Blocks automatic operation of the system and blocks viruses and Trojans

No matter what virus you encounter, it wants to occupy your system and infringe on your files. Most of them need to add themselves to the automatic operation every time the system restarts, if we have a way to make it lose this capability, you will stay away from most virus Trojans.

If you want to change the registry, it will not work automatically.

Virus Trojans are generally set to run automatically by modifying the Registry. We can set three corresponding countermeasures for these three methods:

1. Set the Registry auto-start item to the read-only permission of everyone (Run, RunOnce, and RunService) to prevent Trojans and viruses from being started by the self-starting project.

2.set .txt).comcmd.exe,. inf,. ini,. bat and other files to be associated with the read-only permission of everyone to prevent Trojans and viruses from being started through file association.

3. Set the Registry HKLMSYSTEMCurrentControlSetServices to the read-only permission of everyone to prevent Trojans and viruses from being started as "services.

We have specially prepared a batch processing file for you. After you download and run it, you can complete the above permission settings to avoid any worries (click to download the batch processing file ).

The whitelist only runs licensed Windows Applications

Setting a whitelist can effectively prevent external malicious programs from running in your system or set Automatic Running. This method is simple and effective.

Step 1: log on to WinXP with the Administrator account.

Step 2: Select "run" in the "Start" menu, enter the "gpedit. msc" command, and click "OK" to open the "Group Policy Editor" window.

Step 3: Expand the "user configuration> management template> System" branch in the left-side pane of the "Group Policy" window, in the right pane, double-click the "run only licensed Windows Applications" policy to open the "run only licensed Windows Application Properties" window.

Step 4: Go to the "Policy" tab in the "run only Windows Application Properties" window and select "start, click "show" to open the "show content" dialog box.

Step 5: click "add" in the "show content" dialog box to open the "add project" dialog box, and then enter the command line that allows the program to run in the corresponding text box, click OK to add it to the list of the displayed content dialog box.

After the configuration is complete, all programs except the programs specified in the list in WinXP will be banned from running, let alone viruses trying to add themselves to the auto-running ranks, and cannot run at system startup.

A place where virus and Trojan horses are restricted

When you browse the Web page, download the virus trojan that is executed locally. In many cases, it will first land in some common system directories, such as Temp, system32, and drivers, you can set permissions for the write directory to block them and prevent them from running automatically. Here, the C drive must be in the NTFS format to set permissions. Here we take the Temp directory as an example:

Step 1: Select "My Computer> Tools> Folder Options> View> remove" Hide protected system files "> select" show all files and folders "> OK ". This step is to display the temp folder for permission setting.

Step 2: Right-click "temp folder> Properties> Security> advanced", start setting now, select the permission project named your user name, and click "edit ". In "traverse Folder/run file", select "reject" and confirm in sequence.

Tip: FAT2NTFS

If your c drive is not in the NTFS format, run the doscommand to convert it to: convert c:/fs: ntfs, and you do not have to force detach the volume to continue the next step. The system plans to execute the next restart.

Alibaba, autorun. pif. To prevent such Trojans, we can also prevent them by setting permissions. However, the price we have to pay is that we cannot create files in the root directory. The method is as follows:

Step 1: Right-click disk D and choose "Properties> Security> group or user name". Here, only one user name is left.

Step 2: Select "advanced" and select the folder or file from the "apply to" list. This indicates that the directory is valid only for the local directory. We can still write or delete sub-directories.

Step 3: Set "Create File/Write Data" to "reject"; Set "folder/additional data" to "reject ".

In this way, the batch processing program is automatically run to prevent Trojans and viruses.