YANDEX.EXE

YANDEX.EXE

The file Yandex.exe has internal name: setup.exe. The file Yandex.exe description is: Software Installer. The file Yandex.exe is related to the Microsoft Corporation. The version of the file Yandex.exe: 3.0.5419.0. The Yandex.exe is a part of software product: Windows Installer XML LegalCopyright: Copyright (c) Microsoft Corporation.? All rights reserved..
The file Yandex.exe size is: 14 789 000 bytes.
Default location: %Temp%\is357113909\Yandex.exe
Yandex.exe MD5: A283B9B61F3B7DDE0F725E9D68134AC0
Yandex.exe SHA1: 4C61AC6B 3D56BDA5 E6564785 98A98D47 3586B652

Registry strings in the Yandex.exe:

“reg7E7D7C140044F44DA72DB2E4FF28A3CASoftware\Classes\CLSID\
“reg86A36994A85E8421CE942281D8970F27Software\Classes\CLSID\
.lnkremStartMenuDirBarremStartMenuDirYaoldvendor.xmlregNonMSIVersionremUnblockSoftware\Microsoft\Windows\CurrentVersion\Ext\Stats\
\1.0\FLAGS0reg92804E237A83656971D1594759C8481ASoftware\Classes\TypeLib\
\1.0\FLAGSreg3595D3AEB388937496E959CBEE9706C0Software\Classes\TypeLib\
\1.0\HELPDIRreg39588EAEEBF7663DC05E2A7816865CD0Software\Classes\yupdateexecutor.CoBitsWrapperreg3AF00F11A94043C761EEC121949FB611Software\Classes\yupdateexecutor.CoBitsWrapper\CLSID
\1.0praetorian 1.0 Type Libraryreg10F47C477ACB3384FAFDD7C7DB236398Software\Classes\TypeLib\
\1.0yupdateexecutor 1.0 Type Libraryreg74D7BC88F0D6160E880153F6B71E1102Software\Classes\TypeLib\
\iexploreremUnblock2Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
\LocalServer32reg989207A9DECA600AD2D10588167E5310Software\Classes\CLSID\
\ProgIDpraetorian.CoClass.1reg571276D2C68904BF8201747D9E3D2FDDSoftware\Classes\CLSID\
\ProgIDyupdateexecutor.CoBitsWrapper.1reg6921C56DF96872D24CA6582EE2B58812Software\Classes\CLSID\
\ProgIDyupdateexecutor.CoStatistic.1reg9F8E0633B8D669409472AA844C25BE5ESoftware\Classes\CLSID\
\Programmablereg105F038F5D2B97E340B1CE11C062F07BSoftware\Classes\CLSID\
\ProxyStubClsid32reg129EE7C99612531B9923EFE0767728D7Software\Classes\Interface\
\ProxyStubClsid32reg8D7C1CCC177C885F555C4136945EDED6Software\Classes\Interface\
\ProxyStubClsid32reg98F085086478415CCA5F7834C01C0AB8Software\Classes\Interface\
\ProxyStubClsid32regAFE5006D749BC22838CF1C72F5F47462Software\Classes\Interface\
\ProxyStubClsidreg387D718A10F15D63C4580D86EE2DD21ASoftware\Classes\Interface\
\ProxyStubClsidreg6E0B05A06A040B2EDD0FE80327824C89Software\Classes\Interface\
\ProxyStubClsidreg899D60CC57CB1BB9949A74E53C394DF7Software\Classes\Interface\
\Software\Classes\AppID\
\Software\Classes\AppID\praetorian.EXEreg96AB449C6191799B43B0BDA07CE029CD
\Software\Classes\AppID\yupdate-executor.EXEreg44A2449D12C8014CB969E4098327AF82
\Software\Classes\CLSID\
\Software\Classes\Interface\
\Software\Classes\praetorian.CoClass.1\CLSIDreg4D39E732E991E088098B66CA6BBDE3F9
\Software\Classes\praetorian.CoClass.1reg7DB504DF09FF6E33963620B780F4B1BF
\Software\Classes\praetorian.CoClass\CLSIDregECBB0FF30897EFA700594A105CE2EC57
\Software\Classes\praetorian.CoClass\CurVerreg17AE6A0BBEF6A3412B04DF8173A27218
\Software\Classes\praetorian.CoClassreg655A7101896DAA0DAC2252F645E67499
\Software\Classes\TypeLib\
