Should I block it?

No, this file is 100% safe to run.

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
RegEnumKeyW, RegOpenKeyExW, RegCloseKey, RegDeleteKeyW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, RegEnumValueW
comctl32.dll
ImageList_AddMasked, ImageList_Destroy, ImageList_Create
gdi32.dll
SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectW, SetBkMode, SetTextColor, SelectObject
kernel32.dll
SetFileTime, CompareFileTime, SearchPathW, GetShortPathNameW, GetFullPathNameW, MoveFileW, SetCurrentDirectoryW, GetFileAttributesW, GetLastError, CreateDirectoryW, SetFileAttributesW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, GetCurrentProcess, CopyFileW, ExitProcess, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, SetErrorMode, lstrcpynA, CloseHandle, lstrcpynW, GetDiskFreeSpaceW, GlobalUnlock, GlobalLock, CreateThread, LoadLibraryW, CreateProcessW, lstrcmpiA, CreateFileW, GetTempFileNameW, lstrcatW, GetProcAddress, LoadLibraryA, GetModuleHandleA, OpenProcess, lstrcpyW, GetVersionExW, GetSystemDirectoryW, GetVersion, lstrcpyA, RemoveDirectoryW, lstrcmpA, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GlobalFree, GetModuleHandleW, LoadLibraryExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, WideCharToMultiByte, lstrlenA, MulDiv, WriteFile, ReadFile, MultiByteToWideChar, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW, lstrlenW
ole32.dll
CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
shell32.dll
SHBrowseForFolderW, SHGetPathFromIDListW, SHGetFileInfoW, ShellExecuteW, SHFileOperationW, SHGetSpecialFolderLocation
user32.dll
GetAsyncKeyState, IsDlgButtonChecked, ScreenToClient, GetMessagePos, CallWindowProcW, IsWindowVisible, LoadBitmapW, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, TrackPopupMenu, GetWindowRect, AppendMenuW, CreatePopupMenu, GetSystemMetrics, EndDialog, EnableMenuItem, GetSystemMenu, SetClassLongW, IsWindowEnabled, SetWindowPos, DialogBoxParamW, CheckDlgButton, CreateWindowExW, SystemParametersInfoW, RegisterClassW, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharNextA, CharUpperW, CharPrevW, wvsprintfW, DispatchMessageW, PeekMessageW, wsprintfA, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, LoadCursorW, SetCursor, GetWindowLongW, GetSysColor, CharNextW, GetClassInfoW, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndPaint, FindWindowExW
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW

ymsgr_suite_setup.exe

By Yahoo! Inc. (Signed)

Remove ymsgr_suite_setup.exe
Version:   2012.05.30.01
MD5:   2adf941f39e72b2f3c1a0e4aa7680656
SHA1:   776fd9dfa47b6094e20ad2acfa15bbc581b680a6
SHA256:   bbce95aa9a5d225d80cf2bf2b7013c1eae360f6a47fa2b4d579e229142729b80

Overview

ymsgr_suite_setup.exe executes as a process with the local user's privileges typically within the context of its parent msgr11us.exe (by Yahoo!). The file is digitally signed by Yahoo! Inc. which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Windows 7 Professional (6.1.7601.65536).

DetailsDetails

File name:ymsgr_suite_setup.exe
Publisher:Yahoo! Inc.
Description:Yahoo! Messenger
Typical file path:C:\users\user\appdata\Local\Temp\nst41CA.tmp\ymsgr_suite_setup.exe
File version:2012.05.30.01
Size:332.8 KB (340,792 bytes)
Certificate
Issued to:Yahoo! Inc.
Authority (CA):VeriSign
Effective date:Thursday, August 13, 2009
Expiration date:Monday, September 3, 2012
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details
Network connections
  • [UDP] listens on port 56759

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00262817%
    0.028634%
    Kernel CPU:0.00105414%
    0.013761%
    User CPU:0.00157403%
    0.014873%
    Kernel CPU time:17,441 ms/min
    100,923,805ms/min
    CPU cycles:3,819,737/sec
    17,470,203/sec
    Memory
    Private memory:17.51 MB
    21.59 MB
    Private (maximum):45 MB
    Private (minimum):10.1 MB
    Non-paged memory:17.51 MB
    21.59 MB
    Virtual memory:144.32 MB
    140.96 MB
    Virtual memory (peak):184.28 MB
    169.69 MB
    Working set:18.02 MB
    18.61 MB
    Working set (peak):47.04 MB
    37.95 MB
    Page faults:3,016,289/min
    2,039/min
    I/O
    I/O read transfer:48.61 KB/sec
    1.02 MB/min
    I/O read operations:3/sec
    343/min
    I/O write transfer:2.92 KB/sec
    274.99 KB/min
    I/O write operations:1/sec
    227/min
    I/O other transfer:823 Bytes/sec
    448.09 KB/min
    I/O other operations:13/sec
    1,671/min
    Resource allocations
    Threads:9
    12
    Handles:298
    600
    GUI GDI count:115
    103
    GUI GDI peak:144
    142
    GUI USER count:41
    49
    GUI USER peak:84
    71

    BehaviorsProcess properties

    Integrety level:High
    Platform:32-bit
    Command line:"C:\users\user\appdata\local\temp\nst41ca.tmp\ymsgr_suite_setup.exe" /yfn=msgr11us.exe /ybsini=C:\users\user\appdata\local\temp\nst41ca.tmp\bootst~1.ini
    Owner:User
    Parent process:msgr11us.exe (by Yahoo!)

    ResourcesThreads

    Averages
     
    ymsgr_suite_setup.exe (main module)
    Total CPU:0.14404751%
    0.272967%
    Kernel CPU:0.04017095%
    0.107585%
    User CPU:0.10387657%
    0.165382%
    CPU cycles:3,456,328/sec
    5,741,424/sec
    Context switches:5/sec
    79/sec
    Memory:2.32 MB
    1.16 MB
    ntdll.dll
    Total CPU:0.01174666%
    Kernel CPU:0.01174666%
    User CPU:0.00000000%
    CPU cycles:22,724/sec
    Memory:1.23 MB
    WININET.dll
    Total CPU:0.00007466%
    Kernel CPU:0.00007466%
    User CPU:0.00000000%
    CPU cycles:7,431/sec
    Memory:1.11 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Professional 100.00%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE