not-a-virus:HEUR:AdWare.Script.Redirect.gen preventing me from entering many websites

[redcat2025]

Hi i have this message when i try to open many websites

Quote

Prevented downloading of software that can be used by criminals

Some legitimate software can damage your computer if it is used by criminals. Hence, we prevent downloading of remote control programs, auto-dialers, adware, and some other legitimate software.

You were protected from downloading this program by Kaspersky security. You can close this window with no risk.

Hide details

Detected at: 6/19/2025 7:32:57 PM

Web address: https : //eztvx.to/home 

Reason: contains adware, auto-dialers, legitimate software that can be used by criminals to damage your computer or personal data

Application: not-a-virus:HEUR:AdWare.Script.Redirect.gen

 

how can i open the pages safly without disabling kaspersky?

[Berny]

@redcat2025

Please download and run AdwCleaner (*) as ADMIN.

1. Don’t fix eventual detections
2. Please copy/paste the TXT Log in your next post

(*) No installation required.

[redcat2025]

# -------------------------------
# Malwarebytes AdwCleaner 8.5.1.601
# -------------------------------
# Build:    03-26-2025
# Database: 2025-04-04.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-20-2025
# Duration: 00:00:14
# OS:       Windows 11 (Build 22631.5472)
# Scanned:  32083
# Detected: 51

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.LoadMoney                C:\ProgramData\Partner
PUP.Optional.Legacy             C:\Program Files (x86)\GreenTree Applications
PUP.Optional.Legacy             C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
PUP.Optional.Legacy             C:\ProgramData\ytd video downloader
Rogue.ForcedExtension           C:\ProgramData\apn

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKCU\SOFTWARE\73112565121019169982456341533895351211514098520
PUP.Optional.Legacy             HKCU\Software\APN PIP
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy             HKCU\Software\Myfree Codec
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Myfree Codec
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
PUP.Optional.SlimCleanerPlus    HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.YTDToolbar         HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
PUP.Optional.YTDToolbar         HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPAudioSwitch   Folder   C:\Program Files (x86)\HP\HPAUDIOSWITCH 
Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE7019B0-DF32-4A1C-B44F-4AC62685CD25}  
Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch 
Preinstalled.HPAudioSwitch   Task   C:\Windows\System32\Tasks\HPAUDIOSWITCH 
Preinstalled.HPCoolSense   Folder   C:\Program Files (x86)\HP\HP COOLSENSE 
Preinstalled.HPCoolSense   Folder   C:\Users\Pixel-PC\AppData\Local\HP\HP COOLSENSE 
Preinstalled.HPCoolSense   Folder   C:\Windows\System32\Tasks\HP\HP COOLSENSE 
Preinstalled.HPCoolSense   Registry   HKLM\Software\Classes\CLSID\{224695A4-BD5E-4C38-B354-A4C828E61BF7} 
Preinstalled.HPJumpStartApps   Folder   C:\Program Files (x86)\HP\HP JUMPSTART APPS 
Preinstalled.HPJumpStartApps   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\HP JumpStart Apps 
Preinstalled.HPJumpStartBridge   Folder   C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE 
Preinstalled.HPJumpStartLaunch   Folder   C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH 
Preinstalled.HPJumpStartLaunch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B3EB0F5-EE46-4F08-B2BA-057B6F86AB15}  
Preinstalled.HPJumpStartLaunch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch 
Preinstalled.HPJumpStartLaunch   Task   C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH 
Preinstalled.HPRegistrationService   Folder   C:\Program Files (x86)\HP\HP REGISTRATION SERVICE 
Preinstalled.HPRegistrationService   Folder   C:\ProgramData\HP\HP REGISTRATION SERVICE 
Preinstalled.HPSupportAssistant   Folder   C:\HP\SUPPORT 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS 
Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Users\Pixel-PC\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Users\Pixel-PC\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA} 
Preinstalled.HPSureConnect   Folder   C:\Program Files\HPCOMMRECOVERY 
Preinstalled.HPSureConnect   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6} 
Preinstalled.HPTouchpointAnalyticsClient   Folder   C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT 
Preinstalled.HPTouchpointAnalyticsClient   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F} 

 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

 

 

[Berny]

@redcat2025

1. Please Close browsers and other applications 
2. Please delete the "PUP" detections
3. Please keep all "Preinstalled" entries !
4. Reboot