ffisearch.exe - Dangerous

%windir%\isrvs\ffisearch.exe

Manual removal instructions:

Antivirus Report of %windir%\isrvs\ffisearch.exe:
%windir%\isrvs\ffisearch.exe Malware
%windir%\isrvs\ffisearch.exeDangerous
%windir%\isrvs\ffisearch.exeHigh Risk
%windir%\isrvs\ffisearch.exe
Ffisearch.exe is the new generation of VX2 adware components.
ffisearch.exe runs from Windows startup registry keys.
Also, ffisearch alters the AppInitDLLs registry value to track all started processes and Internet activity.
ffisearch.exe copies its body to the Windows\isrvs folder.
ffisearch.exe can change WinSock2 LSP chain.
It inserts the dolsp.dll into the LSP chain.

Related files:
0er8k4va.exe
Mkfxut.exe
pkdacs.exe
ywrqku.exe
msnavc32.exe
AutoUpdate.exe
winntcreate.exe
vwix32.exe
sysmonnt.exe
winhcek32.exe
qlykdnb.dll
rypgvtoimrl.exe
spwgoc.exe
msnavc32.exe
sysmonnt
hpdll.exe
w?wexec.exe
ffisearch.exe

Delete the files.
They are may be hidden.

C:\Program Files\0er8k4va\0er8k4va.exe
C:\WINDOWS\System32\Mkfxut.exe
C:\WINDOWS\system32\pkdacs.exe
C:\WINDOWS\System32\ywrqku.exe
C:\windows\system32\msnavc32.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\winntcreate.exe
C:\WINDOWS\System32\vwix32.exe
C:\WINDOWS\System32\sysmonnt.exe
C:\WINDOWS\System32\winhcek32.exe
C:\WINDOWS\System32\qlykdnb.dll
C:\WINDOWS\System32\rypgvtoimrl.exe
C:\WINDOWS\System32\spwgoc.exe
C:\windows\system32\msnavc32.exe
C:\WINDOWS\System32\sysmonnt
C:\Program Files\hpdll\hpdll.exe
C:\WINDOWS\System32\w?wexec.exe
C:\WINDOWS\isrvs\ffisearch.exe

Removal:
Use RegRun.
Clear Browser Helper Objects list.
Reset to default the AppInitDlls (Anti Spyware module).
Recover LSP using RegRun Winsock2 recovery.
Kill the processes and remove the virus files from Windows startup.

Remove ffisearch.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.