Should I block it?

No, this file is 100% safe to run.

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegQueryValueExW, RegQueryInfoKeyW, RegSetValueExW, RegCreateKeyExW, RegDeleteValueW, RegDeleteKeyW, RegOpenKeyExW, RegEnumKeyExW, RegCloseKey, OpenProcessToken, GetTokenInformation, GetUserNameW, RegOverridePredefKey, RegEnumValueW
kernel32.dll
Sleep, InterlockedIncrement, InterlockedDecrement, CloseHandle, WaitForSingleObject, LoadLibraryExW, CreateEventW, GetCurrentThreadId, SetEvent, GetCommandLineW, FindResourceW, LoadResource, SizeofResource, MultiByteToWideChar, FreeLibrary, GetModuleFileNameW, lstrcmpiW, GetModuleHandleW, GetProcAddress, GetLastError, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, lstrlenW, CreateThread, RemoveDirectoryW, lstrlenA, CompareStringA, GetLocaleInfoW, GetProcessHeap, SetEndOfFile, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetEnvironmentVariableW, SetEnvironmentVariableA, LoadLibraryA, InitializeCriticalSectionAndSpinCount, IsValidLocale, EnumSystemLocalesA, GetUserDefaultLCID, GetStringTypeA, GetLocaleInfoA, FlushFileBuffers, CreateFileW, CreateFileA, GetConsoleMode, GetConsoleCP, ReadFile, SetFilePointer, SetStdHandle, GetTimeZoneInformation, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, HeapSize, GetModuleFileNameA, WriteFile, ExitProcess, GetStartupInfoA, GetStdHandle, SetHandleCount, GetModuleHandleA, IsValidCodePage, GetOEMCP, GetACP, HeapReAlloc, VirtualAlloc, VirtualFree, HeapCreate, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, WideCharToMultiByte, GetVersionExW, GetCurrentProcess, LoadLibraryW, FindFirstFileW, FindClose, CopyFileW, DeleteFileW, FindNextFileW, GetTempPathW, CreateMutexW, ReleaseMutex, SetLastError, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, CompareStringW, Process32NextW, ExpandEnvironmentStringsW, CreateProcessW, GetExitCodeProcess, MoveFileW, LocalFree, InterlockedCompareExchange, InterlockedExchange, GetSystemTimeAsFileTime, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapFree, RtlUnwind, HeapAlloc, GetStartupInfoW, FileTimeToSystemTime, FileTimeToLocalFileTime, GetFileInformationByHandle, PeekNamedPipe, GetFileType, CreateDirectoryW, LCMapStringA, LCMapStringW, GetCPInfo, GetStringTypeW
ole32.dll
CoTaskMemAlloc, CoTaskMemRealloc, CoTaskMemFree, StringFromGUID2, CoCreateInstance, CoUninitialize, CoCreateGuid, StringFromCLSID, CLSIDFromString, OleRun, CoSuspendClassObjects, CoRevokeClassObject, CoRegisterClassObject, CoResumeClassObjects, CoInitializeEx
rpcrt4.dll
CStdStubBuffer_Invoke, CStdStubBuffer_IsIIDSupported, CStdStubBuffer_CountRefs, CStdStubBuffer_DebugServerQueryInterface, CStdStubBuffer_DebugServerRelease, CStdStubBuffer_Disconnect, CStdStubBuffer_Connect, CStdStubBuffer_AddRef, CStdStubBuffer_QueryInterface, NdrStubCall2, NdrStubForwardingFunction, IUnknown_Release_Proxy, IUnknown_AddRef_Proxy, IUnknown_QueryInterface_Proxy, NdrOleFree, NdrOleAllocate, NdrCStdStubBuffer_Release, NdrCStdStubBuffer2_Release
shell32.dll
SHGetSpecialFolderPathW, SHCreateDirectoryExW, SHFileOperationW
user32.dll
CharUpperW, CharNextW, PostThreadMessageW, TranslateMessage, GetMessageW, DispatchMessageW
version.dll
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW

yupdate-ctrl.exe

Yandex updater by OOO Yandex (Signed)

Remove yupdate-ctrl.exe
Version:   1.0.4.1651
MD5:   7fb282509685c53edf1be190353913fb
SHA1:   8eba4e17d91974514740e4199c44e7028bd2bb16
SHA256:   01f0e40a06bc3c1db24dce3604a20e13f15e94d426457bfe12cff3f23f35dfea

Overview

yupdate-ctrl.exe executes as a process with the local user's privileges typically within the context of its parent svchost.exe (Host Process for Windows Services by Microsoft Corporation). The file is digitally signed by OOO Yandex which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:yupdate-ctrl.exe
Publisher:Yandex LLC
Product name:Yandex updater
Description:Yandex updater (CU)
Typical file path:C:\Documents and Settings\user\Application data\yandex\updater\yupdate-ctrl.exe
File version:1.0.4.1651
Size:495.88 KB (507,776 bytes)
Certificate
Issued to:OOO Yandex
Authority (CA):VeriSign
Effective date:Thursday, February 4, 2010
Expiration date:Monday, February 4, 2013
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.01109723%
0.028634%
Kernel CPU:0.00766246%
0.013761%
User CPU:0.00343478%
0.014873%
Kernel CPU time:17,004,367 ms/min
100,923,805ms/min
Memory
Private memory:1.27 MB
21.59 MB
Private (maximum):4.11 MB
Private (minimum):2.79 MB
Non-paged memory:1.27 MB
21.59 MB
Virtual memory:45.96 MB
140.96 MB
Virtual memory (peak):49.98 MB
169.69 MB
Working set:3.17 MB
18.61 MB
Working set (peak):4.13 MB
37.95 MB
Resource allocations
Threads:4
12
Handles:88
600
GUI GDI count:4
103
GUI GDI peak:4
142
GUI USER count:2
49
GUI USER peak:1
71

BehaviorsProcess properties

Integrety level:High
Platform:32-bit
Command lines:
  • "C:\users\user\appdata\local\yandex\updater\yupdate-ctrl.exe" -embedding
  • "C:\Documents and Settings\user\Application data\yandex\updater\yupdate-ctrl.exe" -embedding
Owner:User
Parent process:svchost.exe (Host Process for Windows Services by Microsoft Corporation)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 50.00%
Microsoft Windows XP 50.00%

Distribution by countryDistribution by country

Russia installs about 50.00% of Yandex updater.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
ASUS 50.00%
Dell 50.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE