PUA.Win32.YahooToolbar.A

Data de publicação: 26 março 2021

Analisado por: Maria Emreen Viray

Plataforma:

Windows

Classificao do risco total:

Potencial de dano:

Potencial de distribuição:

infecção relatada:

Exposição das informações:

Baixo

Medium

Alto

Crítico

Tipo de grayware:
Potentially Unwanted Application
Destrutivo:
Não
Criptografado:
In the Wild:
Sim

Visão geral

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Detalhes técnicos

Tipo de compactação: 3,518,422 bytes

Tipo de arquivo: EXE

Residente na memória: Não

Data de recebimento das amostras iniciais: 13 novembro 2020

Übertragungsdetails

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Installation

Schleust die folgenden Dateien ein:

%Application Data%\Microsoft\Windows\Cookies\{Username}@yahoo[1].txt → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\nst{4 Random Alphanumeric Characters}.tmp.htm → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\finish.ini → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\InetLoad.dll → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\nso565C.tmp.htm → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\nsy5CB5.tmp → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\privacy.ini → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\System.dll → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\toolbar.bmp → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\welcome.ini → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\InstallOptions.dll → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\ioSpecial.ini → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\LangDLL.dll → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\modern-wizard.bmp → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\StartMenu.dll → deleted afterwards
%Application Data%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol → deleted afterwards
%Application Data%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol → deleted afterwards
%Program Files%\FLV Player\Yahoo Toolbar Installer.exe → deleted afterwards
%Common Programs%\FLV Player\FLV Player.lnk
%Desktop%\FLV Player.lnk
%Program Files%\FLV Player\FLVPlayer.exe
%Program Files%\Yahoo!\Common\unyt.exe
%Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\pubmod.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YMERemote.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YTMsgr.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YTabBar.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YTBM.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\inyt.exe
%Program Files%\Yahoo!\Companion\Installs\cpn\inyt.exe.manifest
%Program Files%\Yahoo!\Companion\Installs\cpn\YTAntiSpy.dll
%Program Files%\Yahoo!\Companion\Data\dlg_atb.html
%Program Files%\Yahoo!\Companion\Data\dlg_catb.html
%Program Files%\Yahoo!\Companion\Data\dlg_cnf.html
%Program Files%\Yahoo!\Companion\Data\dlg_cotb.html
%Program Files%\Yahoo!\Companion\Data\dlg_ctb.html
%Program Files%\Yahoo!\Companion\Data\dlg_fantip.html
%Program Files%\Yahoo!\Companion\Data\dlg_fantipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_fintip.html
%Program Files%\Yahoo!\Companion\Data\dlg_fintipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_grptip.html
%Program Files%\Yahoo!\Companion\Data\dlg_grptipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_logtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_mailatip.html
%Program Files%\Yahoo!\Companion\Data\dlg_mailtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_map.html
%Program Files%\Yahoo!\Companion\Data\dlg_mlbtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_mlbtipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_msgratip.html
%Program Files%\Yahoo!\Companion\Data\dlg_msgrtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_nbatip.html
%Program Files%\Yahoo!\Companion\Data\dlg_nbatipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_newstip.html
%Program Files%\Yahoo!\Companion\Data\dlg_newstipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_nfltip.html
%Program Files%\Yahoo!\Companion\Data\dlg_nfltipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_opt.html
%Program Files%\Yahoo!\Companion\Data\dlg_pub.html
%Program Files%\Yahoo!\Companion\Data\dlg_srchtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_upg.html
%Program Files%\Yahoo!\Companion\Data\dlg_wp.html
%Program Files%\FLV Player\FLV Player.url
%Common Programs%\FLV Player\FLV Player website.lnk
%Common Programs%\FLV Player\Uninstall.lnk
%Program Files%\FLV Player\uninst.exe
%User Temp%\mProjector957005698\mPlayer.3.1.1e.dll
%User Temp%\mProjector957005698\System.3.1.1e.mfx
%User Temp%\mProjector957005698\Flash6MovieV2.3.1.1e.mvx
%User Temp%\mProjector957005698\FlashPlayer.3.1.1e.ocx
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\LICENSE.txt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.rdf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\manifest.mf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.rsa
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.sf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome\ytoolbar.jar
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences\yahoo.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\yahooToolbarSettings

Fügt die folgenden Prozesse hinzu:

"Yahoo Toolbar Installer.exe" /S /ypc=flv /ysc=flv /ydc=flv /ysetsearch /yfrc=flv /yinstytff
"%Program Files%\FLV Player\FLVPlayer.exe"

(Hinweis: %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.)

