.YouTube
       Adds the file arrow.png"="27/11/2015 11:11, 2951 bytes, A
       Adds the file arrow2.png"="27/11/2015 11:11, 235 bytes, A
       Adds the file plus.png"="27/11/2015 11:11, 2904 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\icons
       Adds the file icon128.png"="27/11/2015 11:11, 3306 bytes, A
       Adds the file icon16.png"="27/11/2015 11:11, 3070 bytes, A
       Adds the file icon48.png"="27/11/2015 11:11, 3326 bytes, A
    In the existing folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default
       Adds the file extensions.sqlite"="24/12/2015 09:32, 0 bytes, A
       Alters the file prefs.js
        10/11/2015 13:33, 5327 bytes, A ==> 24/12/2015 09:32, 6160 bytes, A
       Adds the file search-metadata.json"="24/12/2015 09:32, 118 bytes, RA
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}
       Adds the file bootstrap.js"="27/11/2015 11:11, 12313 bytes, A
       Adds the file chrome.manifest"="27/11/2015 11:11, 78 bytes, A
       Adds the file install.rdf"="27/11/2015 11:11, 13284 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome
       Adds the file background.html"="27/11/2015 11:11, 69 bytes, A
       Adds the file background.xul"="27/11/2015 11:11, 452 bytes, A
       Adds the file BrowsersFix.js"="27/11/2015 11:11, 534 bytes, A
       Adds the file Kernel.js"="27/11/2015 11:11, 19980 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\_locales
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\files
       Adds the file background.js"="27/11/2015 11:11, 28018 bytes, A
       Adds the file foreground.js"="27/11/2015 11:11, 120206 bytes, A
       Adds the file main.css"="27/11/2015 11:11, 2289 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\files\com.YoutubeDownloader.YouTube
       Adds the file arrow.png"="27/11/2015 11:11, 2951 bytes, A
       Adds the file arrow2.png"="27/11/2015 11:11, 235 bytes, A
       Adds the file plus.png"="27/11/2015 11:11, 2904 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\icons
       Adds the file icon19.png"="27/11/2015 11:11, 3076 bytes, A
       Adds the file icon48.png"="27/11/2015 11:11, 3326 bytes, A
       Adds the file icon64.png"="27/11/2015 11:11, 3270 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\skin
       Adds the file arrow.png"="27/11/2015 11:11, 332 bytes, A
       Adds the file background.png"="27/11/2015 11:11, 109 bytes, A
       Adds the file bindings.css"="27/11/2015 11:11, 1648 bytes, A
       Adds the file bindings.xml"="27/11/2015 11:11, 1336 bytes, A
       Adds the file styles.css"="27/11/2015 11:11, 257 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\searchplugins
       Adds the file mystart.xml"="24/12/2015 09:32, 4649 bytes, RA
    In the existing folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable
       Alters the file Preferences
        15/12/2015 10:02, 20621 bytes, A ==> 24/12/2015 09:32, 35060 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0
       Adds the file BrowsersFix.js"="27/11/2015 11:11, 1294 bytes, A
       Adds the file Content.js"="27/11/2015 11:11, 1413 bytes, A
       Adds the file Kernel.js"="27/11/2015 11:11, 22801 bytes, A
       Adds the file manifest.json"="24/12/2015 09:32, 1133 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0\_locales
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0\files
       Adds the file background.js"="27/11/2015 11:11, 36219 bytes, A
       Adds the file foreground.js"="27/11/2015 11:11, 120205 bytes, A
       Adds the file main.css"="27/11/2015 11:11, 2289 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0\files\com.YoutubeDownloader.YouTube
       Adds the file arrow.png"="27/11/2015 11:11, 2951 bytes, A
       Adds the file arrow2.png"="27/11/2015 11:11, 235 bytes, A
       Adds the file plus.png"="27/11/2015 11:11, 2904 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0\icons
       Adds the file icon128.png"="27/11/2015 11:11, 3306 bytes, A
       Adds the file icon16.png"="27/11/2015 11:11, 3070 bytes, A
       Adds the file icon48.png"="27/11/2015 11:11, 3326 bytes, A
    In the existing folder C:\Windows\System32\GroupPolicy
       Adds the file gpt.ini"="24/12/2015 09:32, 268 bytes, A
    Adds the folder C:\Windows\System32\GroupPolicy\Adm
       Adds the file chrome.adm"="24/12/2015 09:32, 1804 bytes, A
    Adds the folder C:\Windows\System32\GroupPolicy\Machine
       Adds the file Registry.pol"="24/12/2015 09:32, 572 bytes, A
    Adds the folder C:\Windows\System32\GroupPolicy\User
       Adds the file Registry.pol"="24/12/2015 09:32, 234 bytes, A
    In the existing folder C:\Windows\System32\Tasks
       Adds the file Update Service for Best YouTube Downloader"="24/12/2015 09:32, 2694 bytes, A
       Adds the file Update Service for Best YouTube Downloader2"="24/12/2015 09:32, 3152 bytes, A
    In the existing folder C:\Windows\Tasks
       Adds the file Update Service for Best YouTube Downloader.job"="24/12/2015 09:32, 374 bytes, A
       Adds the file Update Service for Best YouTube Downloader2.job"="24/12/2015 09:32, 374 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]
       "(Default)"="REG_SZ", "BYD"
       "ProgID"="REG_SZ", "Toolbar.ExtensionHelperObject.1"
       "TypeLib"="REG_SZ", "{1D5A4199-956E-49BC-B89F-6A35C57C0D13}"
       "VersionIndependentProgID"="REG_SZ", "Toolbar.ExtensionHelperObject"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\InprocServer32]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll"
       "ThreadingModel"="REG_SZ", "Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\Programmable]
       "(Default)"="REG_SZ", ""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}]
       "(Default)"="REG_SZ", "_IFaOb2LmrlpgO5tSj2aKEvents"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020420-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}\TypeLib]
       "(Default)"="REG_SZ", "{10ECD864-7879-4065-BF35-36422588085E}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}]
       "(Default)"="REG_SZ", "IFaOb2LmrlpgO5tSj2aK"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}\TypeLib]
       "(Default)"="REG_SZ", "{10ECD864-7879-4065-BF35-36422588085E}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}]
