ICQ Sniff

Description: Keylogger
Risk Level: Low
Date of First Occurence: Tuesday, April 15, 2008
Software Developer: (unknown)
Brief Info: Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
Removal: This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "ICQ Sniff"

Threat Info

View All

Detected Items

  1. Detected Files: %PROGRAMFILES%\Ufasoft\Sniffer\wpcap.dll MD5: 1CFAF219AE597C339ADB1F63A754A689 Size:380438 MD5: 1F64956007419122EF091516DBAB67E4 Size:274432 MD5: 99FF6D70AC19D73DD3C6CE878B676C5D Size:371734 MD5: 2602735D1520B7ACFDC45EDC60F2BFDD Size:373270 MD5: 3CCCC2FD7D1FA3918ACC79E673B67A92 Size:254464 MD5: 2EEDB6A96B0744BED1D74B7F37B9D7DF Size:371222 MD5: A78819C29CAB14E56C77EFEB1BC580D8 Size:371734 MD5: 1CF194E6F05F828139BE1D49E2D26177 Size:368150 %PROGRAMFILES%\Ufasoft\Sniffer\wep_decrypt.exe MD5: 34AA97D1148D974964C0E52D8FAF6CCC Size:7168 MD5: E028BBDD9D828C6969C78B1B9CE66E60 Size:7168 %PROGRAMFILES%\Ufasoft\Sniffer\wep_crack.exe MD5: FA3955A4043A359E933B449F417EE197 Size:8704 MD5: 7F8F86ADD3416706FD8A8C2A151C5952 Size:8704 %PROGRAMFILES%\Ufasoft\Sniffer\usft_wifi.sys MD5: 710518A27BADC219CF99918181E83548 Size:450624 MD5: 7289E275FB7D74D9C1A9F3C493A34C7C Size:230096 MD5: FC8DBE3A7353CDF45BBE6C495A6D90B1 Size:450624 MD5: 68748473F8053288AEE96FAB68C00F31 Size:450976 MD5: 9737EA9387B7042E9F8DF40AEE28ED1E Size:437280 MD5: 8C1D7DE5B9E8408DBE0DAD2EABA6BD7E Size:230096 %PROGRAMFILES%\Ufasoft\Sniffer\usft_wifi-64.sys MD5: 70B37C13E87342AB5064517E30EB4A7C Size:487584 MD5: 980B25CA7D1463916E09B4C7322A1B16 Size:487584 %PROGRAMFILES%\Ufasoft\Sniffer\usft_sn4.sys MD5: 1832A6977AB5EBA01D16FE3FB5DAEA4E Size:24416 MD5: 6B4DB2275AE229ECB39CC5586F9864D8 Size:12624 MD5: 419757BE2994C92B59D0EB82B0104C55 Size:15728 MD5: ACE1186F63BA732E143918C681A286E3 Size:24400 MD5: 192BA1A109CF6111075B6682D60460C4 Size:23200 MD5: 079BE2691E9A278A72CCA7129D4F62A5 Size:23088 MD5: 73D243B27681DA24B47452983C123D55 Size:15760 %PROGRAMFILES%\Ufasoft\Sniffer\usft_sn4-64.sys MD5: 895AEDE46A8ADFCB2F183D400A7AA357 Size:34272 MD5: C7DB93B6E7439AEFF31200ED02794ED2 Size:34288 %PROGRAMFILES%\Ufasoft\Sniffer\usft_ext.dll MD5: 7A13CEDC004D45876C23FC062925032F Size:462336 MD5: 85CFCB1D8B6B248F1D710149E41C1665 Size:327680 MD5: DDB3B223E2338FB84390454D55E4114D Size:360448 MD5: E577519F1ABA6006158E3325272A0B2C Size:451072 MD5: 45A0A7DC938A621E52FC669C89C5B3CB Size:319488 MD5: 102342E7584905591B1E44C1AB3F03E0 Size:435200 MD5: 4842FF1A71F29F3E2092D379EB2D03B3 Size:427520 MD5: 374D1A48D732070B5C56FF9DF33EB57D Size:358400 %PROGRAMFILES%\Ufasoft\Sniffer\tcpstat.exe MD5: 18FF8ACB3C89887F863FF4759025EBD6 Size:6144 MD5: 64EC63221E32545D9EB540E19A90A3BE Size:12800 MD5: 014FC00FE9D797A5807F15E7EF8C999B Size:6144 MD5: 6782DA1C8FB0AAD7483A7BB76FEB6E05 Size:6144 MD5: 1AF219BE62320DA3C3A4631BBFB3C02F Size:6144 MD5: B85FB4FA1AE8208AF256C2A182FA5CD2 Size:12800 %PROGRAMFILES%\Ufasoft\Sniffer\tcpslice.exe MD5: BB331B323235E1F5C3140B977FD42D6A Size:11264 MD5: 9639084EA2D308B46E8B3E94AFE3384C Size:11827 MD5: CA88010CA46AFC956FDDC6A702DCA970 Size:11264 MD5: 65D8113D1DAF4804ED5B982BA5CCC449 Size:11264 MD5: 50C3158227EE92E6636E31EC44EACBE0 Size:11827 MD5: FAA142EB23764A0830017E9083F9F37D Size:11264 MD5: 294417EA838B7FD2F100CECE89BC5808 Size:11264 MD5: AF957F02EC5F61934B911F8F17C5AEE9 Size:11264 %PROGRAMFILES%\Ufasoft\Sniffer\tcpflow.exe MD5: 2DFCAC7211F958CE37B4B2953E4E49CA Size:11264 MD5: 8C6205DDB1C0E0CF4B45998DF016FC46 Size:14387 MD5: 98358EA525AEAD5D7613DB24BF72A349 Size:11264 MD5: D29B4250552E42F93F68894B61E70B4A Size:11264 MD5: 540E4D5D08BF20D1275F81CD924EB3D2 Size:13363 MD5: DDCD108468B05DC8F721D216AD727BEF Size:11264 MD5: 027E51B7B0BEF3AD0B26D2AC48677042 Size:11264 MD5: 8AC063D7112A6D7EEDD9863E31B89C4F Size:11264 %PROGRAMFILES%\Ufasoft\Sniffer\tcpdump.exe MD5: 101A91609FE85ACD378535C1D794D17F Size:13824 MD5: F7D39C385CB5F7F473C5680FD0450569 Size:318515 MD5: DA7CEDC6D403B7708EDE12550F7FC27D Size:16384 MD5: 8D6AC7E1A47D99DDB3563068E9821243 Size:13824 MD5: FB575E26913642DD27D594C879422AD6 Size:259635 MD5: 9F8F57DEA7B88A1ED8B709508BA54A8B Size:13824 MD5: 8905867AB5C7FE4E0A8701A392A70C14 Size:13824 MD5: F4A4381793A9608159837E4D71E3684D Size:15360 %PROGRAMFILES%\Ufasoft\Sniffer\setup.exe MD5: ACFA1944208D28C993B17C28BF0E2284 Size:57344 MD5: 346023B68A1A81F004D99F3FF830A4CF Size:43520 MD5: 75DEEE399E186809EC1E37F2AB4C7F4B Size:44032 MD5: CD2408B8A3DDAFDC61D284D6AEC4AC28 Size:51712 MD5: 82CA6C079ABDC32DE369F78F5C8B7CB9 Size:39424 MD5: B44E67BAFA5BDD2E2BA71C4183C016EF Size:44544 MD5: 4FC34CE6DF810B8EF85FE8BEDE884E91 Size:45056 MD5: 0D11D8D2425A58F63F94128EF8AA25DC Size:43520 %PROGRAMFILES%\Ufasoft\Sniffer\rpcapd.exe MD5: 89D7D6CF9105DB3AD14D05E60FD69C24 Size:29184 MD5: 1834B2BB21209F1E40F8D9EC6CB28C64 Size:28723 MD5: B708F436B28FCF21231BAE650020B497 Size:40960 MD5: CDE36B537B5ECF1998E363F726B2568F Size:29184 MD5: BAAF37EAF547FDB68963390009E4F5DA Size:28723 MD5: 38C49B4F4D29D28351A461C17E71621C Size:29184 MD5: 78940BE7A92B0137209B56BC2F51D9FF Size:40960 MD5: 8CA8F8A490ABD211731CA606E586D99D Size:40960 %PROGRAMFILES%\Ufasoft\Sniffer\pthreadVC.dll MD5: F04A90F917BA10AE2DCBE859870F4DEA Size:53299 %PROGRAMFILES%\Ufasoft\Sniffer\pktdump.dll MD5: 336165C9CFF77917853F44B55169F591 Size:478208 MD5: D270038BCB94D1652B6A8028E433453F Size:466432 MD5: 2B9DAE94D51DB8E82212DAE897B89470 Size:477696 MD5: 86528FD1F8EDFE5BA3D047EF37E7BC14 Size:477184 MD5: 0940A5CA4D7AF41CC4C0E772E7A12BB0 Size:467968 MD5: 1745BB4C68A4B449BB9BF1D18401CC92 Size:466432 %PROGRAMFILES%\Ufasoft\Sniffer\packet.dll MD5: EDC261DF87EF312C3808706322F124A5 Size:235030 MD5: EE51AEA2822599A63B87FB26F3AD4B57 Size:218675 MD5: 429086F9E3C5AFC6D8BF128E53221774 Size:196630 MD5: DF68D7FCB095F50C0198A29775325257 Size:227350 MD5: D413FD35A2EFE6CA0653E63A24A46F3A Size:180787 MD5: E1A175E375FAC69FFAE4F29EA2A34DA5 Size:217110 MD5: DDBE05FF91C4A0B119B44131297E8870 Size:146966 MD5: 70443A5F1BB728AF076912919F209A09 Size:215574 MD5: 4851D5FD2D87BA51CE0D488D2FF7B082 Size:195094 %PROGRAMFILES%\Ufasoft\Sniffer\od.dll MD5: BE138E375EB035A923906187ADC05D6B Size:162304 MD5: 261310D5FB224120EB74A3F62EC1CF83 Size:229888 MD5: 59439BF180C7128D4938A2A03768055F Size:161280 MD5: 9E047A75A962CFB03FD0978DC9CCE152 Size:161792 MD5: 898EF2F9BFA4D62BD78ADE9B6F13C84F Size:226816 MD5: 884F5073D49BFCC6AE257C7DE2BDB046 Size:160768 MD5: D74AA7AA45890AFBE618112CAF0EAD9B Size:160768 MD5: 9087ADFE695617F4CFA5A1C30B997278 Size:161280 %PROGRAMFILES%\Ufasoft\Sniffer\msgan.dll MD5: 363170D34F33DDA47572D751A028A2DA Size:169984 MD5: 5F895A49A4A6E9DA03D64BE13A165EAE Size:176128 MD5: F8221DD42FC56078C371E6F0B143C806 Size:168448 MD5: B0AD0C9F3E109A23FC43631928E17DB3 Size:166400 MD5: F9D854D7767167BE4B6601F5A82FC599 Size:166912 MD5: D201B6A2118CC5C9AB31080ECC67CEAB Size:169984 %PROGRAMFILES%\Ufasoft\Sniffer\loadwdm.vxd MD5: 653C096B642A7F98EC065B245D6C361E Size:5124 MD5: 8DB41A1AD06A43D4C556A0721466338D Size:5124 MD5: 4611BB8A99F1A0AEF722EC4F225CCFAD Size:5124 MD5: 2D32D647D4040888A652B9F9CF09D1E5 Size:5124 MD5: 7604EAA814167372B0931731125BAC87 Size:5124 %PROGRAMFILES%\Ufasoft\Sniffer\lispeng.dll MD5: 62EB66499812F34777CE7F31D4616A72 Size:275990 MD5: BDBFA37D5D7FB45701E9628EF33143DB Size:261654 MD5: D82F5E0F96F89331A1B002AC179438BA Size:275478 MD5: 68AF2EB61C94D329A514E56E8D95ADFF Size:274454 MD5: AC1B28BEC42D33AC3C4E3FFA8BA1358B Size:271894 MD5: B451E224D223575DE642B828F57D7966 Size:259606 %PROGRAMFILES%\Ufasoft\Sniffer\libcrypto.dll MD5: 5010080EA23674D434B955946D373B32 Size:9216 MD5: 159E1117319919FCC5EFDE6EFBEB7C31 Size:9216 %PROGRAMFILES%\Ufasoft\Sniffer\iwlist.exe MD5: F87FB119136AC969406F31ABE2B293AF Size:7680 MD5: 6E78E251DFB194E22E8C678CC8D63214 Size:7168 MD5: B205B606E1B8C4F1900264F6C1800217 Size:7680 MD5: 8A9BDC4B3AE2629D18BCB5A6938C29E3 Size:7680 MD5: 96C518D4DCC67BCD3A28D392FD262C88 Size:7168 MD5: 1220B0B0ECF220FCFAC494F5E74FED97 Size:7168 %PROGRAMFILES%\Ufasoft\Sniffer\iwconfig.exe MD5: 52749131A384CF3F339B86479F63501D Size:8704 MD5: F29B7FB5FF787165C8EA1F933AE85FA1 Size:7680 MD5: 721025C3D74E986F93CA73C0C5427D79 Size:8704 MD5: D6ABE7FB93623B65909E6F45EC76D394 Size:8704 MD5: BB3B5679C3CAA7DB49E46CB01081692F Size:8704 MD5: 463E4D0230D88AA7274FAAD308273319 Size:7680 %PROGRAMFILES%\Ufasoft\Sniffer\icqdump.exe MD5: E96B532E15E3EF79A347CBDE9FF2ED61 Size:11264 MD5: E9BABB80CADF4303F0FB89C66404B296 Size:10752 MD5: 7E8CE2FC64578B95B9BA2CA9D63B2743 Size:11264 MD5: 4835E7332BCB0808025A66550BA4120A Size:11264 MD5: 79CACFC61010CBD8A0F0A800A29C84ED Size:11264 MD5: 565E73E3A38D39E935DE95154920DEE8 Size:10240 %PROGRAMFILES%\Ufasoft\Sniffer\arpspoof.exe MD5: 1C87A671D2055F26B8BA4B8D870D7BFE Size:10752 MD5: 0A0C29C7961BC41DB1F9193657DE9B0E Size:9728 MD5: FD3E4D3B36A469B0BC89D366DF57E5AD Size:9728 MD5: 3BA34F39CDBF2890C5879B2CEE4FDCF5 Size:9728 MD5: 97F47FCFF905963640777485C812328D Size:9728 MD5: 63EA078231F96A759E6BEFF3FC48CDF7 Size:9728 %PROGRAMFILES%\Ufasoft\Sniffer\AdapterInfo.exe MD5: 3194B4F78EC8BBF826C712E33FFBBC34 Size:10240 MD5: 8519FAD68FCD017FA3E1345147BE556B Size:11776 MD5: E65E4F8D5714385605109AE85C00EAC0 Size:9216 MD5: E93DB232BF8FD158F58951A20A381060 Size:10240 MD5: D7E7F6F8278365842CAF1AFF04CD5F3A Size:11776 MD5: B987CB6B814029ABAE19A4B110EE1895 Size:9216 MD5: 3E4D98C7DEB7AD326CB605FE390F216D Size:9216 MD5: 43852CD25015D53E30362B3493062587 Size:9216 %PROGRAMFILES%\Ufasoft\Sniffer\snifmon.exe MD5: 76CAFA09CAA34320789AF21343982351 Size:74752 MD5: F9CAEA541C4384EA38A49BB455C31F38 Size:95283 MD5: E76BE0A2E550D34A9CF1EFED12900DE1 Size:98304 MD5: 5FDDF4BD625C3AE7B7F25F2B5C51222B Size:72192 MD5: AA18DC436BCE995E5C0D48FD6BE58CCC Size:107059 MD5: 907A30ED50097FD56B1AA19C6E2E4691 Size:72192 MD5: 9E6B9B9E1225DA887282F1F83890E96A Size:72192 MD5: 45A93953246A31E0D8184B473CC3A92E Size:98304 %PROGRAMFILES%\Ufasoft\Sniffer\icqsnif.exe MD5: 4587A03CC4F9E6CEDCAAB0AEF9020DF1 Size:45056 MD5: 5E4738AE50429798D8CA5769F0CB7133 Size:58368 MD5: 4A266F722827D6F786BD0C4F9EBA3DF1 Size:43520 MD5: 21ACF6A71908E19063412BEE7811F14D Size:37376 MD5: 46C8533C6438E685805D9DEA5EB9B2D4 Size:37376 MD5: 08FA515B48897AB15DC674756A20A0F0 Size:57856 %PROGRAMFILES%\Ufasoft\Sniffer\tds!icq.snif.2.2.35.patch.exe MD5: 1B7409B48618D25C8690231C2E65AEF7 Size:40448 %PROGRAMFILES%\Ufasoft\Sniffer\snf29pgc.exe MD5: D2CEBEC636B5FFF65BE6CE713AED49B7 Size:61788 %PROGRAMFILES%\Ufasoft\Sniffer\sniff_nt.sys MD5: 92FE1FA73D8BDC0AA6C29010C146151E Size:11552 %PROGRAMFILES%\Ufasoft\Sniffer\sniff_9x.vxd MD5: 9A7FE58C18ABFADCC19382449A1D5439 Size:9725
  2. Detected Files with variable Filenames:

Detecting items list:

  1. Files by Name %PROGRAMFILES%\Ufasoft\Sniffer\AdapterInfo.exe %PROGRAMFILES%\Ufasoft\Sniffer\arpspoof.exe %PROGRAMFILES%\Ufasoft\Sniffer\icqdump.exe %PROGRAMFILES%\Ufasoft\Sniffer\icqsnif.exe %PROGRAMFILES%\Ufasoft\Sniffer\iwconfig.exe %PROGRAMFILES%\Ufasoft\Sniffer\iwlist.exe %PROGRAMFILES%\Ufasoft\Sniffer\pthreadVC.dll %PROGRAMFILES%\Ufasoft\Sniffer\rpcapd.exe %PROGRAMFILES%\Ufasoft\Sniffer\setup.exe %PROGRAMFILES%\Ufasoft\Sniffer\snifmon.exe %PROGRAMFILES%\Ufasoft\Sniffer\tcpdump.exe %PROGRAMFILES%\Ufasoft\Sniffer\tcpflow.exe %PROGRAMFILES%\Ufasoft\Sniffer\tcpslice.exe %PROGRAMFILES%\Ufasoft\Sniffer\tcpstat.exe %PROGRAMFILES%\Ufasoft\Sniffer\usft_sn4.sys %PROGRAMFILES%\Ufasoft\Sniffer\usft_wifi.sys %DESKTOP%\Ufasoft IM Snif.lnk %DESKTOP%\Ufasoft Snif.lnk %START_PROGRAMS%\Ufasoft Snif\Homepage.lnk %START_PROGRAMS%\Ufasoft Snif\Ufasoft IM Snif.lnk %START_PROGRAMS%\Ufasoft Snif\Ufasoft Snif.lnk
  2. Files by Directories %PROGRAMFILES%\Ufasoft\Sniffer %START_PROGRAMS%\Ufasoft Snif
  3. Registry Keys HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UfasoftSniffer

« Go to Software Database