home

eyesrv.exe

Alchemy Eye

Sergey Sushko

It runs as a separate (within the context of its own process) windows Service named “Alchemy Eye”.
Publisher:
Alchemy Lab  (signed by Sergey Sushko)

Product:
Alchemy Eye

Version:
10, 7, 6, 0

MD5:
51808b6a27e69c22319255dcbda02fad

SHA-1:
30a2147678934f93587c262ae11cb39824a34f17

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 11:06:55 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.ASPack
0.98/17411

Comodo Security
Heur.Suspicious
7856

Quick Heal
(Suspicious) - DNAScan
1.17.11.00

File size:
587.1 KB (601,232 bytes)

Product version:
10, 7, 6, 0

Copyright:
Copyright (C) Alchemy Lab, 1999-2010

Original file name:
KHW.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\alchemy eye\eyesrv.exe

Digital Signature
Signed by:
Sergey Sushko

Authority:
The USERTRUST Network

Valid from:
8/27/2009 7:00:00 AM

Valid to:
8/28/2010 6:59:59 AM

Subject:
CN=Sergey Sushko, O=Sergey Sushko, STREET=Vernadskogo 93-1-85, L=Moscow, S=MO, PostalCode=119526, C=RU

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
17AC2748B458B5782943ED1A32C313E2

File PE Metadata
Compilation timestamp:
4/30/2010 3:14:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1000

Entry point:
68, 01, 70, 5A, 00, E8, 01, 00, 00, 00, C3, C3, 72, 07, 02, 70, 67, 22, C1, 63, 41, B6, 5A, C1, 63, 60, B6, 4A, 0D, B1, 61, 56, 03, 25, 45, 08, BC, E7, 09, 14, A8, 2D, 2E, 74, 5B, 36, 22, E9, AB, 23, 5B, 40, 59, 2C, 26, D9, C9, C3, 9B, 4B, 75, 9D, C7, 70, 7B, DE, 86, F5, B7, 4C, A9, BB, 4D, DE, 9D, DB, 1A, 8B, 64, 34, D4, 15, 3B, 7B, 11, 97, 76, 6E, D9, 72, C1, EC, BD, BC, 1E, 72, DE, CB, DD, 99, A7, 14, 8D, 9F, 3E, 73, E4, 27, B9, 26, B4, 87, 5B, 5A, E5, EF, 7B, 97, 1D, FC, F6, E6, FE, 32, 25, FC, 22, 5D...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
1.2 MB (1,232,896 bytes)

Service
Display name:
Alchemy Eye

Service name:
eye

Type:
Win32OwnProcess


Scan eyesrv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.