DeadEye
DeadEye (Dead Eye) is a potentially unwanted rogue software application which acts as a utility to increase computer performance. DeadEye will run if a presence of Java Runtime Environment is present on compromised computer, if not, it will attempt to download a corrupt (JRE.EXE) file from its own server. Dead Eye may pose a security threat to PC safety and should be terminated once detected. Use a reliable malware remover to detect and remove DeadEye from your PC.
File System Modifications
- The following files were created in the system:
# File Name 1 %\Adobe\Brick\jre.exe 2 %CommonProgramFiles 3 %CommonProgramFiles%\Adobe\Brick\A.log 4 %CommonProgramFiles%\Adobe\Brick\cp.cmd 5 %CommonProgramFiles%\Adobe\Brick\open.exe 6 %CommonProgramFiles%\Adobe\Brick\service.log 7 %CommonProgramFiles%\Adobe\Brick\set.cmd 8 %CommonProgramFiles%\Adobe\Brick\svcagent.exe 9 %CommonProgramFiles%\Adobe\Brick\ver.cmd 10 %CommonProgramFiles%\Adobe\Brick\x.jar 11 %CommonProgramFiles%\Java\Update\autorun.inf 12 %CommonProgramFiles%\Java\Update\cp.cmd 13 %CommonProgramFiles%\Java\Update\jre.exe 14 %CommonProgramFiles%\Java\Update\multiply.exe 15 %CommonProgramFiles%\Java\Update\open.exe 16 %CommonProgramFiles%\Java\Update\set.cmd 17 %CommonProgramFiles%\Java\Update\ver.cmd 18 %CommonProgramFiles%\Java\Update\x.cmd 19 %CommonProgramFiles%”\Adobe\Brick\autorun.inf 20 %CommonProgramFiles%”\Adobe\Brick\x.cmd 21 %ProgramFiles%\Adobe\Brick\jre.exe 22 %ProgramFiles%\Adobe\Brick\svchost.exe 23 %SystemDir%\jre.exe 24 %SystemDir%\jreew.exe 25 %SystemDir%\multiply.exe 26 %SystemDir%\svcagent.exe 27 %SystemDir%\xs 28 %SystemDir%\xseed.exe 29 %UserProfile%\Desktop\autorun.inf 30 %UserProfile%\Desktop\cp.cmd 31 %UserProfile%\Desktop\install-jre.exe 32 %UserProfile%\Desktop\jreew.exe 33 %UserProfile%\Desktop\multiply.exe 34 %UserProfile%\Desktop\open.exe 35 %UserProfile%\Desktop\pulist.exe 36 %UserProfile%\Desktop\reg.exe 37 %UserProfile%\Desktop\sc.exe 38 %UserProfile%\Desktop\set.cmd 39 %UserProfile%\Desktop\svcagent.exe 40 %UserProfile%\Desktop\taskkill.exe 41 %UserProfile%\Desktop\tasklist.exe 42 %UserProfile%\Desktop\ver.cmd 43 %UserProfile%\Desktop\x.cmd 44 %UserProfile%\Start Menu\Programs\Startup\j.exe 45 %WinDir%\jreew.exe 46 %WinDir%\Tasks\At1.job 47 %WinDir%\Tasks\At2.job 48 %WinDir%\Tasks\At3.job
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_USERS\S-1-5-21-1004336348-1326574676-839522115-1003\Software\JavaSoftHKEY_USERS\S-1-5-21-1004336348-1326574676-839522115-1003\Software\JavaSoft\Java2DHKEY_USERS\S-1-5-21-1004336348-1326574676-839522115-1003\Software\JavaSoft\Java2D\1.6.0_06HKEY_USERS\S-1-5-21-1004336348-1326574676-839522115-1003\Software\JavaSoft\Java2D\1.6.0_06\DriversHKEY_USERS\S-1-5-21-1004336348-1326574676-839522115-1003\Software\JavaSoft\Java2D\1.6.0_06\Drivers\.DISPLAY1 VMware SVGA IIHKEY_USERS\S-1-5-21-1004336348-1326574676-839522115-1003\Software\JavaSoft\Java2D\1.6.0_06\Drivers\.DISPLAY1 VMware SVGA II\32HKEY_USERS\S-1-5-21-1004336348-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RunHKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\svcagentHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\svcagent\EnumHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\svcagent\SecurityXseed = "xseed.exe" Multiply= "%CommonProgramFiles%\Java\Update\multiply.exe"Xseed = "xseed.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.