"AC66F[1].EXE"

Fraudulent Security Program

Free PC Cleanup from Webroot

Use Webroot SecureAnywhere to remove AC66F[1].EXE.

"Just when you thought it couldn't get any better or faster. The Webroot scanning engine is 'high octane' with a hidden nitrous oxide system. Bravo!!!" W. Lodzinski, SecureAnywhere User

Get Free PC Cleanup

Associated Malware Groups

The filename is associated with the malware group:

Fraudulent Security Program

File Behavior

AC66F[1].EXE has been seen to perform the following behavior:

Writes to another Process's Virtual Memory (Process Hijacking)
Modifies the Windows Host File which could be used to stop you visiting specific web sites by redirecting you to alternative addresses without you knowing
Ability to execute files automatically on your PC
Enables a COM Object/Server on the Local Machine
Can communicate with other computer systems using HTTP protocols
Adds products to the system registry
Adds a Registry Key (RUN) to auto start Programs on system start up
Executes a Process
Registers a Dynamic Link Library File
Creates new folders on the system
This Process Deletes Other Processes From Disk
This process creates other processes on disk
Creates or uses a background service to access the Internet using HTTP protocols
Injects code into other processes
Performs DNS look ups to resolve URL IP addresses

AC66F[1].EXE has been the subject of the following behavior:

Added as a Registry auto start to load Program on Boot up
Created as a process on disk
Executed as a Process
Has code inserted into its Virtual Memory space by other programs
Enabled as a COM Object/Server on the Local Machine
Terminated as a Process
Registered as a Dynamic Link Library File
Deleted as a process from disk

Country Of Origin

The filename AC66F[1].EXE was first seen on Sep 1 2010 in the following geographical regions of the Webroot community:

The United States on Sep 1 2010
Belgium on Sep 1 2010

File Name Aliases

AC66F[1].EXE can also use the following file names:

MS46AB_231.EXE
MS1CCD_302.EXE
D9BB9[1].EXE
MSC60F_284.EXE
MS1A52_152.EXE
MSBA61_2129.EXE
MS6D73_302.EXE
MYSECURITYSHIELD.EXE
MS2A6B_2112.EXE
MS36E7_302.EXE
MS5D71_2159.EXE
MSEDAE_302.EXE
MSC42A_231.EXE
MS647C_2029.EXE
MSEF92_302.EXE
MS466F_2029.EXE
MS91A4_2124.EXE
MSDCD2_289.EXE
MS15E9_289.EXE
MSA478_302.EXE
MS35CE_2166.EXE
MS737D_2124.EXE
MS5DE0_302.EXE
MSC2E0_302.EXE
MSE89B_302.EXE
MS3C91_2129.EXE
MS78A0_231.EXE
MSDA39_2164.EXE
MSC42A_302.EXE
MSB3C7_2121.EXE
MSDE1F_231.EXE
XP_9DFC3.EXE
MS848D_302.EXE
MSE39C_302.EXE
MS4B32_2164.EXE
MS9C71_302.EXE
MS9EC9_2140.EXE
MS3C2E_2112.EXE
MSA3ED_314.EXE
MSE04A_2040.EXE
MS33A0_2140.EXE
D6526[1].EXE
F7F07[1].EXE
C0075[1].EXE
MS4744_302.EXE
MS9203_302.EXE
MS6554_302.EXE
MS9871_302.EXE
MS2605_2121.EXE
MS0384_302.EXE
MS0508_302.EXE
MS8277_2164.EXE
MS4012_2124.EXE
MS3299_287.EXE
MS7599_302.EXE

Filesizes

This file has been seen with the following file size:

3,760,128 bytes

File Type

The filename AC66F[1].EXE refers to an executable program.

Help the Webroot Community to fight cyber crime

We are always looking for ways to improve the quality and speed of research to help us protect you from malicious software and cyber crime.

The filename referred to in this report is often associated with PC infections. If you have a program of this name on your PC and would like to help our research please tell us what you know in the form below:

I have this file on my PC and believe it is an infection
I have this file on my PC and think it has made my PC slower
My firewall asked if I wanted to let this file have access to the Internet
My PC will not work since I noticed this file on it
My antivirus detected this file but won't remove it
I know what this file is and believe it is a Safe program
I am the author of this file and would like to discuss how to have it reclassified as safe

Further Comments or information you'd like to share: (optional)

Your email address if you would like us to contact you about this file and any concerns you may have: (optional)

Virus, Spyware & Malware Center »