Author Topic: backup.exe  (Read 22321 times)

0 Members and 1 Guest are viewing this topic.

Offline Tomaso

  • Jr. Member
  • **
  • Posts: 47
backup.exe
« on: December 03, 2015, 05:25:00 PM »
In v2016, why is this file trying to connect to the internet?:
C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
It identifies itself as "Avast Settings Backup".
What information is it trying to send, and how do I disable it?

Offline avaster78

  • Jr. Member
  • **
  • Posts: 96
Re: backup.exe
« Reply #1 on: December 03, 2015, 06:10:41 PM »
My 'Windows 10 Firewall Control' just just popped up saying this backup.exe is wanting  connect to the net. I disabled it for time being. Should it be allowed?
« Last Edit: December 03, 2015, 06:13:55 PM by avaster78 »
Windows 7 Home Premium SP1 64-bit. Avast Free Latest. Opera (Chromium). SpywareBlaster 5.5. Windows 10 Firewall Control Free 64-bit (together w/ Windows Firewall). HW: HP G5139sc - Athlon II X2 220 2.8 GHz - 4 GB (Dual-channel). VDSL2 Modem Router w/ Firewall. Internet 50Mbs.

REDACTED

  • Guest
Re: backup.exe
« Reply #2 on: December 04, 2015, 11:37:47 PM »
Same here. I've blocked it on my host based firewall. Only started this morning. I can't see an option to disable the 'backup' feature.

Offline petr_matrix

  • Avast team
  • Sr. Member
  • *
  • Posts: 268
  • avast! programmer
    • AVAST Software
Re: backup.exe
« Reply #3 on: December 05, 2015, 01:16:06 AM »
Hi guys,
this file (with upgrade.exe in the same directory) is the recommended way by Microsoft how to get better user experience during upgrade to windows 10.
It does two things:
1) backup avast license and settings to the file which are transferred to the windows 10 and then automatically used during avast installation
2) send us statistics about active users and their operating system and little more info but nothing personal, see code below:

This is statistics sending code cut&paste from backup.exe sources with added explaining comments:
Code: [Select]
map_vals["guid"] = g_globals->guid();          // installation guid (old way to compute users)
map_vals["midex"] = g_globals->midex();        // new installation guid (new way how to distinguish that statistics are from different user)
map_vals["edition"] = edition;                 // edition of avast
map_vals["build"] = GetAvastBuildNo();         // version of avast
map_vals["os"] = GetOsBuildNo();               // version of windows
map_vals["statsSendTime"] = std::to_string(_time32(nullptr)); // time when statistic was generated
map_vals["statver"] = "2.30";                  // version of statistics
map_vals["backupver"] = GetBackupBuildNo();    // version of this backup.exe file
map_vals["event"] = "upgradeW10";              // type of statistic

AddWscReport(map_vals);                        // adds other antiviruses registered in windows security center

You can verify this by capturing http comunication from backup.exe.

Thanks,
pm


REDACTED

  • Guest
Re: backup.exe
« Reply #4 on: December 05, 2015, 02:56:34 AM »
This thing popped up on my firewall last night.  Blocked it as it was unknown.  Don't plan to upgrade to Windows 10 anytime soon ... so , there is definitely something fishy here...

I think that this sort of data extraction from a user's PC should be fully disclosed in the license and terms of service.  This is something I would only expect from Microsoft!!!

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31078
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: backup.exe
« Reply #5 on: December 05, 2015, 11:06:21 AM »
As petr explained, there is nothing fishy about it.

It is covered in the privacy statement/EULA from avast.

Offline Tomaso

  • Jr. Member
  • **
  • Posts: 47
Re: backup.exe
« Reply #6 on: December 05, 2015, 11:38:24 AM »
This is something I would only expect from Microsoft!!!
I agree.
avast! has already got the nasty telemetry/tracking module in 'AvastUI.exe', and the suspicious behaviour of 'avastemupdate.exe'.
..and now this!?
Please give us more checkboxes under 'Settings' > 'General' > 'Privacy', allowing us to opt-out, without the use of workarounds such as firewalls and the Windows Task Scheduler!

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31078
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: backup.exe
« Reply #7 on: December 05, 2015, 11:56:47 AM »
When installing avast you agreed to the EULA/Terms.
If you don't like them, don't use avast but something else.

But guess what...
All other av vendors have simular things in their EULA/Terms.

