home

AvastUi.exe

avast! Antivirus

ALWIL Software

This is a setup program which is used to install the application. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘avast5’. This is installed with avast! Free Antivirus. The file has been seen being downloaded from fc51.userfiles.me.
Publisher:
AVAST Software  (signed by ALWIL Software)

Product:
avast! Antivirus

Description:
avast! Antivirus

Version:
5, 1, 889, 0

MD5:
7b878518590e826f1f3a5b1d61d405f8

SHA-1:
52ce57c448d606e602ab323afc5213e6a53fd1bf

SHA-256:
f95e87e0e77e54a0d6fb256752eb2ed2ff6d1e9de8640925e8b22fd01075cbae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:58:38 PM UTC  (today)

File size:
3.2 MB (3,396,624 bytes)

Product version:
5, 1, 0, 0

Copyright:
Copyright (c) 2010 AVAST Software

Original file name:
AvastUi.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\Program Files\alwil software\avast5\avastui.exe

Digital Signature
Signed by:
ALWIL Software

Authority:
VeriSign, Inc.

Valid from:
6/12/2008 2:00:00 AM

Valid to:
7/24/2011 1:59:59 AM

Subject:
CN=ALWIL Software, OU=ALWIL Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ALWIL Software, L=Praha, S=Praha, C=CZ

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4009265CDB37D6B82D24D0B06F931857

File PE Metadata
Compilation timestamp:
1/13/2011 9:45:15 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:N7uQQVqjnwO6OvrIiymcPWHIf8NxYp3I82MTiKROTBUprqNuOM+1T7:N71wO67iyEo5p3SMTiKrrqNRM+1T7

Entry address:
0x262430

Entry point:
E8, E3, 05, 00, 00, E9, 37, FD, FF, FF, 3B, 0D, 90, 80, 6F, 00, 75, 02, F3, C3, E9, 65, 06, 00, 00, CC, FF, 25, F8, C5, 68, 00, 8B, FF, 55, 8B, EC, F6, 45, 08, 02, 57, 8B, F9, 74, 25, 56, 68, 14, 2C, 66, 00, 8D, 77, FC, FF, 36, 6A, 0C, 57, E8, FA, 00, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, 6B, F5, FF, FF, 59, 8B, C6, 5E, EB, 14, E8, 8C, 07, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, 54, F5, FF, FF, 59, 8B, C7, 5F, 5D, C2, 04, 00, FF, 25, FC, C5, 68, 00, FF, 25, 0C, C6, 68, 00, 6A, 10, 68, E0, 16, 6D, 00, E8...
 
[+]

Code size:
2.5 MB (2,664,448 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
avast5

Command:
"C:\Program Files\alwil software\avast5\avastui.exe" \nogui


The file AvastUi.exe has been discovered within the following program.

avast! Free Antivirus  by AVAST Software
Avast! Free Antivirus is a full-featured antivirus and anti-spyware scanning and removal product that offers a web-reputation browser extension as well as virtualization technology. Accurate threat updates via Avast updates are delivered automatically using PUSH update technology.
www.avast.com/en-us/index
9% remove it
 
Powered by Should I Remove It?

The file AvastUi.exe has been seen being distributed by the following URL.

http://fc51.userfiles.me/f/0/1391705106/12956367/0/.../AvastUI-spaces.ru.exe

Scan AvastUi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.