Skip over global navigation links

Funlove

Virus Alert - W32/FUNLOVE, FUNLOVE.4099 6/19/01 9:35am Updated 7/30/01 9:00am

This virus searches for vulnerable network folders (write access) to infect all Win32 type Portable Executable (PE) files such as .EXE, .SCR, and .OCX. It infects both Windows 9x and Windows NT 4.0. platforms. To infect NT system files, the virus patches the integrity checking. Some symptoms include:

  • Increased file size - 4099 bytes for Windows 9x, and 4099 bytes or more for Windows NT/2000.
  • "~Fun Loving Criminal~" message displayed.
  • FLCSS.EXE exists in the Windows system folder.
  • Unexpected disk and network activity (as the virus looks for new victims to infect).
  • Warning(s) that Certified Active X controls signature(s) no longer matches the file.

Detection requires MacAfee VirusScan or NetShield 4.5 or later, DAT file 4052 or later, and Scan Engine 4.0.70 or later. Previous versions are unprotected, even with current DAT files. If the virus is detected, please download and execute the following tools:

For WinNT/2000
For Win 9.x

See http://vil.nai.com/vil/content/v_10419.htm for more information on the FUNLOVE virus.

This archive is not intended to be comprehensive. For a more complete virus library, please visit NAI's Virus Information Library at http://vil.nai.com.

Up to Top

This page last reviewed: September 12, 2008