This really kinda ticked me off...

From time to time I go thru my registry to clean out settings from programs i have uninstalled. Imagine my surprise when i notice the following Software entry under my HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE

Something called 'Aureate'. hmm.. what's this? opening the folder reveals another folder - Advertising. thereafter, more subfolders: cookie, .flycast.com and .aveneua.com

WTH? I go online and 'Aureate', 'flycast' and 'avenuea' are apparently advertising outfits that inserts cookies into your registry!!

Here is a c&p of a paragraph from aureate's site:

What the AdSoftware Network offers

Aureate Media's AdSoftware Network enables developers and publishers to enhance their revenue stream and increase distribution through effective online and offline advertising models. Whether it means integrating dynamic splash screen sponsorship, interstitials in entertainment applications, or in-game advertising, Aureate Media has the technology developers love and the audience advertisers pay for.

Contact Jeremy Newton by email (newton@aureate.com) or phone (800-695-5369) to find out more about how you can insert paid advertising in your utility program, productivity application, game, or any other online or offline software product.

sneaky little (*#&$#!!

It even had a UserID number in there...

It pays to be aware, i hate this kind of thing!

[This message has been edited by socalgal (edited 04-26-99).]

You just go girl !!! http://www.sysopt.com/forum/smile.gif

Priceless!

May I suggest, my dear, that you copy and paste this same message to a few other BBs and send it as email to Aureate's site as well?

Though I have seen the "aureate" and "flycast" cookies in the Temporary Internet cache folders on more than a few computers now, this is the first I've heard of it being in the registry. After visiting the Aureate website I also did not find their cookies in my registry - we will have to see what happens after I reboot. Anyway, you may have picked up these registry entries at another site or from using some software that put them in there; BTW, isn't "flycast" is a terribly derogatory way of saying that we consumers are the fish and they are throwing out the bait?...it's practically insulting. The first time I saw the cookies I thought it was for a site about fishing...

~~edit: socalgal, you will be happy to know that I have taken the liberty of copying and pasting this post and sending it to info@aureate.com along with a few choice words of my own.



[This message has been edited by CMonster (edited 04-27-99).]

A web site should not be able to insert registry entries. If it can, this would be a major security breach and more than one person would be very very concerned.

Most likely you installed some program that was equipped with this built in advertising gig. During the install it either scanned your cookies for specific ones it expected to see, or actually inserted a cookie or two of its own making registry references to them. Then, if you ever did visit one of the referenced sites they would know that you had installed that particular software package. Equally annoying and still troubling, but a far more likely scenario than a web site editing your registry.

i,ve just checked my registry and found aureate/advertising. god knows how I picked this up.i only built the thing 3 weeks ago and have never visited their site.
WELL SPOTTED
I will now check everyday and try to establish where I picked it up.
mind you, i keep getting emails from porn sites saying thanks for signing up to receive this email(which i haven't, honest!!!)

[This message has been edited by nimrod (edited 04-27-99).]

i think you hit a nerve on this one. i found the same cookie in my registry. cuss'em out for me too!! :O)

CMonster Yes, i will post at Anand and spread the news there. As for missives to Aureate, let us know if you get a response. It will be interesting to see what their retort is - if they respond. I want to check out the law on this before I send any mail to Aureate. I prefer to come out fully loaded (or as my dad would say, don't go off half-cocked. lol)

SNowlen I construe that what you are saying is, that it is illegal for web sites to insert registry entries. I would like to find out if this is indeed mandated by federal law. Can you point me to a statute?
I am assuming it would be Intellectual Law. If you don't have the info, then I have some research to do.
Re: the registry entry via installation of a program; this is what the 'Aureate' site seems to allude to.
Then again, why should I trust someone/anyone - especially when that someone/anyone tampers with my registry without my prior knowledge or consent?

nimrod I too had never heard of them. I also will be trying to narrow the field of possible suspects.
Hehheh, don't worry nimrod, i gets lots of porn mail too - unsolicited. I just delete everything from anyone i do not know - without opening.

Just tried to post at Anand. BBS wouldn't come up (Page could not be found), so I will try to post later.



[This message has been edited by socalgal (edited 04-27-99).]

I think installing anything in your computer without your consent is an invasion of your private property.

It should be classified as "Breaking and Entering" and a felony punishable by death (figuratively) http://www.sysopt.com/forum/smile.gif

please,pleeeeaase show me how I can check my registry to see if it's there and how to remove it if it's not too much trouble. THANKS

Pushrod -

I too feel like I have been invaded. And I don't like it a bit.

I check my registry thru PowerDesk. But you can do it by:

Start >Run >{type}Regedit.
Open +HKEY_CURRENT_USER
Open +Software
Look for +Aureate
DELETE

Perform same functions for

+HKEY_LOCAL_MACHINE

and

+HKEY_USERS
+Default
+Software

I have noticed that deleting an entry from one HKEY will sometimes, but not always, delete the same entry from the other HKEYs. Perhaps there is an order or chain of command to the delete function. I don't know enough about the registry to speculate. I just go through each one to make sure.

Now whether or not there is another hidden entry somewhere else in my registry, well I don't honestly don't know enough about code to even look for myself. Perhaps a Wizard could enlighten us?

Hey there, socalgal!! didn't find any of the details you referenced, but that was a sharp move http://www.sysopt.com/forum/wink.gif

if you've got the patience, using the 'find' feature is quite helpful in ferreting out all mention of a particular subject http://www.sysopt.com/forum/smile.gif

I don't believe it... I have it too. Any ideas how it got in there? I know I didn't put it in there...

Thanks for that tip AugiDog ~

I found several more Aureate, .flycast and .avenuea under Internet Explorer - Type URL along with other sites - sites that i go to though, and I guess that would be expected...

However, did find another Aureate under:

HKEY_LOCAL_MACHINE
Software
Classes
Software

where the only other software listed are: Adobe, Microsoft and Progressive Networks (which includes RealPlayer).

What I don't like are those Software entries...

[This message has been edited by socalgal (edited 04-27-99).]

Just searched registry on mine, find nothing you've mentioned. One question - are all those finding this using IE? Mine is a W95b system on which IE was removed (at least all I could find) right after clean install. Use Netscape exclusively. No AOheL installed. If these entries appear only on machines using IE, the DOJ might be interested...


Just checked - the IE folder is back, under c:\program files\.... How did that get there AGAIN?

another ?...at the time of my search, i don't have Real Player installed, almost afraid to try it now.

wattaya think?

Socalgal: No no, I didn't mean to imply it was illegal, just that software should not allow a web site to manipulate your registry. That should not be possible, and if it is, it implies a potential path for security breaches. This would concern many people (not the least of which would be network managers).

When it comes to software and net privacy, there is very little that is actually illegal. It may be unethical and irritating, but it is not likely to be illegal.

I still think you all are getting this from installing software not from the web. Cookies generally come from the web, but registry manipulation is done by software install programs. Think about it, this company is advertising that they will help software vendors imbed advertising in their software. I think this is part of how they do that - during the install they add a registry entry, put a few cookies on your HDD, then if you hit the site who "owns" the cookie, they know you have that software. Now which software package it is is anybodys guess.

By the way, Anand's site is down ... again.

socagal
Thanks for helping this ex socaldude (San Diego);learned something new here. My registry seems free and clear of suspicious characters. THANKS AGAIN.


Would you like to be our official SysOpt Registry Watchdog?[/b].

[This message has been edited by Pushrod (edited 04-28-99).]

i have IE5 on 1 PC & IE4 on the other, no references to aureate on either one

I didn't find any of those files in my registery, and I have cookies disabled.
But don't you think that the registery is the least logical place to insert advertisment info? If they're going to hack your registry, why not have the ads show up on your desktop or when you launch your browser, where you are much more likely to notice them? It is alarming though.

