After designing a simple infectious virus, we find the Active Defense Strategy of mainstream anti-virus software can’t intercept the infectious operations effectively. Under normal circumstances, the original PE files of the system cannot be modified. According to this characteristic, the following article develops a way to realize initiative recovery by monitoring illegal write operation of original PE file and design a system–PEPS. The simulation experiments show that the method is more effective on the defense of infectious viruses than mainstream anti-virus software.