PUA.Win32.YahooToolbar.A

Publish Date: 26 marzo 2021

Analizzato da: Maria Emreen Viray

Piattaforma:

Windows

Valutazione del rischio complessivo:

Potenziale dannoso: :

Potenziale di distribuzione: :

Reported Infection:

Informazioni esposizione: :

Basso

Medio

Alto

Critico

Tipo di minaccia informatica:
Potentially Unwanted Application
Distruttivo?:
No
Crittografato?:
In the wild::
Sì

Panoramica e descrizione

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Dettagli tecnici

Dimensione file: 3,518,422 bytes

Tipo di file: EXE

Residente in memoria: No

Data di ricezione campioni iniziali: 13 novembre 2020

Detalles de entrada

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Instalación

Infiltra los archivos siguientes:

%Application Data%\Microsoft\Windows\Cookies\{Username}@yahoo[1].txt → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\nst{4 Random Alphanumeric Characters}.tmp.htm → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\finish.ini → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\InetLoad.dll → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\nso565C.tmp.htm → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\nsy5CB5.tmp → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\privacy.ini → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\System.dll → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\toolbar.bmp → deleted afterwards
%User Temp%\nst{4 Random Alphanumeric Characters}.tmp\welcome.ini → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\InstallOptions.dll → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\ioSpecial.ini → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\LangDLL.dll → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\modern-wizard.bmp → deleted afterwards
%User Temp%\nsn{4 Random Alphanumeric Characters}.tmp\StartMenu.dll → deleted afterwards
%Application Data%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol → deleted afterwards
%Application Data%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol → deleted afterwards
%Program Files%\FLV Player\Yahoo Toolbar Installer.exe → deleted afterwards
%Common Programs%\FLV Player\FLV Player.lnk
%Desktop%\FLV Player.lnk
%Program Files%\FLV Player\FLVPlayer.exe
%Program Files%\Yahoo!\Common\unyt.exe
%Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\pubmod.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YMERemote.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YTMsgr.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YTabBar.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\YTBM.dll
%Program Files%\Yahoo!\Companion\Installs\cpn\inyt.exe
%Program Files%\Yahoo!\Companion\Installs\cpn\inyt.exe.manifest
%Program Files%\Yahoo!\Companion\Installs\cpn\YTAntiSpy.dll
%Program Files%\Yahoo!\Companion\Data\dlg_atb.html
%Program Files%\Yahoo!\Companion\Data\dlg_catb.html
%Program Files%\Yahoo!\Companion\Data\dlg_cnf.html
%Program Files%\Yahoo!\Companion\Data\dlg_cotb.html
%Program Files%\Yahoo!\Companion\Data\dlg_ctb.html
%Program Files%\Yahoo!\Companion\Data\dlg_fantip.html
%Program Files%\Yahoo!\Companion\Data\dlg_fantipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_fintip.html
%Program Files%\Yahoo!\Companion\Data\dlg_fintipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_grptip.html
%Program Files%\Yahoo!\Companion\Data\dlg_grptipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_logtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_mailatip.html
%Program Files%\Yahoo!\Companion\Data\dlg_mailtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_map.html
%Program Files%\Yahoo!\Companion\Data\dlg_mlbtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_mlbtipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_msgratip.html
%Program Files%\Yahoo!\Companion\Data\dlg_msgrtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_nbatip.html
%Program Files%\Yahoo!\Companion\Data\dlg_nbatipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_newstip.html
%Program Files%\Yahoo!\Companion\Data\dlg_newstipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_nfltip.html
%Program Files%\Yahoo!\Companion\Data\dlg_nfltipg.html
%Program Files%\Yahoo!\Companion\Data\dlg_opt.html
%Program Files%\Yahoo!\Companion\Data\dlg_pub.html
%Program Files%\Yahoo!\Companion\Data\dlg_srchtip.html
%Program Files%\Yahoo!\Companion\Data\dlg_upg.html
%Program Files%\Yahoo!\Companion\Data\dlg_wp.html
%Program Files%\FLV Player\FLV Player.url
%Common Programs%\FLV Player\FLV Player website.lnk
%Common Programs%\FLV Player\Uninstall.lnk
%Program Files%\FLV Player\uninst.exe
%User Temp%\mProjector957005698\mPlayer.3.1.1e.dll
%User Temp%\mProjector957005698\System.3.1.1e.mfx
%User Temp%\mProjector957005698\Flash6MovieV2.3.1.1e.mvx
%User Temp%\mProjector957005698\FlashPlayer.3.1.1e.ocx
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\LICENSE.txt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.rdf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\manifest.mf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.rsa
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.sf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome\ytoolbar.jar
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences\yahoo.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\yahooToolbarSettings

Agrega los procesos siguientes:

"Yahoo Toolbar Installer.exe" /S /ypc=flv /ysc=flv /ydc=flv /ysetsearch /yfrc=flv /yinstytff
"%Program Files%\FLV Player\FLVPlayer.exe"

(Nota: %Program Files% es la carpeta Archivos de programa predeterminada, que suele estar en C:\Archivos de programa).

