We discovered that a relatively popular "anti-malware" hàng hóa known as "Yet Another Cleaner" or YAC for short, has been claiming to lớn be an affiliate of tekkenbasara.mobi in addition khổng lồ using a lot of our detection names as their own.

Bạn đang xem: Best pc cleaner

Recently, we discovered that a relatively popular “anti-malware” sản phẩm known as “Yet Another Cleaner” or YAC for short, has been claiming lớn be an affiliate of tekkenbasara.mobi in addition lớn using a lot of our detection names as their own. We looked deeper inkhổng lồ their operation and found some pretty amazing và ugly things.

The Good

“Yet Another Cleaner” is owned by Elex vì Brasil Participações Ltda Technology Inc. They are located in Brazil và have a wide array of products including a tốc độ thử nghiệm, alarm cloông chồng, IPhường lookup & of course, YAC.

YAC itself is a fairly sleek-looking program và very quick as well. It seems to lớn have sầu the ability lớn protect users from malicious web sites, cleanup junk files on their system, uninstall applications và even lớn block advertisements!

The Bad

The reality is while they might clalặng YAC can vị all the things mentioned above, how the product actually performs is an open question. Anyway, we got a tip-off as khổng lồ Elex vị Brasil Participações Ltda Technology Inc. being an affiliate company lớn tekkenbasara.mobi, since they suggest an affiliation in their terms of use policy.


To be clear, tekkenbasara.mobi is in no way affiliated with Elex. Do you think Kaspersky, BitDefender, Avast, PCTools, iS3, Enigma Software, SUPERAntiSpyware và SurfRight are also affiliates?

So, after discovering that little bit of interesting information, we decided khổng lồ look into the Anti-Malware software they were pushing.

The Ugly

We looked inlớn YAC và noticed first off the similarities between their user interface and our own, & possibly even other security vendor tools.

This slideshow requires JavaScript.

Of course, this isn’t necessarily a bad thing, sometimes developers get inspired by other products, though it did prompt us to lớn look deeper. We decided khổng lồ check their detection names.

At this point we began to lớn see more similarities, a bit more than normal. We scanned the same grouping of files between tekkenbasara.mobi Anti-Malware (MBAM) & YAC khổng lồ see which popped và what names were used.

This slideshow requires JavaScript.

Off the bat, we knew that since YAC only detected a portion of the files that MBAM did that there were some significant differences. We decided to look at individual detections instead.


So the first one we spotted was the use of “Agent” as in “Trojan.Agent.” This isn’t a big khuyến mãi because it’s a very common name lớn use in place of the actual malware name, for when you know the file is malicious but not sure the exact family it belongs to lớn at that time.


Next is “ClickBot” another name that isn’t used by everyone but it’s used by enough vendors khổng lồ make it stand out a little more in our book.


Finally, “FakeMS” was spotted and we got really suspicious. The term doesn’t belong lớn tekkenbasara.mobi but rarely does any other product use that designation other than tekkenbasara.mobi. Obviously, this isn’t any kind of conclusive sầu proof as khổng lồ theft going on but we had some ideas on how khổng lồ look deeper.

Xem thêm: Bigo Live Là Gì Và Bigo Live Tốt Hay Xấu, Nhức Nhối “Ổ Mại Dâm Di Động” Trên Bigo Live

The first kiểm tra was through a hidden detection method that we use to find applications who steal our definition database và use it as their own. We created a special registry key that is not affiliated with any process, malicious or otherwise and when it flags, we know our property has been stolen. The key is:

HKLMSoftwareANV7845SFTNOTE: We have sầu many other ways khổng lồ identify our database in use by another sản phẩm so rest assured we didn’t just give sầu away our only way khổng lồ bởi this.

We set up the trap key & ran a scan và found the special registry key.


To give these guys the benefit of the doubt, we will look deeper by creating a completely new nhái malware detection. We built a custom program that does nothing more than show a message box. It looks lượt thích this:


We then made a detection for this nhái file, we named it something unique & even misspelled the words: “Spywera” và “Theiving.” You can check out the tệp tin for yourself, we uploaded it lớn VirusTotal.


We pushed out this new detection as of 4 p.m. on March 1, năm ngoái. About two hours later, YAC had an update available.


Using their latest definition database update, we ran a scan against our nhái message box malware to lớn discover that not only do they detect our giả malware but also use the same, unprofessional and misspelled detection name.


Alright, so it looks like Yet Another Cleaner is straight up stealing our detection database & modifying it for their own means. Based on the fact that they only detected a very small portion of the tons of malware we had both YAC & MBAM scan, their scanner apparently uses a slimmed down version of the one utilized by tekkenbasara.mobi Anti-Malware. We also know this because we actually analyzed a memory snapshot of their software in action. Tsk Tsk.

The reason this is such a big deal is because along with our engine, our interface, our brvà name and our individual efforts, our definition database was created in-house & we already offer it for miễn phí to the world in the form of tekkenbasara.mobi Anti-Malware Free & Premium. It’s an insult not only to lớn tekkenbasara.mobi but also khổng lồ customers lớn steal the work of someone else và charge folks for a poor imitation of a product that is already không tính phí.

With proof in hvà, we have sent Elex bởi Brasil Participações Ltda Technology Inc. a letter from our legal department khổng lồ shut down their use of stolen property. We will keep you updated on any new developments.


After this post went live, the technology certification company OPSWAT began investigating our clayên against YAC for themselves & came khổng lồ the same conclusion that we did.

OPSWAT provides certifications lớn security developers, assuring consumers that said products have sầu been tested for interoperability and manageability with third buổi tiệc nhỏ software, in layman’s that means they check lớn see if the application is going lớn break or crash your system because of not being compatible with other applications.

Today, OPSWAT posted a tekkenbasara.mobi post that describes their interest in investigating our claims of YAC stealing our definition database and have sầu decided, after their own investigation, lớn pull their certification from YAC.

After obtaining the data from tekkenbasara.mobi, và doing some internal analysis, our R&D team was able to validate tekkenbasara.mobi’ claim. Therefore, we’ve sầu made a decision khổng lồ remove the existing OPSWAT Certification for YAC from the program. Yet Another Cleaner 4.x will no longer be Bronze Certified under Windows Antispyware.

They have sầu also asked Elex vị Brasil Participações Ltda Technology Inc. khổng lồ discontinue their use of the OPSWAT certification badge on their trang web và products. In addition:

We have sầu discontinued our partnership with Elex Technologies & plan to continue our policy going forward that such business practices will not be tolerated.

Bài viết liên quan

Trả lời

Email của bạn sẽ không được hiển thị công khai. Các trường bắt buộc được đánh dấu *