KeenValue.Incredifind Removal: Remove KeenValue.Incredifind Forever
Let our support team solve your problem with KeenValue.Incredifind and repair KeenValue.Incredifind right now!
Leave the detailed description of your KeenValue.Incredifind problem in the form below. Our support team will contact you in several minutes and give a step-by-step instruction on how to fix KeenValue.Incredifind problem. Please be specific. Do your best describing the problem. This will help us recommend right and complete KeenValue.Incredifind problem removal solution.
Describe your problem here and we'll contact you in several minutes:
Warning:
1) We hate spam as much as you do. We will not share your email with any third party or publish it anywhere. Your email is used only to contact you and give you KeenValue.Incredifind removal solution.
2) All fields of this form are obligatory.
Threat's profile
|
Name of the threat: KeenValue.Incredifind |
| Command or file name: esetcursor.exe |
| Threat type: Hijacker |
| Affected OS: Win32 (Windows 9x, Windows XP, Windows Vista) |
KeenValue.Incredifind intrusion method
KeenValue.Incredifind copies its file(s) to your hard disk. Its typical file name is esetcursor.exe. Then it creates new startup key with name KeenValue.Incredifind and value esetcursor.exe. You can also find it in your processes list with name esetcursor.exe or KeenValue.Incredifind.
If you have further questions about KeenValue.Incredifind, please fill in the form above and we'll contact you shortly.
» Download program to remove KeenValue.Incredifind (KeenValue.Incredifind Removal Tool)
Recommended Solution
If you are not sure what to delete, use our award winning program - KeenValue.Incredifind Removal Tool.
KeenValue.Incredifind Removal Tool will find and fully remove KeenValue.Incredifind and all problems associated with KeenValue.Incredifind virus.
Fast, easy, and handy, KeenValue.Incredifind Removal Tool protects your computer against KeenValue.Incredifind that does harm to your computer and breaks your privacy. KeenValue.Incredifind Removal Tool scans your hard disks and registry and destroys any manifestation of KeenValue.Incredifind. Standard anti-virus software can do nothing against malicious programs like KeenValue.Incredifind. Remove KeenValue.Incredifind straight away!
» Download KeenValue.Incredifind Removal Tool now for free
How to fix KeenValue.Incredifind
This problem can be solved manually by deleting all registry keys and files connected with KeenValue.Incredifind, removing it from starup list and unregistering all corresponding DLLs. Additionally missing DLL's should be restored from distribution in case they are corrupted by KeenValue.Incredifind.
To get rid of KeenValue.Incredifind, you should:
1. Kill the following processes and delete the appropriate files:
• eunivbholog.tmp
• faq.bmp
• flowgo_granny.cur
• flowgo_granny_setup_td035.exe
• flowgo_granny_setup_td035[1].cab
• friend.bmp
• incfindbho150.dll
• incredifind.dll
• keenvalueinstall_108.exe
• keenvalueinstall_109.exe
• powersearch_cursorzone_with_track.exe
• pwrsc032tb0.cfg
• readme - uninstalling custom cursors.lnk
• setup_incredifind_cursors_with_track.exe
• setup_incredifind_only_tdc033.exe
• somatictb0200.cfg
• t10562.tmp
• t15609.tmp
• t17359.tmp
• uninstall custom cursor.lnk
• xxxon.bmp
Warning: you should delete only those files which checksums are listed as malicious. There may be valid files with the same names in your system. We recommend you to use KeenValue.Incredifind Removal Tool for safe problem solution.