       "(Default)"="REG_SZ", "{BF4DD426-36B8-452C-BB82-401600709D34}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\ProxyStubClsid]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\TypeLib]
       "(Default)"="REG_SZ", "{65480A50-E09B-4E04-A488-0C172BB380ED}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10ECD864-7879-4065-BF35-36422588085E}\1.0]
       "(Default)"="REG_SZ", "6woQRdass8vWqLf9xmlvWlebt__i0tP2Htdz"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10ECD864-7879-4065-BF35-36422588085E}\1.0\0\win32]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\74peN47FXpKy.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10ECD864-7879-4065-BF35-36422588085E}\1.0\FLAGS]
       "(Default)"="REG_SZ", "0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10ECD864-7879-4065-BF35-36422588085E}\1.0\HELPDIR]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{65480A50-E09B-4E04-A488-0C172BB380ED}\1.0]
       "(Default)"="REG_SZ", "{65480A50-E09B-4E04-A488-0C172BB380ED}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{65480A50-E09B-4E04-A488-0C172BB380ED}\1.0\0\win32]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{65480A50-E09B-4E04-A488-0C172BB380ED}\1.0\FLAGS]
       "(Default)"="REG_SZ", "0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{65480A50-E09B-4E04-A488-0C172BB380ED}\1.0\HELPDIR]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}]
       "(Default)"="REG_SZ", "BackgroundScriptEngine Class"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}\LocalServer32]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\74peN47FXpKy.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}\Programmable]
       "(Default)"="REG_SZ", ""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]
       "(Default)"="REG_SZ", "BYD"
       "ProgID"="REG_SZ", "Toolbar.ExtensionHelperObject.1"
       "TypeLib"="REG_SZ", "{1D5A4199-956E-49BC-B89F-6A35C57C0D13}"
       "VersionIndependentProgID"="REG_SZ", "Toolbar.ExtensionHelperObject"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\InprocServer32]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll"
       "ThreadingModel"="REG_SZ", "Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\Programmable]
       "(Default)"="REG_SZ", ""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}]
       "(Default)"="REG_SZ", "_IFaOb2LmrlpgO5tSj2aKEvents"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020420-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}\TypeLib]
       "(Default)"="REG_SZ", "{10ECD864-7879-4065-BF35-36422588085E}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}]
       "(Default)"="REG_SZ", "IFaOb2LmrlpgO5tSj2aK"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}\TypeLib]
       "(Default)"="REG_SZ", "{10ECD864-7879-4065-BF35-36422588085E}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}]
       "(Default)"="REG_SZ", "{BF4DD426-36B8-452C-BB82-401600709D34}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\ProxyStubClsid]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\TypeLib]
       "(Default)"="REG_SZ", "{65480A50-E09B-4E04-A488-0C172BB380ED}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]
       "(Default)"="REG_SZ", "BYD"
       "NoExplorer"="REG_DWORD", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\0]
       "DisplayName"="REG_SZ", "Local Group Policy"
       "DSPath"="REG_SZ", "LocalGPO"
       "Extensions"="REG_SZ", "[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}{D02B1F72-3407-48AE-BA88-E8213C6761F1}]"
       "FileSysPath"="REG_SZ", "C:\Windows\System32\GroupPolicy\Machine"
       "GPOLink"="REG_DWORD", 1
       "GPOName"="REG_SZ", "Local Group Policy"
       "Link"="REG_SZ", "Local"
       "lParam"="REG_DWORD", ....
       "Options"="REG_DWORD", 0
       "Version"="REG_DWORD", -2036234591
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
       "Update Service for Best YouTube Downloader.job"="REG_BINARY, ................................
       "Update Service for Best YouTube Downloader.job.fp"="REG_DWORD", 1670059621
       "Update Service for Best YouTube Downloader2.job"="REG_BINARY, ................................
       "Update Service for Best YouTube Downloader2.job.fp"="REG_DWORD", 278876438
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallWhitelist]
       "1"="REG_SZ", "gabklpcbgpilmpfpbingloinmdpojagl"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]
       "(Default)"="REG_SZ", "BYD"
       "NoExplorer"="REG_DWORD", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Best YouTube Downloader]
       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\uninstall.exe"
       "DisplayName"="REG_SZ", "BYD"
       "DisplayVersion"="REG_SZ", "1.5.56"
       "NoModify"="REG_DWORD", 1
       "NoRepair"="REG_DWORD", 1
       "Publisher"="REG_SZ", "Company Inc."
       "UninstallString"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\uninstall.exe"
       "URLInfoAbout"="REG_SZ", ""
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Approved Extensions]
       "{EB6628CF-0675-4DAE-95CE-EFFA23169743}"="REG_BINARY, ............
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
       "Start Page"=REG_SZ, "https://www.mystart.com/?pr=systma&id=byd&v=1_0"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
       "74peN47FXpKy.exe"="REG_DWORD", 9999
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
       "DefaultScope"=REG_SZ, "{EB6628CF-0675-4DAE-95CE-EFFA23169743}"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
       "{EB6628CF-0675-4DAE-95CE-EFFA23169743}"="REG_SZ", ""
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
       "NoDriveTypeAutoRun"="REG_DWORD", 145
    [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions]
       "UsePolicySearchProvidersOnly"="REG_DWORD", 1
    [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]
       "DisplayName"="REG_SZ", "MyStart"
       "FaviconPath"="REG_SZ", "https://www.mystart.com/favicon.ico"
       "FaviconURLFallback"="REG_SZ", "https://www.mystart.com/favicon.ico"
       "SortIndex"="REG_DWORD", 0
       "SuggestionsURLFallback"="REG_SZ", ""
       "TopResultURLFallback"="REG_SZ", ""
       "URL"="REG_SZ", "https://www.mystart.com/results.php?pr=systma&id=byd&v=1_0&p={searchTerms}"

Extract of the Malwarebytes Anti-Malware log (full log available on request):
 
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 24/12/2015
Scan Time: 09:47
Logfile: mbamBestYoutubeDownloader.txt
Administrator: Yes

Version: 2.2.0.1020
Malware Database: v2015.12.24.03
Rootkit Database: v2015.12.18.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {username}

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 313366
Time Elapsed: 5 min, 3 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 30
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}, Quarantined, [588b4e5a345766d0b801ef7e996928d8], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}, Quarantined, [588b4e5a345766d0b801ef7e996928d8], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}, Quarantined, [588b4e5a345766d0b801ef7e996928d8], 
PUP.Optional.BestYoutubeVideoDownloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Best YouTube Downloader, Quarantined, [da09a305d1ba44f2d3f9a420966bbd43], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service for Best YouTube Downloader, Delete-on-Reboot, [d70c8e1a4d3ed561fe23020ee3218f71], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service for Best YouTube Downloader2, Delete-on-Reboot, [df04535594f7251127fa8e82db29fc04], 
PUP.Optional.BestYoutubeDownloader, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}, Quarantined, [677c9a0efe8d4de9e465d73a48bc748c], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\TYPELIB\{10ECD864-7879-4065-BF35-36422588085E}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{0320EF3E-5E37-4431-8920-3D825407C2F0}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0320EF3E-5E37-4431-8920-3D825407C2F0}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0320EF3E-5E37-4431-8920-3D825407C2F0}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{10ECD864-7879-4065-BF35-36422588085E}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{10ECD864-7879-4065-BF35-36422588085E}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\TYPELIB\{65480A50-E09B-4E04-A488-0C172BB380ED}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{BF4DD426-36B8-452C-BB82-401600709D34}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BF4DD426-36B8-452C-BB82-401600709D34}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BF4DD426-36B8-452C-BB82-401600709D34}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{65480A50-E09B-4E04-A488-0C172BB380ED}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{65480A50-E09B-4E04-A488-0C172BB380ED}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\INPROCSERVER32, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 

