Saw on another site these suggestions for improving security on Win 7: 1. Disable writing to the registry keys 2. Deny all access to: Vssadmin.exe, Wmic.exe, and \Run 3. Prevent any program from executing in: \Downloads, \Temp, and %AppData% 4. Restrict all downloads execution to: \Program Files Unfortunately not even hints on how to actually do any of this, nor is Google being helpful. Can anyone provide links to any how-to/DIYs a Win 7 newbie can use to do the above?
Which version of Win 7 are you using? If you have the pro version you can lock down a lot using group policy.
1: means broken programs/windows 2: means broken programs 3: TEMP/APPDATA means broken programs, "Download" -> Sandboxie forced folder 4: regular not possible, even not with admin rights, will call anytime UAC
It is not enough. You have to use roughly the same security configuration that I use in Windos XP. If you have the possibility to buy 2 software, the best choice are: 1) 0-Patch 2) NVT OSA