Andere Systemänderungen

Fügt die folgenden Registrierungseinträge hinzu:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
NSIS:StartMenuDir = FLV Player

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.flv
(Default) = Flash.VideoFile

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Flash.VideoFile\shell\open\
command
(Default) = "%Program Files%\FLV Player\FLVPlayer.exe" "%1"

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo
ntatest = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion\
Opt
rs = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.AntiSpyPlugin.6
(Default) = AntiSpyPlugin Clas

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.AntiSpyPlugin.6\CLSID
(Default) = {B7A0E898-93E5-43f4-B99A-6C70B303699C}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.AntiSpyPlugin
(Default) = AntiSpyPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.AntiSpyPlugin\CurVer
(Default) = Yahoo.AntiSpyPlugin.6

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}
(Default) = AntiSpyPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}\ProgID
(Default) = Yahoo.AntiSpyPlugin.6

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}\VersionIndependentProgID
(Default) = Yahoo.AntiSpyPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTAntiSpy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}\1.0
(Default) = YTAntiSpy 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTAntiSpy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
(Default) = IYTASButton

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\TypeLib
(Default) = {AD34BE7D-2603-43DD-8D1F-E4431D42C44E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
(Default) = IYToolbarPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {AD34BE7D-2603-43DD-8D1F-E4431D42C44E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
(Default) = IYToolbarPlugin2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
(Default) = {AD34BE7D-2603-43DD-8D1F-E4431D42C44E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
(Default) = IYNonRenderingPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\TypeLib
(Default) = {AD34BE7D-2603-43DD-8D1F-E4431D42C44E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
(Default) = yt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\yt.DLL
AppID = {1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand.1
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand.1\CLSID
(Default) = {EF99BD32-C1FB-11D2-892F-0090271D4F88}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand\CLSID
(Default) = {EF99BD32-C1FB-11D2-892F-0090271D4F88}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand\CurVer
(Default) = yt.YToolbarBand.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ProgID
(Default) = yt.YToolbarBand.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\VersionIndependentProgID
(Default) = yt.YToolbarBand

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
AppID = {1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\Version
(Default) = 6.3.0.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\MiscStatus
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\MiscStatus\
1
(Default) = 132497

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\URLSearchHooks
{EF99BD32-C1FB-11D2-892F-0090271D4F88} =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Toolbar
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = 00

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Toolbar
DisplayName = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper.2
(Default) = &Yahoo! Toolbar Helper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper.2\CLSID
(Default) = {02478D38-C3F9-4efb-9B51-7695ECA05670}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper
(Default) = &Yahoo! Toolbar Helper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper\CLSID
(Default) = {02478D38-C3F9-4efb-9B51-7695ECA05670}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper\CurVer
(Default) = yt.YTHelper.2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}
(Default) = &Yahoo! Toolbar Helper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ProgID
(Default) = yt.YTHelper.2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\VersionIndependentProgID
(Default) = yt.YTHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\Version
(Default) = 6.3.0.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\MiscStatus
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\MiscStatus\
1
(Default) = 131473

HKEY_CURRENT_USER\Software\Yahoo\
Companion
ii = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\NoExplorer
(Default) = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0
(Default) = yt 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
(Default) = IYToolbarBand2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
(Default) = IYToolbarBand

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
(Default) = IYTHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
(Default) = IYTBCustomizer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
(Default) = IYBookmarkCustomizer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Toolbar
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = 00

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
resfeed = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
asy = 0

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
ask = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.PopupBlockerPlugin.4
(Default) = PopupBlocker Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.PopupBlockerPlugin.4\CLSID
(Default) = {1147DC83-6208-4dca-8E88-DD45BAAB3043}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.PopupBlockerPlugin
(Default) = PopupBlocker Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.PopupBlockerPlugin\CurVer
(Default) = Yahoo.PopupBlockerPlugin.4

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
(Default) = PopupBlocker Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}\ProgID
(Default) = Yahoo.PopupBlockerPlugin.4

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}\VersionIndependentProgID
(Default) = Yahoo.PopupBlockerPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\pubmod.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}\InprocServer32
ThreadingModel = Apartment

HKEY_CURRENT_USER\Software\Yahoo\
Companion\pubmod
c = 1

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Error Dlg Displayed On Every Error = no

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Disable Script Debugger = yes

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}\4.0
(Default) = Yahoo! Companion PopupBlocker Plugin 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}\4.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}\4.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\pubmod.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}\4.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
Version = 4.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{7D831388-D405-4272-9511-A07440AD2927}
(Default) = YMERemote

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YMERemote.DLL
AppID = {7D831388-D405-4272-9511-A07440AD2927}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin.1
(Default) = YMECompPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin.1\CLSID
(Default) = {F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}

KEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin
(Default) = YMECompPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin.1\CLSID
(Default) = {F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin
(Default) = YMECompPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin\CLSID
(Default) = {F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin\CurVer
(Default) = YMERemote.YMECompPlugin.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
AppID = {7D831388-D405-4272-9511-A07440AD2927}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}\TypeLib
(Default) = {B722ED8B-0B38-408E-BB89-260C73BCF3D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}\1.0
(Default) = YMERemote 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YMERemote.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
(Default) = {B722ED8B-0B38-408E-BB89-260C73BCF3D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {B722ED8B-0B38-408E-BB89-260C73BCF3D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
(Default) = IYRenderingPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\TypeLib
(Default) = {B722ED8B-0B38-408E-BB89-260C73BCF3D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
(Default) = YPUBC

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YPUBC.DLL
AppID = {FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore.1
(Default) = DataStore Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore.1\CLSID
(Default) = {E1A2D448-6334-45ec-8800-6D7F71DC87FC}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore
(Default) = DataStore Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore\CLSID
(Default) = {E1A2D448-6334-45ec-8800-6D7F71DC87FC}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore\CurVer
(Default) = YPUBC.DataStore.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
(Default) = DataStore Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\ProgID
(Default) = YPUBC.DataStore.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\VersionIndependentProgID
(Default) = YPUBC.DataStore

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
AppID = {FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl.1
(Default) = BlockerCtrl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl.1\CLSID
(Default) = {6E40017D-FB6A-4804-BDE4-3BB09F1719C1}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl
(Default) = BlockerCtrl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl\CLSID
(Default) = {6E40017D-FB6A-4804-BDE4-3BB09F1719C1}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl\CurVer
(Default) = YPUBC.BlockerCtrl.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
(Default) = BlockerCtrl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\ProgID
(Default) = YPUBC.BlockerCtrl.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\VersionIndependentProgID
(Default) = YPUBC.BlockerCtrl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
AppID = {FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\ToolboxBitmap32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll, 102

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\MiscStatus
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\MiscStatus\
1
(Default) = 131473

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\Version
(Default) = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList.1
(Default) = StringList Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList.1\CLSID
(Default) = {11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList
(Default) = StringList Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList\CLSID
(Default) = {11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList\CurVer
(Default) = YPUBC.StringList.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
(Default) = StringList Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\ProgID
(Default) = YPUBC.StringList.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\VersionIndependentProgID
(Default) = YPUBC.StringList

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
AppID = {FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler.1
(Default) = PUBHTMLEventHandler Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler.1\CLSID
(Default) = {37B8167C-B9A4-4316-94B2-67B64BB2BA7C}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler
(Default) = PUBHTMLEventHandler Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler\CLSID
(Default) = {37B8167C-B9A4-4316-94B2-67B64BB2BA7C}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler\CurVer
(Default) = YPUBC.PUBHTMLEventHandler.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
(Default) = PUBHTMLEventHandler Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\ProgID
(Default) = YPUBC.PUBHTMLEventHandler.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\VersionIndependentProgID
(Default) = YPUBC.PUBHTMLEventHandler

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\ToolboxBitmap32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll, 106

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\MiscStatus
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\MiscStatus\
1
(Default) = 131473

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\Version
(Default) = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}\3.0
(Default) = YPopupBlocker 3.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}\3.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}\3.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}\3.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
(Default) = _IBlockerCtrlEvents

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\ProxyStubClsid
(Default) = {00020420-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\ProxyStubClsid32
(Default) = {00020420-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
(Default) = IBlockerCtrl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
(Default) = IStringList

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
(Default) = IDataStore

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
(Default) = IPUBHTMLEventHandler

KEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
(Default) = YTMsgr

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YTMsgr.DLL
AppID = {9EDCCD11-960D-49AE-B523-C6B5AB7E1345}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl.5
(Default) = MessengerCompanionControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl.5\CLSID
(Default) = {FBE30D66-39A2-4b72-8B43-6D4C335A6F34}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl
(Default) = MessengerCompanionControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl\CLSID
(Default) = {FBE30D66-39A2-4b72-8B43-6D4C335A6F34}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl\CurVer
(Default) = Yahoo.MessengerCompanionControl.5

