"...What IP addresses should avast be trying to access?..."
Avast Antivirus Free Connections cmd command: netstat -aon
Avast User Interface Connections:
Process:
C:\Program Files\Alwil Software\Avast5\Avastui.exe
Proto Local Address Foreign Address State PID
TCP xx.xxx.xxx.xxx:1783 74.86.126.236:443 CLOSE_WAIT 344
TCP xx.xxx.xxx.xxx:1784 74.86.126.236:443 CLOSE_WAIT 344
TCP xx.xxx.xxx.xxx:1785 174.37.192.139:443 CLOSE_WAIT 344
TCP xx.xxx.xxx.xxx:1786 174.37.192.139:443 CLOSE_WAIT 344
TCP xx.xxx.xxx.xxx:1788 174.37.192.139:443 CLOSE_WAIT 344
TCP xx.xxx.xxx.xxx:1789 174.37.192.139:443 CLOSE_WAIT 344
Avast Service Listening Ports:
Process
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
Proto Local Address Foreign Address State PID
TCP 127.0.0.1:1192 0.0.0.0:0 LISTENING 1836
TCP 127.0.0.1:1193 0.0.0.0:0 LISTENING 1836
TCP 127.0.0.1:1194 0.0.0.0:0 LISTENING 1836
TCP 127.0.0.1:1195 0.0.0.0:0 LISTENING 1836
TCP 127.0.0.1:1196 0.0.0.0:0 LISTENING 1836
TCP 127.0.0.1:1197 0.0.0.0:0 LISTENING 1836
TCP 127.0.0.1:1198 0.0.0.0:0 LISTENING 1836
TCP 127.0.0.1:1199 0.0.0.0:0 LISTENING 1836
TCP 127.0.0.1:12080 0.0.0.0:0 LISTENING 1836
Update Virus Definitions Connections (uses different addresses and ports):
Process:
C:\Program Files\Alwil Software\Avast5\Setup\Avast.Setup
Proto Local Address Foreign Address State PID
TCP xx.xxx.xxx.xxx:1790 174.120.185.26:80 ESTABLISHED 3004
TCP xx.xxx.xxx.xxx:1791 87.248.217.253:80 ESTABLISHED 3004
Update Program Connections (uses different addresses and ports):
Process:
C:\Program Files\Alwil Software\Avast5\Setup\Avast.Setup
Proto Local Address Foreign Address State PID
TCP xx.xxx.xxx.xxx:1793 74.52.200.114:80 ESTABLISHED 3396
TCP xx.xxx.xxx.xxx:1794 208.43.71.137:80 ESTABLISHED 3396
Note: Avast.Setup is a "phantom" process, it loads in memory and exists only during update, that's why it appears in Firewall as an "Unidentified Flying Object":
Thanks.