- May 3, 2015
- 1,535
Quite truePaid security softwares do the same
Avast as a Company?
- Thread starter Indingo
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Jun 15, 2020
- 23
I have noticed another concerning thing today. I have Avast Premium Security installed on a Windows 11 machine, with a minimal Avast install from its installer. I was shocked to find that without my permission and with no prompting it was changing my DNS server and routing all my DNS requests through its own DNS server when I have a VPN (iVPN) installed which is set to use its own DNS servers. It literally hijacked my DNS requests with no permission. I don't have any module installed to do with its VPN.
I am not using this software anymore even though I have paid for it. It's literally going out of its way to gather data in the most scummy ways possible. I have never seen an antivirus hijack my DNS before. It was even able to disable iVPNs DNS servers to allow its own. I only had the antivirus module installed with no others and I have never even changed the settings other than disabling the privacy stuff in personal settings.
Avast is actually untrustworthy if it's doing stuff like that. I only noticed because I was not getting OSID ad filtering from iVPN DNS servers.
I am not using this software anymore even though I have paid for it. It's literally going out of its way to gather data in the most scummy ways possible. I have never seen an antivirus hijack my DNS before. It was even able to disable iVPNs DNS servers to allow its own. I only had the antivirus module installed with no others and I have never even changed the settings other than disabling the privacy stuff in personal settings.
Avast is actually untrustworthy if it's doing stuff like that. I only noticed because I was not getting OSID ad filtering from iVPN DNS servers.
- Mar 29, 2018
- 7,107
Microsoft Defender. You'll hardly know it's there.
Are you talking of its Real Site feature, which supports encrypted DNS in browsers?
I have it turned off and use my VPN instead
- Jun 15, 2020
- 23
I am not sure as I'm not familiar with the software. I did not enable anything called (Real Site) or any module relating to network, just antivirus. I am just annoyed that it would change my DNS server without warning and route all my DNS queries outside of my VPN and to their own servers. This is especially bad considering Avasts history with selling user information. I am sure correlating my Avast account with my DNS queries would be possible if they wanted to for selling user data.
It was an actual Avast VPN DNS server when I checked the hostname.
.
Minority opinion it appears but I really like Avast Free (Core & Ransomware shields) I've disabled all the options in Settings / Personal Privacy. I get the odd alert about IP address being visible or similar (about 1 per day) but given I'm using free option one click to close an alert isn't onerous. I'm using Avast alongside VS Pro and the system impact is minimal.... in my case, on my PC, far less than using Defender. The two products combined offer solid protection so I'm happy.
I've disabled all the options in Settings / Personal Privacy. I get the odd alert about IP address being visible or similar (about 1 per day) but given I'm using free option one click to close an alert isn't onerous. I'm using Avast alongside VS Pro and the system impact is minimal.... in my case, on my PC, far less than using Defender. The two products combined offer solid protection so I'm happy.Chance upon this.
Quote
Importantly, there are several Avast products that can help protect your DNS. These include Avast SecureLine VPN, Avast Secure Browser and Avast Antivirus, which each offer various DNS protective features.
Unquote
How to best secure your DNS
DNS attacks are on the rise, increasing in sophistication and in terms of raw numbers. When choosing strong DNS protection, it's important to know what features to look for.
blog.avast.com
I suggest you check Avast AV features
- Mar 16, 2019
- 3,635
It only does this when the "Real Site" feature available only in paid versions is installed and enabled. Otherwise, it doesn't change DNS. But I think they don't tell users that the real site feature changes DNS, which is really bad.
- Feb 17, 2018
- 870
They tell, but people tend not to read anything.
Applies to Avast Premium Security for Windows
Real Site is a feature in Avast Premium Security that protects you against DNS hijacking. We recommend always keeping Real Site enabled and only disabling it for troubleshooting purposes. This article explains how to adjust Real Site settings to exclude a URL from Real Site protection, or route your traffic through trustworthy Avast DNS servers even when using an encrypted DNS browser.
Exclude a website
You may want to exclude a trusted URL from Real Site protection if your network blocks or filters encrypted DNS requests. To exclude a website from Real Site protection:- Open Avast Premium Security and go to ☰ Menu ▸ Settings.
- Select General ▸ Exceptions, then click Add exception.
- Type the website URL into the text box using the following example as a reference: dns://*.example.net*. Then click Add exceptionto save the exclusion.
Support encryption in DoH browsers
Many internet browsers now include the DoH (DNS over HTTPS) protocol, which encrypts the content of your DNS requests, making them invisible to others on your network. When you set Real Site to work with browsers that use DoH, your requests are routed through trusted Avast DNS servers and even the end points (such as Google and Cloudflare) are unable to see your DNS queries.- Open Avast Premium Security, then select Protection ▸ Real Site.
- Click the Settings icon on the right side of the Real Site screen.
- Tick the box next to Support encrypted DNS in browsersto enable this setting, or untick the box to disable it.
Disable Real Site
- Open Avast Premium Security, then select Protection ▸ Real Site.
- Click the green (ON) slider, then select a time duration from the list.
- Click OK, Stopto confirm that you are disabling Real Site intentionally.
