FraudTool.YAC
FraudTool.YAC refers to the detection of components belonging to Yet Another Cleaner, a scanner that has historically utilized stolen detection databases of other security vendors.
This is a generic detection for programs that set a debugger for other executables by using the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\Image File Execution Options\
{name of the intercepted executable}
Some legitimate programs that use this method have been white-listed.
Malwarebytes can remove the registry key without problems. If you get this detection without any accompanying file, there is a chance that you are dealing with a false positive. If you suspect this is the case, feel free to reach out to us and report them on our dedicated forum for possible false positives.
Select your language