The invention discloses a blocking method and system for encryption viruses applied to computer files. The blocking method comprises the following steps: presetting a defense auxiliary file with a file type encrypted correspondingly by the encryption viruses; presetting a first association list of a preset file path and a file type, and a second association list of a file handle and a file type; monitoring all computer files including the defense auxiliary file in real time, and when performing operation on a computer, obtaining operation behaviors of executing the computer files in a calling process, and file paths and file handles of the computer files; judging whether the operation behaviors are encryption operations of the viruses or not according to the first association list and the second association list; and if the operation behaviors are the encryption operations of the viruses, blocking the encryption operations. According to the blocking method disclosed by the invention, whether the operation behaviors are encryption behaviors of executing the viruses can be quickly and efficiently judged, and the limitation of a traditional virus checking and killing technology is overcome.