|
Description:
Gator eWallet is a program which remembers and fills in passwords and other form elements from web pages automatically and is commonly referred to as the shorter "Gator". It offers this utility in exchange for displaying advertisements from participating companies through its "Offer Companion". It stores aggregate information about surfing habits, the web pages you visit and the length of time at each site on your computer in a file which identifies your PC through its IP address. It also uses the software to selectively deliver and install 'optional' components. Recently the Gator Corporation has changed its name to the Claria Corporation in an attempt to disconnect the negative press associated with its software and the company. The program is freely distributed by GAIN Publishing.
How do you get
it?
Gator can be downloaded from the company website, bundled as an option with other software and has been known to be installed through what some people refer to as "drive by downloads". It was this method of installation that brought Gator to the attention of sites like this one. In this method, a banner or popup ad attempts to install software on a users PC, usually through the ActiveX controls distributed within Windows and by default enabled in Internet Explorer. Depending on the security settings of the browser the software either downloaded silently or prompted the user with an install dialogue. Unsuspecting users often chose "Yes" thinking that the browser was installing a plugin to display pages.
Gator is now distributed with all Gator.com applications, including eWallet and Precision Time/Date Manager. Iit is also widely distributed through third party software and particularly file sharing programs.
Details:
Gator delivers contextual advertising to the end user. It is displayed on your PC based on a profile it builds about your surfing habits that is collected and stored on a file on your computer identifiable through your IP address. This means that it collects information from your computer while you browse the internet. Although Gator emphatically states that it collects no personally identifiable information, in their privacy policy they state that they collect the following information (which seems very close to personably identifiable to me):
- Some of the Web pages viewed
- The amount of time spent at some Web sites
- Response to GAIN Ads
- Standard web log information (excluding IP Addresses) and system settings
- What software is on the personal computer
- First name, country, city, and five digit ZIP code
- Non-personally identifiable information on Web pages and forms
- Software usage characteristics and preferences
It can also detect events, create windows to display additional information on a viewed page, monitor messages and actions in addition to installing additional software through the program. Gator offers the following about what it does with this information:
- Enable the functionality provided in GP GAIN-Supported Software applications (for example, when to offer help filling in a form or when to reset the personal computer's clock to the accurate time)
- Select and deliver installation files for optional new software applications; and,
- Create an anonymous profile of the categories of products or services in which Subscribers appear to be interested in order to select GAIN Ads to display to Subscribers’ computer screens EXCEPT, when available, if the Subscriber has purchased licenses to all GAIN-Supported Software applications on the Subscriber’s computer, such Subscriber will not receive GAIN Ads but GP will continue to collect and use all other information described in this Privacy Statement. GAIN Ads may be displayed on behalf of advertisers who may be competitors of the publishers of the Web pages Subscribers are viewing or have recently viewed.
In addition to the above, Gator displays advertising on your computer through pop-up windows, pop-up slider windows (floating images on top of other windows), embedded ads within other GAIN support software applications and desktop icons and installation files. Removal can only be accomplished through the Add/Remove software feature of Windows, any other method will not remove the program completely.
(*Excepts from the Gator End User License Agreement for eWallet version 5.1 from the Gator website.)
How does it Violate
Privacy?
To display an advertisement to an end user, the program matches the profile that is built as you surf the internet with advertisers within the database. The sites that are visited and the keywords that are entered can be tracked with cookies. Althrough Gator indicates that its does not collect any personally identifiable information, it does collect items such as your first name, country, city and zip code as stated in the EULA.
Are
there any known security issues?
Gator is capable of automatically self-updating silently, installing software programs and services on your computer and collecting personal information as well as aggregate information about your surfing habits.
Specific security issues include*:
Gator/GAIN can download and execute arbitrary code from its controlling server (as an update feature).
Gator/PDP, the installer control, can be directed by any web page to install code from Gator's servers.
Gator/PDP/3061, an early version of the installer control, has a critical security flaw: it allows any web page to download and execute code from anywhere, with no security checks.
Gator/PDP/5094, the latest version of the installer control, seems to contain code to work around the network security products Zone Alarm Pro, STOPzilla, Norton Internet Security and McAfee Desktop Firewall. However I cannot confirm this as when I tested it with one of these products loaded, the plug-in crashed.
(*Above security issues provided by Allentech.net).
Stability
problems:
None known at this time, although occasional lock-ups and crashes particularly with the installation plugin have been reported.
Additional Notes:
Although Gator does offer the end user a useful utility to remember passwords and fill in forms there are safer alternatives available such as Roboform (a free alternative) and most browsers come equipped with this type of utility today.
Terminating Gator eWallet:
Gator eWallet is known to contain the following files: iegator.dll and others, Trickler (fsg.exe, fsg-ag.exe, fsg*.exe) & GAIN (GMT.exe, CMESys.exe, GAIN_TRICKLER_*.EXE, other files).
To fully remove Gator the best option is to use the Add/Remove software feature in Windows, manual removal may result in some of the components being left on your PC.
- Click on START > RUN and type "regedit". Click "OK" to start the registry editor.Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)
- Using the directory tree browse to the key:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run
- In the right pane, delete the value called CMESys and the GMT value if it exists.
- Exit the registry editor and restart your computer.
- Locate the "CEII" and "GMT" directory on your computer, it can usually be found with your "Common Files" folder located within "Program Files".
- Delete this folder and its contents.
- If Gator was installed by Precision Time & Date Manager, locate and delete the "WebPT" or "WebDM" inside the "Program Files" folder if it exists.
- Click on START > RUN and type "regedit". Click "OK" to start the registry editor.Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)
- Using the directory tree browse to the following keys and delete them: HKEY_CLASSES_ROOT\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C}
HKEY_LOCAL_MACHINE\SOFTWARE\Gator.com
HKEY_LOCAL_MACHINE\SOFTWARE\GatorTest
|
