YahooMessenger.exe
Yahoo! Messenger by Yahoo! Inc. (Signed)
| Version: | 11,5,0,0192 |
| MD5: | 6cb991e0323ce1901c0dd5857418e0f2 |
| SHA1: | 30cd6e29bee7300ec95bf6ca2d002090d6a1b1d0 |
| SHA256: | 70a52109c9a5db932f0aea60cbf7f5af7747f5433446cbe133b236f9f0ab7a4d |
What is YahooMessenger.exe?
Yahoo! Messenger (YIM) is an ad-supported instant messaging client and protocol by Yahoo!. Yahoo! Messenger is provided free of charge and can be downloaded and used with a generic "Yahoo! ID" which also allows access to other Yahoo! services, such as Yahoo! Mail, where users can be automatically notified when they receive new email.
About YahooMessenger.exe (from Yahoo! Inc.)
“Just sign into Yahoo! Mail to enjoy the same Yahoo! Messenger for the Web service you know and love. Yahoo! Messenger within Yahoo! Mail also allows you to chat with your Facebook and Windows Live fri”
Details
| File name: | YahooMessenger.exe |
| Publisher: | Yahoo! Inc. |
| Product name: | Yahoo! Messenger |
| Typical file path: | C:\Program Files\Yahoo!\messenger\yahoomessenger.exe |
| File version: | 11,5,0,0192 |
| Size: | 6.29 MB (6,591,800 bytes) |
| Certificate |
| Issued to: | Yahoo! Inc. |
| Authority (CA): | VeriSign |
| Effective date: | Wednesday, August 12, 2009 |
| Expiration date: | Sunday, September 2, 2012 |
| Digital DNA |
| PE subsystem: | Windows GUI |
| Entropy: | 6.472139 |
| File packed: | No |
| Code language: | Microsoft Visual C++ 8.0 |
| .NET CLR: | No |
More details
Programs
The following programs will install this file
Yahoo! Messenger (YIM) is an ad-supported instant messaging client and protocol by Yahoo!. Yahoo! Messenger is provided free of charge and can be downloaded and used with a generic "Yahoo! ID" which also allows access to other Yahoo! services, such as Yahoo! Mail, where users can be automatically notified when they receive new email.
“Just sign into Yahoo! Mail to enjoy the same Yahoo! Messenger for the Web service you know and love. Yahoo! Messenger within Yahoo! Mail also allows you to chat with your Facebook and Windows Live friends without requiring any installation. Send text messages in real-time to your friends on Yahoo! 7 or Windows Live™ Messenger. Share photos from your desktop or Flickr, then discuss them over IM while you and a friend view them together....”
AT&T Yahoo! Messenger is an AT&T branded version of Y! Messenger.
Yahoo Install Manager manages Yahoo program downloads and installations. The install manager keeps track of such programs and assists in the installations to put things in their proper places.
Verizon Yahoo! Messenger is an AVerizon branded version of Y! Messenger.
Behaviors
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'Yahoo! Pager' → "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
- 'Messenger (Yahoo!)' → "C:\Program Files1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe'
- Firewall exception for 'C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe'
- Firewall exception for 'C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe'
Scheduled tasks
- The task '{FF8FDDAA-FA1C-4738-BB7B-E5395E714A5C}' runs on registration in the path '\{FF8FDDAA-FA1C-4738-BB7B-E5395E714A5C}'
- The job '{FEE0E7C4-2471-421A-B7F2-B7FCDE86041F}' runs on registration in the path '\{FEE0E7C4-2471-421A-B7F2-B7FCDE86041F}'
- The task '{FE9DD168-2242-4692-9518-F849B006B42E}' runs on registration in the path '\{FE9DD168-2242-4692-9518-F849B006B42E}'
- The job '{FE1C49CC-7C9E-41AB-8701-EB745F8F8B56}' runs on registration in the path '\{FE1C49CC-7C9E-41AB-8701-EB745F8F8B56}'
- The task '{FB9D3C00-9DBC-4D9A-81CF-524478AD3C0E}' runs on registration in the path '\{FB9D3C00-9DBC-4D9A-81CF-524478AD3C0E}'
