Funlove 4099

Howdy, all,

The Symantec anti-virus on my work laptop keeps giving warnings about files infected with funlove (funluv?) 4099.  It cleans the file (90% of the time they're ones that I've written in vb.net, but I also got them for files in system restore).  However, when I run Symantec on boot, it says the system's clean....and pop up another "Virus found and cleaned" warning a half hour later.

We've run every anti-funlove program we can find, and they all say there's nothing there.

I was told once that it was because some of my programs mimic some of the processes that funlove uses, but I've written vastly different ones that aren't anything like each other, yet Symantec still says they're infected.  When it cleans them, tho, it renders them useless and they have to be recompiled.

Anybody have any ideas on what the @#$# is going on?

Thanks.
bdzotAsked:
Who is Participating?
 
SheharyaarSaahilConnect With a Mentor Commented:
Hello bdzot =)

U must be running System Restore,,,, and this virus can be hiding itslef in those Restore points =|

Disable ur system Restore, boot into safemode, and run the AntiVirus Scan again with norton, and if u want u can Run Stinger in Safemode also ==> http://vil.nai.com/vil/stinger

Check if they come with anything now,,,, if YES then delete the files there,,, if NO then System has been cleaned, reboot back in Normal Mode and Enable System Restore again :)

!! GOOD LUCK !!
0
 
bdzotAuthor Commented:
Sorry, should have give some specifics......the laptop is a Micron running XP Pro.  The written files are using Microsoft Visual Suite.
0
 
bdzotAuthor Commented:
Ok, turned off System Restore and ran Stinger, running Symantec now.   I have a lot of files for it to scan, so I'll let you know how it worked tonight or tomorrow.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
SheharyaarSaahilCommented:
no problem, but make sure u run them in Safemode :)
0
 
bdzotAuthor Commented:
Yep, yep.....in Safe Mode.  :)
0
 
SheharyaarSaahilCommented:
^_^
0
 
Jeff RodgersNetworks & Communications Systems ManagerCommented:
1. Turn off system restore. Delete all of the items in quarantine.

Depending on which version of Symantec you are running you may need to manually clear out the quarantine folder. There was a known issue with a few older versions of symantec.  The issue resulted in the virus detecting viruses in the quarantine bin even after they had been deleted.  They would show up in the Symantec

Browse to C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine and delete the contents.

I would then manually exclude the files that you are working on which so closely resemble Funlove.  This can be done by adjusting the Scan Options in the Antivirus program to exclude certain files, folders, extensions etc.
0
 
bdzotAuthor Commented:
Seemed to work so far.....thanks!
0
 
SheharyaarSaahilCommented:
^_^
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.