« previous next »
Pages: [1]   Go Down

Author Topic: AvastUI.exe  (Read 4139 times)

0 Members and 1 Guest are viewing this topic.

TruAnRksT

  • Guest
AvastUI.exe
« on: August 02, 2012, 08:00:22 PM »
This seems like strange behavior but when I booted my PC this morning, before Avast could auto update I got about half a dozen warnings in a row citing something called hxtp://www.thebargainmob.com with the infected file listed as AvastUI.exe

A full scan with MalwareBytes came up clean so I did a repair on Avast and am currently running an Avast full scan with all options enabled.

Has anyone else seen this behavior and is it possible the Avast installation has been compromised? I'm concerned that if Avast has been compromised even in a small way then can it still be trusted.


Oh I should have mentioned I am running Win 7 Ultimate in 64 bit mode and using Avast free edition.

Or perhaps I'm just reading the warning window incorrectly.
« Last Edit: August 02, 2012, 08:19:56 PM by Milos »
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37529
  • Not a avast user
Re: AvastUI.exe
« Reply #1 on: August 02, 2012, 08:07:06 PM »
please edit the link above and make it unclickable, as it is infected

thebargainmob.com  - sucuri scan  http://sitecheck.sucuri.net/results/www.thebargainmob.com/

McAfee  http://www.siteadvisor.com/sites/thebargainmob.com
« Last Edit: August 02, 2012, 08:20:08 PM by Milos »
Logged

TruAnRksT

  • Guest
Re: AvastUI.exe
« Reply #2 on: August 02, 2012, 09:05:20 PM »
Ah sorry about that, I see the issue has been taken care of for me.

The information is interesting, I was pretty sure bargainmob would be a bad site.
Never heard of it before. But what about Avast seemingly faulting it's own file?

The scan is 81% with one detection so far, but I'll have to wait for completion before it will tell me what file was detected.
Logged

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89052
  • No support PMs thanks
Re: AvastUI.exe
« Reply #3 on: August 02, 2012, 09:09:25 PM »
It isn't an infected file as such but supposedly the process responsible for initiating the connection.

That said it is somewhat strange, are you sure it was avastUI.exe and not avastSvc.exe as this controls the web shield and its localhost proxy ?

The avastUI shouldn't be involved in this as it is the user interface and not part of the scanning shields.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

gibot

  • Guest
Re: AvastUI.exe
« Reply #4 on: August 02, 2012, 09:27:11 PM »
I am curious as how you got infected when you booted your pc.
Logged

TruAnRksT

  • Guest
Re: AvastUI.exe
« Reply #5 on: August 02, 2012, 09:49:19 PM »
I'm not even sure it was a real infection, but I would have to assume it was picked up last night before shutting down and attempted to assert itself during boot.

Yes it was AvastUI.exe that was listed at the bottom of the warning box.

It was detected several times in a row in short order. But I haven't seen any other unusual behavior yet. That site is going in my hosts file though.

Scan is 96% still only one detection.
Logged

TruAnRksT

  • Guest
Re: AvastUI.exe
« Reply #6 on: August 02, 2012, 10:29:12 PM »
Well the one file turned out to be nothing of any importance. So with all scans completed I can only conclude that whatever the problem originally was Avast took care of it. Just have to keep an eye on things I suppose.
Logged
Pages: [1]   Go Up
« previous next »