Welcome to the Virus Encyclopedia of Panda Security.
It logs keystrokes, and events and session properties in Internet Explorer in a file, and then it uploads it to a web server. It spreads via email.>
|First detected on:||May 12, 2005|
|Detection updated on:||March 6, 2006|
|Yes, using TruPrevent Technologies
Eyeveg.D is a worm with Trojan and backdoor characteristics that logs keystrokes entered by the user and events and session properties in Internet Explorer. Then, it uses a PHP script in order to upload the log file to the web server located at www. melaniecarroll. biz.
Eyeveg.D also connects to that same web address in order to download a file that contains remote control commands. On Windows XP computers, if it is unable to get a connection, it disables the built-in firewall.
Eyeveg.D spreads via email, in a message with an attached file that always has a ZIP extension.
Eyeveg.D is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.