PDF Reader i installed from windows store.
Great. I was thinking that maybe you could get rid of AV and Windows, by using Chromebook. Yet, if you are using MS Office for productivity, then you probably cannot do it.
If you do not install the new applications, then you can lock your system by any Anti-Exe, SRP, or Sandbox application.
If you are semi-advanced user then you can adopt one of the below applications:
non-Microsoft SRP: AppGuard (paid)
Anti-Exe: NVT ERP beta (free for now), or VoodooShield (free, but paid version is stronger).
Auto Sandbox: Comodo Firewall (free, Cruelsister settings), ReHIPS (tweaked).
Most compatible with Windows and fastest setup, will be when locking the system with default deny Windows built-in SRP, and some Windows policies + safe policies for MS Office.
If you are an advanced user, then you can do it on Windows Pro via GPO, and on Windows Home & Pro via Hard_Configurator. You can also try Excubits drivers (Bouncer, MemProtect, MZWrite Scanner, Fides).