\Software\Classes\yupdateexecutor.CoBitsWrapper.1\CLSIDreg38458C6C0E10D6553F8CA9E405AF6177
\Software\Classes\yupdateexecutor.CoBitsWrapper.1reg798DFCE235CC2426AD4481BC1321588A
\Software\Classes\yupdateexecutor.CoBitsWrapper\CLSIDreg06A714AD06782B2ACA7AE44D6428D4F7
\Software\Classes\yupdateexecutor.CoBitsWrapper\CurVerreg2A8FF08DF247032DAA7E0D0D749B877D
\Software\Classes\yupdateexecutor.CoBitsWrapperreg2CDB627C6C2993D387878237857C70FD
\Software\Classes\yupdateexecutor.CoStatistic.1\CLSIDregRealCULRAppPath
\Software\Classes\yupdateexecutor.CoStatistic.1reg35A5003020C961E16607E793B469FD09
\Software\Classes\yupdateexecutor.CoStatistic\CLSIDreg7442DC9CD7D0B3854427DB9D0199815E
\Software\Classes\yupdateexecutor.CoStatistic\CurVerregE1DE5A9BA3CCC449FB14050704FABCBC
\Software\Classes\yupdateexecutor.CoStatisticreg7E7E73C1B822B0B0E0452A912E16CFE7
\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
\Software\Microsoft\Internet Explorer\TabbedBrowsingSoftware\Microsoft\Internet Explorer\MainStart PageSOFTWARE\Microsoft\Internet Explorer\Version VectorIESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell FoldersAppDataLocal AppData
\Software\Microsoft\Windows\CurrentVersion\RunSoftware\Microsoft\Internet Explorer\TabbedBrowsingNewTabPageShow
\Software\Yandex\ToolbarVersionIntroduced6.7.0VersionIntroducedFxSoftware\Classes\AppID\praetorian.EXE
\TypeLibreg0504A201843850AAFBF8F386C898019Breg12C21FB3B0A12AC56E29B0FCE4209188Software\Classes\Interface\
\TypeLibreg3C45874CF69A73A98DC7842FA237B44A1.0regD13BFCCB807DA5DBEC08E1B1D8B53907Software\Classes\Interface\
\TypeLibregA9F8C7216371A298FE83017267D8DACEregCE0070E622083367091A64068784946ASoftware\Classes\praetorian.CoClassCoClass Class Classreg4D7FBDE71511C0F13F8872CF381A1ECASoftware\Classes\praetorian.CoClass\CLSID
\TypeLibregD0C0205C743985B5335E9B8B0760944Areg435203377BE92D7DAAEDD6932D976463Software\Classes\TypeLib\
\TypeLibregFCCD649C4610DA7AE491035B486BDAE6Software\Classes\CLSID\
\VersionIndependentProgIDpraetorian.CoClassreg2370742DAFF69E32614C6A82D769BA50Software\Classes\Interface\
\VersionIndependentProgIDyupdateexecutor.CoBitsWrapperregAE923244B64F93743E69763B941E40FASoftware\Classes\CLSID\
\VersionIndependentProgIDyupdateexecutor.CoStatisticregA18C14F80500E3A45E254F975D56CC49Software\Classes\Interface\
CoBitsWrapper Classreg9FCAA29752DC2966D0CDBF68B003A4D8Software\Classes\CLSID\
CoClass Classreg6C8DC5B821FE431DA12CD23A5D2ABC84Software\Classes\CLSID\
CoStatistic ClassregB52AD8EEA1A5A4B20BE6E8A6C5654E47Software\Classes\CLSID\
IBitsWrapperregE9652FBA6E8E6FC8500F0879AF34817FSoftware\Classes\Interface\
IObfuscatedreg44EF71328B1F89855D53529BC52AA413Software\Classes\Interface\
is1UninstallStringDisplayVersionSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\
IStatistic2reg71F278EAE1EB6B74CA84D940138FA90BSoftware\Classes\Interface\
IStatisticreg560039D552E839B692C93FE0AC8B13FFSoftware\Classes\Interface\
praetorianreg5EA56A521EB6DAA3F2133C40D64DA70ESoftware\Classes\CLSID\
reg06236C46A14EF969DB69427391880098Software\Classes\CLSID\
