John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England
|  StopSign - WARNING! - Eanthology
I. and at least one other fellow poster, have received the following IM.
"Hi Jonh2g. I am ******* or Jason, whichever you perfer. At this point I am going to speak and remove all doubt, so just a pre warning.
Also, all personal opinions are in quotes.
I will be frank, I consult for Eacceleration. I understand if that is enough to stop your response.
Since, we are going more public, someone finally decided that we should address this board.
"A little to late in my opinion."
So, this is where my job gets hairy. I am just feeling the waters with some of the posters I feel will actually listen to me for 3 secs. So, if you want to hear any more, then just please repond here.
Otherwise, I hope this doesn't hurt your opinion of me.
Cheers,"
My fellow poster responded and was offered the chance to try StopSign without charge.
PLEASE READ THIS LINK. This is what it can do.
»www.pestpatrol.com/PestInfo/S/StopSign.asp
I find it hard to comprehend that any company can stoop to such underhand tactics, i.e. silently installing exe's, trying to un-install SpyBot and Ad-aware etc. etc. All in all, I think their behaviour is quite appalling.
[text was edited by author 2003-09-27 09:05:27] |
|
hpguru
Curb Your Dogma
Premium
join:2002-04-12
|  Re: StopSign - WARNING!!! Please Read
Well "Jason" or "Jerkweed" (whichever he prefers) just got free "hosting" for his efforts. I will update the hosts file later today. I also added a bunch of spammers sites last night too.
--
Blue mountains after rainfall - much bluer. |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| reply to John2g
eanthology...again 
History
»eanthology
»Virus/Trojan Help Needed
I'm glad to see that Pest Patrol write up. We can now see that eanthology will offer to remove and disable your installed security software and take over your system.
A quick google search reveals that it is still getting on people's PCs without their knowledge or consent
A fairly recent thread from some unwilling users
»www.newbie.org/help/messages/6489.html
A search for eanthology at the SpywareInfo forum returns a whole bunch more:
»forums.spywareinfo.com/index.php
Edit: fixed broken link
--
It takes a disaster to make a woman out of a female
Gladiator Security Forum
[text was edited by author 2003-09-27 10:38:13] |
|
dp
Go Steelers
Premium,MVM
join:2000-12-08
Greensburg, PA
 ·Verizon Online DSL
| reply to hpguru
said by hpguru  :
Well "Jason" or "Jerkweed" (whichever he prefers) just got free "hosting" for his efforts. I will update the hosts file later today. I also added a bunch of spammers sites last night too.
Kudos hpguru, thanks for providing the 'free hosting' for them. That is pretty low, you see and hear things all the time but some just eat at you more than others and this is one of those. Thanks to John for getting this out in the open.
--
Write your questions down on the back of a $20 dollar bill and send them to me |
|
Randy Bell
Premium
join:2002-02-24
Santa Clara, CA
| said by dp :
Kudos hpguru, thanks for providing the 'free hosting' for them. That is pretty low, you see and hear things all the time but some just eat at you more than others and this is one of those. Thanks to John for getting this out in the open.
I wasn't part of the original marathon eanthology thread; John2g I'm sorry you were harassed & bothered by this IM here at dslreports. Perhaps as the eanthology site gets in more "hostfiles" and "spyware warnings lists", they will get the message that people find them intrusive and spyware. It's too bad; when I saw the initiial eanthology thread here at dslr, I never wanted to go near the eanthology site. I'm offering my support, for what it's worth, kudos to hpguru for helping out in this way.  |
|
Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
|  reply to John2g
Re: StopSign - WARNING! - Eanthology
SPOTLIGHTS
eAcceleration Corp
Mike Walton
1050 NE Hostmark St Suite 100BPoulsbo, WA 98370(360) 779-6301mikew@eacceleration.comeAcceleration has been developingand distributing innovative softwarefor over 15 years. It was the leadingsupplier of SCSI hard disk manage-ment software. eAcceleration contin-ued its innovations in computingperformance enhancement productswith d-Time - the world’s first CD-ROM accelerator - and Webcelerator,which has been installed in over10,000,000 computers worldwide.eAcceleration’s latest development isStop-Sign(TM) Business Alarm Servicesoftware, the first of a suite of com-puter security products specificallydesigned for small business computing- a level of protection that, until now,was available only to major corpora-tions. For more information contact Janet Leach (janetl@eacceleration.com)or Mark R. Peterson (markp@eacceleration.com)
*************************************
This is their current new product to bundle...
OOdlz
eAcceleration Corp.
1050 NE Hostmark St, Suite 100B
Poulsbo, WA 98370
Fax: (360) 598-2450
Pest Name: Oodlz
Category: Adware.
Software that brings targeted ads to your computer, after you provide initial consent for this task. Some Adware may hijack the ads of other companies, replacing them with its own. Adware typically will track your browsing habits and report this info to a central ad server.
Description: A game bundled with Adware.
Release Date: 1/1/2003 (estimated)
Author: Acceleration Software International
OOdlz Free Game Downloads Kanoodle. ... So many games and no ads. OOdlz
also includes virus scanner, popup blocker, spam blocker, free email and more.
********************************************
--
Numbers 32:23* Gladiator Security Forum »www.gladiator-antivirus.com/ |
|
Sparrow
Crystal Sky
Premium
join:2002-12-03
Sachakhand
| Google brings up 10 pages...
I am still speechless after reading all the old posts provided by CJ above...
--
oO^..^Oo |
|
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
 ·AT&T U-Verse
|  Here's one I find ironic (from Google Groups mirror of
alt.privacy.spyware). Most of these ads are for programs
that are questionable spyware removal tools at best or at
worst are spyware themselves:
--
"Kayura or Badamon, whichever you are, you should know that I will never give up this battle. By the will of the Ancient, I shall succeed!" - Shuten (Anubis) from the Ronin Warriors. |
|
sig
Premium
join:2001-05-05
| reply to John2g
Does eanthology still say Stop Sign uses Dr. Web's engine and sig defs? I wonder if the Dr. Web folks know that their otherwise reputable product is associated with such conduct? Has anyone contacted Dr. Web to see what they think about it, since eanthology's practices are antithetical to those of any reputable security product/developer?
JD's Proxo config/lists blocks eanthology's url as I discovered when I tried to go to their site and see.  And I'm not particularly inclined to bypass that blocklist at the moment to see what the eanthology people are up to now.
I'm reminded of was it SurferBar? that was included in the sig defs of some AV's and AT's recently as an exploit and security risk. Given the potential harmful impact on one's system once an infestation occurs and how apparently difficult it can be to remove, perhaps it's time some other security products looked into this phenomenon. That would be interesting. |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| @ Crystal Sky If you do your Google search under the following you will find much more threads in forums from people needing help because this thing got on their computer and has caused problems for them. Try searching under:
1. eanthology
2. Stop sign
........................
@sig I was wondering when you would show up
Their homepage is in my Restricted Sites thanks to IESPYAD, but I can still visit it.
There is a link to another page in big red letters on the home page that is titled: THE TRUTH ABOUT STOP SIGN! Here is a sample. You will be shocked, I'm sure:
quote:
The Truth About Stop-Sign
On this page you'll find information on...
[Note: These are the sections on that page]
Spyware
Attackware
Software Compatibility
Uninstalling eanthology
Anti-Virus Engine
Customer Service
Spyware
The Spyware section says
Some people in the software industry have labeled Stop-Sign as "spyware". It sounds like a damning accusation until you ask, "What's spyware?"
Some software developers have defined spyware as "...software that employs a user's Internet connection in the background without asking for permission." Stop-Sign does automatically contact our servers whenever you perform an anti-virus scan while connected to the Internet, downloading new virus definitions and software updates. We feel that the phenomenal rate with which new viruses and threats are introduced - often as many as 20 per day - warrants getting updates to you as soon as possible. If the definition of spyware includes protecting our customers in this manner, then we freely admit to it.
Currently there is no industry-wide standard for the definition of spyware. Unfortunately, the companies defining spyware are the same companies producing anti-spyware software, companies driven by market pressures, often marginally funded and under-staffed in a fiercely competitive industry. Once one of them has mistakenly identified a legitimate product as spyware, all must follow suit or risk appearing ineffective to the public. For the same reason, they're slow to correct their mistakes.
According to the U.S. Department of Energy's CIAC (Computer Incident Advisory Capability), spyware accesses "...your browser history file to get a list of all pages you have visited, your favorites list to get a list of all links you saved, your Temporary Internet file to get more pages you have visited, and your cookies file to get a list of what other companies you visit." Stop-Sign does none of this!