- The task '{FA79B2F5-7E02-4809-8B35-37242B09F0D8}' runs on registration in the path '\{FA79B2F5-7E02-4809-8B35-37242B09F0D8}'
- The job '{F83786B3-255D-426C-8E5F-168388CB160D}' runs on registration in the path '\{F83786B3-255D-426C-8E5F-168388CB160D}'
- The task '{F029C03D-44A7-4F3C-816A-B58D7D9F118B}' runs on registration in the path '\{F029C03D-44A7-4F3C-816A-B58D7D9F118B}'
- The job '{E8178761-9854-4275-9D41-EDE6CF69B80D}' runs on registration in the path '\{E8178761-9854-4275-9D41-EDE6CF69B80D}'
- The job '{DD6C57E2-0A17-411F-A257-F27B425B1E2F}' runs on registration in the path '\{DD6C57E2-0A17-411F-A257-F27B425B1E2F}'
- The task '{DCD0C27A-7B98-4496-8BB0-54774348BE49}' runs on registration in the path '\{DCD0C27A-7B98-4496-8BB0-54774348BE49}'
- The job '{D4A77F9F-4019-4429-9E31-6B4663884D3E}' runs on registration in the path '\{D4A77F9F-4019-4429-9E31-6B4663884D3E}'
- The job '{D14D6992-E2DB-4701-8A81-95FA01C505D3}' runs on registration in the path '\{D14D6992-E2DB-4701-8A81-95FA01C505D3}'
- The task '{CE655DCC-E3B1-4DEA-BC23-E1FA4814A5F3}' runs on registration in the path '\{CE655DCC-E3B1-4DEA-BC23-E1FA4814A5F3}'
- The task '{CA6ABFEE-82B1-48B9-8C64-2AB8BF2FF498}' runs on registration in the path '\{CA6ABFEE-82B1-48B9-8C64-2AB8BF2FF498}'
- The job '{C6969615-5B0C-4F8D-84F3-AD11330140E6}' runs on registration in the path '\{C6969615-5B0C-4F8D-84F3-AD11330140E6}'
- The task '{BE61EF52-4612-49A3-9671-C4AF05E53DC7}' runs on registration in the path '\{BE61EF52-4612-49A3-9671-C4AF05E53DC7}'
- The job '{AD0A62EE-2740-442F-9BC9-FFBA94D282D0}' runs on registration in the path '\{AD0A62EE-2740-442F-9BC9-FFBA94D282D0}'
- The task '{A8F88BC7-0E3B-4FA2-84E9-E9989331C21B}' runs on registration in the path '\{A8F88BC7-0E3B-4FA2-84E9-E9989331C21B}'
- The job '{A471C0C4-3177-417F-8A98-F9F376A9B149}' runs on registration in the path '\{A471C0C4-3177-417F-8A98-F9F376A9B149}'
- The task '{A34D260B-18EE-403F-B589-12DA6124FAB7}' runs on registration in the path '\{A34D260B-18EE-403F-B589-12DA6124FAB7}'
- The task '{9CB61C15-ACD2-4FF6-9262-DDE56B2EF936}' runs on registration in the path '\{9CB61C15-ACD2-4FF6-9262-DDE56B2EF936}'
Network connections
Access through an approved Windows firewall exception
[TCP] sip102-p1.voice.ne1.yahoo.com (98.138.26.65:443)
[TCP] sip103-p2.voice.ne1.yahoo.com (98.138.26.70:443)
[TCP] bzq-25-65-17.static.bezeqint.net (212.25.65.17:80)
[TCP] sip105-p2.voice.ne1.yahoo.com (98.138.26.78:5050)
[TCP] sip114p1.us1.voice.gq1.yahoo.com (66.196.122.44:443)
[TCP] cs208p2.msg.ac4.yahoo.com (67.195.187.197:5050)
[UDP] listens on port 1055
[UDP] listens on port 50409
[UDP] listens on port 51880
[UDP] listens on port 61533
[UDP] listens on port 55468
[UDP] listens on port 52129
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.01114319% | |
| Kernel CPU: | 0.00779671% | |
| User CPU: | 0.00334648% | |
| Kernel CPU time: | 123,097 ms/min | |
| CPU cycles: | 8,074,882/sec | |
| Context switches: | 245/sec | |
| Memory |
| Private memory: | 67.51 MB | |
| Private (maximum): | 61.25 MB | |
| Private (minimum): | 30.16 MB | |
| Non-paged memory: | 67.51 MB | |
| Virtual memory: | 265.83 MB | |
| Virtual memory (peak): | 289.63 MB | |
| Working set: | 48.82 MB | |
| Working set (peak): | 66.75 MB | |
| Page faults: | 3,397,266/min | |
| I/O |
| I/O read transfer: | 71.43 KB/sec | |
| I/O read operations: | 32/sec | |
| I/O write transfer: | 1.48 KB/sec | |
| I/O write operations: | 5/sec | |
| I/O other transfer: | 10.31 KB/sec | |
| I/O other operations: | 244/sec | |
| Resource allocations |
| Threads: | 26 | |
| Handles: | 2120 | |
