NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove Hoosmi. Description and removal instructions

 
Title: Hoosmi
Type: Trojans
Severity scale:Hoosmi severity is 60  (60 / 100)
 
Hoosmi is a trojan. Once executed, it drops and opens a Microsoft Word document, and installs itself to the system. Then it runs a payload. Hoosmi starts logging all user keystrokes. It also downloads from the Internet and executes malicious files, which can setup other dangerous parasites. The trojan uses an integrated rootkit in order to hide its presence in the system and avoid detection. Hoosmi runs as a service on every Windows startup.

FORUM:
Discuss Hoosmi in
spyware removal forum

Hoosmi properties:
• Logs keystrokes
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic Hoosmi removal:

remover for Hoosmi

Hoosmi manual removal:

Kill processes:
abs.exe, vip.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sdqgvqcm
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sens
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sdqgvqcm
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sens
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SDQGVQCM
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SDQGVQCM
HELP:
how to remove registry entries

Delete files:
abs.exe, vip.exe, sdqgvqcm.dll, sdqgvqcm.sys, sdqgvqcm.drv, sdqgvqcm.tmp
HELP:
how to remove harmful files

Misc:
Exact file location:
abs.exe, vip.exe - C:\Documents and Settings\[Current User]\Local Settings\Temp
sdqgvqcm.sys - C:\Windows\System\Drivers, C:\Windows\System32\Drivers or C:\Winnt\System32\Drivers
sdqgvqcm.dll, sdqgvqcm.drv, sdqgvqcm.tmp - C:\Windows\System, C:\Windows\System32 or C:\Winnt\System32

Other programs to remove Hoosmi:

• SUPERAntiSpyware - Review - Download
• CounterSpy - Review - Download
• Windows Defender - Review - Download

Information added: 02/06/06
Information updated: 02/06/06

Additional resources related to Hoosmi:

Attention: If you know or you have a website or page about Hoosmi removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about Hoosmi parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.