Last month we looked at the latest dealings in the E-mail world and the month before we took a look at the makers of blocking software for our schools selling out on our kids.

  This month we’ll take a look at another major player in the information game, Aureate\Radiate.

  Now, the company name might not ring any bells with you but they are a major player on the Internet. What they do is provide a large portion of the banner ads you see when you go to a web page. The banners are, of course paid for by the companies that are advertised there in. What Radiate, ( their current name because no body could pronounce the other one), dose is provide linkage for tracking purposes for these advertisers. If you watch the progress bar closely on the bottom of your web browser, when one of these ads pop up on a web page, you’ll see it linking to Radiate under the covers. 

  Ok, no big deal. So they want to know a little about who sees their ads. Believe it or not, even I can understand that one. (Hey, I’m not heartless toward business.)

  But lets add another factor to the mix. The one where you can run all over the Internet and see all this great “free” software you can have just by downloading it. Cool! Right??
Well . . .did you ever see a little blurb that sometimes says “this is free because it is sponsored by advertising.?? In other words in exchange for the free software you have to look at somebody’s ad when you run it. Voila! Enter our old friends Aureate\Radiate. They provide the ads. They also provide a few little software surprise you may not be aware of. 
Here’s some of those little surprises and what they do that you don’t see.
          adimage.dll, advert.dll, advpack.dll, amcis.dll, amcis2.dll, amcompat.tlb, amstream.dll,
anadsc.ocx,  anadscb.ocx,  htmdeng.exe,  ipcclient.dll,  msipcsv.exe,  tfde.dll

advert.dll
This DLL creates a hidden window every time you open your browser. It creates and sends 4 pages of information to the Aureate servers using port 1749 on your system, these pages include:
1. Your name as listed in the system registry ( not the name you installed one of the programs with )
2. Your IP address
3. The reverse DNS match of your address. ( tells them what ISP and area of country you are in )
4. A listing of ALL software that is shown in your registry as being installed. ( Not just the companies they work with )
5. This DLL sends the following information to their server on all URL's you visit:
    A.) ad banners you may click on
    B.) all downloads you do showing the filename/file size/date/time/type of file(image, zip, executable, etc)
    C.) full time and date stamps of all your actions while using your browser
    D.) the remote dialup number you are dialing in on (taken out of your dialer configuration)
    E.) dial-up password if saved, does not "appear" at first glance to send this through to them.

 advpack.dll
Used during the installation only to check for other needed files.

amcis.dll
This DLL modifies the following registry keys:
 1. HKEY_CURRENT_CONFIG
 2. HKEY_DYN_DATA
 3. HKEY_PERFORMANCE_DATA
 4. HKEY_USERS
 5. HKEY_LOCAL_MACHINE
 6. HKEY_CURRENT_USER
 7. HKEY_CLASSES_ROOT
Unregisterss oleaut32.dll from memory as provided by M$oft and replaces with its own calls. Switches back to M$oft's when browser is closed. Creates stub processes to be started anytime your browser is opened.

amcompat.tlb
This guy tracks any multimedia clips ( video/pictures/sound ) that
you view It tracks the rating level on the video/picture/sound and
title / location Contains references to DblClick 

amstream.dll
Sets up TWO way communications between your system and theirs.
Used to send info and receive update commands/files. Opens port 1749 for communications

  You can get a pretty good idea of what all happens i.e. browser hangs, system crashes, etc because of this “spyware by typing in the keyword “aureate” to most any search engine and following the links it returns. You’ll find much more info than I can provide here. You’ll also find tools to correct this.

.