Hi everyone ~

SNowlen I tend to agree with you; that I got this Aureate from a downloaded program, or perhaps a installation from a disk. I DID download and install Go!Zilla (the poster child for Aureate). I keep all my downloaded apps in a separate folder (in case I need to reinstall them), but i sure do not intend to install them over again just to see if the dreaded Aureate shows up in my registry! But perhaps we can narrow down the list of suspects (and perhaps there is more than one perpetrator).

Anyone who has this cookie - did you download/install Go!Zilla?

I have IE5.0, but just checked when i booted up and all refs to Aureate are still gone. However: if AugiDog has IE5.0 and no Aureate refs, then deduction tells us it's not from IE.

Pushrod Hey ex-socaldude - why did you leave? You are welcome, and thanks, but no thanks, I prefer not to be an "official" anything. LOL But will be ever more alert in any case.

CMonster Any response from Aureate?

I think I just might forward them the URL to this thread....heh.

ANYONE How can one know if one has downloaded a registry entry cookie such as this? Is there a telltale file/number/code to look for, so that one can notice this before it gets implanted?

AugiDog I have Realplayer (as I mentioned above) but don't know if this was responsible. RealPlayer (the app) itself is an ok prog (though I don't use it that much). Why don't you download/install it then let us know? I refuse to be intimidated by some riffraff slimy outfit - after all, we CAN check our registries AFTER we download/install something. It's a hassle - yes, but I will do it everytime from now on. Also, will know for a fact from where the dread comes.

What would be more hard to determine is: if by just using a program with the dread Aureate in it, will it automatically re-activate the dread?

whew! what a can o' worms!

Thank you all for your responses!


[This message has been edited by socalgal (edited 04-28-99).]

I found no reference to this in my registry.
I have been to and can assume it is not present on Microsoft sites or sites MS sends one too when installing the multitudes of 3rd party plug-ins for P3 web outfitter sites (and that covers a lot of different companies, from RealNetworks and many more)

Also is tweakit and its advertisers, PlanetQuake, CLQ, Lithium.com, Fox News, MSNBC, Ferretsoft and multitudes more.

You can consider these sites safe!

BBA

Hey, can we get the 500 pound gurllia into the fight(I'm talking about AOL). I think they would be more than happy to fight this so their newbie members don't freak out, and pontetialy quit using AOL.

BBA I checked out that FerretSoft, do you use it? You like it? I do 'dogpile' searches www.dogpile.com (http://www.dogpile.com) .
Thanks for your input.

ViRGE Glad you clarified which gorilla - GoZilla was more than I could stand! GoZilla is a hot suspect in all this - after all, GoZilla is the Poster Child for Aureate!!
I just quit AOL in favor of Earthlink. So go for it ViRGE! Spread the thread. I, for one, would like to get more solid answers and information on this Aureate and exactly what they and their machinations are up to.

Anand is now in this mix. Check it out.

http://www.anandtech.net/bbs/Forum1/HTML/009167.html


[This message has been edited by socalgal (edited 04-28-99).]

I have the keys in my registry, but no GoZilla. I do have Getright though... And MP3 Fiend... Any connections there?

Eli That's an affirmative on the MP3Fiend - I downloaded it, installed it, used it once and uninstalled it.

Anyone else with Aureate with MP3Fiend?

You GOTTA figure GoZilla is guilty - Number One on my list.

Real Player G2 installed: no aureate

AugiDog - Thanks for that! http://www.sysopt.com/forum/smile.gif

Yep... I use the hell outa WebFerret!

I didn't like it when it first came out, but It gets real easy real quick!

Any one who has this Aureate thing, remove the reg entries and reinstall just what you think is guilty and check again, that way well know what to avoid.

BBA

But I just formatted and reinstalled W98 two weeks ago, and have only installed a few programs since then. I really don't know how it got in there... Unless it came with IE5 or something.

You know, in China you can be executed for "hacking"...

If I was a representative for Aureate Media, I would not take any buisness trips to China!

