eclectica
2003-10-23, 12:33
http://images.gator.com/gator/global/gator_eyes_125x37.gif
source (http://simplythebest.net/info/spyware/gator_spyware.html)
Gator
Gator helps you to fill out forms and remember usernames and passwords of sites you frequently visit. You may even have credit card information readily available when you wish to purchase something online. A very dangerous thing to do. Your personal information is stored on your computer in an encrypted file. Gator accesses this personal information, using your IP address. Gator targets consumers based on site visitation and historical behavior. Gator provides aggregate statistics about its customers, traffic patterns and related site information to third-party vendors. As banners from sites you visit are being served, Gator will show their advertiser's banners instead.
Gator accompanies programs such as Limewire, AudioGalaxy, eWallet, several popular clock setting programs and most P2P file sharing network programs, such as KaZaa. Gator can also be installed by visiting websites that are paid by Gator to include the installer links in their pages (you may have seen the message screen asking to install).
CMESYS.EXE will track all the web sites you visit and send the information to the GAIN computers. Usually it will come as part of other programs and has some limited useful functionality like auto-form filling or remembering passwords or P2P file sharing services. We recommend removing this file. You'll also want to remove any associated programs like Gator.exe, gmt.exe or GAIN_Tickler_*.exe.
GMT.EXE is a pervasive and widespread advertising spyware program from GAIN, the Gator Advertising Information Network. This program will track all the web sites you visit and send the information to the GAIN computers. It also generates popup ads and can be used to install more files from Gator's servers without your knowledge. Variants include Gator/A, Gator/Gain, Gator/Trickler (followed by a series of numbers), and Gator/PDP which is also known as IEGator and PDPPlugin.
Gator uses a file (fsg.exe, fsg-ag.exe, fsg*.exe, trickler) to download additional files to install. When installed this file adds a Run key in your Registry. Gator also includes an ActiveX Backdoor Trojan plug-in which can be hijacked by attackers and used to place backdoor software or other malware on your system.
Removal:
By running the uninstall program through Add/Remove Programs will get rid of Gator and its add-on OfferCompanion. Then search for the Trickler files (fsg.exe, fsg-ag.exe, fsg*.exe, trickler). Trickler runs hidden and slowly downloads the rest of Gator/OfferCompanion onto your system.
Cleaning
If you are cleaning your system manually, using some of the tips mentioned above, you do this at your own risk. Editing the Registry without some basic knowledge may result in your computer not starting up anymore. And reinstalling Windows may be the only way back.
Spyware cleaners (http://simplythebest.net/shareware/utilities/security/spyware_cleaners.html)
Spyware resources
And.doxdesk.com (http://and.doxdesk.com/parasite/)
Cexx.org (http://www.cexx.org/adware.htm)
Possible actions
You may want to take action against any of the above or another (let us know if you found one not listed on this page). The Federal Trade Commission (FTC) handles complaints about deceptive or unfair business practices. To file a complaint, go to the FTC web site (http://www.ftc.gov/), call 1-877-FTC-HELP, or write to: Federal Trade Commission, CRC-240, Washington, D.C. 20580. If your complaint is against a company outside the US, file your complaint at http://www.econsumer.gov/.
You may never see any action as a result of your complaint, but if the stream of complaints keeps on, just maybe some action will be taken to guard us all from this kind of 'attack' on our privacy and our lives.
More links:
http://www.cexx.org/gator.htm
http://www.alanluber.com/pcfearfactor/officiagatorpage.htm
http://www.pchell.com/support/gator.shtml
source (http://simplythebest.net/info/spyware/gator_spyware.html)
Gator
Gator helps you to fill out forms and remember usernames and passwords of sites you frequently visit. You may even have credit card information readily available when you wish to purchase something online. A very dangerous thing to do. Your personal information is stored on your computer in an encrypted file. Gator accesses this personal information, using your IP address. Gator targets consumers based on site visitation and historical behavior. Gator provides aggregate statistics about its customers, traffic patterns and related site information to third-party vendors. As banners from sites you visit are being served, Gator will show their advertiser's banners instead.
Gator accompanies programs such as Limewire, AudioGalaxy, eWallet, several popular clock setting programs and most P2P file sharing network programs, such as KaZaa. Gator can also be installed by visiting websites that are paid by Gator to include the installer links in their pages (you may have seen the message screen asking to install).
CMESYS.EXE will track all the web sites you visit and send the information to the GAIN computers. Usually it will come as part of other programs and has some limited useful functionality like auto-form filling or remembering passwords or P2P file sharing services. We recommend removing this file. You'll also want to remove any associated programs like Gator.exe, gmt.exe or GAIN_Tickler_*.exe.
GMT.EXE is a pervasive and widespread advertising spyware program from GAIN, the Gator Advertising Information Network. This program will track all the web sites you visit and send the information to the GAIN computers. It also generates popup ads and can be used to install more files from Gator's servers without your knowledge. Variants include Gator/A, Gator/Gain, Gator/Trickler (followed by a series of numbers), and Gator/PDP which is also known as IEGator and PDPPlugin.
Gator uses a file (fsg.exe, fsg-ag.exe, fsg*.exe, trickler) to download additional files to install. When installed this file adds a Run key in your Registry. Gator also includes an ActiveX Backdoor Trojan plug-in which can be hijacked by attackers and used to place backdoor software or other malware on your system.
Removal:
By running the uninstall program through Add/Remove Programs will get rid of Gator and its add-on OfferCompanion. Then search for the Trickler files (fsg.exe, fsg-ag.exe, fsg*.exe, trickler). Trickler runs hidden and slowly downloads the rest of Gator/OfferCompanion onto your system.
Cleaning
If you are cleaning your system manually, using some of the tips mentioned above, you do this at your own risk. Editing the Registry without some basic knowledge may result in your computer not starting up anymore. And reinstalling Windows may be the only way back.
Spyware cleaners (http://simplythebest.net/shareware/utilities/security/spyware_cleaners.html)
Spyware resources
And.doxdesk.com (http://and.doxdesk.com/parasite/)
Cexx.org (http://www.cexx.org/adware.htm)
Possible actions
You may want to take action against any of the above or another (let us know if you found one not listed on this page). The Federal Trade Commission (FTC) handles complaints about deceptive or unfair business practices. To file a complaint, go to the FTC web site (http://www.ftc.gov/), call 1-877-FTC-HELP, or write to: Federal Trade Commission, CRC-240, Washington, D.C. 20580. If your complaint is against a company outside the US, file your complaint at http://www.econsumer.gov/.
You may never see any action as a result of your complaint, but if the stream of complaints keeps on, just maybe some action will be taken to guard us all from this kind of 'attack' on our privacy and our lives.
More links:
http://www.cexx.org/gator.htm
http://www.alanluber.com/pcfearfactor/officiagatorpage.htm
http://www.pchell.com/support/gator.shtml