Umar.18

Level 2
Avast used to be a good product. Now they have turned it into total crap. Monetizing telemetry data collected without user knowledge. RIP Avast.
 

ted coffman

New Member
A friend of mine called and was having some CPU spiking issues. I created a remote session and logged in. She uses Norton, which is fine. But previously used AVG/AVAST. To my surprise, I found a program running called "OVERSEER", but it was running as a hidden process. Assuming it was malware I started to investigate and much to my surprise, I found this was a remnant of Avast/AVG. The person I was helping said they not only uninstalled AVG nearly 4 months prior, but they also followed up a normal uninstall with the AVG removal tool.

Investigating further, I found this program creates a persistence of itself, even after uninstalling via a Scheduled Task pointing to a file hidden in a non-AVG directory. It also reaches out to the Internet fairly regularly and traverses traffic.

Task: {67D89567-1909-4076-8115-4B8F80D19A72} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-12] (AVG Technologies CZ, s.r.o.)

To test this, I setup a test machine, installed AVG PAID. Then uninstalled it with Revo+Advanced, sure enough this program created persistence with itself. So then I ran the AVG removal tool from AVG themselves, and guess what - the file still remains and creates persistence with itself. I always had a problem with Avast/AVG, but now I feel like they exhibit malware-like behavior.

View attachment 197535
I recently loaded avg free on a win 10 laptop. It immediately slowed my system to a crawl. I ran another paid malware software and it found adware in an avg file. Goodbye AVG. Now, it runs correctly without that nasty wanna be supposed free software.