)

Otras modificaciones del sistema

Agrega las siguientes entradas de registro:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
NSIS:StartMenuDir = FLV Player

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.flv
(Default) = Flash.VideoFile

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Flash.VideoFile\shell\open\
command
(Default) = "%Program Files%\FLV Player\FLVPlayer.exe" "%1"

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo
ntatest = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion\
Opt
rs = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.AntiSpyPlugin.6
(Default) = AntiSpyPlugin Clas

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.AntiSpyPlugin.6\CLSID
(Default) = {B7A0E898-93E5-43f4-B99A-6C70B303699C}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.AntiSpyPlugin
(Default) = AntiSpyPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.AntiSpyPlugin\CurVer
(Default) = Yahoo.AntiSpyPlugin.6

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}
(Default) = AntiSpyPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}\ProgID
(Default) = Yahoo.AntiSpyPlugin.6

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}\VersionIndependentProgID
(Default) = Yahoo.AntiSpyPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTAntiSpy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}\1.0
(Default) = YTAntiSpy 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTAntiSpy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
(Default) = IYTASButton

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\TypeLib
(Default) = {AD34BE7D-2603-43DD-8D1F-E4431D42C44E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
(Default) = IYToolbarPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {AD34BE7D-2603-43DD-8D1F-E4431D42C44E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
(Default) = IYToolbarPlugin2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
(Default) = {AD34BE7D-2603-43DD-8D1F-E4431D42C44E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
(Default) = IYNonRenderingPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\TypeLib
(Default) = {AD34BE7D-2603-43DD-8D1F-E4431D42C44E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
(Default) = yt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\yt.DLL
AppID = {1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand.1
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand.1\CLSID
(Default) = {EF99BD32-C1FB-11D2-892F-0090271D4F88}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand\CLSID
(Default) = {EF99BD32-C1FB-11D2-892F-0090271D4F88}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YToolbarBand\CurVer
(Default) = yt.YToolbarBand.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ProgID
(Default) = yt.YToolbarBand.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\VersionIndependentProgID
(Default) = yt.YToolbarBand

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
AppID = {1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\Version
(Default) = 6.3.0.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\MiscStatus
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\MiscStatus\
1
(Default) = 132497

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\URLSearchHooks
{EF99BD32-C1FB-11D2-892F-0090271D4F88} =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Toolbar
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = 00

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Toolbar
DisplayName = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper.2
(Default) = &Yahoo! Toolbar Helper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper.2\CLSID
(Default) = {02478D38-C3F9-4efb-9B51-7695ECA05670}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper
(Default) = &Yahoo! Toolbar Helper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper\CLSID
(Default) = {02478D38-C3F9-4efb-9B51-7695ECA05670}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
yt.YTHelper\CurVer
(Default) = yt.YTHelper.2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}
(Default) = &Yahoo! Toolbar Helper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ProgID
(Default) = yt.YTHelper.2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\VersionIndependentProgID
(Default) = yt.YTHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\Version
(Default) = 6.3.0.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\MiscStatus
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\MiscStatus\
1
(Default) = 131473

HKEY_CURRENT_USER\Software\Yahoo\
Companion
ii = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\NoExplorer
(Default) = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0
(Default) = yt 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}\5.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
(Default) = IYToolbarBand2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
(Default) = IYToolbarBand

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
(Default) = IYTHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
(Default) = IYTBCustomizer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
(Default) = IYBookmarkCustomizer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\TypeLib
(Default) = {003028C2-EA1C-4676-A316-B5CB50917002}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\TypeLib
Version = 5.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Toolbar
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = 00

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
resfeed = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
asy = 0

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
ask = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.PopupBlockerPlugin.4
(Default) = PopupBlocker Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.PopupBlockerPlugin.4\CLSID
(Default) = {1147DC83-6208-4dca-8E88-DD45BAAB3043}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.PopupBlockerPlugin
(Default) = PopupBlocker Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.PopupBlockerPlugin\CurVer
(Default) = Yahoo.PopupBlockerPlugin.4