Let's see...Um install advertising Trojan when hapless victim installs software, reboot, brainwash victim with your propaganda=$Profits!

[This message has been edited by pray59 (edited 04-29-99).]

Pushrod-i'm recently from S.D. myself, mail me if you'd like http://www.sysopt.com/forum/smile.gif

Socalgal-sorry for wanderin' in your thread http://www.sysopt.com/forum/wink.gif

i just had a thought (anybody smell smoke?)...what if this is some sort of trojan survey related to marketing, ya know, like, let's find out what folks are using & sell that info? cue eery soundtrack...

[This message has been edited by augidog (edited 04-29-99).]

This Aureate entry is also added by a Usenet downloader utility called "Newsshark".

It adds them again if you delet them and then run (not reinstall) the program. An Aureate window pops up for a half a second and the deed is done.

Is there any risk to leaving the entries there? I like this Newsshark becuase I can set it to download mp3s and mpegs and it works great with my cable modem.

Oh well...

GoZilla can't be guilty. I've never used it, and I have those registry keys. I'm thinking it's probably MP3 Fiend. I think it has a couple of banners on it's main part when it's running. Definite possibility... Anyone else?

I probably won't be around tonight but here is a plethora of links to peruse. Placing various target marketing cookies does seem to be legal, from what I have read, tho some of the material is outdated, and I haven't gone thru all of it. I still plan to do more research.

Thanks to neanderthal at Anand for the link to this link:

www.junkbusters.com/ht/en/links.html (http://www.junkbusters.com/ht/en/links.html)

The Aureate site itself snitches on who are their 'network members'. I would wager this is not a complete compilation of their members.

adnet.aureate.com/members.html (http://adnet.aureate.com/members.html)

The law on this subject comes into play if there is a malicious intent - that's the nuts & bolts of it. Privacy protection is up to the individual to employ.

If anyone comes up with recent legislation to the contrary concerning the legality of placing cookies in your registry, please post.

BTW (my personal $0.02 worth)- Information/Knowledge is Power. Be armed with Information; Use available resources.



[This message has been edited by socalgal (edited 04-29-99).]

yes mine keeps reloading after deletion, I can only think its linked to one of the following :-
rain
sandra
gozilla
wintune98
backweb
dimension4

any ideas?

it isn't SANDRA or WinTune98

I have the Aureate entry in my registry pointing to adsoftware.com.

Yep, GoZilla is Guilty.
yep, AdSoftware.

see who else spawns the dread...

http://adnet.aureate.com/members.html
and
http://adnet.aureate.com/participant_list_dev.html

learn more about their future plans:

http://adnet.aureate.com/about_the_net.html

It's there for all to see. (just check your registry afterwards heh)

just sent this page to the director of sales...he might need more than one copy http://www.sysopt.com/forum/wink.gif

newton@aureate.com. (http://newton@aureate.com.)

[This message has been edited by augidog (edited 04-29-99).]

Okay, for the third time, I do NOT have GoZilla, yet I still have the registry keys, so that CAN'T be it. I do have Sandra though...

AugiDog Cool http://www.sysopt.com/forum/wink.gif Gee, I wonder if we will get any "feedback"? CMonster said Aureate never answered him. (like I am so surprised).

Eli Just because you do NOT have GoZilla, does not mean that you cannot have Aureate installed as a Software entry key in your Registry. (Apparently)

Please go to the link I have posted above (the aureate/members) and look to see if you have any of those programs installed. AND, like I said, I don't believe that is the complete list of their "members". It could come from any number of downloads and/or installations.

Trial and error, like BBA said, can help you ferret (sorry BBA http://www.sysopt.com/forum/wink.gif) out the culprit(s). But looks like they can crop up anytime. Vigilance is what is needed.

I object to the slam tactics shown by Aureate per Jackal's post, about only having to RUN the program for them to re-implant themselves! I equate this to repeated Registry rape.



[This message has been edited by socalgal (edited 04-29-99).]

