Here's the story: 1. Every time I rebooted my computer, OptOut would find a Registry entry for Aureate. 2. I would let OptOut remove the entry. 3. The next time I rebooted, OptOut would again find the same entry. 4. Something on my system was "reloading" and adding that danged entry to the Registry file. 5. What was doing it? 6. First, I did a "Find" on the system to locate ANY file with the string "Aureate" in its name. 7. No files found. 8. Then, I used NotePad Pro to search EVERY file on my computer for the string "Aureate". 9. NotePad Pro found "Aureate" in the file, C:\system.1st. 10. Now that file was created on 11/11/1999. It wasn't created when the system was set up, which was in August 1999. So, how did the "Aureate" reference get into the SYSTEM.1ST file? Heck, I don't even know what the danged file does! 11. While in NotePad Pro, I pulled up the SYSTEM.1ST file and looked at the entries. Here's what I found: a. WS_FTP Pro had an entry there, calling on Aureate. b. CuteFTP, ditto. c. AIM (AOL Instant Messenger), ditto. d. GetRight, ditto. e. (Here's the kicker!) A common Windows file, COMDLG32.OCX, used with Windows 95 and Windows 98, was set to make a call to ADVERT.DLL and Aureate!!!!! 12. When I first used OptOut, I had it delete C:\Windows\advert.dll. So, that .dll couldn't load. 13. The calls on Aureate couldn't load, since OptOut had removed all "pirate" files, BUT, the SYSTEM.1ST file was making a Registry entry for Aureate, assuming the Aureate files were still on the system. 14. Here's what the common Windows file, COMDLG32.OCX was set to do: a. Send (somewhere - Aureate?) a list of ALL files I had downloaded. b. Send (same place) the Distributor names of the files in a. c. Send (same place) all the server Cookies (I assume this to mean Cookies from web browsers, MSIE or Netscape). Now, isn't that enough to scare the bejesus out of you?????!!!!! Let me tell you folks, the more I read on the OptOut web site, and the ZoneAlarm web site, and other web sites, plus what I read in the April 18 issue of PC Magazine, the more alarmed I become. From what I could gather from the SYSTEM.1ST file, it seems that even Microsoft itself is culpable, unless some other program, that secretly installs the Aureate files, is calling on COMDLG32.OCX and making it spy on our systems. Anyhow, I renamed SYSTEM.1ST to SYSTEM-1ST.BAK and rebooted my system. Wasn't sure what would happen. Booted fine. And, that danged Aureate reference WASN'T put back in the Registry. Solved that one. I had thought that maybe when booting, the system would make a new SYSTEM.1ST, but it didn't. Doing a little more detective work, I found that the SYSTEM.1ST file in the C:\ root directory was an older version of SYSTEM.FA found in the C:\Windows directory. Don't know why renaming the SYSTEM.1ST file stopped the change in the Registry file, but it did. To summarize, many, many programs we depend on are installing the danged Aureate program. The only recourse we have is to install OptOut and get rid of all the files and Registry entries. It's not a perfect solution, since the software companies will continue to cooperate/collaborate with Aureate, and since those software companies are without a doubt getting a kickback from the software companies. But, at least we can rid our systems of Aureate and get on with our computing. If any of you missed my previous message about the article in PC Magazine, go to http://www.pcmag.com and find the article entitled "Broadband". It's worth reading. Till next time, SgtGeorge SgtGeorge George W. Durman Knoxville, TN VIRUS-DISCUSSION List Administrator