Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

8.0.1497.376 11.80%
8.0.1489.300 20.00%
8.0.1488.286 0.16%
8.0.1483.72 7.54%
8.0.1482.45 3.93%
7.0.1474.765 45.08%
7.0.1473.755 1.15%
7.0.1466.549 5.41%
7.0.1456.418 0.82%
7.0.1455.186 0.16%
7.0.1451.402 0.16%
7.0.1426.0 2.13%
7.0.1407.0 0.49%
6.0.1367.0 0.49%
6.0.1125.0 0.16%
6, 0, 999, 0 0.49%

Relationships

Parent processes
Child process
Related files

PE structurePE file structure
Show functions
Import table
aavmrpch.dll
AavmRpcRunSystemComponent, AavmRpcCreateBinding, AavmRpcDestroyBinding, AavmRpcRunComponent
advapi32.dll
CloseServiceHandle, RegQueryValueExA, IsTextUnicode, AllocateAndInitializeSid, AddAccessAllowedAce, InitializeAcl, GetLengthSid, OpenThreadToken, EqualSid, GetTokenInformation, OpenProcessToken, RegEnumKeyExW, RegOpenKeyW, RegEnumValueW, OpenServiceW, OpenSCManagerW, RegCloseKey, RegQueryValueExW, RegOpenKeyExW, FreeSid, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, SetEntriesInAclW, RegOpenKeyExA, RegSetValueExW, RegDeleteValueW
ashbase.dll
_basShouldSubmit@4, _basGetLanguage@4, _basGetErrorString@12, _basWriteProfileString@12, _basIsComponentInstalled@4, _basFullscreenAppRunning@0, _basGetRegistrationInfo@20, _basGetCurrentProductLicenseInfo@28, _basInitLibrary@4, _basFriendlyShieldName@12, _basGetBaseLang@0, _basFreeLibrary@0, _basA2U@16, _basGetLockData@12, _basGetProductLicenseInfo@32, _basGetLicenseFile@8, _basProductInfo@0, _basGetProfileInt@12, _basDoFitFileName@12, _strDecode@12, _strEncode@12, _basValidatePath@8, _basCreatePath@16, _basEnableWriteAccessToEveryone@4, _CallOnSecureDesktop@12, _basFormatNumber@16, _notEvent@4, _basResPwdCheck@4, _basGetComputerName@0, _notRemEvent@4, _notFree@0, _basCheck@0, _notInit@0, _notAddEvent@12, _basInitThreadLocale@0, _basGetProfileString@20, _basDeleteValue@8, _basStoreDWORDValue@12, _basSendAutoRegInfo@8, _notAddEventId@16, _notEventId@8, _basGetLicenseFileCommon@12
ashtask.dll
_tskInitLibrary@8, _tskFreeLibrary@0, _tskFreeData@4, _tskExecData@16, _tskAddArea@8
aswcmnbs.dll
fsGetAvastDataPath, fsGetAvastLogPath, fsGetAvastSumpPath, secPreventHookDllInjection, secCreateSharedEvent, secOpenSharedEvent, iniGetPrivateProfileString, fsGetAvastProgramPath, secCreateSharedMutex, fsGetAvastTempFileName, iniGetPrivateProfileInt, iniWritePrivateProfileInt, iniWritePrivateProfileString, cmnbFree, cmnbInit
aswcmnis.dll
cyphSimpleCode, inflateInit_, inflate, inflateEnd, deflateEnd, deflate, inflateReset, deflateReset, deflateInit2_, crcGenerate32c, mdaGenerate
aswcmnos.dll
dep_osIsWow64, dep_fsGetFileSizeHandle, dep_fsReadFile, dep_fsCloseFile, dep_osIsWinVistaOrBetter, dep_osIsWinXPOrBetter, dep_osIsWin64, dep_secGetPublicSecurity, dep_fsEnableWow64FsRedirection, dep_fsWriteFile, dep_fsExistFile, dep_fsRemoveFolderRecursive, dep_fsDeleteFileX, dep_fsOpenFileX, dep_osIsWin8OrBetter, dep_fsCopyFile, dep_procGetFileName
aswlog.dll
logDebugA, _logFree@0, _logInit@8
aswproperty.dll
aswGetPropertyInt, aswGetProperty, aswPropertyFreeLibrary, aswGetAvastPropertyInt, aswPropertyInitLibrary, aswGetIntFromCache, aswGetStrFromCache, aswSetAvastProperty, aswGetAvastProperty, aswSetPropertyInt, aswSetProperty
comctl32.dll
