home

yahoomessenger.exe

Yahoo! Messenger

Yahoo! Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Messenger (Yahoo!)’. This is installed with multiple programs including Yahoo! Install Manager and Yahoo! Messenger.
Publisher:
Yahoo! Inc.  (signed and verified)

Product:
Yahoo! Messenger

Version:
11,0,0,2014

MD5:
1ca2943dc17355330ba5b3efc6ca4537

SHA-1:
670057d5f8c22a604edf77015d4b16b4a919255b

SHA-256:
780f40541c2ded9ec1458f1a809b506c696c5702e547eacb686a95fc28201824

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:22:42 PM UTC  (today)

File size:
6 MB (6,276,408 bytes)

Product version:
11,0,0,2014

Copyright:
(c) 1998-2008 Yahoo! Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\yahoo!\messenger\yahoomessenger.exe

Digital Signature
Signed by:
Yahoo! Inc.

Authority:
VeriSign, Inc.

Valid from:
8/13/2009 8:00:00 AM

Valid to:
9/3/2012 7:59:59 AM

Subject:
CN=Yahoo! Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Yahoo! Inc., L=Santa Clara, S=CA, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3D7A9A7D12556AB8688CA048C60F6018

File PE Metadata
Compilation timestamp:
8/22/2011 4:15:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:6hotn8/10yStof2J+6hc2D5U+X1QVQxKjCLj7/mdVPLjWcyQxS9nv/Xzul73iF6F:6otyBF6c2DBFSoXOLHo3Xzux3i1MeA

Entry address:
0x3CA4CF

Entry point:
E8, DD, 05, 00, 00, E9, 36, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, 80, F9, 40, 73, 16, 80, F9, 20, 73, 06, 0F, AD, D0, D3, FA, C3, 8B, C2, C1, FA, 1F, 80, E1, 1F, D3, F8, C3, C1, FA, 1F, 8B, C2, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 56, 8B, 44, 24, 14, 0B, C0, 75, 28, 8B, 4C, 24, 10, 8B, 44, 24, 0C, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 08, F7, F1, 8B, F0, 8B, C3, F7, 64, 24, 10, 8B, C8, 8B, C6, F7, 64, 24, 10, 03, D1, EB, 47, 8B, C8, 8B, 5C, 24, 10, 8B, 54, 24, 0C, 8B, 44, 24, 08...
 
[+]

Entropy:
6.4721

Code size:
4.1 MB (4,284,416 bytes)

Scheduled Task
Task name:
{1FE23B6C-5CA7-4731-9DC7-6282594A48B6}

Trigger:
Registration (Runs on registration)


Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Messenger (Yahoo!)

Command:
"C:\Program Files1\yahoo!\messenger\yahoomessenger.exe" -quiet


Windows Firewall Allowed Program
Name:
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe


The file yahoomessenger.exe has been discovered within the following programs.

AT&T Yahoo! Messenger  by Yahoo! Inc.
AT&T Yahoo! Messenger is an AT&T branded version of Y! Messenger.
www.yahoo.com
21% remove it
Rogers Yahoo! Messenger  by Yahoo! Inc.
Publisher's description - “Access your Rogers Yahoo! Internet favourites and search from anywhere on the web. The built in Pop-Up Blocker can also help keep annoying pop-up advertisements and messages from appearing while you surf the web. Customize and access your toolbar from any PC.”
rogers.software.yahoo.com/choice.php?prod=T_MSGR
10% remove it
Yahoo! Install Manager  by Yahoo! Inc.
Yahoo Install Manager manages Yahoo program downloads and installations. The install manager keeps track of such programs and assists in the installations to put things in their proper places.
20% remove it
Yahoo! Messenger  by Yahoo! Inc.
Yahoo! Messenger (YIM) is an ad-supported instant messaging client and protocol by Yahoo!.
messenger.yahoo.com
7% remove it
Yahoo!7 Messenger  by Yahoo! Inc.
Publisher's description - “Just sign into Yahoo! Mail to enjoy the same Yahoo! Messenger for the Web service you know and love. Yahoo! Messenger within Yahoo! Mail also allows you to chat with your Facebook and Windows Live friends without requiring any installation.”
3% remove it
 
Powered by Should I Remove It?

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.