Hello,
I suspect there’s some Google Analytics code in the GUI (or something like that, I’m not a programmer).
Should I be right, could you please tell me how to disable it?
I can recall some other user asked the same question months ago, during the beta-testing.
Best regards
Anyone from Avast (or the guy who asked before/someone who knows)?
Why do you think that there is Google analytics code in Avast?
Open the interface and then scrutinize the web shield readings…Indeed there are google analytic activity occuring.
Thanks, Arnold72.
Anyway, as I said before, I can recall some other user asked the same question during the beta-testing. Someone from Avast replied, but I can’t remember anything more - well, to be honest, I remember he confirmed there’s some Google Analytics code somewhere in the GUI…
EDIT: added some info
avast 9.0.2008 free x86.
I have also noticed some spy activity here-
I have noticed that once you open avast interface it begins to connect google (1e100.net) servers. :o
I just run netstat -b command and got this–>
Proto Local Address Foreign Address State PID
TCP win-pc:1618 a118-214.142-13.deploy.akamaitechnologies.com:https ESTABLISHED 2860
[AvastUI.exe]
TCP win-pc:1619 bom03s01-in-f30.1e100.net:https ESTABLISHED 2860
[AvastUI.exe]
TCP win-pc:1620 bom03s01-in-f30.1e100.net:https ESTABLISHED 2860
[AvastUI.exe]
TCP win-pc:1621 a118-214.142-13.deploy.akamaitechnologies.com:https ESTABLISHED 2860
[AvastUI.exe]
TCP win-pc:1622 a118-214.142-13.deploy.akamaitechnologies.com:https ESTABLISHED 2860
[AvastUI.exe]
TCP win-pc:1623 bom03s02-in-f0.1e100.net:http ESTABLISHED 2860
[AvastUI.exe]
But when i add these lines in my host file (c:\windows\system32\drivers\etc\host), avastui.exe stopped its activity. 8)
# block Google Analytics via host file#
127.0.0.1 pagead.googlesyndication.com
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 adservices.google.com
127.0.0.1 ssl.google-analytics.com
127.0.0.1 www.google-analytics.com
127.0.0.1 imageads.googleadservices.com
127.0.0.1 imageads1.googleadservices.com
127.0.0.1 imageads2.googleadservices.com
127.0.0.1 imageads3.googleadservices.com
127.0.0.1 imageads4.googleadservices.com
127.0.0.1 imageads5.googleadservices.com
127.0.0.1 imageads6.googleadservices.com
127.0.0.1 imageads7.googleadservices.com
127.0.0.1 imageads8.googleadservices.com
127.0.0.1 imageads9.googleadservices.com
127.0.0.1 partner.googleadservices.com
127.0.0.1 www.googleadservices.com
127.0.0.1 apps5.oingo.com
127.0.0.1 www.appliedsemantics.com
127.0.0.1 service.urchin.com
strange! :o
I think avast downloads ads from somewhere and then shows them in its UI. :
Hi Tetsuo,
Here is the comment from Vlk regarding Google analytics. → http://forum.avast.com/index.php?topic=126470.msg950033#msg950033
Thank you very much for the help, Charyb.
So, I was right. The avast UI contains an analytics module.
Yes, it does. At first I was worried about this unsolicited connection requests but then I found out that the interface use GA to monitor how we use the interface. It can be uncomfortable for some. It is for me so I blocked access altogether. Any unnecessary interaction is unacceptable! If avast needs feedback about how we use the interface, we would provide them happily but not this way. Well, avast do not even listen to most of the users. The new GUI is the example. But that’s ok and it looks ok too!
I doubt that you can use this as any degree of accuracy that there is any traffic related to the avastUI. Many sites use google analytics so that is the traffic activity you are seeing in web shield related activity.
Since that topic is from June and relates to avast 8, there is no confirmation that avast 9 does also.
In all honesty the avast 9 UI needs all the help it can get by using google analytics, as it really isn’t intuitive, nowhere as user friendly and easy to find things as in the avast 8 UI.
You can see the traffic looking at Statics/Your Stats for a while. Or better, you can use HostsServer’s log feature (abelhadigital.com).
It’s been like this for ages, see http://forum.avast.com/index.php?topic=109668.0 posts 4, 7 and others. It’s not related to using GUI, just updating definitions.
attached log from yesterday - note that google analytics fails - that’s because I use HOSTS file
Is it possible to block Google Analytics with Avast website blocking ?
Something like .google-analytics.com ?
Sorry the traffic in the Statistics isn’t detailed enough to tell the origin of the request (which is being checked by the web shield). I honestly don’t know if the avastui traffic would be being redirected through the web shield.
Unfortunately I have never used HostsServer, so I can’t say or check.
But as I have said the UI really needs all the help it can get (too many levels and not intuitive) on how users navigate it.
It's not related to using GUI, just updating definitions.
Seriously? Avastui.exe had nothing to do with updating definitions. It simply does not have any function that would require it to connect to internet for the antivirus to work. It does however require internet connection when you want to see global stats and trace IP address. An easy process would be to block avastui.exe in firewall and see the firewall logs. You can determine to which IP address it constantly tries to connect, Use that to find the domain name and it will turn out to be google analytics and another server within your region (I found this for a different IP it tries to connect). But be sure, it does not take part in updating virus definition.
I just followed up this thing a little through some old logs and the current one.
Not that it bothers me.
It seems to occur within seconds after definitions update. I GUESS that it is linked to the slideup informing that the update occurred. The slideup usually contains suggestions to install something else, and that could be where google analytics comes into play, where avast simply wants to know what we select or don’t.
The other log that I looked at is Setup.log - that’s where I get the timing from.
Confirming my earlier observations and guesses, I just caught it in action, first occurence today - see the connection I see between updating and analytics in these log extracts
As far as I could have understood looking at my system, the activity seemed not related exclusively to the update process. Hopefully, someone from Avast will join the conversation soon.
There is no question of avast joining the discussion. An avast moderator had already cleared why google analytics are embedded in the GUI.
http://forum.avast.com/index.php?topic=126470.msg950033#msg950033
So, if you don’t want such unnecessary connections, you can block the program through firewall. There is no harm in it except impacting two functionality as far as I know. 1. Global Stats, 2. IP tracing (maybe)
The “Avast person” you mentioned was Vlk. At that time he wrote:
“Still, if you are uncomfortable sharing this data with us (i.e. you don’t want, for any reason, us to see how you navigate through the Avast UI), there’s ways to suppress this feature. Let me know if you need more details”.