As a senior citizen and newbie to windows 10 (reconditioned 2nd hand desktop) I turned on all security settings in Windows 10 that I could find. That was not necessarily a good thing. I’m posting here (if only for my future reference) to turn off some features, next time. More will probably follow as I work through getting this beastie up and running. * Don’t install Shadow Defender with controlled folder access still turned on. Windows will complain about SD trying to take control. * Also, don’t worry that SD will turn off Memory Integrity/core isolation. (I guess SD will need to be on as much as possible from now on). Note to self: This switch is found under: windows security>virus & threat protection>ransomware protection>manage RP>turn on CFA * Don’t have “Force randomization for images (Mandatory ASLR)” turned ON. Leave it in its default setting of “Off”. Otherwise it totally breaks “Portable App executable programs from running/executing. [error code 0xc000007b]. Note to self: This switch is found under: windows security > app & browser control > exploit protection. Also, have not yet worked out how to change “Edge is managed by your organisation” (so can’t change the DNS setting (to Quad9, for example) as it’s greyed out.” [A legacy GP setting I have not found yet]. No biggie, I’ll just use Firefox. More to follow, quite possibly. feandur.
When you want to stay with Windows own AV as your main AV you could take a look at: configure defender https://www.majorgeeks.com/files/details/configuredefender.html The dev "Andy Ful" is very active on Malwaretips and has two other programs also. But the easiest one would be configure defender and just press "high". What ever you do it's always good to have a working backup. Macrium Reflect free is a very nice/reliable program for that.
Are you using one of those anti-spy/telemetry privacy utilities? I recently discovered that "managed by" in Edge on my system (Win10 Pro 21H1) using O&O ShutUp. https://www.wilderssecurity.com/posts/3048630/ That said, I don't have experience with any other of the utilities, but it stands to reason they might have the same effect. Firefox, me too.
I agree with @Freki123 that it is safest just to use Configure Defender and press the "HIGH" button, then follow the prompts. I would definitely not manually change Windows security settings, especially Exploit Guard. For a little more protection, one could also consider Simple Windows Hardening, another free tool by Andy Ful (the creator of Configure Defender).
I will endorse this recommendation as well. Andy Ful's utilities are brilliantly conceived and he is first-rate at offering help if needed.
Thanks all. I'm keeping my fingers crossed that I don't have any more stuff-ups.. but don't mind if it happens as I'm learning, a lot, in the process.. (And I have an image to fall back on if the s..t really hits the fan). But greatly appreciate the guidance and understanding I get here at Wilders. Couldn't do it without it. @wat0114, @SouthPark, @Freki123: Sitting very equally on the fence between SWH or OSA. Putting it on the (decision) shelf for now, as I have bigger fish to fry (deciding and installing a two-way Firewall, etc) to get this old PC to a point it can be used to replace our much older Win 7 box. @Surt, @Krusty Yes, I have Spyware Blaster (v6) installed. That could be it. I noticed discussions in that thread in Wilders. I need to think about this a bit more, and take in javacool's postings, before doing anything. {Off topic: But don't like the winaero suggesting of deleting the registry key for Edge (seems severe). https://winaero.com/remove-managed-by-your-organization-from-microsoft-edge/ } Sorry mods. Many thank to you all. cheers, feandur
