Latest Changes
Aug 8, 2019
Operating System
  • Windows 10
  • Windows Edition
    Pro
    Version or Build no.
    1903
    System type
    64-bit operating system; x64-based processor
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Always Notify
    Network Security (Firewall)
    Windows Defender Firewall
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Standard
    Sign-in Accounts
    None
    Sign-in Options
  • Password
  • Malware Testing
    I do not participate in downloading malware samples
    Real-time Web & Malware Protection
    Windows Defender
    VoodooShield Pro
    RTP - Custom security settings
  • Minor changes for Increased security
  • RTP - Details of Custom security settings
    ConfigureDefender @ Max + Smartscreen = Warn + Security Center = Visible
    VoodooShield Pro @ custom settings
    Various OS hardening
    Virus and Malware Removal Tools
    Emsisoft Emergency Kit
    Hitman Pro (free)
    Browsers and Extensions
    Brave Beta - Hardened via Brave:flags + Built-in Ad/Tracking/Script protection + Bitdefender Trafficlight + Privacy Possum
    Edge Dev Chromium - Hardened via Edge:Flags + µBO + Privacy Possum
    Privacy-focused Apps and Extensions
    Brave Beta - Built-in + Privacy Possum
    Edge (Dev) - µBO + Privacy Possum + Cookie Autodelete
    Password Managers
  • Brain exe + little black book
  • Web Search
  • StartPage
  • System Utilities
    BleachBit - "Hillary uses it!"
    Windows built-in
    TinyWall 2.1.11
    Hard_Configurator Beta v.5.0.0
    Data Backup
    Copy/Paste -> Free Agent Drive
    Frequency of Data backups
    Weekly
    System Backup
    Windows Built-in - image > Free Agent drive
    Frequency of System backups
    Regularly
    Computer Activity
  • Browsing web and email
  • Watch movies and other entertainment content on the Internet
  • Shared device is used by family members
  • Download files from different sources
  • Office and work related tasks
  • Video or photography editing
  • Computer Specifications
    Lenovo L340 i3 8145U CPU @ 2.10 GHz 2.300 GHz 8GB DDR4 RAM 1 TB HDD

    Evjl's Rain

    Level 43
    Verified
    Trusted
    Content Creator
    Malware Hunter
    you can delete overseer by some tricks (disable AVG's defense and delete) and prevent it to be appeared in your computer (use folder security tab to deny write permissions of all accounts)
    after all, reenable self-defense
     

    Evjl's Rain

    Level 43
    Verified
    Trusted
    Content Creator
    Malware Hunter
    Thanks for the tip. Overseer deleted (y)
    and we should apply the Folder security setting to block avast from installing overseer in the next update
    every update or Repair, avast will re-install overseer if I'm not mistaken

    Added AVG Free Beta @ hardened mode + high sensitivity, with settings > balanced for security and performance.

    AVG Free now has a number of available personal privacy settings, which may indicate they've responded to the backlash they've experienced the last few years. In any case, I've blocked AVGUI and overseer.exe in firewall. I quite enjoy this AV.

    I installed this last weekend and have now joined the AVG Anti-hate Coalition started by @stefanos! :LOL::LOL::LOL:

    Hardened mode really works. It blocked VoodooShield! :LOL::LOL::LOL:

    View attachment 215270

    Edit: This new version removes overseer.exe upon uninstall.
    hi, does AVG have Settings -> troubleshooting -> open old settings?
    does it have customization for hardened mode aggressive?
     

    stefanos

    Level 24
    Verified
    and we should apply the Folder security setting to block avast from installing overseer in the next update
    every update or Repair, avast will re-install overseer if I'm not mistaken


    hi, does AVG have Settings -> troubleshooting -> open old settings?
    does it have customization for hardened mode aggressive?
    Have not option for hardener mode at old settings.
    215290
     
    Last edited:

    Evjl's Rain

    Level 43
    Verified
    Trusted
    Content Creator
    Malware Hunter
    when we enable hardened mode, that hardware virtualization is redundant because virtualization is used for Deepscreen (sandbox analysis for 15 seconds to determine if something is safe/malicious). When hardened mode is on (HM moderate), deepscreen is ignored and the app will be blocked straight away without being analyzed

    HM moderate: ignore deepscreen and block the app if the app is suspicious enough to trigger deepscreen. It allows everything to run except low prevalent files
    HM agressive: check the app with avast's cloud and only runs if it's whitelisted by avast
     

    oldschool

    Level 34
    Verified
    @stefanos @Evjl's Rain - I am still testing overseer.exe. Blocking in FW may hinder updates > necessitate manual update. It's kind of hard to tell because of difference of timestamp/release date for signatures. I allowed it in FW last night and release time was earlier than when blocked, but I am still unsure of the process. I think it may be easier just to block in FW. My question is what exactly does overseer.exe do? It is supposed to check for errors/corruption of the program and initiate a repair. Is it also responsible for reporting all your data? It's such a poor choice of names for this exe, it's no wonder they had such a backlash over it.

