(YAC) Yet Another Cleaner “Virus” Removal

(YAC) Yet Another Cleaner “Virus” is pretending to be an anti-malware solution with an unregistered (free) and registered (paid) functionality involving scanning, virus removal and PC optimization. In reality it is recognized as Potentially Unwanted Program (PUP) by all reputable anti-malware companies on the market for reasons detailed below. It is not a “virus” per se, although it exhibits some of the traits users commonly relate to one.

yac-yet-another-cleaner-virus

(YAC) Yet Another Cleaner “Virus” actually possesses a full array of nasty surprises

This PUP operates by using a mixture of underhanded tactics involving installing on the user’s computer without their permission, starting HDD scans without authorization and showing fake results to scare the user into buying the registered version.

The first time you see (YAC) Yet Another Cleaner “Virus” it will have installed a free trial on your computer and it will automatically begin an unauthorized scan of your machine. Even if your computer is presently clear of any viruses or freshly out of full format the scan will immediately locate several threats that will need to be urgently removed. Of course that can only happen if you pay for the full version. As you can see (YAC) Yet Another Cleaner “Virus” doesn’t really scan for viruses – it creates fake positives in order to make you pay.

Another nasty features of this PUP is its ability to hijack your browser. It can mess up your homepage and change it to a page associated with (YAC) Yet Another Cleaner “Virus”. It can do the same to your default search engine – it will be replaced with search.yac.mx. Both of these changes can be undone, but they will revert back to default values set by (YAC) Yet Another Cleaner “Virus” whenever you restart your browser. In addition to these (YAC) Yet Another Cleaner “Virus” can also display unwanted Ads on pages you browse – much like an Adware program.

Methods of installation

(YAC) Yet Another Cleaner “Virus”is not unique – there are actually many other similar programs that try to scan money out of unsuspecting customers and are always a headache to get rid of. Use the information below to spot these in advanced and never install them on your computer – they are nothing but headache.

The most common tricks (YAC) Yet Another Cleaner “Virus” could have used to install on your computer involve infected executable files obtained from unsafe sources, misleading advertisements or program bundles. In order to avoid the first two types of infection patterns try to avoid obtaining executable files from potentially dangerous sources such as forum links, blogs, torrents and online storage sites. An anti-virus program to scan any such executable could be an extremely valuable asset as well. This advice also applies towards Ads attached to such suspicious sites – in fact these Ads are often nastier in their own right. Some storage sites can display multiple download buttons and only one of them is real and functional. The rest will download an Adware application much like (YAC) Yet Another Cleaner “Virus.”

Program bundles are installers for programs that install additional applications when the default installation option is used. These are very popular with shareware and freeware programs and are basically haven for virus distribution. In order to minimize the risks you should always select the Advanced installation option and deny access to any shady programs you don’t really need. Remember that you’ll always get the main program regardless of how the text might try to mislead you.

Remove (YAC) Yet Another Cleaner “Virus”

Readers are interested in:

STEP 1:

Our first step here is a reboot in Safe Mode. If you already know how to do it, just skip this and proceed to Step 2. If you do not know how to do it, continue reading:

For Windows 98, XP, Millenium and 7 Users:

Restart your computer. To be sure you don’t miss the time when you need to press it, just spam F8 as soon as the PC starts booting. In the new menu, choose Safe Mode With Networking.

Proceed to Step 2.

For W. 8 and 8.1 Users:

Click the Start button ,then Control Panel —> System and Security —> Administrative Tools —> System Configuration.Administrator permission required

msconfig

Then check the Safe Boot option and click OK.  Click  Restart in the new pop-up.

Proceed to Step 2.

For Windows 10 Users:

  1. Open the Start menu.
  2. Click the power button icon in the right corner of the new Start menu to show the power options menu.
  3. Press and hold down the SHIFT key on the keyboard and click the Restart option while still holding down the SHIFT key.

Windows 10 will perform the reboot. Next do the following:

Click the Troubleshoot icon, then Advanced options —> Startup Settings. Click Restart.
After the reboot click on Enter Safe Mode With Networking (Fifth Option).

Continue with Step 2.

STEP 2:

WARNING!
To remove parasite, you may have to meddle with system files and registries. Making a mistake and deleting the wrong thing may damage your system.
Avoid this by using SpyHunter - a professional Parasite removal tool.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

Hold the Windows Key and R together. Write appwiz.cpl in the new field, then click OK.

appwiz

You are now in the Control Panel. Search around for (YAC) Yet Another Cleaner and anything else suspicious-looking. Uninstall it/them. Also, be extremely careful. Viruses often spend one last ditch effort to trick you into installing more of their kind. If you see a screen like this when you click Uninstallchoose NO:

virus-removal1

STEP 3:

Hold the Windows Key and R and copy + paste the following, then click OK:

notepad %windir%/system32/Drivers/etc/hosts

A .txt file will open – don’t touch anything there. If you are hacked and someone has access to your PC, there will be a bunch of other IPs connected to you at the bottom. This is what a hosts file looks like:

hosts_opt (1)

If there are a bunch of strange IPs connecting to you below “Localhost” you may be hacked, and it’s best to ask us in the comments for directions.

Now hold the windows Key and R again but type %temp% in the field and hit enter. Delete everything in that directory.

STEP 4:

Right click on each of the malware processes separately and select Open File Location. Also, End the process after you open the folder. Just to make sure we don’t delete any programs you mistakenly took for a malware, copy the folders somewhere, then delete the directories you were sent to. There’s a good chance (YAC) Yet Another Cleaner “Virus” is hiding somewhere in here.

BIG WARNING HERE! READ THIS BEFORE PROCEEDING!

This is perhaps the most important and difficult step, so be extremely careful. Doing this can damage your PC significantly if you make a big mistake. If you are not feeling comfortable, we advise you to download a professional (YAC) Yet Another Cleaner “Virus” remover. Additionally, accounts connected to your credit cards, or important information, may be exposed to the virus.

malware-start-taskbar

NOTE: There is either a file or a folder named Elex-Tech in your Porgrams or Program Files folder. You need to delete it, but you will not be allowed to do so. You can resolve this situation by cutting the entire folder somewhere else, deleting Elex-Tech and copy + pasting the folder back in its proper place.

STEP 5:

Take a look at the following things:

Type msconfig in the search field and hit enter: you will be transported to a new window. 

msconfig_opt

Go in the Startup tab and Uncheck anything that has “Unknown” as Manufacturer.

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the malware’s Name. Right click and delete any entries you find with a similar name. If you can’t find them this way, look in these directories, and delete the registries manually:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious, but bear in mind they are always different.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

STEP 6:

If these things fail to help you find (YAC) Yet Another Cleaner “Virus” you need to resort to a professional scanner – obviously this is a malware that was created to steal your credentials and credit cards – meaning the people who created it spent a lot of resources to make it as dangerous as possible.

Did we help you? Please, consider helping us by spreading the word!

Was this guide helpful?