Folder Guard® User's Guide
The software described in this guide is furnished under a license agreement and may be used only in accordance with the terms of the agreement.
Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted. Complying with all applicable copyright laws is the responsibility of the user. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of WinAbility Software Corporation. WinAbility Software Corporation may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from WinAbility Software Corporation, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
The technical information in this document is provided AS-IS and WinAbility Software Corporation makes no warranty as to its accuracy or use. Any use of the information contained herein is at the risk of the user. This document may include technical or other inaccuracies or typographical errors.
© 2013 WinAbility Software Corporation. All rights reserved.
WinAbility, WinAbility.Com, Folder Guard, and "The Way Software Should Be!" are either registered trademarks or trademarks of WinAbility Software Corporation and/or its suppliers in the U.S.A. and/or other countries. Other product and company names mentioned in this document may be the trademarks or registered trademarks of their respective owners and are hereby acknowledged.
Folder Guard Overview
Thank you for choosing Folder Guard!
Folder Guard is a computer security program that lets you password-protect, hide, or restrict access to folders, files, and programs. It can also restrict access to the Control Panel commands, prevent downloading of programs from the Internet, control user access to the external drives, and more.
CAUTION: Folder Guard is a powerful tool that should be used with care. Please take time reading this User's Guide before protecting access to your important documents!
With Folder Guard you can:
Protect your private folders with passwords
You can protect virtually any "real" folder with a password, allowing only the authorized users to open the protected folder. You can protect an unlimited number of folders, each with its own password, or you can use the master password of Folder Guard to unlock them all at once.
Hide your personal files and folders from other users
You can set up Folder Guard to make your private folders invisible (or appear to be empty) to other users. The folder would be hidden from virtually any program, including Windows Explorer, Office, MS-DOS programs, etc.
Restrict access to the USB, CD-ROM and other removable drives
You can use configure Folder Guard to allow or deny access to the removable drives, restricting the user's ability to run or install unauthorized programs on your computer.
Protection without encryption
Folder Guard protects your files without encrypting them. It means that there is no danger of losing your documents if you lose your encryption key: with Folder Guard all your files remain intact, without modification of any kind.
Quickly pause and resume the protection via a "hot key"
You can choose a specific keyboard combination as the hot key of Folder Guard, to be able to quickly pause and resume the protection of your computer. Of course, the "hot key" is protected with your password, too, only you can use it!
Optional "stealth mode" of operation
You can set up Folder Guard to operate in the stealth mode, to hide its own files and shortcuts from being seen by other users.
Easy recovery in case of emergency
If you forget your password, or experience other problems, use the Emergency Recovery Utility (available for free download from our web site) to restore access to your protected computer.
You will find Folder Guard indispensable if you share your computer with others and you don't want any changes made to your files. Or, if you allow your kids to play games on your system from time to time, and want to be sure that everything will be OK when they finish. Or, if you don't want your parents to see some of your files. Or, if you are a network administrator and your users give you a headache messing the files up all the time. However you use Windows, you may have concerns about the security, privacy, or confidentiality of your files. And now you have a single, effective solution - Folder Guard.
If you have not done so yet, visit our web site now and download a free no-strings-attached-no-obligation evaluation version of Folder Guard and see for yourself how Folder Guard can be of use to you:
Note: Folder Guard helps you protect files and folders from the prying eyes of most Windows users. This protection, however, is not intended to withstand attack by anyone who has sufficient time and expertise.
How Folder Guard works
Relax, you don't have to read or understand this section in order to use Folder Guard. We have provided this information only in case you are really curious. You can safely skip this section and go to the next one.
