ADW_GAIN.B

Download the latest scan engine

TypeAdware

In the wild: No

Destructive: No

Language: English

Systems affected: Windows 98, ME, NT, 2000, XP

Encrypted: No

Overall risk rating:

Low

Reported detections:

Low

System  impact:

Medium

Information exposure:

Medium
 

Description:

This adware is a component of other adware programs. It arrives in a system as a .DLL file. It is installed as a plugin in Internet Explorer.

It displays annoying pop-up advertisements while the user browses the Internet.

Description created:  Aug 22, 2005



TECHNICAL DETAILS



Initial samples received on:  Aug 19, 2005

Author/Publisher: GAIN Publishing

File type: PE

Memory resident: No  

Download URL: www.gainpublishing.com

File size: ~220,000 Bytes

Payload 1Others

Payload Detail 1: Displays popup advertisements

Details:

This adware is a component of other adware programs. It arrives in a system as a .DLL file. It is installed as a plugin in Internet Explorer.

It displays annoying pop-up advertisements while the user browses the Internet.

This adware program runs on Windows 98, ME, NT, 2000, and XP.


Analysis by:  Jasper Aldous Elli Pimentel



SOLUTION


Minimum scan engine version needed: 7.100

Download the latest scan engine

Spyware pattern version needed : 0.619.00

Pattern release date:  Mar 18, 2008


Important note: The "Minimum scan engine" refers to the earliest Trend Micro scan engine version guaranteed to detect this threat. However, Trend Micro strongly recommends that you update to the latest version in order to get comprehensive protection. Download the latest scan engine here.

Solution:

Deleting Grayware Files

  1. Right-click Start then click Search� or Find�, depending on the version of Windows you are running.
  2. In the Named input box, type:
    • GCONTROLLER.DLL
    • GIOCLCLIENT.DLL
    • GOBJS.DLL
    • HDPLUGIN1101.DLL
  3. In the Look In drop-down list, select the drive that contains Windows, then press Enter.
  4. Once located, select the file then press Delete.

Important Windows ME/XP Cleaning Instructions

Users running Windows ME and XP must disable System Restore to allow full scanning of infected systems.

Users running other Windows versions can proceed with the succeeding procedure set(s).

Running Trend Micro Antivirus

Download and unzip the latest spyware pattern file and scan your system. Then, delete all files detected as ADW_GAIN.B.

Note: If the above manual removal instructions fail to eliminate this grayware, close all Internet Explorer windows, and perform the solution again.