Last edited by a moderator:
- Jun 21, 2011
- 566
- Mar 16, 2019
- 3,635
They probably updated the info when they updated their website when Avast One was introduced. Before it only said, it protects you from DNS hijacking without any mention that it changes DNS to Avast. Even then, according to the screenshots of the Avast UI, real site is not telling that it protects you from DNS hijacking by changing DNS to Avast. They should be more transparent about it in the UI. Changing DNS without properly telling the users is itself a DNS hijacking behavior IMO. When they introduced it, many users didn't realize what it was doing until they checked their DNS.They tell, but people tend not to read anything.
Applies to Avast Premium Security for Windows
Real Site is a feature in Avast Premium Security that protects you against DNS hijacking. We recommend always keeping Real Site enabled and only disabling it for troubleshooting purposes. This article explains how to adjust Real Site settings to exclude a URL from Real Site protection, or route your traffic through trustworthy Avast DNS servers even when using an encrypted DNS browser.
Exclude a website
You may want to exclude a trusted URL from Real Site protection if your network blocks or filters encrypted DNS requests. To exclude a website from Real Site protection:
The URL is added to the exceptions list. For information on managing the exceptions list, refer to the following article:
- Open Avast Premium Security and go to ☰ Menu ▸ Settings.
- Select General ▸ Exceptions, then click Add exception.
- Type the website URL into the text box using the following example as a reference: dns://*.example.net*. Then click Add exceptionto save the exclusion.
Support encryption in DoH browsers
Many internet browsers now include the DoH (DNS over HTTPS) protocol, which encrypts the content of your DNS requests, making them invisible to others on your network. When you set Real Site to work with browsers that use DoH, your requests are routed through trusted Avast DNS servers and even the end points (such as Google and Cloudflare) are unable to see your DNS queries.
- Open Avast Premium Security, then select Protection ▸ Real Site.
- Click the Settings icon on the right side of the Real Site screen.
- Tick the box next to Support encrypted DNS in browsersto enable this setting, or untick the box to disable it.
Disable Real Site
Real Site is disabled for the selected time duration and automatically enables again after this time passes. To manually enable Real Site, click the slider again so that it changes from red (OFF) to green (ON).
- Open Avast Premium Security, then select Protection ▸ Real Site.
- Click the green (ON) slider, then select a time duration from the list.
- Click OK, Stopto confirm that you are disabling Real Site intentionally.
I would recommend to not use or install this Avast feature. I don't hate Avast, I actually like many things about it, but I hate this Real Site feature. Even the name Real Site is confusing and don't tell you anything. DNS protection would probably be a more accurate name for it.
- Jun 15, 2020
- 23
I have been installing and modifying security software for 15 years. I don't post much on security forums but I have been a lurker from the early days of AVG 7.5. I read every installer and modify my installations so that I am using the minimum amount of modules to do what I need and getting rid of the extras. I was not prompted or given any warning about RealSite or DNS changes while installing Avast. I consider what it did to be DNS hijacking by a security company who wants to sell my data.They tell, but people tend not to read anything.
Applies to Avast Premium Security for Windows
Real Site is a feature in Avast Premium Security that protects you against DNS hijacking. We recommend always keeping Real Site enabled and only disabling it for troubleshooting purposes. This article explains how to adjust Real Site settings to exclude a URL from Real Site protection, or route your traffic through trustworthy Avast DNS servers even when using an encrypted DNS browser.
Exclude a website
You may want to exclude a trusted URL from Real Site protection if your network blocks or filters encrypted DNS requests. To exclude a website from Real Site protection:
The URL is added to the exceptions list. For information on managing the exceptions list, refer to the following article:
- Open Avast Premium Security and go to ☰ Menu ▸ Settings.
- Select General ▸ Exceptions, then click Add exception.
- Type the website URL into the text box using the following example as a reference: dns://*.example.net*. Then click Add exceptionto save the exclusion.
Support encryption in DoH browsers
Many internet browsers now include the DoH (DNS over HTTPS) protocol, which encrypts the content of your DNS requests, making them invisible to others on your network. When you set Real Site to work with browsers that use DoH, your requests are routed through trusted Avast DNS servers and even the end points (such as Google and Cloudflare) are unable to see your DNS queries.
- Open Avast Premium Security, then select Protection ▸ Real Site.
- Click the Settings icon on the right side of the Real Site screen.
- Tick the box next to Support encrypted DNS in browsersto enable this setting, or untick the box to disable it.
Disable Real Site
Real Site is disabled for the selected time duration and automatically enables again after this time passes. To manually enable Real Site, click the slider again so that it changes from red (OFF) to green (ON).
- Open Avast Premium Security, then select Protection ▸ Real Site.
- Click the green (ON) slider, then select a time duration from the list.
- Click OK, Stopto confirm that you are disabling Real Site intentionally.
It's actually incredibly rude to change a person's DNS server without permission. It's like your babysitting agency changing your babysitter while you are at a restaurant and not informing you because (well we know this other person is safe because it's also our employee so we did not need to inform you of the change).
It should come up as a giant popup (Avast wants to change your DNS to enable to RealSite feature, do you accept this change? (Click here for more info).
The fact that they don't is just malicious compliance.
