Removal instructions for Best YouTube Downloader

Metallica · December 24, 2015

What is Best YouTube Downloader?

The Malwarebytes research team has determined that Best YouTube Downloader is a browser hijacker. These so-called "hijackers" manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements. Best YouTube Downloader is a member of the Neobar family, infamous because of their policy changes on victimms' computers.

How do I know if my computer is affected by Best YouTube Downloader?

You may see this entry in your list of installed software:

and these warnings during install:

these browser add-ons:

these Scheduled Tasks:

How did Best YouTube Downloader get on my computer?

Browser hijackers use different methods for distributing themselves. This particular one was offered as a download manager.

How do I remove Best YouTube Downloader?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.

Please download Malwarebytes Anti-Malware to your desktop.
Double-click mbam-setup-version.exe and follow the prompts to install the program.
At the end, be sure a check-mark is placed next to the following:
- Enable free trial of Malwarebytes Anti-Malware Premium
- Launch Malwarebytes Anti-Malware
Then click Finish.
If an update is found, you will be prompted to download and install the latest version.
Once the program has loaded, select Scan Now. Or select the Threat Scan from the Scan menu.
When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
Restart your computer when prompted to do so.

Is there anything else I need to do to get rid of Best YouTube Downloader?

If you are using Chrome, you may have to remove the Extension manually under Tools > Settings > Extensions. Remove the checkmark and click on the bin behind the Best YouTube Downloader entry.
If you are using Opera, you may have to remove the Extension manually under Opera > Extensions click the x behind Best YouTube Downloader and click OK in the prompt to confirm.
Please visdit our Restore Browser page. You can read there how to fix additional browser redirect methods.
This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.

How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the Best YouTube Downloader hijacker. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

Technical details for experts

Signs in a HijackThis log:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.mystart.com/?pr=systma&id=byd&v=1_0R3'>https://www.mystart.com/?pr=systma&id=byd&v=1_0R3 - URLSearchHook: BYD - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dllO2 - BHO: BYD - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll

Possible signs in FRST logs:

 GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0 URLSearchHook: HKCU - BYD - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll () URLSearchHook: HKCU - BYD - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll () SearchScopes: HKCU -> DefaultScope {EB6628CF-0675-4DAE-95CE-EFFA23169743} URL =  BHO: BYD -> {EB6628CF-0675-4DAE-95CE-EFFA23169743} -> C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll [2015-11-27] () BHO-x32: BYD -> {EB6628CF-0675-4DAE-95CE-EFFA23169743} -> C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll [2015-11-27] () FF DefaultSearchEngine: MyStart FF SelectedSearchEngine: MyStart FF Homepage: hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0 FF Keyword.URL:  FF SearchPlugin: C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\searchplugins\mystart.xml [2015-12-24] FF Extension: BYD - C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\Extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743} [2015-12-24] [not signed] CHR HomePage: Default -> hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0 CHR StartupUrls: Default -> "hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0" CHR DefaultSearchURL: Default -> hxxps://www.mystart.com/results.php?pr=systma&id=byd&v=1_0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mystart CHR Extension: (BYD) - C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl [2015-12-24] OPR Extension: (BYD) - C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem [2015-12-24] C:\Users\{username}\AppData\Roaming\BYD C:\Windows\System32\Tasks\Update Service for Best YouTube Downloader2 C:\Windows\System32\Tasks\Update Service for Best YouTube Downloader C:\Windows\Tasks\Update Service for Best YouTube Downloader2.job C:\Windows\Tasks\Update Service for Best YouTube Downloader.job C:\Program Files (x86)\Best YouTube DownloaderBYD (HKLM-x32\...\Best YouTube Downloader) (Version: 1.5.56 - Company Inc.)Task: {5E2E4EA2-AB92-402B-9C65-02BB3F75F82C} - System32\Tasks\Update Service for Best YouTube Downloader => C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe [2015-11-27] ()Task: {78C4C23D-32C1-4591-BA84-E3D1D6FD9345} - System32\Tasks\Update Service for Best YouTube Downloader2 => C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe [2015-11-27] ()Task: C:\Windows\Tasks\Update Service for Best YouTube Downloader.job => C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exeTask: C:\Windows\Tasks\Update Service for Best YouTube Downloader2.job => C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe

Alterations made by the installer:

File system details [View: All details] (Selection)---------------------------------------------------    Adds the folder C:\Program Files (x86)\Best YouTube Downloader       Adds the file CMDDAEa.exe"="27/11/2015 11:11, 157328 bytes, A       Adds the file uninstall.exe"="27/11/2015 11:11, 1635456 bytes, A    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF       Adds the file 74peN47FXpKy.exe"="27/11/2015 11:11, 761488 bytes, A       Adds the file b8n3XqM4Xglt.dll"="27/11/2015 11:11, 337040 bytes, A       Adds the file HdU3bnfVwGRl.dll"="27/11/2015 11:11, 427152 bytes, A       Adds the file icon.ico"="27/11/2015 11:11, 1150 bytes, A       Adds the file icon16.ico"="27/11/2015 11:11, 1150 bytes, A       Adds the file Lqmf0pEc1wCX.dll"="27/11/2015 11:11, 255120 bytes, A       Adds the file tByRpVyMj5CU.dll"="27/11/2015 11:11, 212112 bytes, A    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF\files       Adds the file background.html"="27/11/2015 11:11, 129 bytes, A       Adds the file BrowsersFix.js"="27/11/2015 11:11, 534 bytes, A       Adds the file Kernel.js"="27/11/2015 11:11, 20789 bytes, A    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\_locales    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files       Adds the file background.js"="27/11/2015 11:11, 28667 bytes, A       Adds the file foreground.js"="27/11/2015 11:11, 120938 bytes, A       Adds the file main.css"="27/11/2015 11:11, 2340 bytes, A       Adds the file proxy.js"="27/11/2015 11:11, 364 bytes, A    Adds the folder C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube       Adds the file arrow.png"="27/11/2015 11:11, 2951 bytes, A       Adds the file arrow2.png"="27/11/2015 11:11, 235 bytes, A       Adds the file plus.png"="27/11/2015 11:11, 2904 bytes, A    In the existing folder C:\ProgramData       Adds the file ntuser.pol"="24/12/2015 09:32, 626 bytes, RHSA    In the existing folder C:\Users\{username}       Adds the file ntuser.pol"="24/12/2015 09:32, 484 bytes, RHSA    In the existing folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default       Alters the file Preferences        11/12/2015 08:40, 183859 bytes, A ==> 24/12/2015 09:32, 197806 bytes, A       Alters the file Secure Preferences        11/12/2015 08:40, 40931 bytes, A ==> 24/12/2015 09:32, 72652 bytes, A       Alters the file Web Data        11/12/2015 08:39, 63488 bytes, A ==> 24/12/2015 09:32, 63488 bytes, A       (-)(FILE) Web Data-journal"="11/12/2015 08:39, 0 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0       Adds the file BrowsersFix.js"="27/11/2015 11:11, 1294 bytes, A       Adds the file Content.js"="27/11/2015 11:11, 1413 bytes, A       Adds the file Kernel.js"="27/11/2015 11:11, 22801 bytes, A       Adds the file manifest.json"="24/12/2015 09:32, 1204 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\_locales    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\files       Adds the file background.js"="27/11/2015 11:11, 36219 bytes, A       Adds the file foreground.js"="27/11/2015 11:11, 120205 bytes, A       Adds the file main.css"="27/11/2015 11:11, 2289 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\files\com.YoutubeDownloader.YouTube       Adds the file arrow.png"="27/11/2015 11:11, 2951 bytes, A       Adds the file arrow2.png"="27/11/2015 11:11, 235 bytes, A       Adds the file plus.png"="27/11/2015 11:11, 2904 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\icons       Adds the file icon128.png"="27/11/2015 11:11, 3306 bytes, A       Adds the file icon16.png"="27/11/2015 11:11, 3070 bytes, A       Adds the file icon48.png"="27/11/2015 11:11, 3326 bytes, A    In the existing folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default       Adds the file extensions.sqlite"="24/12/2015 09:32, 0 bytes, A       Alters the file prefs.js        10/11/2015 13:33, 5327 bytes, A ==> 24/12/2015 09:32, 6160 bytes, A       Adds the file search-metadata.json"="24/12/2015 09:32, 118 bytes, RA    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}       Adds the file bootstrap.js"="27/11/2015 11:11, 12313 bytes, A       Adds the file chrome.manifest"="27/11/2015 11:11, 78 bytes, A       Adds the file install.rdf"="27/11/2015 11:11, 13284 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome       Adds the file background.html"="27/11/2015 11:11, 69 bytes, A       Adds the file background.xul"="27/11/2015 11:11, 452 bytes, A       Adds the file BrowsersFix.js"="27/11/2015 11:11, 534 bytes, A       Adds the file Kernel.js"="27/11/2015 11:11, 19980 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\_locales    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\files       Adds the file background.js"="27/11/2015 11:11, 28018 bytes, A       Adds the file foreground.js"="27/11/2015 11:11, 120206 bytes, A       Adds the file main.css"="27/11/2015 11:11, 2289 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\files\com.YoutubeDownloader.YouTube       Adds the file arrow.png"="27/11/2015 11:11, 2951 bytes, A       Adds the file arrow2.png"="27/11/2015 11:11, 235 bytes, A       Adds the file plus.png"="27/11/2015 11:11, 2904 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\icons       Adds the file icon19.png"="27/11/2015 11:11, 3076 