cisvc32.exe - Dangerous
cisvc32.exe
Manual removal instructions:
Antivirus Report of cisvc32.exe:
cisvc32.exe
This is browser spyware: Confusearch.
After running the CISVC32.exe it creates ConfuSearch.dll and
STRAd32.dll in the %SysDir% folder (where %SysDir% is the the Widnows
System(for Windows 95/98/Me) or System32 folder(for Windows
NT4/2000/XP).
CISVC32.exe registers both DLLs in th registry.
STRAd32.dll is the Browser Helper Object. It's used for logging
visited pages.
Adds the sub-key {1433F750-E53F-11D8-9669-0800200C9A66} to:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ConfuSearch.dll - URL search hook object.
Adds the sub-key {D7CD08F0-D691-11D8-9669-0800200C9A66} to the :
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks
It sends the user search requests to the:
http://www.dnscaching.net/search/?q=
Creates the keys:
HKCR\TypeLib\{D7CD08E1-D691-11D8-9669-0800200C9A66}
HKCR\TypeLib\{1433F742-E53F-11D8-9669-0800200C9A66}
HKCR\CLSID\{1433F750-E53F-11D8-9669-0800200C9A66}
HKCR\Interface\{1433F74F-E53F-11D8-9669-0800200C9A66}
To remove it you need to unregister both DLL's.
Run the command:
regsvr32 /u STRAd32.dll
regsvr32 /u ConfuSearch.dll
Delete other registry keys using regedit (it's not necessary).
| cisvc32.exe | Malware |
| cisvc32.exe | Dangerous |
| cisvc32.exe | High Risk |
After running the CISVC32.exe it creates ConfuSearch.dll and
STRAd32.dll in the %SysDir% folder (where %SysDir% is the the Widnows
System(for Windows 95/98/Me) or System32 folder(for Windows
NT4/2000/XP).
CISVC32.exe registers both DLLs in th registry.
STRAd32.dll is the Browser Helper Object. It's used for logging
visited pages.
Adds the sub-key {1433F750-E53F-11D8-9669-0800200C9A66} to:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ConfuSearch.dll - URL search hook object.
Adds the sub-key {D7CD08F0-D691-11D8-9669-0800200C9A66} to the :
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks
It sends the user search requests to the:
http://www.dnscaching.net/search/?q=
Creates the keys:
HKCR\TypeLib\{D7CD08E1-D691-11D8-9669-0800200C9A66}
HKCR\TypeLib\{1433F742-E53F-11D8-9669-0800200C9A66}
HKCR\CLSID\{1433F750-E53F-11D8-9669-0800200C9A66}
HKCR\Interface\{1433F74F-E53F-11D8-9669-0800200C9A66}
To remove it you need to unregister both DLL's.
Run the command:
regsvr32 /u STRAd32.dll
regsvr32 /u ConfuSearch.dll
Delete other registry keys using regedit (it's not necessary).
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.