Registry Values: 2
PUP.Optional.BestYoutubeDownloader, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}|AppPath, C:\Program Files (x86)\Best YouTube Downloader\IEEF, Quarantined, [677c9a0efe8d4de9e465d73a48bc748c]
PUP.Optional.BestYouTubeDownloader, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], 

Registry Data: 1
PUP.Optional.MyStart, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://www.mystart.com/?pr=systma&id=byd&v=1_0, Good: (www.google.com), Bad: (https://www.mystart.com/?pr=systma&id=byd&v=1_0),Replaced,[25be941498f30b2bc9a7aee2838122de]

Folders: 259
PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\BYD, Quarantined, [c122cddb15765adcb791c24f41c313ed], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\_locales, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\_locales\zh_TW, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], 
PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], 
PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [ebf8acfc8efd88aeb06c7844fd079b65], 
PUP.Optional.Clicker, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0, Quarantined, [677c4b5d7d0e79bdc4594a72e02452ae], 
PUP.Optional.Clicker, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem, Quarantined, [677c4b5d7d0e79bdc4594a72e02452ae], 
PUP.Optional.Amigo, C:\Windows\System32\GroupPolicy\Adm, Quarantined, [70737e2a5d2e81b5a86bb408f01406fa], 

Files: 306
PUP.Optional.BestYoutubeVideoDownloader, C:\Users\{username}\Desktop\BestYoutubeDownloader.exe, Quarantined, [e5fed7d15239fe38f3d91ba917ea36ca], 
PUP.Optional.BestYoutubeVideoDownloader, C:\Program Files (x86)\Best YouTube Downloader\uninstall.exe, Quarantined, [da09a305d1ba44f2d3f9a420966bbd43], 
PUP.Optional.BestYouTubeDownloader, C:\Windows\System32\Tasks\Update Service for Best YouTube Downloader, Quarantined, [0fd407a1d2b9c670a976ff11956f966a], 
PUP.Optional.BestYouTubeDownloader, C:\Windows\System32\Tasks\Update Service for Best YouTube Downloader2, Quarantined, [647f5850b8d3b87e39e6dd3336ce51af], 
PUP.Optional.BestYouTubeDownloader, C:\Windows\Tasks\Update Service for Best YouTube Downloader.job, Quarantined, [677c08a0216a082e7ca48e82ac589d63], 
PUP.Optional.BestYouTubeDownloader, C:\Windows\Tasks\Update Service for Best YouTube Downloader2.job, Quarantined, [4b9856529eed0531ad73a16fae56bf41], 
PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\BYD\Storage.db, Quarantined, [c122cddb15765adcb791c24f41c313ed], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\74peN47FXpKy.exe, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\icon.ico, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\icon16.ico, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\Lqmf0pEc1wCX.dll, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\tByRpVyMj5CU.dll, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\background.html, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\BrowsersFix.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\Kernel.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\background.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\foreground.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\main.css, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\proxy.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube\arrow.png, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube\arrow2.png, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube\plus.png, Quarantined, [8360bdeb167542f4d5323451a161fc04], 
PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\BrowsersFix.js, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], 
PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\Content.js, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], 
PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\Kernel.js, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], 
PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\manifest.json, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], 
PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\install.rdf, Quarantined, [ebf8acfc8efd88aeb06c7844fd079b65], 
PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\bootstrap.js, Quarantined, [ebf8acfc8efd88aeb06c7844fd079b65], 
PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome.manifest, Quarantined, [ebf8acfc8efd88aeb06c7844fd079b65], 
PUP.Optional.MyStart, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\searchplugins\mystart.xml, Quarantined, [6380c9dfdfac55e15bb9e2da768e30d0], 
PUP.Optional.Amigo, C:\Windows\System32\GroupPolicy\Adm\chrome.adm, Quarantined, [70737e2a5d2e81b5a86bb408f01406fa], 

Physical Sectors: 0
(No malicious items detected)


(end)
As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.
  • 0

Advertisements





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured
Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.