Unexplained Avast connections

I’ve disabled all the cloud/community options I could find, and (temporarily) disabled updates, but netstat shows three connections to avast.com subdomains (such as a349vg.avast.com) during startup. What are these connections doing and is there any way to disable them?

I’m looking at NetStat right now and it says that avast is showing a connection to, among others, stackoverflow.com! What’s that about?

Rather look to previous replies then again posting the same questions: http://forum.avast.com/index.php?topic=125212.0
See: http://www.netinfo.org.ua/a349vg.avast.com.htm
All green here: http://www.mywot.com/en/scorecard/a349vg.avast.comhttp://dnslookup.fr/a349vg.avast.com

polonus

I already read that topic and it’s largely unrelated to what I asked. My concern isn’t that there’s any issue with the site - I mean, it’s avast’s own site, I think it’s trustable enough - my concern was that it doesn’t state what the purpose of those connections is. I don’t necessarily mind that it’s happening, but I prefer to know why software I use is phoning home.

Hello,
a349vg.avast.com” is one of our VPS/program update servers.

Milos

Thank you Milos. I was wondering the same thing. It was not explained well in the other response.

The point of the question is though, why is it still contacting an update server when updates are disabled?

Avast has cloud technology and im sure you would wish to keep this enabled as you are weakening your protection by disabling them.

If you disable the part of the program that keeps your protection current, why install the program in the first place ???

bob3160, I clearly stated that I disabled updates temporarily, to check that there were no connections other than the desired ones. I wish people would stop replying to messages they haven’t even read. :confused:

As for the ‘cloud technology’, I’ve had no issues using other antiviruses without such a thing and personally find the benefits of reducing unwanted connections to be greater than the benefits it claims to provide.

To get back to the point, in the hope of a straight answer - for what purpose does Avast connect when it seems that everything requiring a connection is disabled?

My personal philosophy on all software is…If you dont trust any of the connections being made then this signifies a total lack of trust for the software as a whole.

i find it odd that you trust avast enough to install it and yet you question the connections it makes which implies a slight suspicious nature in your character.

Avast is a globally recognised security solution and used by millions of people worldwide so its credentials are not up for questioning.
Just allow avast to give you top notch av protection and stop being paranoid about avast outbound connections.

Thanks.

I didn’t see anything in your posts regarding " temp. disabling" hence, my reply.
If you don’t trust avast!, why install it in the first place ???

bob3160: In the original post it clearly says “and (temporarily) disabled updates.”

My primary concern is simply that there’s no clear reason for it to be doing this at all. There may be potential privacy issues, but I’ve no reason not to trust Avast, it’s more an issue of control and resources (the same reason I’m currently trying out Avast in favour of my previous AV). I get the feeling you guys just don’t actually know the answer to my question and for some reason are choosing to change the subject and question me instead of leaving the matter to someone who’ll respond appropriately.

Look, Avast offers options for a reason. Everyone uses their computer differently, and some of the default settings were overkill or irrelevant for the way I use my computer, while others by default weren’t quite secure enough. Do you have some kind of problem with that (in which case maybe you should go and tell the developers just to remove all the options), or can we now please focus on the original question?

As Milos already said “a349vg.avast.com” is one of our VPS/program update servers" and I don’t think cloud updates can be disabled unless you’re going to block it with a firewall which would be awkward as when you need the update you would then have to go and unblock it.

Cloud updates should not be blocked imo as they are giving you the latest up to date protection which is a necessity for safe browsing.

Isn’t that the purpose of the “Enable streaming updates” option?

Part of why I’m not sure that it’s update related is because two of the connections on startup (going to similarly named servers) no longer appeared after I registered Avast - this suggests that those connections were account/license related, and perhaps the last one is also related to that.

You are correct, shows you how often I look in the avast settings ;D

Yes it could possibly be related to the licence check, there is also the emergency update service which is a separate process from the normal updates so it could be that :-\

You can also teak a program right out of existence. It basically comes down to a matter of trust.
You either allow the program to establish the connections to function and update properly or, you don’t trust the program or don’t want to
use the program to operate at it’s top protection capability and chopp of it’s ability to keep you current on your AV protection.
Default settings are also put in place to offer maximum protection and minimum resource use for the average user.
Granted, there are tweaks that can be made but, certain tweaks can also impede the performance and ability of the program.
Your computer - your choice - your decision. :slight_smile:

That’s all fair enough, but I’m clearly not the average user. :slight_smile: The default settings would be what I’d use if I was just setting up an antivirus for family/friends, though.

While this is still largely just speculation and it’d be nice to have some concrete facts and details about how these things work, at least there’s some reasonable ideas of what’s happening now. I’m not entirely happy with it, but every antivirus has its own unique problems and Avast probably has the least so far so I guess I can live with this.

Well, certainly the alternative is much less palatable. If one does not mind fixing damage left behind by malware attacks and consequent system changes, then the best course of action would be to run system without an a/v program of any sort, and any issues of unknown or unexplained connections would then be moot, and it would not matter what a/v one ran in the past, as they are no longer present or running.

No program - no connections.

imo, I’d rather have a team of people working for me that get up every day and strive to meet the mission goals of protecting my system by blocking malware from ever entering my system, rather than have me deal with manually disinfecting my system every day of malware garbage. Seems this may be an issue of not understanding why avast! does what it does; many different strategies are used to enable malware to be blocked at first detection. If such is blocked straight-away, then one does not need to worry about further infections following the initial infection, as the first never got a foothold in the system.

How that initial blocking is done here at avast! is by using those connections created by avast! you seem to object to. Removing that active protection by disabling the active connection links would seem to lower the basic threshold of protection, and thus could not increase it.

Is internet bandwidth (or the lack thereof) the real issue here?

Having to disinfect ‘every day’ seems a bit of an exaggeration to me - in my experience it’s rare to see an attempted infection (other than false positives) more often than once or twice every few months unless I’m on particularly seedy sites, and I’m pretty confident that there haven’t been any unnoticed infections too. However, based on personal experiences of running without an antivirus, that’s basically just inviting any old virus in and does lead to a lot of easily avoided hassle.

There may indeed be some benefits to Avast’s connectivity options, but the idea people seem to be spreading that the software is not complete without them is worrying, because I’d rather my antivirus still work to a reasonable level when I’m not online! :slight_smile:

Bandwidth isn’t an issue here, at least not in the sense of any kind of data cap, but I generally prefer to have as little going on as possible, to reduce interruptions during gaming and just for kinda OCD reasons.