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
(Default) = MessengerCompanionControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\ProgID
(Default) = Yahoo.MessengerCompanionControl.5

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\VersionIndependentProgID
(Default) = Yahoo.MessengerCompanionControl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTMsgr.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
AppID = {9EDCCD11-960D-49AE-B523-C6B5AB7E1345}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_CURRENT_USER\Software\Yahoo\
YFriendsBar\Settings
NoAutoUpdate = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}\1.0
(Default) = YTMsgr 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTMsgr.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
(Default) = IYTMsgrButton

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
(Default) = YTabBar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YTabBar.DLL
AppID = {35860EFB-1589-4F32-A618-99E847A502B2}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl.1
(Default) = YTabBarControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl.1\CLSID
(Default) = {DDCED22E-D018-471D-9A5C-A4EA2F21133D}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl
(Default) = YTabBarControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl\CLSID
(Default) = {DDCED22E-D018-471D-9A5C-A4EA2F21133D}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl\CurVer
(Default) = YTabBar.YTabBarControl.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
(Default) = YTabBarControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\ProgID
(Default) = YTabBar.YTabBarControl.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\VersionIndependentProgID
(Default) = YTabBar.YTabBarControl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\InprocServer32
(Default) = Program Files%\Yahoo!\Companion\Installs\cpn\YTabBar.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
AppID = {35860EFB-1589-4F32-A618-99E847A502B2}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\TypeLib
(Default) = {A2C55651-A23E-43CA-B63D-C10B99EFF7E0}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}\1.0
(Default) = YTabBar 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTabBar.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
(Default) = IYTabBarControl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\TypeLib
(Default) = {A2C55651-A23E-43CA-B63D-C10B99EFF7E0}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
(Default) = YTBM

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YTBM.DLL
AppID = {07CDAAD9-1226-4C6D-B774-C00E7B323484}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton.1
(Default) = YTBMButton Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton.1\CLSID
(Default) = {C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton
(Default) = YTBMButton Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton\CLSID
(Default) = {C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton\CurVer
(Default) = YTBM.YTBMButton.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
(Default) = YTBMButton Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\ProgID
(Default) = YTBM.YTBMButton.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\VersionIndependentProgID
(Default) = YTBM.YTBMButton

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTBM.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
AppID = {07CDAAD9-1226-4C6D-B774-C00E7B323484}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}\1.0
(Default) = YTBM 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTBM.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
(Default) = IYTBMButton

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion\
Opt
sbpix = 210

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YBrowserToolbar.YBrowserToolbar
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YBrowserToolbar.YBrowserToolbar.1
(Default) = Yahoo! Toolbar

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
Corp = None

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Corp = None

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
ft = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
ftc = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
fts = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
Guest = none

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Guest = none

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
ii = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
ii = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
cb = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
cb = 0

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion\
Ycheck
disabled = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion\YCheck
disabled = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
Region = us

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Region = us

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
Language = us

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Language = us

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
dc = v7_auto

KEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
dc = v7_auto

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
swp = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion\
Opt
sst = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
UninstallerPath = %Program Files%\Yahoo!\Common\unyt.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
UninstallString = %Program Files%\Yahoo!\Common\unyt.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Toolbar
UninstallString = %Program Files%\Yahoo!\Common\unyt.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
DisplayName = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
DisplayIcon = %Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll,-5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
NoModify = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
NoRepair = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
InstallPath = %Program Files%\Yahoo!\Companion\Installs\cpn

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Apptitle = Yahoo! Toolbar

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}
DisplayName = Yahoo! Search

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}
URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-flv

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\SearchScopes
DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
asdname = Yahoo! Search

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
asturl = search.yahoo.com

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
dc = v7_flv

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
dc = v7_flv

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
pc = flv

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
pc = flv

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
sc = flv

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
sc = flv

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
NSIS:StartMenuDir = FLV Player

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\App Paths\
FLVPlayer.exe
(Default) = %Program Files%\FLV Player\FLVPlayer.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
DisplayName = FLV Player 2.0, build 24

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
UninstallString = %Program Files%\FLV Player\uninst.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
DisplayIcon = %Program Files%\FLV Player\FLVPlayer.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
DisplayVersion = 2.0, build 24

