home

acengine.exe

acengine.exe

Abengine

The application acengine.exe has been detected as a potentially unwanted program by 14 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “acengine”. This file is typically installed with the program FastSearch. While running, it connects to the Internet address edge-star-shv-01-mxp1.facebook.com on port 80 using the HTTP protocol.
Publisher:
Abengine

Product:
acengine.exe

Version:
2.3.6.0

MD5:
957bf0cc608d277a94ce83f0d21a0bb0

SHA-1:
186ecb6855d797528f60ae8a94a518a2d9e6431a

SHA-256:
731b32e87203f9e02ad51abf5a72fd8310f4e5c12c71f30d7d51437602ebcae1

Scanner detections:
14 / 68

Status:
Potentially unwanted

Analysis date:
11/2/2024 11:33:16 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Superfish.E
507

Agnitum Outpost
Riskware.Komodia
7.1.1

Avira AntiVirus
ADWARE/Komodia.1839728
8.3.2.2

Arcabit
Adware.Superfish.E
1.0.0.527

Bitdefender
Adware.Superfish.E
1.0.20.1290

Dr.Web
Adware.Superfish.236
9.0.1.05190

Emsisoft Anti-Malware
Adware.Superfish
8.15.09.15.05

ESET NOD32
Win32/Packed.Komodia.A suspicious application
6.3.12010.0

F-Secure
Adware.Superfish.E
11.2015-15-09_3

G Data
Adware.Superfish
15.9.25

K7 AntiVirus
Trojan
13.210.17211

Malwarebytes
PUP.Optional.ABengine
v2015.09.15.05

MicroWorld eScan
Adware.Superfish.E
16.0.0.774

nProtect
Adware.Superfish.E
15.09.14.01

File size:
1.8 MB (1,839,728 bytes)

Product version:
2.3.6.0

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\fastsearch\acengine.exe

File PE Metadata
Compilation timestamp:
8/11/2015 11:48:14 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
49152:1dQ2JXCyfhZU6Yfy9mdL0y57xfJ/0eqKfGDx:n0yfbU6Yq4jNxfJ8eFW

Entry address:
0x2E52

Entry point:
E8, B4, 28, 00, 00, E9, A4, FE, FF, FF, 8B, FF, 51, C7, 01, 58, C2, 40, 00, E8, 37, 29, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 5D, 06, 00, 00, 59, 8B, C6, 5E, 5D, C2, 04, 00, 6A, 0C, 68, 08, DE, 40, 00, E8, BB, 1B, 00, 00, 8B, 75, 08, 85, F6, 74, 75, 83, 3D, 7C, 1A, 41, 00, 03, 75, 43, 6A, 04, E8, FF, 2B, 00, 00, 59, 83, 65, FC, 00, 56, E8, 27, 2C, 00, 00, 59, 89, 45, E4, 85, C0, 74, 09, 56, 50, E8, 48, 2C, 00, 00, 59, 59, C7, 45, FC, FE, FF, FF...
 
[+]

Entropy:
7.9901  (probably packed)

Code size:
43 KB (44,032 bytes)

Service
Display name:
acengine

Description:
acengine protects your browser

Type:
Win32OwnProcess

Depends on:
RPCSS


The file acengine.exe has been discovered within the following programs.

FastSearch  by FastSearch
www.Fast-Search.info
About 1% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to a23-37-55-177.deploy.static.akamaitechnologies.com  (23.37.55.177:443)

TCP (HTTP SSL):
Connects to server-54-192-130-92.ams50.r.cloudfront.net  (54.192.130.92:443)

TCP (HTTP):
Connects to ec2-54-235-86-71.compute-1.amazonaws.com  (54.235.86.71:80)

TCP (HTTP):
Connects to vitalmx.com  (74.50.58.133:80)

TCP (HTTP):
Connects to vip1.g5.cachefly.net  (205.234.175.175:80)

TCP (HTTP):
Connects to tofu-origin.dmcdn.net  (195.8.215.171:80)

TCP (HTTP):
Connects to static.criteo.net  (178.250.0.74:80)

TCP (HTTP):
Connects to static.81.52.251.148.clients.your-server.de  (148.251.52.81:80)

TCP (HTTP):
Connects to static.139.84.40.188.clients.your-server.de  (188.40.84.139:80)

TCP (HTTP SSL):
Connects to server-52-85-63-237.lhr50.r.cloudfront.net  (52.85.63.237:443)

TCP (HTTP SSL):
Connects to rtr3.l7.search.vip.ir2.yahoo.com  (217.12.15.96:443)

TCP (HTTP):
Connects to proxy-066.dc3.dailymotion.com  (188.65.126.189:80)

TCP (HTTP):
Connects to pebed.dm.gg  (188.65.124.58:80)

TCP:
Connects to ns361930.ip-91-121-170.eu  (91.121.170.228:451)

TCP (HTTP):
Connects to logger-03.vty.dailymotion.com  (195.8.215.227:80)

TCP (HTTP SSL):
Connects to getclicky.com  (198.145.13.12:443)

TCP (HTTP):
Connects to ec2-54-76-155-13.eu-west-1.compute.amazonaws.com  (54.76.155.13:80)

TCP (HTTP):
Connects to ec2-54-251-40-125.ap-southeast-1.compute.amazonaws.com  (54.251.40.125:80)

TCP (HTTP):
Connects to ec2-54-225-84-36.compute-1.amazonaws.com  (54.225.84.36:80)

TCP (HTTP):
Connects to ec2-52-73-35-58.compute-1.amazonaws.com  (52.73.35.58:80)

Remove acengine.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.