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
(Default) = PopupBlocker Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}\ProgID
(Default) = Yahoo.PopupBlockerPlugin.4

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}\VersionIndependentProgID
(Default) = Yahoo.PopupBlockerPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\pubmod.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}\InprocServer32
ThreadingModel = Apartment

HKEY_CURRENT_USER\Software\Yahoo\
Companion\pubmod
c = 1

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Error Dlg Displayed On Every Error = no

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Disable Script Debugger = yes

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}\4.0
(Default) = Yahoo! Companion PopupBlocker Plugin 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}\4.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}\4.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\pubmod.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}\4.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
Version = 4.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{7D831388-D405-4272-9511-A07440AD2927}
(Default) = YMERemote

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YMERemote.DLL
AppID = {7D831388-D405-4272-9511-A07440AD2927}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin.1
(Default) = YMECompPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin.1\CLSID
(Default) = {F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}

KEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin
(Default) = YMECompPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin.1\CLSID
(Default) = {F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin
(Default) = YMECompPlugin Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin\CLSID
(Default) = {F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YMERemote.YMECompPlugin\CurVer
(Default) = YMERemote.YMECompPlugin.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
AppID = {7D831388-D405-4272-9511-A07440AD2927}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}\TypeLib
(Default) = {B722ED8B-0B38-408E-BB89-260C73BCF3D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}\1.0
(Default) = YMERemote 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YMERemote.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
(Default) = {B722ED8B-0B38-408E-BB89-260C73BCF3D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {B722ED8B-0B38-408E-BB89-260C73BCF3D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
(Default) = IYRenderingPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\TypeLib
(Default) = {B722ED8B-0B38-408E-BB89-260C73BCF3D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
(Default) = YPUBC

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YPUBC.DLL
AppID = {FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore.1
(Default) = DataStore Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore.1\CLSID
(Default) = {E1A2D448-6334-45ec-8800-6D7F71DC87FC}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore
(Default) = DataStore Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore\CLSID
(Default) = {E1A2D448-6334-45ec-8800-6D7F71DC87FC}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.DataStore\CurVer
(Default) = YPUBC.DataStore.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
(Default) = DataStore Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\ProgID
(Default) = YPUBC.DataStore.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\VersionIndependentProgID
(Default) = YPUBC.DataStore

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
AppID = {FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl.1
(Default) = BlockerCtrl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl.1\CLSID
(Default) = {6E40017D-FB6A-4804-BDE4-3BB09F1719C1}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl
(Default) = BlockerCtrl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl\CLSID
(Default) = {6E40017D-FB6A-4804-BDE4-3BB09F1719C1}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.BlockerCtrl\CurVer
(Default) = YPUBC.BlockerCtrl.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
(Default) = BlockerCtrl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\ProgID
(Default) = YPUBC.BlockerCtrl.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\VersionIndependentProgID
(Default) = YPUBC.BlockerCtrl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
AppID = {FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\ToolboxBitmap32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll, 102

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\MiscStatus
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\MiscStatus\
1
(Default) = 131473

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}\Version
(Default) = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList.1
(Default) = StringList Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList.1\CLSID
(Default) = {11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList
(Default) = StringList Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList\CLSID
(Default) = {11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.StringList\CurVer
(Default) = YPUBC.StringList.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
(Default) = StringList Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\ProgID
(Default) = YPUBC.StringList.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\VersionIndependentProgID
(Default) = YPUBC.StringList

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
AppID = {FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler.1
(Default) = PUBHTMLEventHandler Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler.1\CLSID
(Default) = {37B8167C-B9A4-4316-94B2-67B64BB2BA7C}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler
(Default) = PUBHTMLEventHandler Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler\CLSID
(Default) = {37B8167C-B9A4-4316-94B2-67B64BB2BA7C}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YPUBC.PUBHTMLEventHandler\CurVer
(Default) = YPUBC.PUBHTMLEventHandler.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
(Default) = PUBHTMLEventHandler Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\ProgID
(Default) = YPUBC.PUBHTMLEventHandler.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\VersionIndependentProgID
(Default) = YPUBC.PUBHTMLEventHandler

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\ToolboxBitmap32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll, 106

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\MiscStatus
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\MiscStatus\
1
(Default) = 131473

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}\Version
(Default) = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}\3.0
(Default) = YPopupBlocker 3.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}\3.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}\3.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YPUBC.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}\3.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
(Default) = _IBlockerCtrlEvents

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\ProxyStubClsid
(Default) = {00020420-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\ProxyStubClsid32
(Default) = {00020420-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
(Default) = IBlockerCtrl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
(Default) = IStringList