I just received a note from AugiDog pointing me to this thread. First of all, I want to make it clear that the Aureate web site does NOT have access to your registry. Aureate Media is an advertising network that makes it possible for software developers to give away their software for free through the use of advertising.

When an application using our ad technology is installed on your machine, our technology asks you some totally voluntary basic demographic questions. Your answers are passed to our servers so that we can send you advertising you are more likely to be interested in. The information we store in the cookie can ONLY be accessed by us if you are running a program that is integrated with our ad technology. The cookies in the registry are only used when your are viewing ads INSIDE a program, not through a web site. Also, we do NOT look at other data in the registry (name, email, etc.). Even with the voluntary survey, the most specific piece of data we ask for is Zip Code. Because we do not have your email address (or your real address), we cannot (and would not) spam you or sell your data to spammers.

I apologize for any confusion or alarm this may have caused.

Thanks,
Jeremy


[This message has been edited by newtonjj (edited 04-30-99).]

mmm...still not sure i like having that little "rider" placed there without my knowledge.

personally, i never participate in the little surveys that sometimes pop up during an install, unless it's part of the original company's procedure.

maybe contacting aureate's clients, and telling them that the service is lightly, and un-knowingly to the user, invasive could effect a change in how this is done?

wattaya think, folks?

socalgal...**** fine work!!!

[This message has been edited by augidog (edited 04-30-99).]

Well, at least I was right about web browsing not being able to do this. That would be a real security issue rather than just a privacy issue.

I also never respond to surveys of any kind (I am part of the "10% had no opinion"). I don't like the idea that ANY demographic information about me could be saved by some program and then passed out to some web site through a cookie that was placed on my system without my express approval and acceptance. I find that offensive, annoying, invasive, pushy, unethical, low, mean, nasty, and typical of the in your face advertising attitude.

Aureate can bite me, and I'll be **** sure to avoid their software and their site.

Right newtonjj...

I guess that's why I found Aureate LISTED AS AN ENTRY IN THREE REGISTRY SOFTWARE KEYS!

...our technology asks you some totally voluntary basic demographic questions

Number One: I NEVER "volunteer" ANY personal information!

Tell it to someone who hasn't already been slammed and trashed by the likes of organizations like yours and who are yet ignorant of the machinations (read evil plot) of your tactics. Maybe they believe your propaganda - for now. Hopefully, they will learn in forums such as this.

I know I am not the most intelligent computer user in this forum - way far from it - but you insult MY intelligence.

Three Cheers for AugiDog - thanks Bud, you're GREAT!

and SNowlen Aureate can bite me, and I'll be **** sure to avoid their software and their site. I SECOND THAT EMOTION!!

Here are some downloads that I plan on checking out AND installing: cookie killers!

www.winfiles.com/apps/98/webtools-cache.html (http://www.winfiles.com/apps/98/webtools-cache.html)

Thanks to Every One who has posted on this thread! STAY VIGILANT!

To AUREATE and Others of your ilk: I WILL BE WATCHING YOU.



[This message has been edited by socalgal (edited 04-30-99).]

oWoooooo!!!!!

let me guess all you people who have this **** in your registry are running internet explorer. think about it maybe if you used a real inet browser and didnt use microsoft **** you wouldnt have **** like that in your registry. next time dont use inet explorer get netscape!

Hi skyhawk 21 ~

I really am not being "smart" here, but if that is so, then why would all those 'cookie killers' in the WinFiles site (see URL above) find it necessary to include the Netscape browser for their products? BTW - that's a pretty nice Corsair on your page...

I like Netscape too, but find myself ever hooked up with MS.... When IE has problems, Netscape always comes to the rescue!

Hi CMonster http://www.sysopt.com/forum/smile.gif

[This message has been edited by socalgal (edited 05-01-99).]

skyhawk21- hello & welcome!

read around the board a bit & realize we work together, spending very little time slammin' one another.

this particular issue had nothing to do with the browsing process, as previous posts indicated.

sounds like you have a lawsuit!!! Looks like thay have a ton of money.