Return To Home Page Search Fire Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info Prognet Privacy Statement

Click here to view product details, fire framework, screen shots, Y2K statement, etc.Download fire evaluation copy, updates, upgrades, user manual, free utils and lot more.Customers can enjoy technical support, security tips, FAQ, free virus alert mail, etc. Online ordering, renewal form and upgrade details.Resellers, dealers and distributors can enter here.Click here to view latest virus alerts, virus information center, virus calendar, etc.Latest news and other press releases.About Prognet Technologies Pvt. Ltd, technical team, clients, events and lot more.

 

FunLove virus

Information about FunLove aka FLC virus:

                     This virus is a Win32 PE file virus infects EXE, SCR, OCX files under Win9x and WinNT 4.0 platforms. The infected files will increase by 4099 bytes. What is notable about this virus is that it uses a new strategy to attack the Windows NT file security system and it runs as a service on Windows NT systems.

                     When the virus is first run, it drops a file called FLCSS.EXE into the SYSTEM folder. Then it directly infects all EXE, SCR, and OCX files in the folders Program Files and WINDOWS/WINNT, including any sub folders. It infects network shared drives too.

                     Under Windows NT it modifies the files NTOSKRNL.EXE and NTLDR if the current user is logged in with administrator rights. The modified files will activated after the next system restart, allows all users full administrator rights to the system. So any low level user can access the network with administrator rights.

                     The NTOSKRNL.EXE and NTLDR patches are executed by a routine picked up from the Bolzano virus. In fact, more than fifty percent of the virus code shows similarities to the Bolzano virus. It is very likely that the author of these two viruses is the same person.

                     When executed under DOS, the file FLCSS.EXE displays the message "~Fun Loving Criminal~" and then tries to reset the machine in order to load Windows.

The virus does not infect files that begin with the following characters in their names: aler, amon, avp, avp3, avpm, f-pr, navw, scan, smss, ddhe, dpla and mpla. Fire detects and removes Win32/Funlove virus without problems.

Removing FunLove virus from your system:

                     Fire has incorporated Win32/FunLove into its virus signature file, with the aim of helping users affected by this Worm attack to detect and eliminate it from their systems. Fire anti-virus users can update this signature file from our web site. A free utility is available to detect and clean this virus in Download Center.

                      A free download of FireLite [ 1100KB ] version is available to detect all viruses including Win32/FunLove. If you find any other virus, use registered windows version of Fire to remove. To get the registered version of Fire call us at 044-28170440 or mail to service@fireav.com or purchase Fire online using

Go to top of the page
.