bytes, A       Adds the file icon48.png"="27/11/2015 11:11, 3326 bytes, A       Adds the file icon64.png"="27/11/2015 11:11, 3270 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome\skin       Adds the file arrow.png"="27/11/2015 11:11, 332 bytes, A       Adds the file background.png"="27/11/2015 11:11, 109 bytes, A       Adds the file bindings.css"="27/11/2015 11:11, 1648 bytes, A       Adds the file bindings.xml"="27/11/2015 11:11, 1336 bytes, A       Adds the file styles.css"="27/11/2015 11:11, 257 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\searchplugins       Adds the file mystart.xml"="24/12/2015 09:32, 4649 bytes, RA    In the existing folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable       Alters the file Preferences        15/12/2015 10:02, 20621 bytes, A ==> 24/12/2015 09:32, 35060 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0       Adds the file BrowsersFix.js"="27/11/2015 11:11, 1294 bytes, A       Adds the file Content.js"="27/11/2015 11:11, 1413 bytes, A       Adds the file Kernel.js"="27/11/2015 11:11, 22801 bytes, A       Adds the file manifest.json"="24/12/2015 09:32, 1133 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0\_locales    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0\files       Adds the file background.js"="27/11/2015 11:11, 36219 bytes, A       Adds the file foreground.js"="27/11/2015 11:11, 120205 bytes, A       Adds the file main.css"="27/11/2015 11:11, 2289 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0\files\com.YoutubeDownloader.YouTube       Adds the file arrow.png"="27/11/2015 11:11, 2951 bytes, A       Adds the file arrow2.png"="27/11/2015 11:11, 235 bytes, A       Adds the file plus.png"="27/11/2015 11:11, 2904 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0\icons       Adds the file icon128.png"="27/11/2015 11:11, 3306 bytes, A       Adds the file icon16.png"="27/11/2015 11:11, 3070 bytes, A       Adds the file icon48.png"="27/11/2015 11:11, 3326 bytes, A    In the existing folder C:\Windows\System32\GroupPolicy       Adds the file gpt.ini"="24/12/2015 09:32, 268 bytes, A    Adds the folder C:\Windows\System32\GroupPolicy\Adm       Adds the file chrome.adm"="24/12/2015 09:32, 1804 bytes, A    Adds the folder C:\Windows\System32\GroupPolicy\Machine       Adds the file Registry.pol"="24/12/2015 09:32, 572 bytes, A    Adds the folder C:\Windows\System32\GroupPolicy\User       Adds the file Registry.pol"="24/12/2015 09:32, 234 bytes, A    In the existing folder C:\Windows\System32\Tasks       Adds the file Update Service for Best YouTube Downloader"="24/12/2015 09:32, 2694 bytes, A       Adds the file Update Service for Best YouTube Downloader2"="24/12/2015 09:32, 3152 bytes, A    In the existing folder C:\Windows\Tasks       Adds the file Update Service for Best YouTube Downloader.job"="24/12/2015 09:32, 374 bytes, A       Adds the file Update Service for Best YouTube Downloader2.job"="24/12/2015 09:32, 374 bytes, ARegistry details [View: All details] (Selection)------------------------------------------------    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]       "(Default)"="REG_SZ", "BYD"       "ProgID"="REG_SZ", "Toolbar.ExtensionHelperObject.1"       "TypeLib"="REG_SZ", "{1D5A4199-956E-49BC-B89F-6A35C57C0D13}"       "VersionIndependentProgID"="REG_SZ", "Toolbar.ExtensionHelperObject"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\InprocServer32]       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll"       "ThreadingModel"="REG_SZ", "Apartment"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\Programmable]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}]       "(Default)"="REG_SZ", "_IFaOb2LmrlpgO5tSj2aKEvents"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020420-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}\TypeLib]       "(Default)"="REG_SZ", "{10ECD864-7879-4065-BF35-36422588085E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}]       "(Default)"="REG_SZ", "IFaOb2LmrlpgO5tSj2aK"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}\TypeLib]       "(Default)"="REG_SZ", "{10ECD864-7879-4065-BF35-36422588085E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}]       "(Default)"="REG_SZ", "{BF4DD426-36B8-452C-BB82-401600709D34}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\ProxyStubClsid]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\TypeLib]       "(Default)"="REG_SZ", "{65480A50-E09B-4E04-A488-0C172BB380ED}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10ECD864-7879-4065-BF35-36422588085E}\1.0]       "(Default)"="REG_SZ", "6woQRdass8vWqLf9xmlvWlebt__i0tP2Htdz"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10ECD864-7879-4065-BF35-36422588085E}\1.0\0\win32]       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\74peN47FXpKy.exe"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10ECD864-7879-4065-BF35-36422588085E}\1.0\FLAGS]       "(Default)"="REG_SZ", "0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10ECD864-7879-4065-BF35-36422588085E}\1.0\HELPDIR]       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{65480A50-E09B-4E04-A488-0C172BB380ED}\1.0]       "(Default)"="REG_SZ", "{65480A50-E09B-4E04-A488-0C172BB380ED}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{65480A50-E09B-4E04-A488-0C172BB380ED}\1.0\0\win32]       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{65480A50-E09B-4E04-A488-0C172BB380ED}\1.0\FLAGS]       "(Default)"="REG_SZ", "0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{65480A50-E09B-4E04-A488-0C172BB380ED}\1.0\HELPDIR]       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}]       "(Default)"="REG_SZ", "BackgroundScriptEngine Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}\LocalServer32]       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\74peN47FXpKy.exe"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}\Programmable]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]       "(Default)"="REG_SZ", "BYD"       "ProgID"="REG_SZ", "Toolbar.ExtensionHelperObject.1"       "TypeLib"="REG_SZ", "{1D5A4199-956E-49BC-B89F-6A35C57C0D13}"       "VersionIndependentProgID"="REG_SZ", "Toolbar.ExtensionHelperObject"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\InprocServer32]       "(Default)"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll"       "ThreadingModel"="REG_SZ", "Apartment"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\Programmable]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}]       "(Default)"="REG_SZ", "_IFaOb2LmrlpgO5tSj2aKEvents"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020420-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0320EF3E-5E37-4431-8920-3D825407C2F0}\TypeLib]       "(Default)"="REG_SZ", "{10ECD864-7879-4065-BF35-36422588085E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}]       "(Default)"="REG_SZ", "IFaOb2LmrlpgO5tSj2aK"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}\TypeLib]       "(Default)"="REG_SZ", "{10ECD864-7879-4065-BF35-36422588085E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}]       "(Default)"="REG_SZ", "{BF4DD426-36B8-452C-BB82-401600709D34}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\ProxyStubClsid]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BF4DD426-36B8-452C-BB82-401600709D34}\TypeLib]       "(Default)"="REG_SZ", "{65480A50-E09B-4E04-A488-0C172BB380ED}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]       "(Default)"="REG_SZ", "BYD"       "NoExplorer"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\0]       "DisplayName"="REG_SZ", "Local Group Policy"       "DSPath"="REG_SZ", "LocalGPO"       "Extensions"="REG_SZ", "[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}{D02B1F72-3407-48AE-BA88-E8213C6761F1}]"       "FileSysPath"="REG_SZ", "C:\Windows\System32\GroupPolicy\Machine"       "GPOLink"="REG_DWORD", 1       "GPOName"="REG_SZ", "Local Group Policy"       "Link"="REG_SZ", "Local"       "lParam"="REG_DWORD", ....       "Options"="REG_DWORD", 0       "Version"="REG_DWORD", -2036234591    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]       "Update Service for Best YouTube Downloader.job"="REG_BINARY, ................................       "Update Service for Best YouTube Downloader.job.fp"="REG_DWORD", 1670059621       "Update Service for Best YouTube Downloader2.job"="REG_BINARY, ................................       "Update Service for Best YouTube Downloader2.job.fp"="REG_DWORD", 278876438    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallWhitelist]       "1"="REG_SZ", "gabklpcbgpilmpfpbingloinmdpojagl"    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]       "(Default)"="REG_SZ", "BYD"       "NoExplorer"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Best YouTube Downloader]       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\uninstall.exe"       "DisplayName"="REG_SZ", "BYD"       "DisplayVersion"="REG_SZ", "1.5.56"       "NoModify"="REG_DWORD", 1       "NoRepair"="REG_DWORD", 1       "Publisher"="REG_SZ", "Company Inc."       "UninstallString"="REG_SZ", "C:\Program Files (x86)\Best YouTube Downloader\uninstall.exe"       "URLInfoAbout"="REG_SZ", ""    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Approved Extensions]       "{EB6628CF-0675-4DAE-95CE-EFFA23169743}"="REG_BINARY, ............    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]       "Start Page"=REG_SZ, "https://www.mystart.com/?pr=systma&id=byd&v=1_0"    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]       "74peN47FXpKy.exe"="REG_DWORD", 9999    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]       "DefaultScope"=REG_SZ, "{EB6628CF-0675-4DAE-95CE-EFFA23169743}"    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]       "{EB6628CF-0675-4DAE-95CE-EFFA23169743}"="REG_SZ", ""    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]       "NoDriveTypeAutoRun"="REG_DWORD", 145    [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions]       "UsePolicySearchProvidersOnly"="REG_DWORD", 1    [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{EB6628CF-0675-4DAE-95CE-EFFA23169743}]       "DisplayName"="REG_SZ", "MyStart"       "FaviconPath"="REG_SZ", "https://www.mystart.com/favicon.ico"       "FaviconURLFallback"="REG_SZ", "https://www.mystart.com/favicon.ico"       "SortIndex"="REG_DWORD", 0       "SuggestionsURLFallback"="REG_SZ", ""       "TopResultURLFallback"="REG_SZ", ""       "URL"="REG_SZ", "https://www.mystart.com/results.php?pr=systma&id=byd&v=1_0&p={searchTerms}"

