Re: This:
"It does so by preventing executables running from the Windows AppData and Startup folders."
I always like to put stuff i want to run at statup into HKLM\software\ms\win\current ver\run
That way it runs for all users not just the current one
Biting the hand that feeds IT
