5:42 AM 5/13/2014
Avastui.exe is making and maintaining tcp connections to google.com.
Ipnetinfo.log

   74.125.224.94	Succeed	USA - California	GOOGLE	Google Inc.	74.125.0.0	

74.125.255.255 Yes Google Inc. arin-contact@google.com arin-contact@google.com
+1-650-253-0000 lax17s02-in-f30.1e100.net.

74.125.224.102	Succeed	USA - California	GOOGLE	Google Inc.	74.125.0.0	

74.125.255.255 Yes Google Inc. arin-contact@google.com arin-contact@google.com
+1-650-253-0000 lax02s19-in-f6.1e100.net

CPorts.Log

AvastUI.exe 1976 TCP 5766 192.168.1.64:5766 443 https
74.125.224.94:443 lax17s02-in-f30.1e100.net:443 Established C:\Program Files\AVAST
Software\Avast\AvastUI.exe avast! Antivirus avast! Antivirus 9.0.2018.391
AVAST Software 5/11/2014 11:27:34 PM A 5/13/2014 5:13:49 AM
C:\WINDOWS\system32\WINHTTP.dll Statistics

AvastUI.exe 1976 TCP 5764 192.168.1.64:5764 80 http
74.125.224.102:80 lax02s19-in-f6.1e100.net:80 Established C:\Program Files\AVAST
Software\Avast\AvastUI.exe avast! Antivirus avast! Antivirus 9.0.2018.391
AVAST Software 5/11/2014 11:27:34 PM A 5/13/2014 5:13:49 AM
C:\WINDOWS\system32\WININET.dll Statistics

I do not understand why Avast would need to connect to google on port 80 and ssl port 443.
Can someone explain this? What information is being supplied to Google? No, I do not use the Google Chrome Browser.

Port 80 is easy to understand. Are you logged-in to Google?
If you are that would explain port 443.

Port 80> http connections
Port 443> https connections\

@ schmidthouse Thanks for explaining what the ports are for. My bad. :-[

Port 80 is used for non-encrypted internet connections.
Port 443 is for encrypted internet connections.

That said, if you are logged into your Google account (encrypted) and visit YouTube your
YouTube connection is also encrypted.

Thank you for the replies…you too schmidthouse.(chuckle)I know what the ports are. Me"newbie" not “newborn”. :

I’m not logged into Google or Youtube. I have no Google pages or services in use at all. Google is not my search engine and it is not a search option on my home page. These connections are being made directly by the avastui while realtime shields are off. (If it were a passthrough avast scanner connection it would be on port 12080). I am not using any safe-browsing options in my browser. In fact, these connections persist even when there is no browser active. I know they originate from Avastui.exe directly.
It just seems strange. there must be a good reason for them.
Perhaps avast reports statistics to Google via the user interface?
well, so much for sluething. Just curious. :

For what it’s worth, I’m watching Resource Monitor and I don’t see connections from AvastUI to anything.

For me AvastSvc.exe shows occasional connections to addresses that reverse-resolve to AVAST Software a.s., which seems reasonable given the software’s online update facilities.

Note that I don’t use anything but the 3 shields and the software updater.

Personally, if I saw my system maintaining a connection with Google I’d be concerned that Google has infected me with something. That’s certainly their goal.

Something related to consider, which blocks trackers etc.: http://winhelp2002.mvps.org/hosts.htm

Also if you see applications accessing servers by name that you’d rather they didn’t access, nothing keeps you from adding additional lines to your hosts file.

-Noel

See http://forum.avast.com/index.php?topic=126470.msg950033#msg950033