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
(Default) = IDataStore

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
(Default) = IPUBHTMLEventHandler

KEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\TypeLib
(Default) = {8A1AB044-787D-4309-8410-709768E484AB}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\TypeLib
Version = 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
(Default) = YTMsgr

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YTMsgr.DLL
AppID = {9EDCCD11-960D-49AE-B523-C6B5AB7E1345}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl.5
(Default) = MessengerCompanionControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl.5\CLSID
(Default) = {FBE30D66-39A2-4b72-8B43-6D4C335A6F34}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl
(Default) = MessengerCompanionControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl\CLSID
(Default) = {FBE30D66-39A2-4b72-8B43-6D4C335A6F34}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Yahoo.MessengerCompanionControl\CurVer
(Default) = Yahoo.MessengerCompanionControl.5

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
(Default) = MessengerCompanionControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\ProgID
(Default) = Yahoo.MessengerCompanionControl.5

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\VersionIndependentProgID
(Default) = Yahoo.MessengerCompanionControl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTMsgr.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
AppID = {9EDCCD11-960D-49AE-B523-C6B5AB7E1345}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_CURRENT_USER\Software\Yahoo\
YFriendsBar\Settings
NoAutoUpdate = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}\1.0
(Default) = YTMsgr 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTMsgr.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
(Default) = IYTMsgrButton

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\TypeLib
(Default) = {78DB07DF-483E-4829-AB44-ED7952083584}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
(Default) = YTabBar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YTabBar.DLL
AppID = {35860EFB-1589-4F32-A618-99E847A502B2}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl.1
(Default) = YTabBarControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl.1\CLSID
(Default) = {DDCED22E-D018-471D-9A5C-A4EA2F21133D}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl
(Default) = YTabBarControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl\CLSID
(Default) = {DDCED22E-D018-471D-9A5C-A4EA2F21133D}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTabBar.YTabBarControl\CurVer
(Default) = YTabBar.YTabBarControl.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
(Default) = YTabBarControl Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\ProgID
(Default) = YTabBar.YTabBarControl.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\VersionIndependentProgID
(Default) = YTabBar.YTabBarControl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\InprocServer32
(Default) = Program Files%\Yahoo!\Companion\Installs\cpn\YTabBar.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
AppID = {35860EFB-1589-4F32-A618-99E847A502B2}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}\TypeLib
(Default) = {A2C55651-A23E-43CA-B63D-C10B99EFF7E0}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}\1.0
(Default) = YTabBar 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTabBar.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
(Default) = IYTabBarControl

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\TypeLib
(Default) = {A2C55651-A23E-43CA-B63D-C10B99EFF7E0}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
(Default) = YTBM

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\YTBM.DLL
AppID = {07CDAAD9-1226-4C6D-B774-C00E7B323484}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton.1
(Default) = YTBMButton Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton.1\CLSID
(Default) = {C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton
(Default) = YTBMButton Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton\CLSID
(Default) = {C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YTBM.YTBMButton\CurVer
(Default) = YTBM.YTBMButton.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
(Default) = YTBMButton Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\ProgID
(Default) = YTBM.YTBMButton.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\VersionIndependentProgID
(Default) = YTBM.YTBMButton

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\InprocServer32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTBM.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
AppID = {07CDAAD9-1226-4C6D-B774-C00E7B323484}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}\1.0
(Default) = YTBM 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}\1.0\
0\win32
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\YTBM.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}\1.0\
HELPDIR
(Default) = %Program Files%\Yahoo!\Companion\Installs\cpn\

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
(Default) = IYTBMButton

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\TypeLib
(Default) = {B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion\
Opt
sbpix = 210

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YBrowserToolbar.YBrowserToolbar
(Default) = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
YBrowserToolbar.YBrowserToolbar.1
(Default) = Yahoo! Toolbar

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
Corp = None

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Corp = None

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
ft = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
ftc = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
fts = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
Guest = none

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Guest = none

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
ii = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
ii = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
cb = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
cb = 0

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion\
Ycheck
disabled = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion\YCheck
disabled = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
Region = us

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Region = us

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
Language = us

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Language = us

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
dc = v7_auto

KEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
dc = v7_auto

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
swp = 1

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion\
Opt
sst = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
UninstallerPath = %Program Files%\Yahoo!\Common\unyt.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
UninstallString = %Program Files%\Yahoo!\Common\unyt.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Toolbar
UninstallString = %Program Files%\Yahoo!\Common\unyt.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
DisplayName = Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
DisplayIcon = %Program Files%\Yahoo!\Companion\Installs\cpn\yt.dll,-5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
NoModify = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Yahoo! Companion
NoRepair = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
InstallPath = %Program Files%\Yahoo!\Companion\Installs\cpn

