Broadband Tech > Security > Security > veloz scumware seen on comercial just now

reply to Martinus

Re: veloz scumware seen on comercial just now

said by Martinus:

---

...Stop-Sign? - free software which does the following:

"*Free Trial version detects but does not cure threats.
**Free Trial version detects but does not remove spyware.
***Free Trial version has limited functionality."

---

reply to NeOm
"1) Someone started to download our program, and some AV company says we are uploading a trojan, so you take their word for it? Exactly how are we supposed to update your AV list 2 or 3 times a day if we cannot communicate with your computer? How are we supposed to know you did a scan, when you call and say "It didn't do anything, I want my money back" to get a free cleaning."

This is just sad and funny in a way. You just admitted with this statement that you spy on your users. Ever heard of allowing your customer to manually update? Every heard of - if the customer wants there money back and it's within the allotted time for them to request this. Give them there money back and be done with it. Your comments honestly just prove that your company isn't honest and has no reason to be installed on a users machine.

And for the record. If almost every well known antivirus gives a warning when installing your software. There is a good reason for it. And no it's not to kill the competition. I'd highly doubt that all the companies that flag your product are doing so out of spite. And I'm beginning to feel the likelihood of a false positive is becoming less and less.

Oh and you get on others about spelling. Yet don't use spell check yourself. To funny.

"we lsot a lot of money that year"

You didn't lose money because you won't fix reported infections for the price of the software purchase ( is this only with the trial version you do this? Or all versions ). You lost money because your software is pure crap. And honestly I have to question the honesty and integrity of anyone who would choose to defend it.

Hopefully users will notice the stop sign symbol and do just that. Stop and not install it. I know I'm basically software bashing at this moment. But honestly I feel it's well deserved in this case.

"Knowing my boss though, I hardly think he would take the time to try and change the mind of a dozen or so people.
"
This shows you don't read much. Because your boss or CEO did exactly that. For a very long thread that has been linked in this discussion we are having now.
--
Test Your Security
Benefit for Children's Oncology Group
Cable Modem Diagnostics

reply to novaflare
Eric, I'm kind of surprised. From your posts you are describing StopSign as pretty normal software, a freeware version that contains a few ads promoting the paid version. which is normal.

No pop-ups, no browser hijacks.

A few little games.

No remote access trojan.

No silently uninstalling other products.

From the way I read and interpret what you said about it, you reveal that the details of what PestPatrol says about the product are literally true, and that the summary which says it is abnormal is a false.

And from what Novaflare says, the only complaint that resembled PestPatrol's claims were some left over registry entries, but then it turned out that wasn't the fault of StopSign -- he it was the fault of the uninstaller he used, which was from rival products.

-----------

quote:

---

I fail to see how any consumer's "choice" has been taken away in all this.

---

quote:

---

It's entirely possible that Pest Patrol would be targeting updated versions of files without recognizing that the context of their installation had changed.

---

quote:

---

Like others in this thread, you're letting terms and names get the best of you. I used the term "stub downloader" in a purely bare bones functional sense. That a program can be described as a "stub downloader" does not mean it can't also be described as a trojan downloader. Again, the context of installation and use is critical.

---

quote:

---

And what should Pest Patrol do for customers who may have picked up Stop-Sign entirely unintentionally through the older download and installation processes -- the ones eAcceleration was using before it was forced to change its business practices?

---

quote:

---

Pest Patrol and others in the industry were well within their rights to target Stop-Sign, given their unethical installation practices. Did you happen to read the previous threads here at DSLR in which those installation practices were exhaustively discussed?

---

quote:

---

The resident monitor is installed as part of the threat scanner. Besides, it's already been well documented that earlier versions of Stop-Sign prompted consumers to let it remove programs like Ad-aware and Spybot S&D.

---

quote:

---

That others in the industry may have engaged in unethical behavior is no reason to excuse eAcceleration for doing so. Just because "everybody does it" doesn't mean we have to ignore eAcceleration when it "does it."

---

quote:

---

I'm sorry, but I don't quite follow this. Where does industrial espionage fit into to all this?

---

quote:

---

To reiterate: eAcceleration does seem to be in the process of reforming its practices, but it was forced to do so under the duress of legal action and remains utterly unrepentant about its previous behavior. While there may come a time when eAcceleration can be trusted again -- perhaps after it has satisfactorily settled the legal complaints against it and established a solid track record for trustworthy behavior -- we are not there yet.

---

reply to novaflare
Novaflare, the question is "How effective is the test software's uninstall untility that is provided with the install?"