_TrackMouseEvent, ImageList_Draw, ImageList_GetImageInfo, ImageList_DrawEx, ImageList_GetIconSize
comdlg32.dll
GetOpenFileNameW
crypt32.dll
CertCreateCertificateContext, CertFreeCertificateContext
cryptui.dll
CryptUIDlgViewCertificateW
dnsapi.dll
DnsRecordListFree, DnsQuery_W, DnsQuery_A
gdi32.dll
SetWindowOrgEx, SetLayout, BitBlt, SetViewportOrgEx, GetTextMetricsA, SetWindowExtEx, GetWindowExtEx, SetTextColor, DeleteDC, SetBkColor, GetObjectW, LPtoDP, ExcludeClipRect, CreateCompatibleDC, CreateRectRgnIndirect, DPtoLP, CombineRgn, SetMapMode, CreateCompatibleBitmap, GetMapMode, SaveDC, GetClipBox, SetViewportExtEx, GetViewportExtEx, GetObjectA, GetStockObject, RestoreDC, CreateSolidBrush, DeleteObject, CreateRoundRectRgn, SelectObject, GetDeviceCaps, SetTextAlign, GetTextAlign, GetTextExtentPointW, TextOutA, TextOutW, GetPixel, IntersectClipRect, RectVisible, CreatePen, CreatePatternBrush, GetTextExtentExPointW, Rectangle, SetBkMode, CreateBitmap, SetPixel, Polygon, GetCurrentPositionEx, ExtCreatePen, Polyline, PtVisible, ExtTextOutW, Escape, CreateFontIndirectW, GetCurrentObject, SetBrushOrgEx, CreateDIBPatternBrushPt, CreateDIBSection, StretchBlt, GetDIBits, StretchDIBits, SetStretchBltMode, CreateFontA, EnumFontFamiliesExA, AddFontMemResourceEx, EnumFontFamiliesExW, GetWindowOrgEx, CreateHatchBrush, GetTextExtentPoint32A, GetTextExtentPoint32W, PatBlt, GetDeviceGammaRamp, SetDeviceGammaRamp, GetKerningPairsA, GetGlyphOutlineW, AddFontResourceExW
kernel32.dll
GetLocaleInfoA, TlsGetValue, GetCurrentProcess, QueryPerformanceCounter, QueryPerformanceFrequency, InterlockedIncrement, DeleteCriticalSection, FreeLibrary, GetProcAddress, LoadLibraryA, GetSystemDirectoryA, GetLocaleInfoW, IsBadReadPtr, MulDiv, FlushFileBuffers, SetEvent, GetProcessHeap, TlsSetValue, GetExitCodeProcess, CallNamedPipeW, CreateProcessW, HeapFree, WriteFile, ReadFile, ConnectNamedPipe, TerminateThread, WaitForSingleObject, ExitThread, GetPrivateProfileStringW, GetSystemTime, LocalFree, CreateDirectoryW, LocalAlloc, GetUserDefaultLCID, VirtualFree, ExpandEnvironmentStringsA, Process32NextW, Process32FirstW, LCMapStringW, FindResourceExW, LocalUnlock, CreateFileMappingA, FlushViewOfFile, SetEndOfFile, UnmapViewOfFile, MapViewOfFile, GetThreadLocale, GetVersionExA, GlobalAlloc, SetThreadLocale, GetCPInfo, GetCurrencyFormatW, DeleteFileA, MoveFileA, SetLastError, GetShortPathNameA, CreateEventA, VirtualAlloc, GetVersionExW, DeviceIoControl, CreateFileW, GetDiskFreeSpaceExW, GetVolumeInformationW, GetDriveTypeW, GetLogicalDrives, Sleep, GetLastError, FileTimeToLocalFileTime, FileTimeToSystemTime, GetTimeFormatW, GetDateFormatW, CreateThread, CloseHandle, InitializeCriticalSection, GetACP, EnterCriticalSection, LeaveCriticalSection, WideCharToMultiByte, MultiByteToWideChar, GetTickCount, DeleteFileW, GetTempFileNameW, GetTempPathW, HeapAlloc, WaitForMultipleObjects, InterlockedExchange, InitializeCriticalSectionAndSpinCount, LoadLibraryW, OpenEventW, TerminateProcess, ExitProcess, GetPrivateProfileIntW, GetModuleFileNameW, ExpandEnvironmentStringsW, GetCurrentThreadId, GetCommandLineW, GetCurrentProcessId, CopyFileW, GlobalLock, GlobalUnlock, SetThreadPriority, GetSystemInfo, WaitNamedPipeW, LoadLibraryExW, GetShortPathNameW, FindFirstFileW, FindNextFileW, FindClose, GetSystemDirectoryW, GetWindowsDirectoryW, CreateEventW, GetNumberFormatW, GetFileAttributesW, GetLocalTime, SetFilePointer, GetFileSize, SystemTimeToFileTime, GetSystemTimeAsFileTime, InterlockedDecrement, DisconnectNamedPipe, GetUserDefaultLangID, CreateIoCompletionPort, CreateNamedPipeW, GetQueuedCompletionStatus, GetTempFileNameA, TlsAlloc, GetTempPathA, FindResourceA, FindResourceW, LoadResource, SizeofResource, LockResource, GetModuleHandleW, GetStringTypeA, GetStringTypeW, ReleaseMutex, lstrcmpiW, lstrcmpW, GetExitCodeThread, CreateToolhelp32Snapshot, OutputDebugStringW, OpenProcess, GetCurrentThread, RaiseException, InterlockedCompareExchange, GetStartupInfoW, SetUnhandledExceptionFilter, UnhandledExceptionFilter, IsDebuggerPresent, SetProcessWorkingSetSize, DllMain, GetVersion, CreateMutexW, MoveFileExW, ResumeThread, WritePrivateProfileStringW
mfc90u.dll
DllMain
msimg32.dll
GradientFill
msvcp90.dll
DllMain
msvcr90.dll
DllMain
ole32.dll
CoCreateGuid, CoTaskMemFree, StringFromCLSID, CoInitialize, CoCreateInstance, CoUninitialize, StringFromGUID2, CoInitializeEx, CLSIDFromString
oleacc.dll
CreateStdAccessibleObject, AccessibleObjectFromWindow, LresultFromObject
psapi.dll
GetModuleFileNameExW, EnumProcessModules, EnumProcesses
rpcrt4.dll
RpcBindingFromStringBindingW, RpcStringFreeW, RpcBindingFree, RpcStringBindingComposeW, UuidCreate, NdrConformantArrayMarshall, RpcRaiseException, NdrClientInitializeNew, NdrConformantArrayBufferSize, NdrFreeBuffer, NdrGetBuffer, NdrConformantStringBufferSize, NdrConformantArrayUnmarshall, NdrSendReceive, NdrConvert, NdrConformantStringMarshall, RpcBindingServerFromClient, RpcBindingToStringBindingW, RpcStringBindingParseW, I_RpcGetBuffer, NdrAllocate, NdrServerInitializeNew, NdrConformantStringUnmarshall, NdrPointerFree, RpcAsyncInitializeHandle, RpcBindingSetAuthInfoExA, RpcAsyncCancelCall, RpcBindingFromStringBindingA, RpcStringBindingComposeA, RpcAsyncCompleteCall, NdrAsyncClientCall, NdrClientCall2, RpcStringFreeA
shell32.dll
SHGetPathFromIDListW, SHGetFileInfoW, SHChangeNotify, SHGetDesktopFolder, SHGetMalloc, SHGetSpecialFolderLocation, Shell_NotifyIconW, SHBrowseForFolderW, ShellExecuteW, ShellExecuteExW, SHGetFolderPathW, SHGetSpecialFolderPathW
shlwapi.dll
PathFileExistsW, PathCompactPathW, ColorHLSToRGB, ColorRGBToHLS, PathIsDirectoryW, UrlCombineA
urlmon.dll
FindMimeFromData
user32.dll
DllMain
version.dll
VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
winhttp.dll
WinHttpSetOption, WinHttpSendRequest, WinHttpConnect, WinHttpCloseHandle, WinHttpSetTimeouts, WinHttpOpen, WinHttpOpenRequest, WinHttpReadData, WinHttpReceiveResponse, WinHttpQueryOption, WinHttpQueryHeaders
wininet.dll
InternetReadFile, InternetCombineUrlA, HttpOpenRequestA, InternetGetLastResponseInfoA, InternetOpenA, InternetCloseHandle, InternetQueryOptionA, InternetConnectA, HttpQueryInfoA, HttpSendRequestA, InternetCrackUrlW, InternetSetOptionA, InternetCanonicalizeUrlW, InternetSetOptionW, InternetConnectW, HttpOpenRequestW, HttpSendRequestW, InternetOpenW
winmm.dll
timeSetEvent, timeKillEvent, timeGetTime, timeGetDevCaps, PlaySoundA

