CeePrompt! Computer Connection
Originally published November 11, 2002
E-card turns into unwelcome worm
I received a panicky e-mail from a friend, urging me not to open any
electronic greeting cards that appeared to come from her.She had received
notice of an e-card from a familiar source, as many of us do, and followed
the hyperlink to view this online greeting.
Media Inc. So far it looked like a routine plug-in installation that
frequently pops up for enhanced Internet browsing.
It even included an end-user licensing agreement that appeared legitimate. However, buried in this agreement was the following clause: "By downloading, installing, accessing or using the Friend Greetings, you authorize Permissioned Media to access your Microsoft Outlook Contacts list and to send a personalized e-mail message to persons on your contact list."
As most of us do, she skipped
the fine print, and before she could read the online greeting, 147
messages were sent from her own e-mail program to her contact list and
also to anyone in her in box as a return post. She never was able to
access the alleged e-card. It was all a ruse to perpetuate a mass-
Permissioned Media touts itself as "world's most effective online behavioral marketing network" and is installed with many popular programs downloaded from the Web -- almost always without the user's express permission.
The user does, however, tacitly agree to the spyware installation by failing to read thoroughly through the end-user licensing agreement. Who among us would readily agree to the following? "By downloading, installing or using PerMedia, you agree to receive advertisements from Permissioned Media's business partners and associates. The ads will be interstitials ('pop-up and pop-under ads'), e-mail messages and in other formats."
These bottom-feeders have stooped to new lows of finding ways to track your behavior on the Internet and report your browsing habits back to various vendors. Now you can't even view a greeting card online without fear of falling prey to some scumware product.
But it's all perfectly legal and not even a virus in the true sense. Symantec and McAfee have added FriendGreetings to their list of known offenders and characterize it as a worm, but its payload is simply intrusive, rather than damaging to your computer. Predictably, the FriendGreetings.com site has gone offline, like a sewer rat scurrying off to avoid the light of day.
Removal of the FriendGreetings software from your computer is relatively easy. The programs WinServ Reg and FriendGreetings actually appear in the list of Add/Remove Programs from the control panel. Both these programs need to be uninstalled as well as some additional files that were added to your system. Complete removal instructions can be found at the Symantec and McAfee sites.
I've been very happy with Lavasoft's freeware program Ad-Aware, which I run routinely to see what spyware products have stealthily been deposited on my system. Even after removing the FriendGreetings software from my friend's system, Ad-Aware still found 68 products snooping in the background.
I suggest we all read the fine print more carefully from now on. The sewer rats are prolific and determined to find a way into your pocketbook.
On the Net
Cathi Schuler owns a computer literacy training/consulting company, Cee Prompt! She is a co-author of computer textbooks and can be reached by e-mail at firstname.lastname@example.org or email@example.com or by mail c/o The Record, P.O. Box 900, Stockton, CA 95201. She is on the Internet at: http://www.ceeprompt.com. Click here for past archived columns.
Return to Article Index | Return to C:\> CeePrompt's Home Page