even if the signatures do verify, it would be a good idea to have BadBear take a look at the situation and see if his professional opinion is that the account is still hacked. If yahoo was infected with malware then it would be possible that the hacker was able to gain access to his private keys as well.