Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

8, 0, 6008, 0 33.33%
8, 0, 6007, 0 33.33%
8, 0, 6003, 0 33.33%

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
RegCloseKey, RegOpenKeyA, RegCreateKeyExA, RegSetValueExA, RegOpenKeyExA, RegQueryValueExA, GetUserNameW, OpenThreadToken, GetTokenInformation, OpenProcessToken, DuplicateTokenEx, GetLengthSid, SetTokenInformation, CreateProcessAsUserW, RegCreateKeyExW, RegEnumValueW, RegQueryInfoKeyW, RegOpenKeyExW, RegQueryValueExW, RegisterEventSourceA, ReportEventA, DeregisterEventSource, RegDeleteKeyW, LookupPrivilegeValueW, RegSetValueExW, RegEnumKeyW, RegOpenKeyW, RegCreateKeyW, RegDeleteValueW, RegEnumKeyExW, AdjustTokenPrivileges
comctl32.dll
ImageList_Create, ImageList_Destroy, PropertySheetW, ImageList_ReplaceIcon, ImageList_SetBkColor
comdlg32.dll
GetOpenFileNameW, ChooseFontW, ChooseColorW, GetSaveFileNameW
crypt32.dll
CertFindRDNAttr, CryptQueryObject, CryptMsgGetParam, CertEnumCertificatesInStore, CryptDecodeObjectEx, CertFreeCertificateContext, CryptMsgClose, CertCreateCertificateContext, CertGetCertificateChain, CertFreeCertificateChain
ddraw.dll
DirectDrawCreateEx
dnsapi.dll
DnsFree, DnsQuery_W
gdi32.dll
SetBkMode, BitBlt, CreateDIBSection, CreateCompatibleDC, SetDIBits, GetDIBits, CreateSolidBrush, GetDeviceCaps, SelectObject, SetDIBitsToDevice, SelectClipRgn, GetClipRgn, CreateRoundRectRgn, StretchBlt, SetPixel, ExtTextOutW, CreatePen, LineTo, GetPixel, SetViewportOrgEx, GetStockObject, Rectangle, SetDCBrushColor, SetDCPenColor, GetViewportOrgEx, CreateDCA, MoveToEx, CreateCompatibleBitmap, DeleteDC, SetTextColor, GetTextExtentPoint32W, CreateFontIndirectW, TextOutW, SetBkColor, ExcludeClipRect, PatBlt, GetBitmapBits, GetTextMetricsW, GdiAlphaBlend, SetStretchBltMode, StretchDIBits, SetICMMode, GetColorSpace, GetLogColorSpaceW, TranslateCharsetInfo, GetTextColor, CreateRectRgn, GdiFlush, GetObjectW, SelectPalette, RealizePalette, CreateBitmap, RoundRect, Polygon, GetObjectA, CreateFontW, DeleteObject
gdiplus.dll
GdipGetImagePixelFormat, GdipSaveImageToStream, GdipCreateFontFromLogfontW, GdipCreateRegion, GdipGetClip, GdipSetClipRegion, GdipSetClipRectI, GdipMeasureString, GdipDrawString, GdipSetPageUnit, GdipFree, GdipAddPathArcI, GdipAddPathLineI, GdipClosePathFigure, GdipSetStringFormatTrimming, GdipGetStringFormatFlags, GdipSetStringFormatFlags, GdipCloneStringFormat, GdipDeleteRegion, GdipStringFormatGetGenericTypographic, GdipDeleteStringFormat, GdipSetLinePresetBlend, GdipCreateFontFromLogfontA, GdipCreateFontFromDC, GdipDeleteFont, GdipSetClipPath, GdipFillPath, GdipSetSmoothingMode, GdipCreateFromHDC, GdipAddPathBezier, GdipAddPathLine, GdipCreateLineBrushFromRect, GdipDeletePath, GdipCreatePath, GdiplusShutdown, GdiplusStartup, GdipCloneImage, GdipCloneBrush, GdipDrawImageRectRectI, GdipFillRectangleI, GdipSetInterpolationMode, GdipGetImageGraphicsContext, GdipCreateSolidFill, GdipGetImageEncoders, GdipGetImageEncodersSize, GdipCreateBitmapFromScan0, GdipGetImageHeight, GdipGetImageWidth, GdipSaveImageToFile, GdipDisposeImage, GdipLoadImageFromStreamICM, GdipLoadImageFromStream, GdipLoadImageFromFileICM, GdipLoadImageFromFile, GdipDeleteGraphics, GdipDeleteBrush, GdipAlloc, GdipSetTextRenderingHint
iphlpapi.dll
GetIpForwardTable, SendARP, GetBestInterface, GetIpAddrTable, GetNetworkParams
kernel32.dll
DllMain
msimg32.dll
GradientFill, AlphaBlend
netapi32.dll
NetApiBufferFree, NetUserEnum, NetUserGetInfo
ole32.dll
CoUninitialize, IsAccelerator, CoCreateInstance, OleRun, OleDraw, CoInitialize, OleUninitialize, CoInitializeEx, OleInitialize, StgCreateDocfileOnILockBytes, CreateILockBytesOnHGlobal, CoSetProxyBlanket, CoInitializeSecurity, CoTaskMemFree, StringFromCLSID, CoTaskMemAlloc, CoTaskMemRealloc, StringFromGUID2, OleLockRunning, CoGetClassObject, OleCreate, OleSetContainedObject, RevokeDragDrop, RegisterDragDrop, CreateStreamOnHGlobal, CLSIDFromProgID, CLSIDFromString, PropVariantClear, CoGetMalloc, CreateBindCtx, CoFreeUnusedLibraries, CoFileTimeNow
psapi.dll
EnumProcessModules, EnumProcesses, GetModuleFileNameExW, GetModuleBaseNameW
rpcrt4.dll
UuidToStringW, NdrServerCall2, NdrClientCall2, RpcStringBindingComposeW, UuidFromStringW, RpcBindingSetOption, RpcBindingFree, RpcStringFreeW, RpcServerUseProtseqEpW, RpcServerRegisterIf, RpcServerListen, RpcMgmtWaitServerListen, RpcServerUnregisterIf, RpcMgmtStopServerListening, RpcBindingFromStringBindingW, UuidCreate
shell32.dll
DragAcceptFiles, SHGetSpecialFolderPathW, SHBrowseForFolderW, DragFinish, DragQueryFileW, SHAppBarMessage, FindExecutableW, ShellExecuteW, SHCreateDirectoryExW, SHGetPathFromIDListW, SHGetDesktopFolder, SHGetMalloc, ShellExecuteExW, SHGetFolderPathW, Shell_NotifyIconW
shlwapi.dll
PathIsRootW, PathIsRelativeW, PathIsDirectoryW, UrlCanonicalizeW, SHStrDupW, SHDeleteKeyW
urlmon.dll
UrlMkGetSessionOption
user32.dll
DllMain
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
vivo.dll
DllMain
winhttp.dll
WinHttpGetIEProxyConfigForCurrentUser
wininet.dll
InternetQueryOptionW, FindCloseUrlCache, FindNextUrlCacheEntryA, DeleteUrlCacheEntryA, FindFirstUrlCacheEntryA, InternetGetCookieExW, InternetSetCookieExW, InternetSetOptionW
winmm.dll
mixerGetLineControlsA, mixerGetDevCapsW, waveInGetDevCapsW, waveOutGetDevCapsW, mciGetErrorStringW, mciSendCommandW, waveInGetNumDevs, timeGetTime, mixerSetControlDetails, timeBeginPeriod, waveOutGetNumDevs, timeEndPeriod, timeKillEvent, timeSetEvent, waveInStart, waveInPrepareHeader, waveInAddBuffer, waveOutUnprepareHeader, waveInUnprepareHeader, waveOutReset, waveOutPrepareHeader, waveInReset, waveInStop, mixerGetNumDevs, waveInClose, mixerGetDevCapsA, waveInOpen, waveOutGetDevCapsA, waveInGetDevCapsA, waveInGetPosition, waveOutGetPosition, waveOutWrite, waveOutSetVolume, waveOutGetVolume, mixerGetLineInfoA, mixerGetControlDetailsA, mixerClose, waveOutOpen, mixerGetID, mixerOpen, waveOutClose
wintrust.dll
WinVerifyTrust
ws2_32.dll
WSAWaitForMultipleEvents, WSAIoctl, WSARecvFrom, WSASendTo, WSAEnumProtocolsA, WSASocketA, WSAResetEvent, getaddrinfo, freeaddrinfo, WSAStringToAddressA, WSASocketW, getnameinfo, WSACloseEvent, WSACreateEvent, WSAAddressToStringA, WSAEventSelect, WSAEnumNetworkEvents
wtsapi32.dll
WTSRegisterSessionNotification

icq.exe

ICQ by I C Q LTD (Signed)

Remove icq.exe
Version:   8, 0, 6007, 0
MD5:   27c8206c2bb08a13468163789a8728c2
SHA1:   f939e49181f6c600f86cff78a135c950edb1f29a
SHA256:   75478231dcfb92b672ee469a0e16b3b1f7392f4ced29ab6dee5201a78c051a28

Overview

icq.exe executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The file is digitally signed by I C Q LTD which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:icq.exe
Publisher:ICQ
Product name:ICQ
Typical file path:C:\users\user\appdata\roaming\icqm\icq.exe
File version:8, 0, 6007, 0
Size:26.18 MB (27,453,288 bytes)
Certificate
Issued to:I C Q LTD
Authority (CA):VeriSign
Effective date:Wednesday, July 4, 2012
Expiration date:Monday, July 8, 2013
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'ICQ' → C:\users\user\appdata\Roaming\ICQM\icq.exe -CU

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00128983%
0.028634%
Kernel CPU:0.00068075%
0.013761%
User CPU:0.00060909%
0.014873%
Kernel CPU time:608 ms/min
100,923,805ms/min
CPU cycles:5,379,476/sec
17,470,203/sec
Memory
Private memory:57.27 MB
21.59 MB
Private (maximum):69.69 MB
Private (minimum):15.47 MB
Non-paged memory:57.27 MB
21.59 MB
Virtual memory:222.98 MB
140.96 MB
Virtual memory (peak):233.73 MB
169.69 MB
Working set:27.64 MB
18.61 MB
Working set (peak):77.52 MB
37.95 MB
Page faults:65,227/min
2,039/min
I/O
I/O read transfer:10.75 KB/sec
1.02 MB/min
I/O read operations:14/sec
343/min
I/O write transfer:1003 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:1.76 KB/sec
448.09 KB/min
I/O other operations:16/sec
1,671/min
Resource allocations
Threads:11
12
Handles:1007
600
GUI GDI count:146
103
GUI GDI peak:155
142
GUI USER count:97
49
GUI USER peak:109
71

BehaviorsProcess properties

Integrety level:High
Platform:64-bit
Command line:"C:\users\user\appdata\roaming\icqm\icq.exe" -cu
Owner:User
Parent process:explorer.exe (Windows Explorer by Microsoft Corporation)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Basic 33.33%
Microsoft Windows XP 33.33%
Windows 7 Ultimate 33.33%

Distribution by countryDistribution by country

Russia installs about 33.33% of ICQ.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 66.67%
ASUS 33.33%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE