Bushfiva, I did read of that. When I tried to uninstall it it and their uninstall window popped up it sent the alarm bells ringing. I could smell something wasn't right. Bastards. Hope they :mad: rot.

:(

It ain't gone yet...
 

Spoke too soon. YAC is still lurking. Checked services and there is a service YAC running, set to automatic.

Service name: SafeService
Display name: YAC service

Also gave a path to executable.

I booted in safe mode, disabled the service and rebooted. It still started.

I have a folder in programs, Elex-tech which contains YAC, 52Mb for heavens sake. superantispyware failed to uninstall it.

I don't know the direction I should take with this now.

Reformat and start fresh. Don't waste your time. :E

Delete the folder, or if you're worried about data loss, move it to somewhere other than the current path. If something bad happens you can still restore it. Possibly you'll have to do it in safe mode.

Reboot the computer and check the process list, it shouldn't appear any more. Run CCleaner and remove from registry all references to non-existing software. If all is OK delete the folder permanently.

Then reformat the whole kit and kaboodle and install FreeBSD.

^- just kidding :E.

Pah, FreeBSD is for wusses. OpenBSD is what the grownups do. :E

Malwarebytes Anti-Malware should pick off stuff like that - use the Threat Scan level initially, and/or Microsoft Security Essentials or Defender as it is also known.
That would be somewhat less extreme than going for the reformat and reinstallation.
Do you have any anti-spyware, anti-malware programs running in the background?

Before I try anything drastic, I'm wondering how much of a threat, if any, YAC really is.

I did a full scan with Defender on the C: drive and it found nothing. I have real time protection turned on. Super Anti Spy keeps flagging YAC but it doesn't uninstall. I have no system restore disk. I have a system repair disk which I made at the start of the month but not sure how much that can do.

Reformat and reinstall I frankly don't see as an option.

As fate would have it, the partition on an external drive which contained a system image fcuked off. That image probably contains YAC anyway but it may overcome the services issues. I split the drive into 2 partitions and I now see only one.

I used CCleaner to check the register.

Belfrybat
In C: program, I have a folder called Elex-tech and in that resides the YAC folder. Do you mean try moving the YAC folder to another location? I'm not sure where to (a restore point has been made).

The machine is actually running quite smoothly now so I'm sort of thinking leave it as it is. Putting annoyances aside, is the security of my machine compromised, such as for online banking?

Yo Peliwhotsit in da house,

Sorry... right, back to business !

The safest thing is to assume YES.

The fact that this thing is affecting your web browser means its doubly safe to assume YES.

But also, how do you know there isn't something else lurking ? :hmm:

Mixture, thanks for response. Actually the browser appears to be working fine. As you say, just wondering what could be lurking. I would love to start on a clean machine, preferably Apple.😉.


No idea why the partition with the System Image decided to buggah off into the ether. I may try moving/deleting the YAC folder.


Although, having a restore point where stuff is 'reasonable' I may just try the uninstall again.🚓🚓🚓


I fancy some Liquorice Allsorts.

What's in the Elex-tech folder besides the YAC folder? Safest is to move the whole folder to C:\temp or something similar, create it if you don't already have it. The fact that this folder is inside another folder is by itself suspicious.

If it's something you know about and is safe, move only the YAC folder. Then whatever tries to load it won't find it in the registered path so can't load. If something strange happens you can put it back and try something else.

Reboot the computer and if it runs fine delete the folder. It will still be in the uninstall list and the registry so run CCleaner to remove all references.

Since you're at it, CCleaner also lists the stuff that's loaded at Windows bootup and gives you a choice to disable or remove the undesired entries.

Some programs (like a wellknown PDF reader) think they're so important that they'll load themselves or a "quickloader" in background for "faster startup". They're still slow as molasses in Alaska to start up and just waste resources.

Edited to add what I found DuckDuckGoing Elex-tech:
http://manual-removal.com/remove-yet...c-mx-redirect/

Daft thing about all this is that if I had just run "Superantispyware" in the first instance, the By Great Deal thing would have been vanquished and I would have been unaware of YAC.

It was in trying to get rid of By Great Deal manually that I noticed the YAC folder in programs and it caught my attention. It has led to this. I'm still not convinced that YAC is malware but it is certainly a PUP and is able to protect itself.

There is nothing else in the Elex-tech folder, only the YAC folder. There is an application called isafe within the folder and SuperAntispyware does not see it as a threat. Belfrey, thanks for link and suggestions. I'll take a closer look later.

Just removing the obvious file/folder or program.exe file is usually not enough. Most of those types of nasties embed themselves where you can't get to so you need a program that knows how to extract them with minimal disruption. That's why I also suggested MalwareBytes Anti-Malware. I know it detects and deletes on command PUP "infections". I've had them. One thing to be careful of though is that there can be a PUP show up in the analysis but it is part of a program or something that is legitimate.

With hindsight I'd say never go in and delete a folder or file as such in the hope of eliminating these things, always do a scan first. Otherwise it is akin to the proverbial using a sledgehammer to crack a walnut. It may do the job, but the collateral damage is vast.