The 6.0 Windows prevention policy has options for restricting write access to files under the startup folder. This prevents unauthorized launching of software as the system starts up.
The policy option to block modifications to startup folders, under a specific sandbox option group, determines if restrictions apply for writing to startup folders by this sandbox. It is usually not recommended to disable these options, because this technique is known to be used by malicious software to start itself after system restart
Alternatively, you can use the writable resource list to allow write access. When you use the writable resource list, you should be as specific as possible about the program using the resource and the resource name.
Enable this option to prevent programs from modifying the startup folders from the system.
Imported Document ID: HOWTO95363
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe