Latest Changes
Jun 15, 2019
Operating System
  • Windows 10
  • Windows Edition
    Pro
    Build Version
    1903
    System Architecture
    64-bit
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Always Notify
    Network Security (Firewall)
    Windows Defender Firewall
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Standard
    Malware Testing
    None - No Malware on host PC or VM
    Real-time Web & Malware Protection
    AVG Free Beta - current build
    VoodooShield Pro
    Custom Settings For Real-Time Protection
    Custom - Minor changes for Increased Security
    Custom Settings For Real-Time Protection Details
    AVG Free Beta - hardened mode + high sensitivity
    VoodooShield - custom configuration
    OS hardening - various
    Virus and Malware Removal Tools
    Emsisoft Emergency Kit
    Hitman Pro (free)
    Browsers and Extensions
    Brave Beta - Hardened via Brave:flags + µBlock Origin @ medium mode + Windows Defender Browser Protection
    Edge Dev Chromium - Hardened via Edge:Flags + µBlock Origin + Decentraleyes + Privacy Possum
    Web Privacy
    Brave - µBlock Origin
    Edge (Dev) - µBlock Origin + Decentraleyes + Privacy Possum
    Password Manager
    Brain exe + little black book
    Web Search
    StartPage
    System Utilities
    RunBySmartscreen 3.0.0
    Firewall Hardening Tool 1.0.0
    Document Anti-Exploit Tool
    BleachBit - "Hillary uses it!"
    Wise Disk Cleaner
    Windows built-in
    Data Backup
    Windows Backup -> Free Agent Drive
    Frequency of Data backups
    Monthly
    System Backup
    Aomei OneKey Recovery - one-click imaging!
    Frequency of System backups
    Regularly
    Computer Activity
  • Browsing web and email
  • Watch movies and other entertainment content on the Internet
  • Shared device is used by family members
  • Download files from different sources
  • Office and work related tasks
  • Video or photography editing
  • Programming
  • Computer Specifications
    Lenovo E531 i3 3120M CPU @ 2.50GHz 8GB DDR3 RAM 500GB Samsung SSD

    Evjl's Rain

    Level 41
    Verified
    Trusted
    Content Creator
    Malware Hunter
    you can delete overseer by some tricks (disable AVG's defense and delete) and prevent it to be appeared in your computer (use folder security tab to deny write permissions of all accounts)
    after all, reenable self-defense
     

    Evjl's Rain

    Level 41
    Verified
    Trusted
    Content Creator
    Malware Hunter
    Thanks for the tip. Overseer deleted (y)
    and we should apply the Folder security setting to block avast from installing overseer in the next update
    every update or Repair, avast will re-install overseer if I'm not mistaken

    Added AVG Free Beta @ hardened mode + high sensitivity, with settings > balanced for security and performance.

    AVG Free now has a number of available personal privacy settings, which may indicate they've responded to the backlash they've experienced the last few years. In any case, I've blocked AVGUI and overseer.exe in firewall. I quite enjoy this AV.

    I installed this last weekend and have now joined the AVG Anti-hate Coalition started by @stefanos! :LOL::LOL::LOL:

    Hardened mode really works. It blocked VoodooShield! :LOL::LOL::LOL:

    View attachment 215270

    Edit: This new version removes overseer.exe upon uninstall.
    hi, does AVG have Settings -> troubleshooting -> open old settings?
    does it have customization for hardened mode aggressive?
     

    stefanos

    Level 22
    Verified
    and we should apply the Folder security setting to block avast from installing overseer in the next update
    every update or Repair, avast will re-install overseer if I'm not mistaken


    hi, does AVG have Settings -> troubleshooting -> open old settings?
    does it have customization for hardened mode aggressive?
    Have not option for hardener mode at old settings.
    215290
     
    Last edited:

    Evjl's Rain

    Level 41
    Verified
    Trusted
    Content Creator
    Malware Hunter
    when we enable hardened mode, that hardware virtualization is redundant because virtualization is used for Deepscreen (sandbox analysis for 15 seconds to determine if something is safe/malicious). When hardened mode is on (HM moderate), deepscreen is ignored and the app will be blocked straight away without being analyzed

    HM moderate: ignore deepscreen and block the app if the app is suspicious enough to trigger deepscreen. It allows everything to run except low prevalent files
    HM agressive: check the app with avast's cloud and only runs if it's whitelisted by avast
     

    oldschool

    Level 30
    Verified
    @stefanos @Evjl's Rain - I am still testing overseer.exe. Blocking in FW may hinder updates > necessitate manual update. It's kind of hard to tell because of difference of timestamp/release date for signatures. I allowed it in FW last night and release time was earlier than when blocked, but I am still unsure of the process. I think it may be easier just to block in FW. My question is what exactly does overseer.exe do? It is supposed to check for errors/corruption of the program and initiate a repair. Is it also responsible for reporting all your data? It's such a poor choice of names for this exe, it's no wonder they had such a backlash over it.

