HomeFreeware ToolsWindows TipsSite ThemeContact Us

Protect Windows 2000 and XP from Viruses

Change the Permissions on your registry

Many windows virii create an entry in a specific registry key which causes the computer to run the virus each time it start. Changing the permissions on that key will prevent any virus that uses that method (unfortunately not all of them!) from infecting your system. You must be using Windows 2000 or XP (or possibly NT?) as this is not possible in Windows 9x or Me. You also need administrative access to the system. As far as I know, this cannot be scripted, although you could automate it with third-party utilities.

Before you make any changes to your registry, make a backup and make sure you know the risks involved.

Run regedt32 and navigate to the following key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

In Windows XP, right-click Run and select Permissions. Click Advanced and uncheck the box labeled 'Inherit from parent..." (See picture.)

In Windows 2000, click on Run, click the Permissions menu and choose Modify.

When a dialog appears, select Copy. Now select an entry with Full Control. Clear all boxes except the Allow box next to the following permissions:

Query Value
Enumerate Subkeys
Notify
Read Control

Click OK and then make the same change to each entry that has Full Control (CREATOR OWNER may have special permissions.)

 

Removing the Restrictions

This registry modification is helpful in reducing the likelihood of virus infection, but because it prevents the addition of new entries to the Run key, some software installation routines may fail. After making this change to the permissions, if you want to install any software that may need to auto-launch each time Windows boots, you will need to temporarily allow it.

To allow keys to be added to the Run key:

Run regedt32 and navigate to the following key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

In Windows XP, right-click Run and select Permissions. In Windows 2000, click on Run, click the Permissions menu and choose Modify.

Select Administrators and check the Allow box next to Full Control. Repeat for System. Click OK and install your software. Remember to change it back when you're finished.