Is it worse than KAV 5s, which currently leaves behind about 30,000 ADS tags (they are going to fix it, but it has been a couple of months).

Is it worse than NAVs, which leaves behind hooks that have prevented scripts working, and have made rival anti-virus products hang and/or run very slowly?

That is why AOL's anti-spyware is correct when it usually recommends using the vendor provided uninstall utility for unwanted adware. Of course if there is no uninstall utility, or if it turns out the uninstall utility doesn't work reasonably well -- then that is definitely not good.

If you are up to it, you could re-install StopSign, and run its uninstall utility, and see if that cleans up the rememants of the previous third party uninstall.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC)

said by keith2468:

---

Novaflare, the question is "How effective is the test software's uninstall untility that is provided with the install?"

Is it worse than KAV 5s, which currently leaves behind about 30,000 ADS tags (they are going to fix it, but it has been a couple of months).

Is it worse than NAVs, which leaves behind hooks that have prevented scripts working, and have made rival anti-virus products hang and/or run very slowly?

That is why AOL's anti-spyware is correct when it usually recommends using the vendor provided uninstall utility for unwanted adware. Of course if there is no uninstall utility, or if it turns out the uninstall utility doesn't work reasonably well -- then that is definitely not good.

If you are up to it, you could re-install StopSign, and run its uninstall utility, and see if that cleans up the rememants of the previous third party uninstall.

---

Ah okay, I missed that.

So there uninstaller, when you ran it it left things behind. Was it just junk or did it cause pop-ups or downloads or anything like that?

reply to keith2468
Keith2468:

You wrote:

said by Keith2468:

---

Eric, I'm kind of surprised. From your posts you are describing StopSign as pretty normal software, a freeware version that contains a few ads promoting the paid version. which is normal.

---

said by Eric Howes:

---

To reiterate: eAcceleration does seem to be in the process of reforming its practices, but it was forced to do so under the duress of legal action and remains utterly unrepentant about its previous behavior. While there may come a time when eAcceleration can be trusted again -- perhaps after it has satisfactorily settled the legal complaints against it and established a solid track record for trustworthy behavior -- we are not there yet.

---

said by Keith2468:

---

From the way I read and interpret what you said about it, you reveal that the details of what PestPatrol says about the product are literally true, and that the summary which says it is abnormal is a false.

---

said by Keith2468:

---

Unfair trading practices do that. They drive competitors out, by spreading slander (slander can be a lie or an irrelevant prejudicial truth) about their product, and when other entreprenures and investors see that it discourages them entering the market place.

---

said by Keith2468:

---

Do you really think your AV monitor has no performance impact? That it doesn't slow down users computers?

---

said by Keith2468:

---

And isn't it the job of a firewall to interrupt internet connections?

---

said by Keith2468:

---

It is possible. And it is okay you not only this it is possible but also feel it is what is happening.

I am not so charitable.

---

said by Keith2468:

---

They must see that the allegedly harmful files they claim used to be there are no longer there. And they write signatures to detect the new apparently innocent files.

---

said by Keith2468:

---

Eric, would you call it a trojan downloader?

Why? Is it a trojan? Or what trojan does it download?

Mr. PestPatrol, do you describe other programs with the same features by other vendors as a trojan downloader?

Of is it just little competitors headed by unsophisticated owners whose products get characterized that way?

---

said by Keith2468:

---

By your statement that StopSign was "forced" to change how it does business, are you referring to the pending court case or what?

---

said by Keith2468:

---

Those customers have probably updated the program by now don't you think?

And if not StopSign should assist them in removal.

---

said by Keith2468:

---

And if PestPatrol wants to recognize the old version, that is not an issue. It can use its old signature records (or do up new more specific signature records).

---

said by Keith2468:

---

What I read wasn't first hand descriptions, it was hearsay. Also, I reserve the right to not follow endless links to other sites. If the writer doesn't feel it worth his time to summarize, cut and paste, or retype, why should I feel it worth it to read it?

---

said by Keith2468:

---

But technically that is slander. It is making the implication to the reader that somehow that makes it a trojan. And the slander is even stronger when PestPatrol says this about the firewall and AV components. Trojans and viruses silently disable other software. They don't ask about it as StopSign does (and PestPatrol says it asks) -- that differentiation is left out of the summary -- hence I think most judges would rule it is slander.

---

said by Keith2468:

---

Also it is attributing something (that may or may not be true, I don't want to be sued) about old versions of the software to new versions of the software. Which might well be ruled libel since the write up doesn't mention versions or that it might be out-of-date.