    Old settings are still available in Troubleshooting.

    Hardened mode is in new settings, not old. There is no option for "Aggressive".

    It allows everything to run except low prevalent files
    Yes. It blocked VoodooShield and @Andy Ful Firewall Hardening Tool.

    AVG_OldSettings_2019-06-20 082808.png

    AVG_Hardened_Mode 2019-06-20 082402.png
     

    Andy Ful

    Level 47
    Verified
    Trusted
    Content Creator
    ...
    Yes. It blocked VoodooShield and @Andy Ful Firewall Hardening Tool.
    ...
    The Firewall Hardening tool was not sent yet to Avast for whitelisting. It will be sent as a part of the new H_C version, and then it will be probably allowed by AVG overseer.exe.

    Here are some notes about overseer from the guy who worked for Avast on this feature in the 2017 year: What "avast overseer" is?
    It seems that overseer should not be the reason for blocking VS or H_C.
    Users on some forums complain that overseer continues to run after uninstalling AVG.
     

    oldschool

    Level 34
    Verified
    Here are some notes about overseer from the guy who worked for Avast on this feature in the 2017 year: What "avast overseer" is?
    It seems that overseer should not be the reason for blocking VS or H_C.
    Yes, I'm familiar with that thread. I knew overseer had nothing to do with VS, it was hardened mode as indicated in the notification. I just think it's funny that "all the best security software is malware" - according to @shmu26.
     

    plat1098

    Level 9
    Verified
    oldschool: I apologize for intruding but you have a lot happening in your thread and it's interesting. I'm looking to tighten up the Windows firewall a bit and don't want a third party front-end. What can you say about the Firewall Hardening Tool you're using? Is it worthwhile?

    I've already disabled SMB1 via Turn Windows Features On and Off. Are settings similar in scope to this one available in the Tool?
     

    oldschool

    Level 34
    Verified
    oldschool: I apologize for intruding but you have a lot happening in your thread and it's interesting. I'm looking to tighten up the Windows firewall a bit and don't want a third party front-end. What can you say about the Firewall Hardening Tool you're using? Is it worthwhile?

    I've already disabled SMB1 via Turn Windows Features On and Off. Are settings similar in scope to this one available in the Tool?
    No problemo! There are outbound rule profiles (ala SysHardener) for H_C Recommended, LOLBins, MS Office and Adobe Acrobat. Check here for more info as there is no separate thread for it ATM: https://malwaretips.com/threads/hard_configurator-windows-hardening configurator.66416/page-75 Info is sprinkled throughout. Is the tool useful? Yes. Necessary? It all depends. It also allows you to easily create new rules. Just be aware that rules profiles can only be removed with the tool, not directly in WFW, if I remember correctly.
     

    shmu26

    Level 82
    Verified
    Trusted
    Content Creator
    Just be aware that rules profiles can only be removed with the tool, not directly in WFW
    AFAIK you can open "Windows Defender Firewall with Advanced Security" (admin rights required), go to the Outbound Rules tab, scroll down until you find the rules you want, and disable or delete them. That's what I did with the SysHardener rules that became redundant after I installed the FirewallHardening rules.
     

    oldschool

    Level 34
    Verified
    AFAIK you can open "Windows Defender Firewall with Advanced Security" (admin rights required), go to the Outbound Rules tab, scroll down until you find the rules you want, and disable or delete them. That's what I did with the SysHardener rules that became redundant after I installed the FirewallHardening rules.
    Regarding Firewall Hardening Tool - from H_C thread post #1641: "... The applied rules may be also viewed when using Windows Firewall Advanced settings, but can be managed only by Firewall Hardening tool, or by editing the Registry under the key: HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules. ..."
     

    shmu26

    Level 82
    Verified
    Trusted
    Content Creator
    Regarding Firewall Hardening Tool - from H_C thread post #1641: "... The applied rules may be also viewed when using Windows Firewall Advanced settings, but can be managed only by Firewall Hardening tool, or by editing the Registry under the key: HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules. ..."
    Thanks for the clarification. My bad.