reg22EC0724451D76EF1D7AAA9BCC8AB283Software\Classes\praetorian.CoClass\CurVerregE53776C9D42FAC68D6CF7C25725344CBSoftware\Classes\praetorian.CoClass.1reg9065CD9962590ADF157F7167178245DCSoftware\Classes\praetorian.CoClass.1\CLSIDreg59E5DDF14F70BEB9BFC899AECD4474CCSoftware\Classes\TypeLib\
reg3256BF0393B8849498B1BE489E107DE9Software\Classes\CLSID\
reg36A7F4EC8E85B06DCEE8DFA7482F27F5Software\Classes\yupdateexecutor.CoStatistic\CurVerreg4606A39353ED7DC9FEFCE6303FEF919DSoftware\Classes\yupdateexecutor.CoStatistic.1reg308AD7B5AF7904931BD3A25032A8C0BASoftware\Classes\yupdateexecutor.CoStatistic.1\CLSIDregCULRAppPathSoftware\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
reg64D88C99E0C43EA572363A741A323928Software\Classes\TypeLib\
reg84C5958CC5055A2D1AB585D889D176E6Software\Classes\AppID\
reg9FA8E2D4DEDF1BCE7D29D018A6B24565Software\Classes\Interface\
regA583D20AB1C167E5081CCC4AEAA3EF4CSoftware\Classes\yupdateexecutor.CoBitsWrapper\CurVerregAAC1DF4BC66EC18AB6209C41CD97204ASoftware\Classes\yupdateexecutor.CoBitsWrapper.1regF88040B6DABF739467E1B59368137095Software\Classes\yupdateexecutor.CoBitsWrapper.1\CLSIDreg765C79B2AFF0401540276393A601DB73Software\Classes\yupdateexecutor.CoStatisticreg87E47198C9B9B371980DD8B9C231DC59Software\Classes\yupdateexecutor.CoStatistic\CLSID
regA91E2937E721501344E3B1A4EF76EC82Software\Classes\CLSID\
regAppDataLowSoftwareregAppDataLowSoftwareAppDataLow\Software\processXmlset
regAppDataLowSoftwareregAppDataLowSoftwareAppDataLow\Software\ShowEULAextractBinprocessXmlPreventDowngradingSilentsendErrset
regCULRPRTAppNameregCULRPRTPolicyregCULowRightsPRTSoftware\Microsoft\Windows\CurrentVersion\RunPraetorian
regCULRPRTAppPathSoftware\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
regD48F2F38CC5DC328603EA3918EA0A7B5Software\Classes\AppID\
regFA2F17F60F7B8230B35C32897299CFF6Software\Classes\TypeLib\
Software\Microsoft\Internet Explorer\MainStart PageSOFTWARE\Microsoft\Internet Explorer\Version VectorIESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\
Yandex\Toolbar.DEFAULT\Software\
Yandex\Toolbar-Software\Classes\AppID\yupdate-executor.EXEAppID
Yandex\ToolbarSoftware\Yandex\ToolbarUpdatehttp://download.yandex.ru/bar/ie/trtest/version.rss
YAQSEARCHremKeySoftware\
yupdateexecutorregCC88369DE64FE816714DA966E218D80CSoftware\Classes\CLSID\

The YANDEX.EXE related files:
.DLL or .EXE ADVAPI32.dll barlegacy.dll basepackage.zipyndbaryndbar.dllpartnerBtnpartner.xmlACCELERATORS CheckEcryption.dll COMCTL32.dll failed to get handle to kernel32.dll fastdial.dll fastdial.dllfdTabbedBrowsing Found Wow64 API, but unable to link to Wow64DisableWow64FsRedirection function in kernel32.dll Found Wow64 API, but unable to link to Wow64RevertWow64FsRedirection function in kernel32.dll functional.precompiled.binunins000.exeunins000.datinstutil.dllBar.urlfhalz9hx.url instUtilCA.dll KERNEL32.dll msi.dll ole32.dll OLEAUT32.dll Secur32.dll Seeder.dll SHELL32.dll SHLWAPI.dll SRS64.dll USER32.DLL VERSION.dll wixca.dll WTSAPI32.dll yndbar.dll

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit is required. Reviews. EULA. Privacy Policy.

Leave a Reply