Block Write Access To Run and RunOnce Registry Entries.

by Nirmal Sharma [Published on 1 Oct. 2008 / Last Updated on 3 Oct. 2008]

Blocking write access to Run and RunOnce registry entries for malware or other unwanted programs running in the system.

Your system becomes unstable because of the malware programs running in the background. You identify these programs and kill them in the Task Manager but these programs will re-appear in the Task Manager after you reboot the system. This is because these programs will run again from the below mentioned registry keys:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

To run only allowed programs, you need to modify the permissions on the Run and RunOnce registry keys.

Steps:

  • 1. Remove all the unwanted programs from Run and RunOnce registry keys using Registry Editor.
  • 2. Remove any other account from the Security Tab except SYSTEM Account and grant this accound only the "Read Only" permission.
  • 3. Reboot your system.

 

See Also

Featured Links