For futher information, see our privacy policy.
Attackware
Anti-spyware programs may aggressively attack legitimate software that you have purchased and installed. Attackware attempts to delete files and cripple anti-virus programs. Any program that deliberately targets Stop-Sign is attackware. We have tried to work with the vendors of such attackware. We've asked them to review our software and re-evaluate their position. Unfortunately, many of these software manufacturers are in direct competition with Stop-Sign.
As a result, we've taken action to defend our customers who have paid good money for a useful product. We offer the option of removing attackware whenever it's present on a customer's computer. It's always your choice.
Software Compatibility
Stop-Sign Threat Scanner is compatible with all major anti-virus scanners including those made by Symantec, McAfee, F-Secure, Trend Micro, and Kaspersky Lab. To our knowledge, Stop-Sign is the only anti-virus scanner that can honestly make this claim. You can run any other anti-virus scanner and Stop-Sign simultaneously without risk. In fact, running two scanners simultaneously only increases your depth of coverage against the wildly increasing number of viruses found in email, web pages, and shared files.
Stop-Sign Email Sensor isn't compatible with some programs such as Norton and PC-cillin email anti-virus programs. The same is true of some personal firewalls. You can either use Stop-Sign or these incompatible products but not both. Again, it's your choice.
For further information, see our software compatibility page.
See John2g 's initial post and the link to the Pest Patrol Overview of the program. You will see that they label Adaware & Spybot as *attackware* and promptly offer to remove it with a popup. They also do the same to disable Norton and PC-Cillan
The Antivirus Engine section has this:
quote:
Anti-Virus Engine
Stop-Sign uses Dr.Web's anti-virus engine for its core functionality. Dr.Web has consistently received Virus Bulletin's prestigious 100% award for detecting all of the viruses found in the wild with no mistaken identities. On this rock-solid foundation we've added automatic cures and updates, Email Sensor, Spam Blocker, Popup Blocker, and OOdlz of free games. We've also added personal support in an industry that "…no longer seems to really care about the individual".
I love the bit about Software compatibility In one paragraph it says compatible with Symantec products....in the next - says it is isn't.
And, Oh, yeah....see what Pest Patrol's Overview says it does to firewalls, or a machine with one installed.
--
It takes a disaster to make a woman out of a female
Gladiator Security Forum |
|
sig
Premium
join:2001-05-05
| Thanks CJ, that's very interesting. Clearly their targeted market is one that consists of those not well informed about security/privacy issues if they're trying to sell that doublespeak to potential customers.
Given that this info is provided by a company whose rep previously tried to suggest that a user having lax security browser settings was tantamount to "informed consent" and thus an invitation and approval for them to surreptitiously download their "security" product, I'm not really surprised.
I also wouldn't be surprised if KAV might pick it up as something untoward since they appear to take the "kitchen sink" approach to PC security. If KAV did so, would eanthology label it "attackware" too? What an interesting scenario that would be.
I must say, kudos to PestPatrol for that write up. And to John for the notice. |
|
rustydog999
join:2002-06-17
the internet
| reply to John2g
This explains a problem I am having with a computer at work.
Its my bosses computer he is on a dial up. Stop sign was loaded in this computer somehow. I thought I had removed it but guess not. I put norton av on the computer and it scaned clean I begged him to get a firewall but he still thinks dial up accounts dont need them. I thought norton was catching everything but the computer wants to keep dialing out at odd times and on a reboot. Anyway I though it was just Norton looking for updates.
Ok today I nuked the harddrive lowlevel formated it and reinstalled everything except Stop Sign. Guess what it no longer wants to keep dialing out.
--
SRS Satmax 5 990 on a dual processor Athlon RSL 78 -82 |
|
sig
Premium
join:2001-05-05
| reply to John2g
Oh and actually while Dr. Web is regarded as a good AV, due to its heuristics it's also noted for false positives. Not a problem perhaps when used by knowledgeable people who can tell when it's a false positive, but it could be a PC disaster waiting to happen in the hands of novice users.