As you probably know, most Windows programs don't work with files and folders directly; they rely on the support provided by the Windows operating system to work with files and folders. (It makes each program able to work with wide range of the storage devices, letting Windows take care of the details). For example, if you use Windows Notepad to open a text document, the Notepad program first prepares a special request for the contents of the disk and sends this request to Windows. Having received the request, Windows searches its internal data structures and the contents of the disks, and returns the results back to Notepad, which in turn shows the files and folders to you in the Open File window. After you have selected the file and pressed OK, Notepad prepares another request for opening the file you have selected, and sends it to Windows, as well. Windows reads the appropriate bytes of data from the disk and returns them back to Notepad, that shows them to you in its window. In reality, the procedure is much more complex: even a simple operation like the one described above may take hundreds of different requests sent back and forth between the program and Windows, before you can see the results on the screen. All such requests and actions are performed by the programs transparently to you, and you don't even have to know what is going on under the Windows hood, unless you really want to.
Folder Guard works by intercepting the system requests that Windows programs and Windows itself exchange between each other. Folder Guard analyses the requests and the data they contain, and uses the attributes of the files and folders that you have set up with Folder Guard to allow or deny such requests. For example, if you designated a file to be read-only, and some program sends a request to read information from this file, Folder Guard allows such request to go through without intervention, and passes the results from Windows back to the program. If, however, a program sends a request to write some data into such file, Folder Guard intercepts it, and returns it back to the program without passing it to Windows. This prevents the file from being overridden (as per the read-only attribute), and makes the program display an error message such as "Access denied" or similar.
That's how Folder Guard works.
What's new in this version of Folder Guard
Version 9.0 (April 20, 2013)
This is a major upgrade offering many changes, with the goal to make it easier to set up the protection and reduce possible confusion over the many options that Folder Guard offers. Here are the most significant changes from the previous versions 8.x:
Version 8.4 (March 25, 2011)
Version 8.3.2 (November 4, 2010)
Version 8.3.1 (November 1, 2010)
Version 8.3 (October 15, 2010)
Version 8.2 (September 25, 2009)
Version 8.1 (March 25, 2009)
Version 8.0 (January 31, 2009)
System requirements for Folder Guard
Folder Guard is for Windows 8, 7, Vista, XP, and similar versions of Windows. Windows Server 2003 and later are also supported. Both the 32-bit and x64 editions of Windows are supported. Folder Guard is NOT compatible with Windows RT, Windows 95, 98, Me, Windows NT, Windows 2000, or any older version of Windows.
There are no special requirements or recommendations except the obvious one: the better processor and more RAM your computer has, the better Folder Guard will perform.
How to install Folder Guard
How to uninstall Folder Guard
To completely uninstall Folder Guard, it's not enough to simply delete its program files from the installation folder. To completely remove Folder Guard from your computer, follow the instructions below.
IMPORTANT: If your computer is configured for several user accounts, login into the same user account that you were logged in when you installed Folder Guard. If you use Windows Fast User Switching, log off from all other accounts before trying to uninstall Folder Guard.
NOTE: If you have enabled the stealth mode of operation of Folder Guard, it has hidden the Uninstall Folder Guard command from the Start menu, as well as from the Add/Remove Programs list of Windows Control Panel. To restore these commands, run Folder Guard and use its Tools - Stealth Mode command the turn the stealth mode off, then exit Folder Guard before continuing.
Open Windows Control Panel, open the Programs and Features (or Add/Remove Programs) item, and use it to uninstall Folder Guard.
Run the Setup utility of Folder Guard with the command line switch /U. That is, choose Start - Run, and enter the following command:
If you use a 32-bit version of Windows:
"C:\Program Files\Folder Guard\Setup.exe" /U
If you use a 64-bit version of Windows:
"C:\Program Files\Folder Guard\Setup64.exe" /U
(This command assumes that you have installed Folder Guard into the folder C:\Program Files\Folder Guard; if not, please enter the correct path to Setup.exe (or Setup64.exe) in the command line above. Also note the double quotes around the path, as well as a space character in front of the /U switch, they are important parts of the command and necessary for it to work properly).
You will be prompted to enter your Master Password before the uninstalling could be continued. This is necessary to protect Folder Guard from being removed by unauthorized users. If you forget your password, use the Emergency Recovery Utility to reset it.