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
URLInfoAbout = http://www.martijndevisser.com/blog/flv-player/

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
Publisher = Martijn de Visser

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
NSIS:Language = 1033

Andere Details

It connects to the following possibly malicious URL:

http://pclick.internal.{BLOCKED}o.com/p/s=97314528/lng=us/rand={7 Random Generated Numbers}/_B=/_Y=
https://pclick.internal.{BLOCKED}o.com/p/s=97314528/lng=us/rand={7 Random Generated Numbers}/_B=/_Y=
http://pclick.internal.{BLOCKED}o.com/p/s=97314532/lng=us/rand={7 Random Generated Numbers}/_B=/_Y=
https://pclick.internal.{BLOCKED}o.com/p/s=97314532/lng=us/rand={7 Random Generated Numbers}/_B=/_Y=
http://installerstats.{BLOCKED}o.com/appusage.asp
http://{BLOCKED}devisser.com/download/flvplayer/version.xml

Solução

Mecanismo de varredura mínima: 9.800

SSAPI Pattern File: 2.357.00

SSAPI Pattern Release Date: 03 dezembro 2020

Step 1

Für Windows ME und XP Benutzer: Stellen Sie vor einer Suche sicher, dass die Systemwiederherstellung deaktiviert ist, damit der gesamte Computer durchsucht werden kann.

Step 2

<p> Beachten Sie, dass nicht alle Dateien, Ordner, Registrierungsschlüssel und Einträge auf Ihrem Computer installiert sind, während diese Malware / Spyware / Grayware ausgeführt wird. Dies kann auf eine unvollständige Installation oder andere Betriebssystembedingungen zurückzuführen sein. Fahren Sie mit dem nächsten Schritt fort. </ p><p> Beachten Sie, dass nicht alle Dateien, Ordner, Registrierungsschlüssel und Einträge auf Ihrem Computer installiert sind, während diese Malware / Spyware / Grayware ausgeführt wird. Dies kann auf eine unvollständige Installation oder andere Betriebssystembedingungen zurückzuführen sein. Fahren Sie mit dem nächsten Schritt fort. </ p>

Step 3

PUA.Win32.YahooToolbar.A über die eigene Option zum Deinstallieren entfernen

[ Saber mais ]

Den Grayware-Prozess deinstallieren

Step 4

Diese Datei suchen und löschen

[ Saber mais ]

Möglicherweise sind einige Komponentendateien verborgen. Aktivieren Sie unbedingt das Kontrollkästchen Versteckte Elemente durchsuchen unter Weitere erweiterte Optionen, um alle verborgenen Dateien und Ordner in den Suchergebnissen zu berücksichtigen.

%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\LICENSE.txt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.rdf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\manifest.mf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.rsa
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.sf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome\ytoolbar.jar
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences\yahoo.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\yahooToolbarSettings

Die Malware-/Grayware-/Spyware-Datei löschen:

Klicken Sie mit der rechten Maustaste auf Start und dann je nach Windows Version auf Suchen... oder Finden....
Geben Sie in das Feld Name Folgendes ein:

%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\LICENSE.txt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.rdf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\manifest.mf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.rsa
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.sf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome\ytoolbar.jar
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences\yahoo.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\yahooToolbarSettings
Wählen Sie im Listenfeld lt;i>Suchen in die Option Arbeitsplatz, und drücken Sie die Eingabetaste.
Markieren Sie die gefundene Datei, und drücken Sie UMSCHALT+ENTF, um sie endgültig zu löschen.

Step 5

Durchsuchen Sie Ihren Computer mit Ihrem Trend Micro Produkt, und löschen Sie Dateien, die als PUA.Win32.YahooToolbar.A entdeckt werden. Falls die entdeckten Dateien bereits von Ihrem Trend Micro Produkt gesäubert, gelöscht oder in Quarantäne verschoben wurden, sind keine weiteren Schritte erforderlich. Dateien in Quarantäne können einfach gelöscht werden. Auf dieser Knowledge-Base-Seite finden Sie weitere Informationen.

Participe da nossa pesquisa!

PUA.Win32.YahooToolbar.A

Visão geral

Detalhes técnicos

Solução

Recursos

Suporte

Sobre a Trend

PUA.Win32.YahooToolbar.A

Visão geral

Detalhes técnicos

Solução

Recursos

Suporte

Sobre a Trend

Américas

Oriente Médio & África

Europa

Ásia&Pacífico