According to antivirus vendor F-Secure, the FunLove virus infects Windows portable executable (PE) files on local and network drives. When an infected file is run, the virus creates FLCSS.EXE in C:\Windows\System. The FunLove virus scans all local and network drives, searching for and infecting PE files with .EXE, .OCX, or .SCR extensions. FunLove will not infect files that have any of the following four letters at the beginning of their filename: ALER, AMON, _AVP, AVP3, AVPM, F-PR, NAVW, SCAN, SMSS, DDHE, DPLA, or MPLA. On Windows NT 4.0, the virus patches the NTLDR and WINNT\System32\ntoskrnl.exe files granting all users unrestricted file access. These files are not recoverable and should be restored from a clean backup or the original Service Pack.

"FunLove is like a bad penny - two years after it first turned up it's still refusing to go away," said Graham Cluley, senior technology consultant at Sophos Anti-Virus. "This infection puts the Powerpuff Girls in good company - other FunLove victims have included companies such as Microsoft and Dell. There's no excuse for this infection, FunLove is easy to detect and patch against."

Graham also points out that certain security measures should be taken when entrusting third-party compilers to produce media for distribution. "I think this incident highlights how careful you need to be if you hire a third party to produce your CDs/DVDs/floppies. They need to be as squeaky clean as you are on the virus front - or they could be damaging your company's name." He offers sound advice to curtail the risk of infectious media, "One sensible course of action would be to do a cryptographical checksum on the contents of the CD/DVD/whatever before you send it to the duplication plant.. and then check that against what begins to come out."

It also bears noting that FunLove was discovered in November 1999 and antivirus vendors promptly added detection for it at that time. Even the most cursory inspection with antivirus software would have detected the virus and one would hope that anyone distributing DVDs, CDs, or any other media capable of running on a computer would take the extra few moments to do this.