2. Delete the following malicious folders:
• C:\Program Files\incred~1\bho\
• C:\Program Files\incredifind\
• C:\Program Files\incredifind\bho\
• C:\Program Files\incred~1\bho\
• C:\Program Files\incredifind\
• C:\Program Files\screensavers\angels paradise\
• C:\Program Files\dynamic toolbar\somatic\cache\
• C:\Program Files\powersearch\toolbar\
• C:\Program Files\dynamic toolbar\pwrsc032\cache\
• C:\Program Files\cursorzone\
• %autostart% \cursorzone\
• C:\Program Files\dynamic toolbar\pwrs0108\cache\
• C:\Program Files\dynamic toolbar\pwrstlbr\cache\
3. Delete the following malicious registry entries and\or values:
• Key: bho.eunivbho.1
• Key: bho.eunivbho.1\c:\windows\downloaded program files\ncaseinstaller.dll
Value: @
• Key: BHO.eUnivBHO.1\CLSID
• Key: BHO.eUnivBHO\CLSID
• Key: BHO.eUnivBHO\CurVer
• Key: CLSID\{4E7BD74F-2B8D-469E-A08D-8F6FA787AD2D}
• Key: CLSID\{4E7BD74F-2B8D-469E-AA8E-8E1CA787AD2D}
• Key: CLSID\{4E7BD74F-2B8D-469E-C0FC-F378A787AD2D}
• Key: CLSID\{4E7BD74F-2B8D-469E-D1F7-EB6DB99AA97D}
• Key: clsid\{d6ca5d91-5ea2-4654-9b75-499267012611}
Value: @
• Key: software\microsoft\internet explorer\toolbar\webbrowser\{4e7bd74f-2b8d-469e-aa8e-8e1ca787ad2d}
Value: @
• Key: SOFTWARE\KeenValue
Value: cid
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\KeenValue
Value: DisplayName
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\PowerSearch
Value: DisplayIcon
• Key: bho.eunivbho
• Key: TypeLib\{DE289BFA-737B-4ABB-A4EC-F8753551B875}\1.0
• Key: TypeLib\{DE289BFA-737B-4ABB-A4EC-F8753551B875}\1.0\FLAGS
• Key: TypeLib\{DE289BFA-737B-4ABB-A4EC-F8753551B875}\1.0\0\win32
• Key: TypeLib\{DE289BFA-737B-4ABB-A4EC-F8753551B875}\1.0\HELPDIR
• Key: CLSID\{4E7BD74F-2B8D-469E-C0FC-F378A787AD2D}\InprocServer32
Value: ThreadingModel
• Key: pwrstlbr.PWRSTLBR
• Key: pwrstlbr.PWRSTLBR\Clsid
• Key: CLSID\{4E7BD74F-2B8D-469E-C0FC-F378A787AD2D}\ProgID
• Key: CLSID\{4E7BD74F-2B8D-469E-D1F7-EB6DB99AA97D}\ProgID
• Key: somatic.SOMATIC
• Key: somatic.SOMATIC\Clsid
• Key: CLSID\{4E7BD74F-2B8D-469E-A08D-8F6FA787AD2D}\InprocServer32
Value: ThreadingModel
• Key: CLSID\{4E7BD74F-2B8D-469E-A08D-8F6FA787AD2D}\ProgID
• Key: pwrsc032.PWRSC032
• Key: pwrsc032.PWRSC032\Clsid
• Key: CLSID\{269B6797-664E-48AA-B283-B012BDF6E525}\ProgID
• Key: CLSID\{269B6797-664E-48AA-B283-B012BDF6E525}\VersionIndependentProgID
• Key: CLSID\{269B6797-664E-48AA-B283-B012BDF6E525}\InprocServer32
Value: ThreadingModel
• Key: CLSID\{269B6797-664E-48AA-B283-B012BDF6E525}\TypeLib
• Key: Interface\{8B8F6968-2F24-41E3-B653-E9613226F14D}\ProxyStubClsid
• Key: Interface\{8B8F6968-2F24-41E3-B653-E9613226F14D}\ProxyStubClsid32
• Key: Interface\{8B8F6968-2F24-41E3-B653-E9613226F14D}\TypeLib
Value: Version
• Key: CLSID\{4E7BD74F-2B8D-469E-AA8E-8E1CA787AD2D}\InprocServer32
Value: ThreadingModel
• Key: CLSID\{4E7BD74F-2B8D-469E-AA8E-8E1CA787AD2D}\ProgID
• Key: pwrs0108.PWRS0108
• Key: pwrs0108.PWRS0108\Clsid
• Key: Software\Microsoft\Code Store Database\Distribution Units\{522F629A-4DFE-43FA-8311-6F9C871016C5}\InstalledVersion
Value: LastModified
• Key: CLSID\{4E7BD74F-2B8D-469E-D1F7-EB6DB99AA97D}\InprocServer32
Value: ThreadingModel
• Key: software\microsoft\internet explorerinternet0%\toolbar\webbrowser
Value: {4e7bd74f-2b8d-469e-aa8e-8e1ca787ad2d}
• Key: Software\Microsoft\Internet Explorer\URLSearchHooks
Value: {E931541A-F610-204D-5340-6A7598B41F6B}
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Angels Paradise ScreenSaver
Value: DisplayName
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Angels Paradise ScreenSaver
Value: DisplayIcon
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Angels Paradise ScreenSaver
Value: UninstallString
• Key: SOFTWARE\Visicom Media\PWRSTLBR
Value: SilentInstall
• Key: SOFTWARE\Visicom Media\PWRSTLBR
Value: SupportFileURL
• Key: SOFTWARE\Visicom Media\PWRSTLBR
Value: SupportFileName
• Key: Software\Microsoft\Internet Explorer\Toolbar
Value: {4E7BD74F-2B8D-469E-C0FC-F378A787AD2D}
• Key: Software\Microsoft\Internet Explorer\Toolbar
Value: {4E7BD74F-2B8D-469E-D1F7-EB6DB99AA97D}
• Key: Software\Dynamic Toolbar\SOMATIC
Value: BarID
• Key: Software\Dynamic Toolbar\SOMATIC
Value: BitmapVersion
• Key: Software\Dynamic Toolbar\SOMATIC\Reports
Value: PostTime
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\38957\Click
Value: TOOLBAR_OPTIONS
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: BlockPage
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\38957\Click
Value: BLOCK_PAGE
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\38957\Click
Value: http://search-o-matic.mygeek.com
• Key: Software\Dynamic Toolbar\SOMATIC
Value: LastLeft
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\38957
Value: Number
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\38957
Value: Duration
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\38957
Value: Number
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\38957
Value: Duration
• Key: Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Value: {4E7BD74F-2B8D-469E-D1F7-EB6DB99AA97D}
• Key: Software\Microsoft\Internet Explorer\Toolbar
Value: {4E7BD74F-2B8D-469E-A08D-8F6FA787AD2D}
• Key: SOFTWARE\KeenValue
Value: installDate
• Key: Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Value: {4E7BD74F-2B8D-469E-A08D-8F6FA787AD2D}
• Key: SOFTWARE\KeenValue
Value: Install_Dir
• Key: SOFTWARE\KeenValue
Value: EXEName
• Key: SOFTWARE\KeenValue
Value: VersionNumber
• Key: SOFTWARE\KeenValue
Value: cid
• Key: SOFTWARE\KeenValue
Value: installDate
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\KeenValue
Value: UninstallString
• Key: Software\eUniverse\BHO
Value: INSTALLGUID
• Key: Software\eUniverse\BHO\RedirectURLS
Value: 404
• Key: Software\eUniverse\BHO\RedirectURLS
Value: DNSNotFound
• Key: Software\eUniverse\BHO\RedirectURLS
Value: URLTranslation
• Key: Software\eUniverse\BHO\HomePage
Value: DefaultIEHomePage
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\CursorZone
Value: DisplayName
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\CursorZone
Value: DisplayIcon
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\CursorZone
Value: UninstallString
• Key: Software\Microsoft\Internet Explorer\URLSearchHooks
Value: {269B6797-664E-48AA-B283-B012BDF6E525}
• Key: Software\Microsoft\Internet Explorer\Toolbar
Value: {4E7BD74F-2B8D-469E-AA8E-8E1CA787AD2D}
• Key: Software\Microsoft\Code Store Database\Distribution Units\{522F629A-4DFE-43FA-8311-6F9C871016C5}
Value: SystemComponent
• Key: Software\Microsoft\Code Store Database\Distribution Units\{522F629A-4DFE-43FA-8311-6F9C871016C5}
Value: Installer
• Key: Software\Microsoft\Code Store Database\Distribution Units\{522F629A-4DFE-43FA-8311-6F9C871016C5}\DownloadInformation
Value: CODEBASE
• Key: Software\Microsoft\Code Store Database\Distribution Units\{522F629A-4DFE-43FA-8311-6F9C871016C5}\DownloadInformation
Value: INF
• Key: Software\Visicom Media\PWRS0108
Value: ConfigCode
• Key: Software\Visicom Media\PWRS0108
Value: BarName
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PowerSearch
Value: DisplayName
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PowerSearch
Value: UninstallString
• Key: Control Panel\Cursors
Value: Arrow
• Key: SOFTWARE\KeenValue
Value: Install_Dir
• Key: SOFTWARE\KeenValue
Value: cid
• Key: SOFTWARE\KeenValue
Value: installDate
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\PowerSearch
Value: DisplayIcon
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\CursorZone
Value: DisplayIcon
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\CursorZone
Value: UninstallString
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PowerSearch
Value: UninstallString
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{269B6797-664E-48AA-B283-B012BDF6E525}\iexplore
Value: Type
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{269B6797-664E-48AA-B283-B012BDF6E525}\iexplore
Value: Count
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{269B6797-664E-48AA-B283-B012BDF6E525}\iexplore
Value: Time
• Key: Software\Dynamic Toolbar\SOMATIC
Value: LastConfigDown
• Key: Software\Dynamic Toolbar\SOMATIC
Value: InstallReport
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: BoxSize
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: ShowCaptions
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: NewWindow
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: HistoryTrack
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: StoreHistory
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: AutoHistory
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: TickerBGColor
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: TickerTextColor
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: TickerSize
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: DisplayQuotes
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: FavoriteQuotes
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: WordButtons
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: HotUse
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: HotKey
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: HideLoadingPage
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: button2
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: button3
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: button4
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: button5
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: button6
• Key: Software\Dynamic Toolbar\SOMATIC\Options
Value: button7
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\39003\Click
Value: BLOCK_PAGE
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\39003\Click
Value: http://search-o-matic.mygeek.com
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\39003\Click
Value: http://www.search-o-matic2000.com/som_faq.jsp
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\39003\Click
Value: http://www.search-o-matic2000.com/som_qtour.jsp
• Key: Software\Dynamic Toolbar\SOMATIC\Reports\39003\Click
Value: http://www.search-o-matic2000.com/som_contact.jsp
• Key: SOFTWARE\KeenValue
Value: cid
• Key: SOFTWARE\KeenValue
Value: installDate
• Key: SOFTWARE\KeenValue
Value: puid
• Key: Control Panel\Desktop
Value: SCRNSAVE.EXE
• Key: Control Panel\Desktop
Value: SCRNSAVE.EXE
• Key: control panel\desktop
Value: scrnsave.exe
• Key: Software\Microsoft\Internet Explorer\Main
Value: Start Page
• Key: Software\Microsoft\Internet Explorer\Main
Value: Start Page
Warning: If value is listed for some registry entries, you should only clear these values and leave keys with such values untouched. We recommend you to use KeenValue.Incredifind Removal Tool for safe problem solution.
Next threat: Kenny »
Learn more about KeenValue.Incredifind and esetcursor.exe »
« Back to catalog
Solution: 114
|