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
Apptitle = Yahoo! Toolbar

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}
DisplayName = Yahoo! Search

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}
URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-flv

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\SearchScopes
DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
asdname = Yahoo! Search

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
asturl = search.yahoo.com

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
dc = v7_flv

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
dc = v7_flv

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
pc = flv

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
pc = flv

HKEY_CURRENT_USER\Software\AppDataLow\
Software\Yahoo\Companion
sc = flv

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo\
Companion
sc = flv

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
NSIS:StartMenuDir = FLV Player

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\App Paths\
FLVPlayer.exe
(Default) = %Program Files%\FLV Player\FLVPlayer.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
DisplayName = FLV Player 2.0, build 24

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
UninstallString = %Program Files%\FLV Player\uninst.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
DisplayIcon = %Program Files%\FLV Player\FLVPlayer.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
DisplayVersion = 2.0, build 24

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
URLInfoAbout = http://www.martijndevisser.com/blog/flv-player/

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
Publisher = Martijn de Visser

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
FLV Player
NSIS:Language = 1033

Otros detalles

It connects to the following possibly malicious URL:

http://pclick.internal.{BLOCKED}o.com/p/s=97314528/lng=us/rand={7 Random Generated Numbers}/_B=/_Y=
https://pclick.internal.{BLOCKED}o.com/p/s=97314528/lng=us/rand={7 Random Generated Numbers}/_B=/_Y=
http://pclick.internal.{BLOCKED}o.com/p/s=97314532/lng=us/rand={7 Random Generated Numbers}/_B=/_Y=
https://pclick.internal.{BLOCKED}o.com/p/s=97314532/lng=us/rand={7 Random Generated Numbers}/_B=/_Y=
http://installerstats.{BLOCKED}o.com/appusage.asp
http://{BLOCKED}devisser.com/download/flvplayer/version.xml

Soluzioni

Motore di scansione minimo: 9.800

File di pattern SSAPI: 2.357.00

Data di pubblicazione del pattern SSAPI: 03 dicembre 2020

Step 1

Los usuarios de Windows ME y XP, antes de llevar a cabo cualquier exploración, deben comprobar que tienen desactivada la opción Restaurar sistema para permitir la exploración completa del equipo.

Step 2

Note that not all files, folders, and registry keys and entries are installed on your computer during this malware's/spyware's/grayware's execution. This may be due to incomplete installation or other operating system conditions. If you do not find the same files/folders/registry information, please proceed to the next step.

Step 3

Quitar PUA.Win32.YahooToolbar.A por medio de su propia opción de desinstalación

[ learnMore ]

Para desinstalar el proceso de grayware

Step 4

Buscar y eliminar este archivo

[ learnMore ]

Puede que algunos de los archivos del componente estén ocultos. Asegúrese de que tiene activada la casilla Buscar archivos y carpetas ocultos en la opción Más opciones avanzadas para que el resultado de la búsqueda incluya todos los archivos y carpetas ocultos.

%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\LICENSE.txt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.rdf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\manifest.mf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.rsa
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.sf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome\ytoolbar.jar
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences\yahoo.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\yahooToolbarSettings

Para eliminar el archivo de malware/grayware/spyware:

Haga clic con el botón derecho en Inicio y haga clic en Buscar....
En el cuadro de entrada Nombre, escriba:

%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\LICENSE.txt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.rdf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\manifest.mf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.rsa
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.sf
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome\ytoolbar.jar
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.xpt
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences\yahoo.js
%Application Data%\Mozilla\Firefox\Profiles\dxxbjsgn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\yahooToolbarSettings
En la lista desplegable Buscar en, seleccione Mi PC y pulse Intro.
Una vez haya encontrado el archivo, selecciónelo y, a continuación, pulse MAYÚS+SUPR para eliminarlo definitivamente.

Step 5

Explorar el equipo con su producto de Trend Micro para eliminar los archivos detectados como PUA.Win32.YahooToolbar.A En caso de que el producto de Trend Micro ya haya limpiado, eliminado o puesto en cuarentena los archivos detectados, no serán necesarios más pasos. Puede optar simplemente por eliminar los archivos en cuarentena. Consulte esta página de Base de conocimientos para obtener más información.

Sondaggio

PUA.Win32.YahooToolbar.A

Panoramica e descrizione

Dettagli tecnici

Soluzioni

Risorse

Assistenza

Informazioni su Trend

Sede legale nazionale