---

said by Keith2468:

---

Ethics are about common standards of acceptable behaviour.

For me to be ethical I think I have to be consistent and not prejudice on irrelevant grounds.

What does PestPatrol, or Eric or Keith, find acceptable in companies whose products we will recommend.

It isn't the main thing I do (I mostly program) but as part of my jobs I recommend IBM products, Microsoft Products, HP products, etc., and their past behaviour on old products aren't an issue unless it is still going on, and neither is the millions of dollars lost by them in lawsuits that have actually been proven in court, and in out-of-court settlements.

As a professional I can't pick on eAdvantage for irrelevant factors, or for factors that I find acceptable in Opera, QuickTime, etc.

---

reply to keith2468

said by keith2468:

---

Ah okay, I missed that.

So there uninstaller, when you ran it it left things behind. Was it just junk or did it cause pop-ups or downloads or anything like that?

---

You think 8 left over registry entries is not typical ???

It would be bad for non-security software, but isn't that rare for AV software.

1. When I took out Norton Internet Security 2002 (or was it 2003?) it left behind around 20.

And after I downloaded and ran their special uninstall utility, there were still some left.

After I ran both uninstalls, and deleted the Symantec folders, I scanned with SpyBot S&D in the advanced mode to find the broken references left in the registry.

It found 15-20.

But actually there were more.

I found another set of Symantec folders last week, and removing it made 2 more entries show up.

Now there are 2 things here:

(a) This was NIS is both a very full function anti-virus and a software firewall with pop-up stopper. So a lot of functionality.

(b) Most of those left over registry entries didn't do anything, but one caused Java scripts to not run.

NAV at the time (and maybe now I don't know) left the hook for examining Java scripts in when the normal add/remove dialogue was used to remove it. With NAV removed, java scripts hung.

And there were other hooks that slowed down the system after NIS was removed. They made the replacement AV (KAV) very slow. I was set to give-up on KAV when I posted about the problem in here, and that is when I heard about the NIS clean-up utilities that could be downloaded.

Just because something has a bug, even a bug that was first reported a year earlier, or still doesn't do a complete uninstall 2 years later, doesn't make it a trojan, or virus, or spyware.

And even if the bug might have been intentional, to make rival products look bad, that would be unethical, but it still doesn't make the product a trojan, virus, or spyware.

2. When a trial user uninstalled KAV Personal last month he was left with 30,000 ADS tags on his system. Okay, KAV Personal 5 is new. But also Kaspersky has been around for a while. They are fixing it.

---------

So as a beta tester, the left over links were a bug that should be reported to the test administrator so the developers can remove it.

But as proof the product is a trojan, that its downloader is a trojan downloader, or that it is a worm, or a virus, it isn't proof.

As for it being adware, it just advertises itself in itself. It is downloaded with permission. And the uninstaller seems to work well enough to stop it working.

So using the loosest definition it is adware. It promotes itself and its makers other products.

BBR itself fits an even tighter definition of adware. It is partly funded by advertising from third parties (at least if I sign on anonymously I see lots of ads).

But these things aren't adware in the sense of a browser hijacker, let alone a browser hijacker that actively resists removal.

I don't think I'm going to run it on a production computer, because it is buggy.

But as a computer professional, who is expected to use the (ever changing) terminology accurately and precisely, I can't call StopSign a trojan.

»www.google.ca/search?sourceid=na···A+trojan

"a program that appears desirable but actually contains something harmful; "the contents of a trojan can be a virus or a worm"; "when he downloaded the free game it turned out to be a trojan horse" "
-or-
"A program that comes in secretly and quietly, but it carries a destructive payload. Once you become infected by the worm or virus that that Trojan carries into your computer, it can be very difficult to repair the damage. Trojans often carry programs that allow someone else to have total and complete access to your computer. Trojans usually come attached to another file, such as a .avi, or .exe, or even a .jpg. Many people do not see full file extensions, so what may appear as games.zip in reality could be games.zip.exe. Once the person opens up this file, the Trojan goes to work, many times destroying the computer's funcionability. Scary, eh? You can read more about this here, on our Trojans, Viruses, and Worms reference page. Your best line of defense is to NEVER accept files from someone you don't know, and if you have any doubts, then do NOT open the file. Get and use a virus detection program, such as Inoculate and keep it updated regularly."
-or-
"It "is a piece of unauthorized code hidden within a legitimate program (101)." Trojans can carry viruses and other programs that may damage your computer once you run the program that the trojan is hidden in. Trojan horses may be either simple batch files or code containing redirected escape sequences intercepted by the ANSI.SYS driver."
-or-
A Trojan (also called a Trojan horse) is a software program in which harmful or malicious code is contained within another (seemingly harmless) program. When this program executes, the Trojan performs a specific set of actions, usually working toward the goal of allowing itself to persist on the target system. Trojans can allow hackers to open backdoors on your system, giving them access to your files and even network connectivity.

And a trojan downloader would have to be something that downloaded a trojan.

So I am interpreting the literal details of PestPatrol's write up to have been fairly accurate. StopSign uses CPU cycles and memory, uses the internet connection, asks the user to remove other monitors performing the same function, and has the names of its product plugins in its own control panel.

But I am interpreting PestPatrol's spin and the summary as inaccurate, innuendo, sophistry, and maybe slander.

»www.pestpatrol.com/PestInfo/S/StopSign.asp

Others can have their own opinions, and that is fine.

I'm not here to convince everyone. I just wanted to know for myself if PestPatrol met my standards for accuracy, impartiality and ethics.

I won't be installing either PestPatrol or StopSign on my machines. Neither is good enough to be paid-for software.

reply to novaflare
I guess this is as good a time to introduce myself as a new member of these forums as any.

I am an employee of eAcceleration Corporation; in fact, I was hired about 6 months ago as the CTO of eAcceleration. My name is David Nason, and I’m sure you can get a pretty good idea of my background by googling me.

As you can see, I’ve made no attempt to use a handle or to hide my email address. I will welcome any reasonable questions and discussions regarding eAcceleration, Stop-Sign, or any of our other product brands. I will try to pay regular attention to questions on this forum, as well as direct email (davidnason@eacceleration.com).

I would like to thank those of you in this forum who have been willing to reexamine eAcceleration and Stop-Sign. The company has reorganized in the recent past and is making a serious effort to correct its image. Many of the issues described in detail on these forums are a result (1) marketing practices that were then either new or frequently practiced in the industry, or (2) conflict or otherwise negative interaction with other applications, or (3) coding issues. As a result, eAcceleration recognized that many of its past practices needed to be changed and has made many dramatic changes in its organization, structure, and strategy to meet the needs.

I am not going to get into a discussion of why or what, regarding the past. I will discuss our present and future.

• eAcceleration Corporation has several products and brands. Virtually all are available through our main product, eAcceleration Subscription Service. Our brands include:
  


Stop-Sign - anti-virus, spyware remover, popup blocker, spam blocker, firewall
Veloz - computer speedup service
Kon-X - dialup ISP and email
MegDat - which includes Online Backup
OOdlz/T4C - ad-free games (online and local)



• eAcceleration Subscription Service has a large subscriber base. Our subscribers have full and unlimited use of all the brands/products listed above. They also get real-time telephone and live chat technical support.
  


• eAcceleration has a high-quality AV/research team. We are in the process of submitting our anti-virus product to ICSA, VirusBulletin, and checkvir.com for certification. Our technical staff, from management on down, has been completely revamped and is highly capable and efficient.
  


• We have begun communications with PestPatrol, COAST, and other anti-spyware entities in an attempt to have open and honest dialog aimed at changing their reporting of our current applications.
  


• I am willing to make available any non-proprietary source code to review, including the source to our “Wren” download component that has been discussed so prolifically on this forum.

reply to novaflare
Welcome to the forum David

Give us an indication of the capabilities of your software and tech phone staff to handle the kinds of problems you see most often in forums like this.

»forum.gladiator-antivirus.com/in···orum=170

Is your staff actually researching methods to clean a customers PC as all these new exploits appear ?

What other steps do you take with a customer to secure their system besides your own software ?

What are your current strenghts as a company at this point as well as the weaknesses now that you are helping eAcceleration to turn the corner ?
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kidshttp://www.missingkids.com/

reply to novaflare
Hello david good to see a rep here we can work with. I dont know how much you can do about things like advertiseing. But i would love to see the current adverts toating free scan online now like wording dropped they arfe very missleading to the uninformed and semi informed. Most see this and thing house call online scan or pestpatrol online scan like. At this point eanthology download the entire program to your harddrive in a very silent manner. That need to go by by imo. Instead the installer needs a status bar at the very least. I would prefer a nice scrolling list box that shows what files are being copied and also stays open after installso that you can look back over it. Id also dich this upx packign meathod as that is often assocaited with trojans keyloggers etc (side note script kidddies muyst die they have ruined so many good utils like half of the remote admin utils).
The install also needs to be "nice" nice if your not familiar with the term refers to how a program uses the cpu a nice app releases enoguh cpu so that other apps can easly make use of it. The eanthology stub downloader and installer are far from that. Dureing my install i could barly move the mouse. My system seemed to freeze up for no reason i couldnt see the install status. people with less computer knowlage may/will think their computer has crashed. That is why i say the installer must have a status indicator of some sort. I already got calls about this not just with eanthology but other badly made installers. If you wish to keep some form of "online scan" make it just that a online scan useing the normal meathod with activex and the like. Also dont have those buttons link strait to a redirect/metarefresh install on another domain. I dotn care if you have 10 diffrent products they are all bundled in to one loose all but 1 or 2 domains. With all these domains you guys use it looks like your trying to hide your previous actions by useing another domain/company name. Id personaly keep veloz and stopsign domains. Use a simple page with a text stateing you are no being redirected to domainname.xyv (that being veloz or SS depending)

And again once you have done some of these things feel free to use the private message here or post on the forums and let me know ill be happy to beta test the new version.
--
new 3d chat comunity at »planetvirtuel.com my site »spellbound.valshea.com/news.php

reply to davidnason6
Welcome David,

Since the last eAcceleration rep we had here responded to reasonable suggestions with personal attacks, I certainly hope you are more professional. That said, I'd like to summarize my earlier points for your reply:

1. Most (if not all) of the legitimate anti-virus companies--including the vaunted Kaspersky--offer free, working trial versions that actually remove what they find. Fixing your own trial version to this standard would go a long way toward fixing your image. As I said before, your current trial version only puts you in the same category as those other anti-malware scams. This is not a good thing and IMO, your biggest problem, even ahead of your blacklisted downloader.

2. Make sure your uninstaller is complete. This will help but this alone will not rid you of your image. Then again, as Randy's pointed out, Norton's uninstaller is apparently worse than your own. Maybe you are ok on this.

3. Change that downloader of yours. If a user already has an A/V and is curious about trying yours, the last thing they want to see is an alert from their A/V that they're downloading a trojan!

Here's a link to my previous post if you wish to read it in full: »veloz scumware seen on comercial just now
--
TCPA - Treacherous Computing
Kerio 2.1.5 - Best damn firewall
Win98SE - Best all-round Windows OS for home use, period.

said by sivran:

---

Welcome David,

Since the last eAcceleration rep we had here responded to reasonable suggestions with personal attacks, I certainly hope you are more professional. That said, I'd like to summarize my earlier points for your reply:

1. Most (if not all) of the legitimate anti-virus companies--including the vaunted Kaspersky--offer free, working trial versions that actually remove what they find. Fixing your own trial version to this standard would go a long way toward fixing your image. As I said before, your current trial version only puts you in the same category as those other anti-malware scams. This is not a good thing and IMO, your biggest problem, even ahead of your blacklisted downloader.

---

reply to novaflare
My question is.....

Who gives a flying f**k about eanthology crap ware?

I mean, about making it a "good" product. It's crap. Always was and still is. Don't go there, rip it out, whatever. Who would pay for a "subscription" to a service that is beaten all ways from sunday, by free tools, available everywhere?

My customers will be warned against it, and it will be forcibly removed from any machine I work on. Not that anybody cares, but that's what I think;)
--
Kerry for President? Is this Saturday Night Live?

reply to IGGY
I saw a commercial for Stop Sign, I have satellite and I am in Canada. Stupid me downloaded it but I uninstalled it now. I am still having major problems though-I can't delete anything.

reply to Hickerx2

said by Hickerx2:

---

My question is.....

Who gives a flying f**k about eanthology crap ware?

I mean, about making it a "good" product. It's crap. Always was and still is. Don't go there, rip it out, whatever. Who would pay for a "subscription" to a service that is beaten all ways from sunday, by free tools, available everywhere?

My customers will be warned against it, and it will be forcibly removed from any machine I work on. Not that anybody cares, but that's what I think;)

---

reply to novaflare
This company has it's roots in marketing adware, not antivirus. They want to make bucks so they go where they can scam some.

I think I need to see a better background of solid security thinking not marketing, before I could even think about trusting it. READ the SEC reports folks.

Recommending it in my world or even acknowledging it is not a happening thing at all!
--
It takes a disaster to make a woman out of a female

Gladiator Security Forum


Proud Member of ASAP (Alliance of Security Analysis Professionals) »www.a-sap.org/