[Kees1958]

ISP service includes email scanner and spam-filter. Wireless Router with WPA2, SPI (message range) with Flood/Poisoning/Spoofing protection and Norton DNS (on malware). Changes in Blue

Running as Admin on Windows7 x32 ultimate with OS-build-in security:

----------- from network stack to process stack ------------------
Use Windows FW both for inbound and outbound. Added a deny execute on all threat gate folders (browser download, e-mail and media player using Access Control Lists deny execute/traverse folder for Everyone).

--- from Low Rights (Protected mode) to Medium Rights (LUA) ---
Using Chromium (unsigned application) with Chrome sandbox and build in safe browsing. Running PDF and Flash plug-in with Mandatory Low Rights. Using startpage as search engine, vista basic/windows7 skin with extensions Bitdefender QuickScan and VTchromizer

-------- from Medium (LUA) rights to High (Admin) Rights ---------
User is only allowed to execute signed executables (AppLocker) plus Chromium and 7-Zip, Admin is allowed to run all from safe places (SRP). Unsigned programs can't elevate to Admin (UAC). Running browser, mail, media player "As Invoker" (file and registry virtualisation) with EMET 3.0 memory overflow protection.

--------------------------- On demand -----------------------------
- Grand parent (USB drives), Parent (NAS, 2nd HD), Child (HD) backup scheme with Win7 Image and Synctoy Data backup
- Running CCleaner through scheduled task (/run /tn) to evade UAC pop-up
- HitmanPro Free scan