Extract of the Malwarebytes Anti-Malware log (full log available on request):

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 24/12/2015Scan Time: 09:47Logfile: mbamBestYoutubeDownloader.txtAdministrator: YesVersion: 2.2.0.1020Malware Database: v2015.12.24.03Rootkit Database: v2015.12.18.01License: PremiumMalware Protection: DisabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: {username}Scan Type: Threat ScanResult: CompletedObjects Scanned: 313366Time Elapsed: 5 min, 3 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 30PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}, Quarantined, [588b4e5a345766d0b801ef7e996928d8], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}, Quarantined, [588b4e5a345766d0b801ef7e996928d8], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}, Quarantined, [588b4e5a345766d0b801ef7e996928d8], PUP.Optional.BestYoutubeVideoDownloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Best YouTube Downloader, Quarantined, [da09a305d1ba44f2d3f9a420966bbd43], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service for Best YouTube Downloader, Delete-on-Reboot, [d70c8e1a4d3ed561fe23020ee3218f71], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service for Best YouTube Downloader2, Delete-on-Reboot, [df04535594f7251127fa8e82db29fc04], PUP.Optional.BestYoutubeDownloader, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}, Quarantined, [677c9a0efe8d4de9e465d73a48bc748c], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\TYPELIB\{10ECD864-7879-4065-BF35-36422588085E}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{0320EF3E-5E37-4431-8920-3D825407C2F0}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0320EF3E-5E37-4431-8920-3D825407C2F0}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0320EF3E-5E37-4431-8920-3D825407C2F0}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5D9A45D0-539A-4C3D-A1D7-C5A9967BB736}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{10ECD864-7879-4065-BF35-36422588085E}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{10ECD864-7879-4065-BF35-36422588085E}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\TYPELIB\{65480A50-E09B-4E04-A488-0C172BB380ED}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{BF4DD426-36B8-452C-BB82-401600709D34}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BF4DD426-36B8-452C-BB82-401600709D34}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BF4DD426-36B8-452C-BB82-401600709D34}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{65480A50-E09B-4E04-A488-0C172BB380ED}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{65480A50-E09B-4E04-A488-0C172BB380ED}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\INPROCSERVER32, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], Registry Values: 2PUP.Optional.BestYoutubeDownloader, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8262746A-CDF6-4797-8AFD-8E6D9A20EA53}|AppPath, C:\Program Files (x86)\Best YouTube Downloader\IEEF, Quarantined, [677c9a0efe8d4de9e465d73a48bc748c]PUP.Optional.BestYouTubeDownloader, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [8360bdeb167542f4d5323451a161fc04], Registry Data: 1PUP.Optional.MyStart, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://www.mystart.com/?pr=systma&id=byd&v=1_0,'>https://www.mystart.com/?pr=systma&id=byd&v=1_0, Good: (www.google.com), Bad: (https://www.mystart.com/?pr=systma&id=byd&v=1_0),Replaced,[25be941498f30b2bc9a7aee2838122de]Folders: 259PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\BYD, Quarantined, [c122cddb15765adcb791c24f41c313ed], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\_locales, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\_locales\zh_TW, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}, Quarantined, [ebf8acfc8efd88aeb06c7844fd079b65], PUP.Optional.Clicker, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem\1.5.56_0, Quarantined, [677c4b5d7d0e79bdc4594a72e02452ae], PUP.Optional.Clicker, C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojlhjjbnmepbhlphmekcmgapilimneem, Quarantined, [677c4b5d7d0e79bdc4594a72e02452ae], PUP.Optional.Amigo, C:\Windows\System32\GroupPolicy\Adm, Quarantined, [70737e2a5d2e81b5a86bb408f01406fa], Files: 