The YAC virus (also found as YAC Search virus, YACmx virus, YAC Cleaner, Yet Another Cleaner virus, Elex do Brasil Participações Ltda, YAC computer virus, Woodtale virus, and more) is dangerous malware categorized as scareware (rogue software) that is promoted as an unregistered (free) and registered (full) Microsoft Windows cleaner and optimizer tool; however, YAC Cleaner is essentially considered a non-beneficial rogue Windows Optimizerand Antivirusprogram that participates in unethical marketing practices and performs fraudulent, non-beneficial computer scans with highly misleading results in order to create customers and collect user information using scare tactics.
YAC promotes a free trial is a that displays misleading information, misleading scan results, including a quick clean scan, deep clean scan, system boost, and more.
Once installed, the non-beneficial YAC cleaning software will begin to perform a scan without authorization. The scan will then claim that there are a numerical amount of problems detected, and will also claim that a certain amount of them are not safe. Most of the time the malicious results shown do not exist on the computer system and is fabricated by the software.
YAC malware also opens internet browser windows and cause unwanted pop-ups to appear, as well as change your homepage, default search engine, and start page causing your internet browsers to constantly start up on and redirect to search.yac.mx and other websites when users search the web, open a browser window, open a new browser tab, and perform similar tasks. In Google Chrome, YAC hijacks the startpage settings, home page settings (as well as causes the home button to appear), and default engine.
YAC will also collect and distribute user information manually submitted online while the program is installed or information submitted to the initial party and involved third-parties, as well as what they describe as anonymous usage information (anonymous information can still be used to identify a person or make communications).
YAC will collect complete computing and browser activity. The information collected is often submitted to marketing and mailing lists. Victims have reported excessive email spam from YAC Software and third-parties, as well as junk mail and telephone calls from telemarketers at home.
YAC malware often bundles with third-party adware,spyware, and browser hijackers used to display pop-up ads, banner ads, coupon drop-down ads, and cause browser redirections and start-ups.
YAC.mx and the items they develop and promote are very malicious and have connections to Hong Kong, Brazil, Mexico and other countries. In most cases the items seem to be repackaged and renamed.
YAC Cleaner is confusing and difficult to install for many users.
YAC has also been documented spam commenting and forum spamming many websites, including ours in efforts to promote the product and defame legitimate software used to remove it such as Malwarebytes.
YAC.mx also misleads their web visitors by displaying defamatory and false information about legitimate sources including our website, Botcrawl.com in efforts to create customers via unethical marketing tactics. You can view images of this in the gallery below. Please note, we are not a“malicious thing” that does any harm to anyone, all information displayed on the website is false. There is no need for us to file suit against them at the moment as this patently potrays how unethical their product and website is.
Yac.mx published this post after learning about our research of their product.
How does YAC malware get onto a computer?
YAC Software can be manually and voluntarily downloaded from a variety of locations including download.com, and others; however, most users claim that YAC scareware installed without consent.
YAC also bundles with third-party freeware and shareware.
In some instances YAC scareware may be contracted via advertisements, email spam, and compromised social media content.
How to remove YAC Malware
Automatically remove YAC – Scan for and automatically remove YAC malware
Manually remove YAC – Remove/Uninstall YAC and third-party malware if allowed
1. Automatic YAC removal
Use the instructions below to automatically remove YAC scareware and third-party malware.
2. Once Malwarebytes is installed, run the program. If you are using the free version of Malwarebytes you will be prompted to update the database, make sure to do so.
3. On the first tab labeled “Scanner” select the Perform full scan option and click the Scan button to perform a full system scan. Malwarebytes will automatically detect malware infecting the computer system.
4. Once the malware scan is complete, Malwarebytes may prompt a notice stating malicious objects were detected. Select the malicious objects and click the Remove Selected button to completely remove the malicious files from your computer (the image below shows a file that is NOT selected) or click the Delete button to remove quarantined files.
CCleaner can be used to automatically repair internet browser settings startup up settings, and uninstall stubborn and possibly rogue YAC software.
2. Once installed, open the program and navigate to Cleaner > Windows/Applications and click the Analyze button. Afterwards, click the Run Cleaner button on the bottom right of the program interface.
3. Next, navigate to Tools > Startup and search through each tab starting from windows, internet explorer, etc., all the way to Content Menu, for additional suspicious entries and click Disable and Delete once anything is found. Something to look for might include the title “YAC.”
4. To automatically uninstall YAC and unwanted programs, navigate to the Uninstall tab and located software in the list of installed programs. Uninstall the programs as selected. Keep in mind that the publisher of the program often changes from Elex do Brasil Participações Ltdalocated in Sao Paulo, Brazil to WoodtaleMedia.com and iSafe Virus Removal.
2. Manual YAC removal
Use the instructions below to manually uninstall rogue YAC software using generic removal procedures (if allowed), as well as third-party malware that may have installed alongside rogue Windows optimization software.
How to uninstall YAC (Yet Another Cleaner)
1. Access Windows Start Menu and navigate to the Control Panel.
2. Click Uninstall a program or Add and remove a program.
3. In the list of installed programs, search for YAC (Elex do Brasil Participações Ltda) and other potentially unwanted software. Once located, double click the unwanted programs or highlight them in the list and click the Uninstall button.
It is important to stay alert when uninstalling YAC as the process may be difficult. If a prompt appears, click Uninstall YAC, then click the Uninstall button, then choose a reason for uninstalling the malware, and click the new Uninstall button.
Some versions of YAC software do now show buttons when uninstalling the software. If this is the case, viewers have suggested to use the video below as a guideline in order to click the screen in the appropriate locations to perform the appropiate tasks to remove this pesky software.
Related Articles & Troubleshooting
In some cases YAC malware will reinstall itself. If this is the case there are several options to remove Yet Another Cleaner listed below, as well as instructions to remove similar rogue software.
Kashmir Hill, a reporter for Forbes, found out just how easy it is to hack a smart home. By “Googling a very simple phrase,” Hill was presented with a list of homes with automation systems from a well-known company. “[The] systems had been made crawl-able by search engines,” says Hill, and because the now discontinued systems didn’t require users to have a username or password the search engine results, once clicked, allowed her full control of the system. Hill contacted two of the homes she found online and, once she had asked for permission, demonstrated her ability to switch on and off lights in the homes. Hill also had the ability to control a range of other devices in the homes. This is just one example of the potential security issues surrounding home automation systems.
Home automation, the automation of things like lighting, heating, door and window locks, and security cameras is a relatively new, but rapidly growing market currently worth US$1.5 billion in the US alone. But as with any new technology, there will inevitably be potential security risks.
Security researchers will give two separate presentations at the Black Hat 2013 security conference on security vulnerabilities in home automation systems. One of the presentations will discuss a vulnerability in a proprietary wireless protocol, Z-wave, that is used in a range of embedded devices such as home automation control panels, security sensors, and home alarm systems. The flaw allows for the encrypted communication of a Z-wave device to be intercepted and used to disable other Z-wave devices. A second talk, ‘Home Invasion 2.0,’ will present vulnerabilities discovered after several popular home automation systems were looked at. “We looked over somewhere in the range of 10 products and only found one or two that we couldn’t manage to break. Most didn’t have any security controls at all,” said Daniel Crowley of SpiderLabs. Many of the devices allow the user to download an app for their phone that allows them to control the automated system remotely. The researchers found that many systems used no authentication when communicating between the mobile device and the home system, creating opportunities for a malicious actor to take control.
Approximately three percent of homes in the US currently have home automation systems installed, but that number is set to grow, with some analysts projecting an increase that will see it reach double digits in the next few years.
In the rush to adopt new and exciting technology, keeping that technology secure may sometimes be placed low on the list of priorities. Hopefully, the vulnerabilities uncovered by this and other research will help highlight the importance of good security.