Hi Phil
The simple answer is yes if you are sure they are from
Claria then its safe to remove them, Trickler usually
comes with products downloaded from Claria
Check Your Add/Remove screen (Start Menu>Control
Panel>Add/Remove) and remove these if found:
Got Smiley,ScreenScenes,WebSecureAlert,Dashbar,
WeatherScope, Gator eWallet, DateManager, Precision Time,
GAIN,GMT or Gator
It will be easier to remove these in safe mode as some of
the files and add/remove entries can be difficult to
remove in normal mode(Reboot and keep tapping F8 then
choose safe mode from the list), MSAS removes Claria's
products without much problems so also use this and
remove anything found(Some maybe set to ignore after a
scan but this is because they enter themselves into
add/remove screen)Change the ignore to remove and let
MSAS delete them.
There is alot of files and reg entries like these but
best to let scanners remove them to save you having to
edit the registry
Here's some of the entries
C:\Program Files\Common Files\GMT <--Delete this folder
C:\Program Files\Common Files\CMEII <-- Delete this folder
C:\Windows\Downloaded Program Files\GainPlugin.dll<-Delete
C:\Windows\Temp\Trickler(Version).exe <--Delete this file
C:\Windows\Temp\fsg <--Delete this file
Then Registry Entries
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersi
on\Run
"Trickler" = "[Path to file]"
"CMESys" = "ProgramFiles\Common Files\CMEII\CMESys.exe"
HKEY_CLASSES_ROOT\ttjltept
HKEY_LOCAL_MACHINE\SOFTWARE\Gator.com
HKEY_LOCAL_MACHINE\SOFTWARE\hlnpan
HKEY_CLASSES_ROOT\CLSID\{DBAE7000-01EC-4162-8FEB-
8A27AC937CA0}
HKEY_CLASSES_ROOT\Interface\{22D34833-06F9-4CE6-9FF7-
CE4DA0BA351D}
HKEY_CLASSES_ROOT\TypeLib\{2EC7A834-9C5E-4154-BADC-
0D86A2EDC82D}
HKEY_CLASSES_ROOT\HDPlugin.HDPluginCtrl
HKEY_CLASSES_ROOT\HDPlugin.HDPluginCtrl.1
Let MSAS remove them all if they are detected and if you
have problems download and use this fixtool from Symantec
http://securityresponse.symantec.com/avcenter/RemGAIN.exe
Regards Andy