And clearly StopSign's target market is not geared to security geeks but to those whose technical security skills and knowledge don't allow them to detect bleep from shinola. |
|
sig
Premium
join:2001-05-05
| reply to rustydog999
Don't know how your boss got StopSign, but previously it was installing itself unbidden using ActiveX when a user's browser settings were lax enough to allow download on demand and allowed ActiveX to download and run without restrictions. eanthology previously said that they were ending that practice, but as CJ noted there are still reports that people do find it on their PC's without ever being presented with a prompt to disallow download.
Now he also may have clicked on an advert banner or popup, been taken to their site and helped himself to a "free" AV scan that resulted in the download. I don't know if they still have that set up but they did before. So those are at least two ways to get that on one's PC.
And if MSBlaster demonstrated anything, it definitely proved that PC's on dialups are not exempt from internet borne malware and users should use some sort of firewall if they have open ports on the internet. |
|
Sparrow
Crystal Sky
Premium
join:2002-12-03
Sachakhand
| reply to John2g
I spent hours reading the old threads on this nuisance posted by Janie (yes, CJ, I read EVERYTHING! , and following links from here to there concerning eanthology's practices. Although I am "adventurous," and have sufficient protection, I will not go near their site. I had similar problems with BackWeb, but nothing as underhanded or severe as this.
It is in moments like this that I understand the need to get another pc.
--
oO^..^Oo |
|
Randy Bell
Premium
join:2002-02-24
Santa Clara, CA
| reply to sig
said by sig :
I also wouldn't be surprised if KAV might pick it up as something untoward since they appear to take the "kitchen sink" approach to PC security. If KAV did so, would eanthology label it "attackware" too? What an interesting scenario that would be.
Yes that would be interesting if they listed a world-class AV like KAV in their "attackware" section. I bet KAV already detects eanthology; to test, it would require someone, a guinea pig, who runs KAV resident {the RTM} and visits the site. I only run KAV on-demand, not resident, so I can't do the test; and I don't want eanthology on my box; the PestPatrol's cleaning instuctions look worse than those in a Symantec writeup for cleaning a virus or worm! Last, Sig, along the same lines .. NAV 2004 is now including spyware and expanded threats .. wouldn't it be nice to have eanthology or Stop Sign detected by NAV? Lovely thought, and if they dared to add the world's topselling AV to their "attackware" list .. ?? Oh well, I suppose we can't put anything past them, they've already included Ad-Aware and SpyBot S&D .. {sigh} .. LOL. EDIT: I don't know of any way to do it, but if anyone has a submittable sample of Stop Sign, or some telltale file by which this thing could be detected .. something I could submit to SARC for detection .. I would be happy to try, just IM me .. LOL.
[text was edited by author 2003-09-28 10:27:53] |
|
John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England
| said by Randy Bell :
the PestPatrol's cleaning instuctions look worse than those in a Symantec writeup for cleaning a virus or worm!
You hit the nail on the head there Randy. It was after reading the removal instructions on the Pest Patrol site, that I decided to alert people to the danger and why I suggested people read that write up.
--
Better to remain silent and be thought a fool, than to speak and remove all doubt. |
|
Sparrow
Crystal Sky
Premium
join:2002-12-03
Sachakhand
| said by John2g :
said by Randy Bell :
the PestPatrol's cleaning instuctions look worse than those in a Symantec writeup for cleaning a virus or worm!
You hit the nail on the head there Randy. It was after reading the removal instructions on the Pest Patrol site, that I decided to alert people to the danger and why I suggested people read that write up.
And the reason I refuse to go any closer to their site, than posted in this thread and the others.
--
oO^..^Oo |
|
John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England
| said by Sparrow :
And the reason I refuse to go any closer to their site, than posted in this thread and the others.
You are making a mistake then, in my view. Only by reading the write-up at PestPatrol (which can't do anyone any harm) can you appreciate the dangers of StopSign.
--
Better to remain silent and be thought a fool, than to speak and remove all doubt. |
|
Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
| reply to John2g
Uninstall / Reinstall eanthology
eanthology Online Membership Services consists of a number of interrelated programs or features including Stop-Sign Personal Alarm Service and OOdlz Ad-Free Games Service. You can install or uninstall some or all features at any time by following a simple procedure.
»www.eanthology.com/support/eanth···r=online
--
Gladiator Security Forum »www.gladiator-antivirus.com/ |
|