AvastUi.exe

avast! Antivirus by AVAST Software (Signed)

Remove AvastUi.exe
Version:   7.0.1474.765
MD5:   083649ef692a066880c9326020915afe
SHA1:   04e91fea01faacbc3689e77392af3f56eca02325
SHA256:   570dbf28f6d77890476f7b6a9c57f77dcc3c51038a1780540032b5fd9cf72190

What is AvastUi.exe?

avast! Antivirus is a full-featured antivirus and anti-spyware scanning and removal product. Avast offers a web-reputation browser extension as well as virtualization technology. Accurate threat updates via avast updates are delivered automatically using PUSH update technology in Avast! Antivirus.

About AvastUi.exe (from AVAST Software)

Free antivirus with anti-spyware protection for Windows. AVAST Software leads the security software industry – protecting 160 million PCs, Macs and Mobiles around the globe – by distributing FREE anti

DetailsDetails

File name:avastui.exe
Publisher:AVAST Software
Product name:avast! Antivirus
Typical file path:C:\Program Files\avast software\avast\avastui.exe
File version:7.0.1474.765
Size:4.1 MB (4,297,136 bytes)
Certificate
Issued to:AVAST Software
Authority (CA):VeriSign
Expiration date:Friday, January 31, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 9.0
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
avast! Free Antivirus
 AVAST Software
9% remove
Avast! Free Antivirus is a full-featured antivirus and anti-spyware scanning and removal product that offers a web-reputation browser extension as well as virtualization technology. Accurate threat updates via Avast updates are delivered automatically using PUSH update technology.

BehaviorsBehaviors

Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'avast5' → C:\Program Files1\ALWILS~1\Avast5\avastUI.exe /nogui
  • 'avast' → "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
Scheduled tasks
  • Entry path '\{BE644B67-0FC9-4E09-8921-3C92C4187F59}'
  • Entry path '\{A2010245-7908-40CE-A115-79DFB422FB5C}'
  • Entry path '\{83E22DC4-C629-429D-A5B9-3DBF2B43476D}'
  • Entry path '\{59B20A91-C364-4477-841A-79D826383F80}'
  • Entry path '\{D9C949DF-1FF9-49D3-92E4-FF09ADEE4B9E}'
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Program Files\AVAST Software\Avast\AvastUI.exe'
  • Firewall exception for 'C:\Programmer\Alwil Software\Avast5\AvastUI.exe'
Network connections
Access through an approved Windows firewall exception
  • [TCP] sin01s05-in-f8.1e100.net (74.125.235.40:80)
  • [TCP] a23-66-206-13.deploy.akamaitechnologies.com (23.66.206.13:80)
  • [TCP] ni-in-f138.1e100.net (74.125.135.138:80)
  • [TCP] a23-3-62-13.deploy.akamaitechnologies.com (23.3.62.13:80)
  • [TCP] sea09s01-in-f2.1e100.net (173.194.33.2:80)
  • [TCP] a23-3-254-13.deploy.akamaitechnologies.com (23.3.254.13:80)
  • [TCP] a92-122-78-13.deploy.akamaitechnologies.com (92.122.78.13:80)
  • [TCP] 2.21.222.13:80
  • [TCP] a184-30-46-13.deploy.akamaitechnologies.com (184.30.46.13:80)
  • [TCP] a184-26-206-13.deploy.akamaitechnologies.com (184.26.206.13:80)
  • [TCP] 2.21.110.13:80
  • [TCP] 178.132.81.57:80
  • [TCP] 95.100.142.13:80
  • [TCP] a92-122-142-13.deploy.akamaitechnologies.com (92.122.142.13:80)
  • [TCP] a118-215.78-13.deploy.akamaitechnologies.com (118.215.78.13:80)
  • [TCP] a23-11-78-13.deploy.akamaitechnologies.com (23.11.78.13:80)
  • [TCP] a118-214.238-13.deploy.akamaitechnologies.com (118.214.238.13:80)
  • [TCP] bud02s01-in-f4.1e100.net (173.194.39.68:80)
  • [TCP] a92-123-110-13.deploy.akamaitechnologies.com (92.123.110.13:80)
  • [TCP] a23-6-222-13.deploy.akamaitechnologies.com (23.6.222.13:80)
  • [TCP] a96-16-22-13.deploy.akamaitechnologies.com (96.16.22.13:80)

