Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- April 2, 2002
- Updated:
- February 13, 2007 11:59:40 AM
- Type:
- Worm
- Systems Affected:
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
W32.Entangle.Worm is a mass-mailing worm that will send itself to all recipients in the Windows Address Book. It will also copy itself to the %system% directory.
NOTE: %System% is a variable. The worm locates the \Windows\System folder (by default this is C:\Windows\System or C:\Winnt\System32), and then copies itself to that location.
W32.Entangle.Worm will create and run the Visual Basic script %Temp%\send.vbs, which the worm will use to gather email addresses.
NOTE: %Temp% is a variable. The worm locates the default folder that Windows uses to store temporary files (by default this is C:\Windows\Temp on Windows 95/98/Me and C:\Documents and Settings\Administrator\Local Settings\Temp on Windows NT/2000/XP), and then copies itself to that location.
Antivirus Protection Dates
- Initial Rapid Release version April 3, 2002
- Latest Rapid Release version September 28, 2010 revision 054
- Initial Daily Certified version April 3, 2002
- Latest Daily Certified version September 28, 2010 revision 036
- Initial Weekly Certified release date April 3, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Douglas Knowles
