The latest in the new trend of "viruses that aren't really viruses because they ask permission first." Like Bonzi Buddy, HotBar, Brilliant Digital, and Gator, FriendGreetings.com arrives without you asking for it, in this case disguised as an email message. Like other malicious programs, it tries to run automatically if you're unfortunate enough to be running Microsoft Outlook. The message itself is HTML, and includes code that triggers the auto-install function of Internet Explorer.

Microsoft made a half hearted attempt to keep this kind of crap from happening by throwing up a warning message, but so many pretty sites have conditioned the average clueless luser to automatically grant access to anything that looks remotely acceptable.

Upon running, it throws up a EULA. The EULA spells out exactly what it is about to do, which is install a bunch of spyware on your Windows computer and then email itself to everyone in your contacts list. Basically, it does everything the average Outlook security exploit based worm/virus does, except it makes you agree to a license agreement.

Ironically, the EULA is used by Symantec and Network Associates as an excuse to not classify it as a virus. It looks like a virus, acts like a virus, and the EULA it displays all but calls itself a virus, but because it says it is, it isn't.

Note to self: when writing indestructable, malicious virus, include a license agreement.


I personally believe that Symantec and Network Associates are taking great pains to keep themselves from writing a program that detects new viruses and kills them on sight to keep themselves in business. I believe this debacle proves it.

Log in or register to write something here or to contact authors.