Microsoft doesn't give things names like that. Don't touch it or click on anything, it sounds like a BHO. Run a spyware removing program - or two or three.

Thanks Marcia, I figured it was something like that.

Is it wise to run the uninstaller do you think?

Normally uninvited BHO's don't "uninstall" themselves ..they tend to hide or mutate to trojans and or keyloggers ..try something like spybot ( if you are unsure about hijack this ) ..spybot should just "quarrantine" the BHO and let the rest work as per designed

Thanks for the help Leosghost.

I have run both Spybot and Xoftspy and neither have detected it. I think what I`ll do is delete the folder and remove the registry entry in Hijack This as I can clearly see which one needs removing.

I remember having Gain last year, but the installer for that did work ok and the software was removed. But that was not in a hidden folder like this one.

Curious ..if you look inside each of the files ..in hex ..do they say what they are accessing ..there may also be ( cos some companies and hackers just can't resist signing these things ) the "sig" of the little beasts maker ...

ok ..since I posted the above I have found what you have ..it's a spyware marketing plugin ..the dissinstall instructions are ( if it wont do it clean by itself ) in Portugese ( only place I could find them ) ..let us know if your dissinstall works ..if not then maybe someone who has better Portugese than I can take a look at the site in question and confirm the "manip" to remove cleanly ..

BTW ..what flavour "doze" are you running?

[edited by: Leosghost at 11:06 am (utc) on Sep. 27, 2004]

Well, I think its gone now. I checked 'Add/Remove Programs' and it was listed there as 'Give4Free Plugin'. So, I removed it and also removed the registry entry. Then I rebooted and checked and the folder was gone. Its also gone from the IE toolbar.

Some other stuff. I found a site in spanish which seemed to be mentioning this spyware and it would also appear to be mentioning a program called 'Windows Messenger Remover' which I downloaded last week from Sofotex. I`m wondering if this program contains the spyware? I have removed that too just in case. The message also appeared to mention a website, give4free.net. Interesting.

Anyway, hopefully thats the end of it. Think I`ll stick with Firefox from now on. :)

you posted while I was typing ..yes the site says that the "contamination" comes from the soft you mention ...

Ps.don't let the Portugese hear you mistake their language for Spanish ...:)

don't let the Portugese hear you mistake their language for Spanish

he he, oops :)

p.s. Doze?

p.s. Doze?

Doze is a sometimes used abbreviation for Windows.

HTH

Is that an American thing?

Anyway, its Windows XP with the service pack 2 installed.

In which case the site you found ( forum in Portugese ) was indeed talking about "infection" via the route you had "messenger remover" ...If you are going to run XP with pack 2 (or for that matter in any form ) get a reg moniter aswell ..and a "real AV" ...That way next time you'll be told that something is trying to change your reg and you'll have the chance to say NO...

Thanks Leosghost, will do.

Although if there is a BHO change, usually Spybots resident shield kicks in. Wonder why its missed this one? In fact, it looks like everything I have on my comp, either missed it, or didnt detect it when ran.

Would you recommend a particular reg monitor?

I can ..but not here in open forum ( cos for your XP it's not free ..cheap but not free :)

Is that an American thing?

(re.: 'doze')

It's common enough here in Belgium and also in the Netherlands, so I guess it's rather internationalized. Has been around for a while. Also seen as 'doze, which would probably be the gramatically correct version, as it is something of a contraction.

Thanks mincklerstraat. Well at least I know now. Just never heard it before.

Leosghost, can you stickymail me the information? I dont mind paying for something that does a good job.