| GUI GDI count: | 796 | |
| GUI GDI peak: | 760 | |
| GUI USER count: | 229 | |
| GUI USER peak: | 318 | |
Process properties
| Integrety level: | Medium |
| Platform: | 64-bit |
| Command lines: |
- "C:\Program Files\yahoo!\messenger\yahoomessenger.exe" /cookieproxy
- "C:\Program Files\yahoo!\messenger\yahoomessenger.exe" -quiet
- "C:\Program Files\yahoo!\messenger\yahoomessenger.exe"
|
| Owner: | User |
| Parent processes: |
|
Threads
Averages
| YahooMessenger.exe (main module) |
| Total CPU: | 0.05422134% | |
| Kernel CPU: | 0.02487194% | |
| User CPU: | 0.02934940% | |
| CPU cycles: | 10,138,203/sec | |
| Context switches: | 31/sec | |
| Memory: | 6.39 MB | |
| mshtml.dll (Windows Internet Explorer by Microsoft) |
| Total CPU: | 0.03478871% | |
| Kernel CPU: | 0.02596432% | |
| User CPU: | 0.00882439% | |
| CPU cycles: | 768,874/sec | |
| Context switches: | 16/sec | |
| Memory: | 13.69 MB | |
| MSVCR80.dll |
| Total CPU: | 0.01857525% | |
| Kernel CPU: | 0.00478453% | |
| User CPU: | 0.01379072% | |
| CPU cycles: | 370,801/sec | |
| Memory: | 620 KB | |
| ntdll.dll |
| Total CPU: | 0.01829970% | |
| Kernel CPU: | 0.00784273% | |
| User CPU: | 0.01045697% | |
| Context switches: | 1/sec | |
| Memory: | 712 KB | |
| wow64.dll |
| Total CPU: | 0.00211273% | |
| Kernel CPU: | 0.00023109% | |
| User CPU: | 0.00188164% | |
| CPU cycles: | 108,642/sec | |
| Memory: | 252 KB | |
| ymsdk.dll (by Yahoo!) |
| Total CPU: | 0.00209887% | |
| Kernel CPU: | 0.00140552% | |
| User CPU: | 0.00069335% | |
| CPU cycles: | 1,201/sec | |
| Memory: | 3.89 MB | |
| mgsweetim.dll (SweetIM by SweetIM Technologies Ltd) |
| Total CPU: | 0.00177321% | |
| Kernel CPU: | 0.00151989% | |
| User CPU: | 0.00025332% | |
| CPU cycles: | 301,250/sec | |
| Context switches: | 3/sec | |
| Memory: | 636 KB | |
| msvcrt.dll |
| Total CPU: | 0.00101820% | |
| Kernel CPU: | 0.00000000% | |
| User CPU: | 0.00101820% | |
| CPU cycles: | 33,205/sec | |
| Memory: | 708 KB | |
| flash.ocx (Shockwave Flash by Adobe Systems) |
| Total CPU: | 0.00025405% | |
| Kernel CPU: | 0.00025405% | |
| User CPU: | 0.00000000% | |
| CPU cycles: | 860,780/sec | |
| Context switches: | 51/sec | |
| Memory: | 11.52 MB | |
| flash32_11_5_502_146.ocx (Shockwave Flash by Adobe Systems) |
| Total CPU: | 0.00011382% | |
| Kernel CPU: | 0.00005938% | |
| User CPU: | 0.00005444% | |
| CPU cycles: | 57,425/sec | |
| Context switches: | 4/sec | |
| Memory: | 14.77 MB | |
| WINMM.dll |
| Total CPU: | 0.00004954% | |
| Kernel CPU: | 0.00004954% | |
| User CPU: | 0.00000000% | |
| CPU cycles: | 1,091/sec | |
| Memory: | 200 KB | |
| WININET.dll |
| Total CPU: | 0.00004943% | |
| Kernel CPU: | 0.00002472% | |
| User CPU: | 0.00002472% | |
| CPU cycles: | 12,001/sec | |
| Memory: | 1.11 MB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
54.00% |
|
| Microsoft Windows XP |
17.50% |
|
| Windows 7 Ultimate |
13.00% |
|
| Windows 8 Pro |
4.00% |
|
| Windows 8 |
2.00% |
|
| Windows 8 Pro with Media Center |
1.50% |
|
| Windows 7 Professional |
1.50% |
|
| Windows Seven Black Edition |
1.50% |
|
| Windows 8 Single Language |
1.50% |
|
| Windows 7 Home Basic |
1.50% |
|
| Windows Vista Home Premium |
1.50% |
|
| Windows 8.1 Single Language Preview |
0.50% |
|
Distribution by country
United States installs about 59.49% of Yahoo! Messenger.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Toshiba |
59.81% |
|
| Dell |
15.58% |
|
| ASUS |
6.23% |
|
| Hewlett-Packard |
4.67% |
|
| Acer |
4.67% |
|
| American Megatrends |
4.05% |
|
| GIGABYTE |
2.18% |
|
| Compaq |
0.62% |
|
| Lenovo |
0.62% |
|
| Intel |
0.62% |
|
| Sony |
0.62% |
|
| Sahara |
0.31% |
|