    Old settings are still available in Troubleshooting.

    Hardened mode is in new settings, not old. There is no option for "Aggressive".

    It allows everything to run except low prevalent files
    Yes. It blocked VoodooShield and @Andy Ful Firewall Hardening Tool.

    AVG_OldSettings_2019-06-20 082808.png

    AVG_Hardened_Mode 2019-06-20 082402.png
     

    Andy Ful

    Level 44
    Verified
    Trusted
    Content Creator
    ...
    Yes. It blocked VoodooShield and @Andy Ful Firewall Hardening Tool.
    ...
    The Firewall Hardening tool was not sent yet to Avast for whitelisting. It will be sent as a part of the new H_C version, and then it will be probably allowed by AVG overseer.exe.

    Here are some notes about overseer from the guy who worked for Avast on this feature in the 2017 year: What "avast overseer" is?
    It seems that overseer should not be the reason for blocking VS or H_C.
    Users on some forums complain that overseer continues to run after uninstalling AVG.
     

    oldschool

    Level 30
    Verified
    Here are some notes about overseer from the guy who worked for Avast on this feature in the 2017 year: What "avast overseer" is?
    It seems that overseer should not be the reason for blocking VS or H_C.
    Yes, I'm familiar with that thread. I knew overseer had nothing to do with VS, it was hardened mode as indicated in the notification. I just think it's funny that "all the best security software is malware" - according to @shmu26.
     

    plat1098

    Level 7
    Verified
    oldschool: I apologize for intruding but you have a lot happening in your thread and it's interesting. I'm looking to tighten up the Windows firewall a bit and don't want a third party front-end. What can you say about the Firewall Hardening Tool you're using? Is it worthwhile?

    I've already disabled SMB1 via Turn Windows Features On and Off. Are settings similar in scope to this one available in the Tool?
     

    oldschool

    Level 30
    Verified
    oldschool: I apologize for intruding but you have a lot happening in your thread and it's interesting. I'm looking to tighten up the Windows firewall a bit and don't want a third party front-end. What can you say about the Firewall Hardening Tool you're using? Is it worthwhile?

    I've already disabled SMB1 via Turn Windows Features On and Off. Are settings similar in scope to this one available in the Tool?
    No problemo! There are outbound rule profiles (ala SysHardener) for H_C Recommended, LOLBins, MS Office and Adobe Acrobat. Check here for more info as there is no separate thread for it ATM: https://malwaretips.com/threads/hard_configurator-windows-hardening configurator.66416/page-75 Info is sprinkled throughout. Is the tool useful? Yes. Necessary? It all depends. It also allows you to easily create new rules. Just be aware that rules profiles can only be removed with the tool, not directly in WFW, if I remember correctly.
     

    shmu26

    Level 81
    Verified
    Trusted
    Content Creator
    Just be aware that rules profiles can only be removed with the tool, not directly in WFW
    AFAIK you can open "Windows Defender Firewall with Advanced Security" (admin rights required), go to the Outbound Rules tab, scroll down until you find the rules you want, and disable or delete them. That's what I did with the SysHardener rules that became redundant after I installed the FirewallHardening rules.
     

    oldschool

    Level 30
    Verified
    AFAIK you can open "Windows Defender Firewall with Advanced Security" (admin rights required), go to the Outbound Rules tab, scroll down until you find the rules you want, and disable or delete them. That's what I did with the SysHardener rules that became redundant after I installed the FirewallHardening rules.
    Regarding Firewall Hardening Tool - from H_C thread post #1641: "... The applied rules may be also viewed when using Windows Firewall Advanced settings, but can be managed only by Firewall Hardening tool, or by editing the Registry under the key: HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules. ..."
     

    shmu26

    Level 81
    Verified
    Trusted
    Content Creator
    Regarding Firewall Hardening Tool - from H_C thread post #1641: "... The applied rules may be also viewed when using Windows Firewall Advanced settings, but can be managed only by Firewall Hardening tool, or by editing the Registry under the key: HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules. ..."
    Thanks for the clarification. My bad.