Burglar.1150.A

Burglar.1150 is an encrypted memory-resident virus which only infects .EXE files that do not contain a V or an S in the file name. Besides infecting files when they are accessed or executed, Burglar will look for files to infect whenever a file attribute change function is performed on a file (such as those done with ATTRIB), and whenever a get free disk space function (called during the DIR command, among others) is used. Due to the virus’s stealthing routines, the file size increase caused by virus infection is not visible while the virus is active in memory.

Protection

• Initial Rapid Release version December 19, 2000
• Latest Rapid Release version July 12, 2008 revision 018
• Initial Daily Certified version December 19, 2000
• Latest Daily Certified version July 12, 2008 revision 019
• Initial Weekly Certified release date pending

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: 0 - 49
• Number of Sites: 0 - 2
• Geographical Distribution: Low
• Threat Containment: Easy
• Removal: Easy

Damage

• Damage Level: Low

Distribution

• Distribution Level: Low