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00740692%
    0.028634%
    Kernel CPU:0.00381906%
    0.013761%
    User CPU:0.00358786%
    0.014873%
    Kernel CPU time:6,578,938 ms/min
    100,923,805ms/min
    CPU cycles:877,483/sec
    17,470,203/sec
    Context switches:27/sec
    284/sec
    Memory
    Private memory:11.28 MB
    21.59 MB
    Private (maximum):14.08 MB
    Private (minimum):5.02 MB
    Non-paged memory:11.28 MB
    21.59 MB
    Virtual memory:134.67 MB
    140.96 MB
    Virtual memory (peak):153.07 MB
    169.69 MB
    Working set:10.99 MB
    18.61 MB
    Working set (peak):18.54 MB
    37.95 MB
    Page faults:135,777/min
    2,039/min
    I/O
    I/O read transfer:39.59 KB/sec
    1.02 MB/min
    I/O read operations:12/sec
    343/min
    I/O write transfer:23 Bytes/sec
    274.99 KB/min
    I/O write operations:1/sec
    227/min
    I/O other transfer:2.06 KB/sec
    448.09 KB/min
    I/O other operations:181/sec
    1,671/min
    Resource allocations
    Threads:17
    12
    Handles:326
    600
    GUI GDI count:160
    103
    GUI GDI peak:249
    142
    GUI USER count:39
    49
    GUI USER peak:46
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:32-bit
    Command lines:
    • "C:\Program Files\avast software\avast\avastui.exe" /nogui
    • "C:\Program Files\alwil software\avast5\avastui.exe" /nogui
    • "C:\Program Files\avast software\avast\avastui.exe" /nogui
    • "C:\progra~1\alwils~1\avast5\avastui.exe" /nogui
    • C:\avast\avastui.exe /welcome
    Owner:User
    Parent processes:

    ResourcesThreads

    Averages
     
    ntdll.dll
    Total CPU:0.03768918%
    0.272967%
    Kernel CPU:0.03768278%
    0.107585%
    User CPU:0.00000640%
    0.165382%
    CPU cycles:349,258/sec
    5,741,424/sec
    Context switches:1/sec
    79/sec
    Memory:1.66 MB
    1.16 MB
    AvastUI.exe (main module)
    Total CPU:0.03038421%
    Kernel CPU:0.01783133%
    User CPU:0.01255288%
    CPU cycles:1,008,126/sec
    Context switches:5/sec
    Memory:4.09 MB
    WINMM.dll
    Total CPU:0.00963058%
    Kernel CPU:0.00481529%
    User CPU:0.00481529%
    CPU cycles:216,734/sec
    Memory:132 KB
    WININET.dll
    Total CPU:0.00211606%
    Kernel CPU:0.00000000%
    User CPU:0.00211606%
    CPU cycles:65,389/sec
    Memory:976 KB
    aavm4h.dll (avast! Antivirus by AVAST Software)
    Total CPU:0.00131796%
    Kernel CPU:0.00089999%
    User CPU:0.00041797%
    CPU cycles:111,444/sec
    Context switches:1/sec
    Memory:376 KB
    sendori.dll (Sendori.dll by Sendori)
    Total CPU:0.00091956%
    Kernel CPU:0.00047563%
    User CPU:0.00044393%
    CPU cycles:541,116/sec
    Context switches:15/sec
    Memory:316 KB
    MSVCR90.dll
    Total CPU:0.00064232%
    Kernel CPU:0.00001740%
    User CPU:0.00062492%
    Memory:652 KB
    wow64win.dll
    Total CPU:0.00017354%
    Kernel CPU:0.00017354%
    User CPU:0.00000000%
    CPU cycles:208/sec
    Memory:360 KB
    wow64cpu.dll
    Total CPU:0.00009415%
    Kernel CPU:0.00009415%
    User CPU:0.00000000%
    CPU cycles:310/sec
    Memory:32 KB
    rasman.dll
    Total CPU:0.00007606%
    Kernel CPU:0.00005284%
    User CPU:0.00002323%
    CPU cycles:232/sec
    Memory:84 KB
    wdmaud.drv
    Total CPU:0.00003930%
    Kernel CPU:0.00000000%
    User CPU:0.00003930%
    Memory:36 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 29.00%
    Windows 7 Ultimate 23.50%
    Microsoft Windows XP 17.00%
    Windows 7 Professional 10.00%
    Windows Vista Home Premium 5.50%
    Windows 8 4.00%
    Windows 8 Pro 3.00%
    Windows Vista Home Basic 2.00%
    Windows 7 Home Basic 2.00%
    Windows Vista Business 1.00%
    Windows 7 Enterprise 1.00%
    Windows Seven Black Edition 1.00%
    Windows 7 Starter 1.00%

    Distribution by countryDistribution by country

    United States installs about 31.66% of avast! Antivirus.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Dell 21.29%
    Toshiba 15.97%
    Hewlett-Packard 13.69%
    Acer 12.93%
    ASUS 10.65%
    Intel 7.60%
    Lenovo 4.56%
    Samsung 3.80%
    American Megatrends 2.28%
    GIGABYTE 1.90%
    Sony 1.52%
    MSI 1.52%
    Medion 1.52%
    Packard Bell 0.76%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE