Adware: How To Remove Media Finder

What is Media Finder / Gencrawler?

Media Finder (Mediafinder / Adware.Mediafinder / Gencrawler) is malware, categorized as adware or spyware also defined as a Trojan downloader. Media Finder is manually installed but may be done without knowledge and uses browser helper objects (integraded search, tools, etc.) and extensions (add ons) to monitor for access to certain websites, mainly associated with file sharing, freeware, or shareware. Media Finder also creates registry entries (listed below), that in turn, run Media Finder everytime Windows is started (HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”Media Finder” = “”%ProgramFiles%\Media Finder\MF.exe” /opentotray” ).
Media Finder RemovalMedia Finder is known to associate with Babylon and may have infected your computer alongside Babylon and Rewardsarcade.

Operating Systems Affected:

Windows 95, Windows 98, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000

Media Finder Symptoms

  • If a web page is visited by the infected user, a HTTP request could be directed to the following location and the result may be injected into the Web page, depending on the extension of the URL: 1mediafindergeneral-cralwer.com
  • Internet settings may change, such as home page or start up page.
  • Browser search using the URL address bar at the top of the window may redirect searches to unwanted drive by websites.

How to remove Media Finder Malware

Media Finder is large and is only recently recognized by computer antivirus and security databases. Therefore removal may be a daunting task. Chose one of the steps below, they vary from easy to technical.

Antivirus/Security software

Perform a complete system scan and remove/delete the malicious results. Below are antivirus and anti-malware applications which are reported to scan and remove the media finder virus

Gen Crawler Virus

  • Windows Installation CD
  • Replace infected system files. For all Window’s directions click here.

    Restore – Recover Computer

    Perform a system restore to a date and time before infection. Window’s automatically creates restore points once a week and during system updates, including new installations.

    Start Menu Restore

    Start Menu System RestoreStandard directions to quickly access Window’s System Restore Wizard.

    1. Access windows Start menu and click All Programs.
    2. Click and open Accessories, click System Tools, and then click System Restore.‌
    If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
    3. Restore your computer to a date and time before infection.

    Safe Mode With Command Prompt Restore

    If you can not access your operating system, this is the suggested step. If it is difficult to start windows in safe mode, via Windows’s brings up a black screen, with “safe mode” in the four corners – Move your cursor to the lower left corner, where the Search box is usually visible in Windows Start Menu and it will come up, including the “Run” box.

    1. Restart/reboot your computer system. Unplug if necessary.
    2. Enter your computer in “safe mode with command prompt”. To properly enter safe mode,repeatedly press F8 upon the opening of the boot menu.

    Safe mode with command prompt

    3. Once the Command Prompt appears you only have few seconds to type “explorer” and hit Enter.

    Comand Prompt Type Explorer

    4. Once Windows Explorer shows up browse to:

    • Win XP: C:\windows\system32\restore\rstrui.exe and press Enter
    • Win Vista/Seven: C:\windows\system32\rstrui.exe and press Enter

    System32 rstrui
    5. Follow all steps to restore or recover your computer system to an earlier time and date, before infection to complete.
    Restore system files and settings

    • Remove all Media Finder created files from your computer

    Below is a command prompt to stop Media Finder from re-generating and a list of all files Media Finder is known to create on Windows, including directory files and registry entries. Remove remove all associated files and entries.

    Manual Removal

    Remove start up prompt, delete files, and delete registry values.

    1. Remove Media Finder registry start up prompt
    • Step 1: Open a command prompt: Enter “cmd” on Window’s search or visit your Start Menu>All Programs>Accessories>Command Prompt
    • Step 2: Copy and paste the command line below into the prompt and press enter. (Image example below)
    echo Start
    
    echo #
    
    echo ######################## Default dirctory for x86 x64 ########################
    
    echo #
    
    echo this command is default system32 directory for x86 OS or x64 OS
    
    cd %windir% & cd system32
    
    reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Media Finder" /f
    
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Media Finder" /f
    
    echo #
    
    echo ######################## Change the dirctory for x64 ########################
    
    echo #
    
    echo this command is x86 application's registry for x64 OS
    
    cd %windir% & cd syswow64
    
    reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Media Finder" /f
    
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Media Finder" /f
    
    echo End
    • The command will run automatically when pasted into the command prompt.

    Media Finder Command Prompt

    2. Manually remove Media Finder directory files
    • Below are the directory files Media Finder creates. Simply browse/search your computer and remove each file.
    C:\Documents and Settings\All Users\Desktop\Media Finder.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\Media Finder\Get the Media Finder License.URL
    C:\Documents and Settings\All Users\Start Menu\Programs\Media Finder\Media Finder on the Web.url
    C:\Documents and Settings\All Users\Start Menu\Programs\Media Finder\Media Finder.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\Media Finder\Uninstall Media Finder.lnk
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@ themediafinder.com\chrome\content\brs.js
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@ themediafinder.com\chrome\content\brs.xul
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@ themediafinder.com\chrome\content\dm_intercept.js
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@ themediafinder.com\chrome\content\dm_intercept.xul
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@ themediafinder.com\chrome.manifest
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@ themediafinder.com\install.rdf
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com\chrome\content\icon.png
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com\chrome\content\main.js
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com\chrome\content\overlay.xul
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com\chrome.manifest
    %UserProfile%\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com\install.rdf
    %UserProfile%\Application Data\Media Finder\Extensions\gencrawler_gc.crx
    %UserProfile%\Application Data\Media Finder\Extensions\gencrawler_gc.dll
    %UserProfile%\Application Data\Media Finder\Extensions\IEPlugin32.dll
    %UserProfile%\Application Data\Media Finder\Extensions\mf_plugin_gc.crx
    %UserProfile%\Application Data\Media Finder\link.cfg
    %UserProfile%\Application Data\Media Finder\Sett.cfg
    %UserProfile%\Application Data\Media Finder\Temp\downloads.xml
    %ProgramFiles%\Media Finder\borlndmm.dat
    %ProgramFiles%\Media Finder\borlndmm.dll
    %ProgramFiles%\Media Finder\hook.html
    %ProgramFiles%\Media Finder\MF.exe
    %ProgramFiles%\Media Finder\mf.ico
    %ProgramFiles%\Media Finder\Plugins\depositfiles.dll
    %ProgramFiles%\Media Finder\Plugins\extabit.dll
    %ProgramFiles%\Media Finder\Plugins\filepost.dll
    %ProgramFiles%\Media Finder\Plugins\furk.dll
    %ProgramFiles%\Media Finder\Plugins\hotfile.dll
    %ProgramFiles%\Media Finder\Plugins\letitbit.dll
    %ProgramFiles%\Media Finder\Plugins\madshare.dll
    %ProgramFiles%\Media Finder\Plugins\rapidshare.dll
    %ProgramFiles%\Media Finder\Plugins\turbobit.dll
    %ProgramFiles%\Media Finder\Plugins\unibytes.dll
    %ProgramFiles%\Media Finder\Plugins\uploading.dll
    %ProgramFiles%\Media Finder\Plugins\uploadstation.dll
    %ProgramFiles%\Media Finder\Plugins\wupload.dll
    %ProgramFiles%\Media Finder\Plugins\_4shared.dll
    %ProgramFiles%\Media Finder\unins000.dat
    %ProgramFiles%\Media Finder\unins000.exe
    3. Manually remove Media Finder registry values:
    • Step 1: Type regedit in the search query on your start menu, press enter (picture below).
    • Media Finder Registry Entry

    • Step 2: Browse for each entry (detailed below image) and delete them.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\IEPlugin.DLL\"AppID" = "{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}\"" = "IEPlugin"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}\VersionIndependentProgID\"" = "IEPlugin.IEWebHook"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}\TypeLib\"" = "{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}\ProgID\"" = "IEPlugin.IEWebHook.1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}\InprocServer32\"" = "%UserProfile%\Application Data\Media Finder\Extensions\IEPlugin32.dll"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}\InprocServer32\"ThreadingModel" = "Apartment"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}\"" = "Plugin for Media Finder"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}\ProgID\"" = "gencrawler_gc.GenCrawler"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}\InprocServer32\"" = "%UserProfile%\Application Data\MEDIAF~1\EXTENS~1\GENCRA~1.DLL"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}\InprocServer32\"ThreadingModel" = "Apartment"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}\"" = "Help the General-Search Project"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}\TypeLib\"" = "{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}\TypeLib\"Version" = "1.0"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}\ProxyStubClsid32\"" = "{00020424-0000-0000-C000-000000000046}"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}\ProxyStubClsid\"" = "{00020424-0000-0000-C000-000000000046}"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}\"" = "IIEWebHook"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}\1.0\0\win32\"" = "%UserProfile%\Application Data\Media Finder\Extensions\IEPlugin32.dll"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}\1.0\HELPDIR\"" = "%UserProfile%\Application Data\Media Finder\Extensions"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}\1.0\FLAGS\"" = "0"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}\1.0\"" = "IEPlugin 1.0 Type Library"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\gencrawler_gc.GenCrawler\Clsid\"" = "{CA4520F3-AE13-4FB1-A513-58E23991C86D}"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\gencrawler_gc.GenCrawler\"" = "Help the General-Search Project"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEPlugin.IEWebHook\CurVer\"" = "IEPlugin.IEWebHook.1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEPlugin.IEWebHook\CLSID\"" = "{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEPlugin.IEWebHook\"" = "Plugin for Media Finder"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEPlugin.IEWebHook.1\CLSID\"" = "{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEPlugin.IEWebHook.1\"" = "Plugin for Media Finder"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MF\shell\open\command\"" = ""%ProgramFiles%\Media Finder\MF.exe" "%1""
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MF\shell\"" = "open"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MF\DefaultIcon\"" = ""%ProgramFiles%\Media Finder\MF.exe",0"
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MF\"URL Protocol" = ""
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}\"NoExplorer" = "1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}\"" = "IEWebHook"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}\"NoExplorer" = "1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\%UserProfile%\Application Data\Media Finder\Extensions\"IEPlugin32.dll" = "1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\%UserProfile%\Application Data\Media Finder\Extensions\"gencrawler_gc.dll" = "1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"Inno Setup: Setup Version" = "5.4.2 (u)"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"Inno Setup: App Path" = "%ProgramFiles%\Media Finder"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"InstallLocation" = "%ProgramFiles%\Media Finder\"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"Inno Setup: Icon Group" = "Media Finder"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"Inno Setup: User" = "User"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"Inno Setup: Selected Tasks" = "desktopicon"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"Inno Setup: Deselected Tasks" = ""
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"Inno Setup: Language" = "english"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"DisplayName" = "Media Finder 1.0.9.20"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"UninstallString" = "%ProgramFiles%\Media Finder\unins000.exe"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"QuietUninstallString" = ""%ProgramFiles%\Media Finder\unins000.exe" /SILENT"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"DisplayVersion" = "1.0.9.20"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"URLInfoAbout" = "http://www.media-finder.net/"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"HelpLink" = "http://www.media-finder.net/"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"URLUpdateInfo" = "http://www.media-finder.net/"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"NoModify" = "1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"NoRepair" = "1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"InstallDate" = "20080303"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"MajorVersion" = "1"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{414C790F-E24E-461B-983A-2AD84474DE4B}_is1\"MinorVersion" = "0"
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai\"version" = "1.1.0"
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai\"path" = "%UserProfile%\Application Data\Media Finder\Extensions\mf_plugin_gc.crx"
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\"version" = "2.5"
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\"path" = "%UserProfile%\Application Data\Media Finder\Extensions\gencrawler_gc.crx"
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai\"version" = "1.1.0"
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai\"path" = "%UserProfile%\Application Data\Media Finder\Extensions\mf_plugin_gc.crx"
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\"version" = "2.5"
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\"path" = "%UserProfile%\Application Data\Media Finder\Extensions\gencrawler_gc.crx"
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\"Contexts" = 0x00000022
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\"" = "%ProgramFiles%\Media Finder\hook.html"
    HKEY_CURRENT_USER\Software\Classes\MF\shell\open\command\"" = ""%ProgramFiles%\Media Finder\MF.exe" "%1""
    HKEY_CURRENT_USER\Software\Classes\MF\shell\"" = "open"
    HKEY_CURRENT_USER\Software\Classes\MF\DefaultIcon\"" = ""%ProgramFiles%\Media Finder\MF.exe",0"
    HKEY_CURRENT_USER\Software\Classes\MF\"URL Protocol" = ""
    HKEY_CURRENT_USER\Software\Classes\MF\"" = "URL:Media Finder"
    HKEY_CURRENT_USER\Software\MediaFinder\"IEPluginEnabled" = "1"
    HKEY_CURRENT_USER\Software\MediaFinder\"FFPluginEnabled" = "1"
    HKEY_CURRENT_USER\Software\MediaFinder\"GCPluginEnabled" = "1"
    HKEY_CURRENT_USER\Software\MediaFinder\"ClipboardEnabled = "1"
    HKEY_CURRENT_USER\Software\MediaFinder\"FileShares" = "[DATA]"
    HKEY_CURRENT_USER\Software\MediaFinder\"Extensions" = "|7z|ace|arj|avi|bin|doc|exe|fml|grs|gz|hqx|iso|lzh|mp3|mp4|mpeg|mpg|msi|pdf|psd|r0|rar|sit|tar|tgz|txt|xls|z|zip|"
    HKEY_CURRENT_USER\Software\MediaFinder\"NotSupported" = "[DATA]"
    HKEY_CLASSES_ROOT\MF\shell\open\command\"" = ""%ProgramFiles%\Media Finder\MF.exe" "%1""
    HKEY_CLASSES_ROOT\MF\shell\"" = "open"
    HKEY_CLASSES_ROOT\MF\DefaultIcon\"" = ""%ProgramFiles%\Media Finder\MF.exe",0"
    HKEY_CLASSES_ROOT\MF\"URL Protocol" = ""
    HKEY_CLASSES_ROOT\MF\"" = "URL:Media Finder"

    Sean Doyle

    Sean is a distinguished tech author and entrepreneur with over 20 years of extensive experience in cybersecurity, privacy, malware, Google Analytics, online marketing, and various other tech domains. His expertise and contributions to the industry have been recognized in numerous esteemed publications. Sean is widely acclaimed for his sharp intellect and innovative insights, solidifying his reputation as a leading figure in the tech community. His work not only advances the field but also helps businesses and individuals navigate the complexities of the digital world.

    32 Responses

    1. Jacqui says:

      Finally…. thank you… have a long slog deleting files ahead… but at least now I know I’ll no longer be desturbed by these most irritating people… I hope that somewhere along the line one day… people who develop these kinds of intrusive programs get bashed over the head!!! (just putting it politely) 🙂
      Thanks so much for your help!!!
      Regards
      Jax

    2. Carl says:

      Thanks a lot for the very easy removal instructions.

    3. Scubaduke says:

      c:\WINDOWS>reg delete reg delete “HKCU\Software\Microsoft\Windows\CurrentVersion\Run” /v “Media Finder” /f

      come back with –> Error: Too many command-line parameters

      reg delete “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run” /v “Media Finder” /f

      come back with –> Error: Too many command-line parameters

      echo End

      Any solution to that ?

      Tkx,

    4. Meghan says:

      Great post!
      Malware Bytes is really good for people who don’t want to commit to Norton.

    5. Kyle says:

      There are so many different Media Finders, but this post is dead on. Thank you.

    6. Scubaduke says:

      For the people that without permission and installed software on to your computer, you are not welcome.

      On the other hand, because their action; it make the people helping the innocent and defenseless computer user look even better.

      You guys and gals Rock !!

    1. May 10, 2012

      Online Articles…

      […]The information mentioned in the article are some of the best available […]……

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.