306PUP.Optional.BestYoutubeVideoDownloader, C:\Users\{username}\Desktop\BestYoutubeDownloader.exe, Quarantined, [e5fed7d15239fe38f3d91ba917ea36ca], PUP.Optional.BestYoutubeVideoDownloader, C:\Program Files (x86)\Best YouTube Downloader\uninstall.exe, Quarantined, [da09a305d1ba44f2d3f9a420966bbd43], PUP.Optional.BestYouTubeDownloader, C:\Windows\System32\Tasks\Update Service for Best YouTube Downloader, Quarantined, [0fd407a1d2b9c670a976ff11956f966a], PUP.Optional.BestYouTubeDownloader, C:\Windows\System32\Tasks\Update Service for Best YouTube Downloader2, Quarantined, [647f5850b8d3b87e39e6dd3336ce51af], PUP.Optional.BestYouTubeDownloader, C:\Windows\Tasks\Update Service for Best YouTube Downloader.job, Quarantined, [677c08a0216a082e7ca48e82ac589d63], PUP.Optional.BestYouTubeDownloader, C:\Windows\Tasks\Update Service for Best YouTube Downloader2.job, Quarantined, [4b9856529eed0531ad73a16fae56bf41], PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\BYD\Storage.db, Quarantined, [c122cddb15765adcb791c24f41c313ed], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\CMDDAEa.exe, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\74peN47FXpKy.exe, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\b8n3XqM4Xglt.dll, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\HdU3bnfVwGRl.dll, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\icon.ico, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\icon16.ico, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\Lqmf0pEc1wCX.dll, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\tByRpVyMj5CU.dll, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\background.html, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\BrowsersFix.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\Kernel.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\background.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\foreground.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\main.css, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\proxy.js, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube\arrow.png, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube\arrow2.png, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.BestYouTubeDownloader, C:\Program Files (x86)\Best YouTube Downloader\IEEF\files\files\com.YoutubeDownloader.YouTube\plus.png, Quarantined, [8360bdeb167542f4d5323451a161fc04], PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\BrowsersFix.js, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\Content.js, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\Kernel.js, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], PUP.Optional.Clicker, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabklpcbgpilmpfpbingloinmdpojagl\361.5.56_0\manifest.json, Quarantined, [3ca75751d8b341f5ab7426969c68ff01], PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\install.rdf, Quarantined, [ebf8acfc8efd88aeb06c7844fd079b65], PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\bootstrap.js, Quarantined, [ebf8acfc8efd88aeb06c7844fd079b65], PUP.Optional.BestYoutubeDownloader, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\extensions\{EB6628CF-0675-4DAE-95CE-EFFA23169743}\chrome.manifest, Quarantined, [ebf8acfc8efd88aeb06c7844fd079b65], PUP.Optional.MyStart, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\searchplugins\mystart.xml, Quarantined, [6380c9dfdfac55e15bb9e2da768e30d0], PUP.Optional.Amigo, C:\Windows\System32\GroupPolicy\Adm\chrome.adm, Quarantined, [70737e2a5d2e81b5a86bb408f01406fa], Physical Sectors: 0(No malicious items detected)(end)

As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.

We use different ways of protecting your computer(s):

Dynamically Blocks Malware Sites & Servers
Malware Execution Prevention

Save yourself the hassle and get protected.

Sign In

Removal instructions for Best YouTube Downloader

Recommended Posts

Metallica

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information