home

ymsgr_tray.exe

Yahoo! Messenger

Yahoo! Inc.

Publisher:
Yahoo! Inc.  (signed and verified)

Product:
Yahoo! Messenger

Description:
Yahoo! Messenger Tray

Version:
11,5,0,0228

MD5:
c05e74b7a2b6db5d731e3f7448ec6256

SHA-1:
36b9cf30682cf1bc3d06e57c131c3e1420bbfecf

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/23/2024 8:51:13 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Evo-gen [Susp]
2014.9-160215

File size:
77.3 KB (79,192 bytes)

Product version:
11,5,0,0228

Copyright:
(c) 1997-2009 Yahoo! Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\yahoo!\messenger\ymsgr_tray.exe

Digital Signature
Signed by:
Yahoo! Inc.

Authority:
VeriSign, Inc.

Valid from:
8/13/2009 2:00:00 AM

Valid to:
9/3/2012 1:59:59 AM

Subject:
CN=Yahoo! Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Yahoo! Inc., L=Santa Clara, S=CA, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3D7A9A7D12556AB8688CA048C60F6018

File PE Metadata
Compilation timestamp:
5/25/2012 1:23:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:eJJ0/bgBgvTh26QshXaE0QIRqQ5OGs4CaxLl:Ysb7d26QshXBuTOG7xLl

Entry address:
0xAEE7

Entry point:
E8, C8, 03, 00, 00, E9, 35, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 80, F9, 40, 73, 15, 80, F9, 20, 73, 06, 0F, A5, C2, D3, E0, C3, 8B, D0, 33, C0, 80, E1, 1F, D3, E2, C3, 33, C0, 33, D2, C3, CC, 68, B8, AB, 40, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, E8, 04, 41, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D...
 
[+]

Entropy:
5.8287

Code size:
44 KB (45,056 bytes)

Windows Firewall Allowed Program
Name:
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe


Scan ymsgr_tray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.