Why Is AvastUI.exe Dialing Out To India?

Avast Free Antivirus / Premium Security
21

WebRep doesn’t need avastui, afaik.

22

The avastUI.exe is the graphical interface and is used by many shields, I believe that the alert windows are also handled by the avastUI so if that isn’t running, I guess you wouldn’t see the alert window. You could test that by downloading the eicar test file whilst you don’t have the avastUI running.

I don’t believe it is required by the WebRep to display the WebRep information, as I believe that would be done by the browser as essentially it is a pop-up displaying the data when you click on the webrep icon, etc.

I guess you are going to have a hard time with that one, as it seems that this is the way most AVs are going. I’m no cloud fan as when your internet is down so to is that element, but it rather depends on how heavily the AV is dependant on cloud processing.

The resolution of the IP address isn’t something in the control of avast, that is down to whatever application (TCPView) resolves it and the DNS server it used to resolve the IP address.

Get the IP resolution wrong and the whois details taken from the domain name (resolved IP address) will also be wrong. As Vlk said “Reverse DNS lookup is often bogus.” perhaps, bogus should be replaced by wrong.

As you found doing a whois on the wrong domain name returns a different IP address, so the problem is one of incorrect resolution of the IP address…

23

You’re wrong about this Dave.

24

I would add: “That, however, may change at any time, even via a virus definition update”.

25

Hope you tell us before. :wink:

26

I unblocked avastui.exe and checked to see what it connected to. IP is 75.125.212.75 with no DNS resolution for two connections. This is an iPlanet IP so I assume it’s OK. The other two connections are to avast.com, IP 207.218.232.82.

Still would like to know what avastui.exe does. It just stays in a perpetual wait state for port 443.

27

Yes, avast has a number of hosted servers at planet internet.

28

How do you think that some free products cover their costs? They need advertising, and may be also sell “aggregate” data?! As for Indian IP addresses, that is one of the “benefits” of the “wonderful” cloud that every one is so hot about these days.

I wish Avast were a bit more upfront on this. I was thinking of buying a few professional licenses for our small office but this now worries me a bit. I will wait for an answer befroe I decide next week.

29

Please read the thread again… there is no Indian IP - it’s just a problem with the reverse lookup on the original poster’s machine.