www.yac.mx

Name: Registration Private

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Washington, District of Columbia within the United States which resides on the ThePlanet.com Internet Services, Inc. network.
Remove Malware from www.yac.mx - Powered by Reason Core Security
Registrar:
GoDaddy.com

Server location:
District of Columbia, United States (US)

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.ElexdoBrasilParticipacoesa.X, PUP.Optional.ElexdoBrasilParticipacoesa.T, PUP.Optional.Installer.W, Threat.Win.Reputation.IMP, PUP.Optional.Installer.X, PUP.Optional.Installer.EE, Win32.Generic.Installer.ELEX.Meta, Win32.Generic.ELEX.Installer.Meta
95.45%

Malwarebytes
Trojan.ELEX, FraudTool.YAC, PUP.Optional.ELEX, Fraudtool.YAC
38.64%

Dr.Web
Adware.Mutabaha.45, Adware.Mutabaha.73, Adware.Mutabaha.174, Adware.Mutabaha.163, Adware.Mutabaha.332, Adware.Mutabaha.456, Adware.Mutabaha.71
38.64%

ESET NOD32
Win32/ELEX (variant), Win32/OpenCandy (variant), Win32/ELEX.BZ potentially unwanted, Win32/ELEX.CC potentially unwanted (variant)
36.36%

Trend Micro House Call
TROJ_GEN.F47V0408, ADW_ELEX, TROJ_GEN.F47V0422, TROJ_GEN.R0CBH05C414, Suspicious_GEN.F47V0122, Suspicious_GEN.F47V0311, TROJ_GEN.R02SC0ODO15
22.73%

K7 Gateway Antivirus
Unwanted-Program , Unwanted-File , Trojan , Adware
22.73%

Bkav FE
W32.Clode48.Trojan, W32.Cloda9f.Trojan, W32.HfsAdware
20.45%

McAfee
Artemis!4AD33EDB0C0A, Artemis!77DFC0AD9B23, Artemis!EACF85D3D4A4, Artemis!9B1B271DD83F, Artemis!2138E22D3FB6, Artemis!91BEEB69EADB
15.91%

Avira AntiVirus
ADWARE/Adware.Gen2, APPL/Elex.jjsd, TR/Elex.1204784, TR/Elex.1571680
15.91%

K7 AntiVirus
Unwanted-Program , Trojan , Adware
15.91%

Fortinet FortiGate
Riskware/Elex
13.64%

avast!
Win32:Rootkit-gen [Rtk], Win32:Malware-gen, Win32:Adware-gen [Adw]
13.64%

G Data
Win32.Application.Elex
13.64%

NANO AntiVirus
Trojan.Win32.Elex.cumwmi, Trojan.Win32.Elex.dqxiwa, Riskware.Nsis.Mutabaha.dqgtqu
11.36%

IKARUS anti.virus
Trojan-Dropper, PUA.Elex
11.36%

The domain www.yac.mx has been seen to resolve to the following 4 IP addresses.

174.36.247.66-static.reverse.softlayer.com
May 13, 2014

184.173.128.178-static.reverse.softlayer.com
March 14, 2014

184.173.128.179-static.reverse.softlayer.com
March 14, 2014

173.192.211.213-static.reverse.softlayer.com
November 21, 2013

File downloads found at URLs served by www.yac.mx.

1 / 68      (Malware)
http://www.yac.mx/download/.../down.php?pt=mat  (yet_another_cleaner_mat.exe)

1 / 68      (Malware)
http://www.yac.mx/download/.../down.php?pt=gam  (yet_another_cleaner_gam.exe)

1 / 68      (Malware)
http://www.yac.mx/download/.../down.php?pt=reh  (yet_another_cleaner_reh.exe)

3 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=mar  (yet_another_cleaner_mar.exe)

1 / 68      (PUP)

2 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=mma  (yet_another_cleaner_glp.exe)

6 / 68      (PUP)
http://www.yac.mx/.../77274  (yet_another_cleaner_sk_66706.exe)

2 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=avai&subid=10336031320  (yet_another_cleaner_avai_setup_10356735058.exe)

1 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=amo  (yet_another_cleaner_dnf.exe)

4 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=brof  (yet_another_cleaner_muncd.exe)

1 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=bro&subid=  (yet_another_cleaner_cdls_setup_15375.exe)

13 / 68    (PUP)
http://www.yac.mx/download/.../down.php?pt=snw&subid=  (yet_another_cleaner_avai_setup_10716791442.exe)

3 / 68      (PUP)

15 / 68    (PUP)
http://www.yac.mx/.../7546060  (yet_another_cleaner_sk_0.exe)

8 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=cdls&subid=15375  (yet_another_cleaner_cdls_setup_15375.exe)

6 / 68      (PUP)

11 / 68    (PUP)
http://www.yac.mx/download/.../down.php?pt=cdl  (yet_another_cleaner_reh.exe)

6 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=ret  (yet_another_cleaner_nee.exe)

3 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=ava  (yet_another_cleaner_mat.exe)

6 / 68      (PUP)

1 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=kwob  (yet_another_cleaner_dnp.exe)

4 / 68      (PUP)
http://www.yac.mx/.../17647  (yet_another_cleaner_sk_2741648.exe)

9 / 68      (PUP)
http://www.yac.mx/.../4583214  (yet_another_cleaner_sk_0.exe)

4 / 68      (PUP)

8 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=dns  (yet_another_cleaner_sk.exe)

8 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=broc  (yet_another_cleaner_sk.exe)

1 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=mmab  (yet_another_cleaner_dnf.exe)

6 / 68      (PUP)
http://www.yac.mx/.../142482  (yet_another_cleaner_sk_66706.exe)

1 / 68      (PUP)
http://www.yac.mx/download/.../down.php?pt=avac  (yet_another_cleaner_kwo.exe)

1 / 68      (PUP)
http://www.yac.mx/.../5506366  (yet_another_cleaner_sk.exe)

 
Latest 30 of 1,084 download URLs

The following 25 files have been seen to comunicate with www.yac.mx in live environments.

 
Latest 20 of 37 files

URL:
http://www.yac.mx/

Google Analytics:
UA-40676322

Title:
“Yet Another PC Cleaner | Lifetime Free PC Cleaner - YAC Official Website”

Description:
“YAC PC Cleaner, The Lightest & Fastest Cleaner, available for Windows 8, 7, Vista, and XP. Choose the ONE or nothing”

SSL certificate subject:
CN=www.yac.mx, OU=Domain Control Validated

SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."

Web server:
ngx_openresty (ThinkPHP)

Facebook:
Likes:  1,042
Shares:  1,507
Comments:  608

Compete.com:
US visitors:  75,474

Statistics are for the previous month.

Remove Malware from www.yac.mx - Powered by Reason Core Security