AvastUi.exe
avast! Antivirus by AVAST Software (Signed)
Warning 18 antivirus scanners has detected malware in various versions of AvastUi.exe.
Overview
There are 16 versions of avastui.exe in the wild, the latest version being 8.0.1497.376. avastui.exe is run as a standard windows process with the logged in user's account privileges. During installation, a run registry key for all users is added that will cause the program to run each time any user logs on to Windows. The average file size is about 4.1 MB. The file is a digitally signed and issued to AVAST Software by VeriSign. Some variations of the file have been seen to be installed with the program avast! Free Antivirus from AVAST Software. During the process's lifecycle, the typical CPU resource utilization is about 0.0088% including both foreground and background operations, the average private memory consumption is about 13.54 MB with the maximum memory reaching around 15.67 MB. Addionally, typically read and write I/O disk operations is about 31.21 KB per minute for reads and 143 Bytes per minute for writes.
What is avastui.exe?
avast! Antivirus is a full-featured antivirus and anti-spyware scanning and removal product. Avast offers a web-reputation browser extension as well as virtualization technology. Accurate threat updates via avast updates are delivered automatically using PUSH update technology in Avast! Antivirus.
About avastui.exe (from AVAST Software)
“Free antivirus with anti-spyware protection for Windows. AVAST Software leads the security software industry – protecting 160 million PCs, Macs and Mobiles around the globe – by distributing FREE anti”
Details |
File name: | avastui.exe |
Publisher: | AVAST Software |
Product name: | avast! Antivirus |
Typical file path: | C:\Program Files\avast software\avast\avastui.exe |
Certificate |
Issued to: | AVAST Software |
Authority (CA): | VeriSign |
Expiration date: | Friday, January 31, 2014 |
Programs installed in
(Note, the programs listed below are for all versions of avast! Antivirus.)
Avast! Free Antivirus is a full-featured antivirus and anti-spyware scanning and removal product that offers a web-reputation browser extension as well as virtualization technology. Accurate threat up...
Behaviors
(Note, the behaviors below are for all versions of avastui.exe, select a unique version for details.)
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'avast5' → C:\Program Files1\ALWILS~1\Avast5\avastUI.exe /nogui
- 'avast' → "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
Scheduled tasks
- Entry path '\{BE644B67-0FC9-4E09-8921-3C92C4187F59}'
- Entry path '\{A2010245-7908-40CE-A115-79DFB422FB5C}'
- Entry path '\{83E22DC4-C629-429D-A5B9-3DBF2B43476D}'
- Entry path '\{59B20A91-C364-4477-841A-79D826383F80}'
- Entry path '\{D9C949DF-1FF9-49D3-92E4-FF09ADEE4B9E}'
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Program Files\AVAST Software\Avast\AvastUI.exe'
- Firewall exception for 'C:\Programmer\Alwil Software\Avast5\AvastUI.exe'
Malware detections
Based on 40+ industry antivirus scanners, 18 of them detected the following malware.
Antivirus engine | Engine version | Detection | File version |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
7.0.1466.549 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
7.0.1426.0 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
7.0.1474.765 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
7.0.1456.418 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
7.0.1473.755 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
6, 0, 999, 0 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
7.0.1407.0 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
8.0.1482.45 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
8.0.1483.72 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
7.0.1455.186 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
6.0.1367.0 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
8.0.1489.300 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
7.0.1451.402 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
8.0.1488.286 |
ByteHero |
1.0.0.1 |
Trojan.Exception.gen.101 |
8.0.1497.376 |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0824 |
7.0.1466.549 |
Trend Micro HouseCall |
9.700.0.1001 |
HV_AGENT_CB2434CD.TOMC |
7.0.1474.765 |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0810 |
7.0.1407.0 |
All file variations of avastui.exe
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
26.50% |
|
Windows 7 Ultimate |
19.50% |
|
Microsoft Windows XP |
19.00% |
|
Windows 7 Professional |
13.00% |
|
Windows 8 |
4.50% |
|
Windows Vista Home Premium |
3.50% |
|
Windows 8 Pro |
3.00% |
|
Windows 7 Home Basic |
3.00% |
|
Windows Vista Home Basic |
2.00% |
|
Windows 7 Enterprise |
1.50% |
|
Windows 7 Starter |
1.50% |
|
Windows 8 Pro with Media Center |
0.75% |
|
Windows 7 Ultimate N |
0.75% |
|
Windows Vista Business |
0.50% |
|
Windows Seven Black Edition |
0.50% |
|
Windows 8 Pro N |
0.50% |
|
Distribution by country
United States installs about 33.50% of avast! Antivirus.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Dell |
20.19% |
|
Hewlett-Packard |
14.08% |
|
Acer |
13.62% |
|
ASUS |
12.21% |
|
Toshiba |
12.21% |
|
Intel |
7.51% |
|
Lenovo |
5.63% |
|
Samsung |
2.82% |
|
American Megatrends |
2.35% |
|
GIGABYTE |
2.35% |
|
Sony |
1.88% |
|
Compaq |
1.88% |
|
MSI |
0.94% |
|
Medion |
0.94% |
|
Gateway |
0.94% |
|
Packard Bell |
0.47% |
|