have you checked this post,
hawkeye62?
https://windowsforum.com/posts/678722/ typically, it's not so much the exploits as it is the operator. his/her actions usually govern the infection rate … no matter how well fortified his arsenal may be. fact remains …
safesear.ch is a "pup" … and usually is acquired when a person downloads other
"legitimate" software. just last week malwarebytes-anti-rootkit caught a raid-trojan in my temp folder which neither avg nor windows-defender nor malwarebytes-anti-malware caught.
safe practices means safe computing means your internet alliances will also be happy/secure.
personally, i'd suggest a five-step approach.
- don't let anyone else use your computer or connection.
- soon as you boot up, update the reference files for your arsenal and scan.
- before you download anything global … scan your computer for anything disturbing.
- create/remove system restore-points.
- keep abreast of trends.
i been using
avg for many years,
hawkeye62 … my arsenal also contains several
malwarebyte itinerants. i utilize
abp ad-blocker in my browsers
(firefox/chrome) and make certain i keep low profile on the browser addons.
hijackthis and
spywareblaster also complement my artillery. i sport a password-manager … and
windows-defender sleeps until it's awakened.
elaborating the above steps:
1.) the person may be your spouse or family or friend … doesn't matter. unless you are an expert on windows-os … don't let them near your computer. if you are advanced enough, create user-account for that person … that account may/mayn't offer access to outside world
(your decision) … that account should
not have admin-priv … that account should not be able to install software or copy files to/from internet.
2.) cars need oil-changes … air-cons need refrigerant
(r410) boosters … floors need sweeping … laundry needs to be washed. same goes for one's security arsenal … do it! update those reference files … every time you power up your computer.
there will be time when microsoft is updating their crap … give it ample space and time to finish it's task. if you do not have a 1tbps speed … go sweep your garage while microsoft finishes.
3.) the pipeline … between your comp/periphs and the outside world … that's where most of the risk occurs. from email-provider to social-groups to media-streaming to your contacts … entry-points exist within every axis. trust is never reliable and should never be guaranteed.
the picture your son attached to his email … is it clean? a trusted website such as
microsoft.com or
classicshell.net … are you certain the files you are downloading are safe? the news-website you are patron of during late evening hours … is something risky going on behind the browser shell? thanks to fellow member
kemical and extraordinaire for the alert.
before you download anything global … scan your computer and it's peripherals for anything disturbing. copy the url of the file you wish to download … go to
virus-total and get their seal of approval. take screen-cap of the little window for d/l file … make sure it's representative of it's logical point of entry.
(i.e. AVG_Protection_Free_1606.exe is from http://files-download.avg.com and not from hackers_unlimited.com). if you are confident of the source, size, "ext" of the file … proceed to d/l file. once on your drive, throw your security-arsenal at the file. take screen-cap of windows "programs-installed" interface
(appwiz.cpl) … sorted by most recently installed.
if your intent is to install software; when installing … concentrate on the interface … choose "custom-install" … never install any third-party bs or toolbars or anything. why not? search google for what happens when web-browser toolbars are installed. during installation process, click "next" only if you're comfortable. if, at any time, a "back" button appears … click on that back-button … is the "back-screen" same screen as before you proceeded? personally, i take screen-cap every time i hit "next" or "back" in the installation interface.
continuing forward … you've had virus-total scan your url … you have scanned your computer/periphs with your arsenal … you created a restore-point … and your software has successfully installed. now, take another screen-cap of
appwiz.cpl (sorted most recent) … and scan your computer/periphs again. perform "rootkit" scan as well as "ransomware" scan … there are free products on the market that can assist … i been using malwarebytes.
oh! btw … there was recent scare on the internet few weeks ago … with regard to using malwarebytes products, make sure the malwarebytes files you d/l are a bonafide/legitimate files
(use virus-total) … do your research. look back at my previous post regarding malwarebytes … also, pls read posts of other members here on
windowsforum for their opinions and invaluable experiences as well.
4.) windows "restore" points … prior to installing/removing software … create a system restore-point. also, of the previous 10+ restore-points currently existing, delete the oldest restore-point. by removing previous points in this manner, you lessen the burden on your os as well as storage-accrued.
5.) most likely, you are a steward of the global community … whether you like it or not. keep abreast of security exploits and notifications of policy-changes. doing so will increase your own self-awareness.
before closing this post,
hawkeye62 … i wish to interject a couple thoughts:
- windowsforum member and fellow netizen neemobeer mentions software that goes by the name of "process-explorer" … this program really offers some good analysis and is quite robust.
- also … stop using simple passwords and duplicate names/passwords … get yourself a password-manager and be "hip" … your family 'n friends will love you for it.
ref:
- windowsforum.com/posts/678722/
- windowsforum.com/threads/care-needed-with-classic-shell.222629/#post-677823
- windowsforum.com/posts/681506/
- technet.microsoft.com/en-us/sysinternals/processexplorer.aspx
However, these products don't rate that high on independent testing; so another strike against them. Take a look at the products that are highest rated on this AV report here: 