Offline Tomaso

  • Jr. Member
  • **
  • Posts: 47
Re: backup.exe
« Reply #8 on: December 05, 2015, 01:06:15 PM »
All other av vendors have simular things in their EULA/Terms.
Yeah, yeah..
I've heard that silly argument before.
These kind of privacy violations can't be justified simply by pointing a finger at the misdeeds of others!

Offline petr_matrix

  • Avast team
  • Sr. Member
  • *
  • Posts: 268
  • avast! programmer
    • AVAST Software
Re: backup.exe
« Reply #9 on: December 05, 2015, 01:36:02 PM »
Guys, there isn't anything private and it doesn't send files to our servers. We just need to compute our losses of users during upgrade to windows 10. How would you do it?
I am developer and I disagree with many things in avast but not with this one.

If you want more information about this just keep asking here I will try to answer everything.

Thanks,
pm
« Last Edit: December 05, 2015, 01:45:19 PM by petr_matrix »

Offline bob3160

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 48655
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: backup.exe
« Reply #10 on: December 05, 2015, 03:18:53 PM »
Guys, there isn't anything private and it doesn't send files to our servers. We just need to compute our losses of users during upgrade to windows 10. How would you do it?
I am developer and I disagree with many things in avast but not with this one.

If you want more information about this just keep asking here I will try to answer everything.

Thanks,
pm
Is Microsoft not upgrading or are they deleting Avast during the upgrade procedure ?
I've never upgraded a system to Windows 10 that had Avast removed after the upgrade ???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline petr_matrix

  • Avast team
  • Sr. Member
  • *
  • Posts: 268
  • avast! programmer
    • AVAST Software
Re: backup.exe
« Reply #11 on: December 05, 2015, 05:19:20 PM »
Yes, if Microsoft detects AV during upgrade to win10 it does one of the following:
1) [installed version compatible with win10] upgrade transfer this version to the windows 10 and it should run (sometimes we detect a troubles with these versions like firewall not running etc.)
2) [installed version isn't compatible with win10] upgrade deletes AV but transfers backup.exe and upgrade.exe and their data files (settings and licence) and start it after some time on windows 10 to offer user his original AV, but user can have another AV installed by this time or whatever else and we would like to detect if that user is lost for us or not

pm

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31078
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: backup.exe
« Reply #12 on: December 05, 2015, 05:31:56 PM »
Quote
These kind of privacy violations can't be justified simply by pointing a finger at the misdeeds of others
There are no privacy violations at all. If there where avast and others would have had a conviction by one (or multiple) court(s) a long time ago already. Same goes for others. There are no misdeeds. If you don't like things it doesn't mean they are violations or misdeeds.

Offline bob3160

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 48655
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: backup.exe
« Reply #13 on: December 05, 2015, 09:04:04 PM »
Yes, if Microsoft detects AV during upgrade to win10 it does one of the following:
1) [installed version compatible with win10] upgrade transfer this version to the windows 10 and it should run (sometimes we detect a troubles with these versions like firewall not running etc.)
2) [installed version isn't compatible with win10] upgrade deletes AV but transfers backup.exe and upgrade.exe and their data files (settings and licence) and start it after some time on windows 10 to offer user his original AV, but user can have another AV installed by this time or whatever else and we would like to detect if that user is lost for us or not

pm
I have had problems with the firewall not starting which has always been cured by doing a repair. I've never had a problem with the free version of Avast but, they were always the latest version of Avast.

Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

REDACTED

  • Guest
Re: backup.exe
« Reply #14 on: December 08, 2015, 06:03:11 AM »
As petr explained, there is nothing fishy about it.

It is covered in the privacy statement/EULA from avast.

Well I have opted-out of everything I can regarding data collection. Reading the Avast privacy statement here, https://www.avast.com/en-us/privacy-policy I can find no reference to the backup.exe function. Also, just to be clear, I do not use the Avast Backup Service.

Firewalled it ...

I understand that some telemetry is needed, so I guess the real gripe here is that this is new application behavior which consisted of contacting a remote server. No advance notice was provided to end users. Any decent system administrator who cares about data security would naturally be concerned by a sudden change such as this.

I do not understand many developers assumptions today that it is just ok to grab anything they feel is necessary off the user's PC, that a vague blanket EULA gives carte blanche access to anything at any time. 

Hiding behind a EULA does not make it right.
« Last Edit: December 08, 2015, 06:18:56 AM by tinstaafl »