You may also be prompted to restart your computer, in order to deactivate Folder Guard and release the files that are currently in use by Windows, before they can be uninstalled.
Free vs. Continued use
You can use Folder Guard for the first 30 days FREE OF CHARGE, with no strings attached and absolutely no obligation to purchase anything!
During the 30 Free Days the operation of the software is not limited in any way, it is 100% functional. We make the software work without limitations so you can have a real look at it and decide whether or not it fits your needs. The only difference in the operation of the software during the free days is the Welcome screen that may be shown when you start Folder Guard:
How to purchase a license for continued use
We accept all major credit cards, and we also offer many other payment options.
Our upgrade policy: FREE upgrades for one year!
We provide free upgrades to the updated versions of the same product that we may release within one year from the date of your purchase. For example, if you have purchased your license in March 2010, you may use that license key for all updated versions of the same product that we may release during the next year, up to March 2011 (both minor and major upgrades are covered by this offer). In other words, within one year after the purchase you get all upgrades to the product free of any charges.
After that, if you would like to upgrade to a newer version, you will be able to do so after purchasing a discounted upgrade license. (Of course, you are in no way obligated to upgrade to the new versions: you may continue using the version that you have purchased for as long as you like, if it works for you well enough, without paying any additional upgrade fees!)
Please visit our web sites for the latest information:
Getting customer support
We provide free online support to the licensed customers through our web site, for at least one year after the purchase. The prospective customers evaluating the software are welcome to use our support area, too. Before requesting technical or customer support, however, please check out this manual, it may already contain the answer to your question. In particular, be sure to look through the FAQ (Frequently Asked Questions) section of this guide.
Please DO NOT send us email messages, because due to the spam, worms, and spyware problems the reliability of email has diminished greatly in the last few years. The email messages that you send us often do not arrive, and if they do, our replies are often get blocked by your anti-spam or anti-virus software, causing frustration and unnecessary delays in communication.
Please visit our web site to request technical or customer support:
Using Folder Guard
Before you begin...
First of all, a word of caution: Folder Guard is a powerful tool that should be used responsibly. Using it thoughtlessly, you can inadvertently make your computer inaccessible. For example, it is very easy with Folder Guard to prevent access to the Desktop folder, and make Windows start with a blank screen after you reboot. To avoid such surprises please review the following:
Understanding Folder Guard
In order to start protecting files and folders with Folder Guard, first you need to specify which files and folders you want to be protected, and how exactly you want to protect them. When you run Folder Guard for the first time after installing it, it prompts you to set up the protection settings:
Press the Setup the folder protection button, and the main configuration program of Folder Guard will open, letting you password-protect folders, hide folders, and set up other restrictions. When you are done setting up the restrictions, Folder Guard will ask you to resume the protection of files and folders:
If you want the protection to take effect, select Yes. (If for some reason you don't want the folders to become protected right away, select No; you can resume the protection later on, when needed.)
If you've chosen to resume the folder protection, you can continue using your computer, as usual, and Folder Guard will be protecting your files and folders quietly in the background. For example, if you've selected a folder to be hidden, it will hide that folder from Windows Explorer and other programs and keep it invisible. If you've set up a password for a folder, it won't allow the folder to be opened until you enter the correct password, and so on. If you run Folder Guard again while the folder protection is in effect, it will display the following prompt:
You can choose to Pause the folder protection: if you do, Folder Guard will ask you for the Master password, and then temporarily stop protecting the files and folders. You should be able to see and open the protected files and folder without any restrictions, as if Folder Guard was not present on your computer at all. When you are done working with the protected files and folders, you can run Folder Guard again, and it will prompt you to resume the protection:
In addition to pausing or resuming the protection, you can also click on the Change folder protection settings link, and it would open the main configuration program of Folder Guard, letting you add or remove the protection from the files and folders, and change other protection settings.
The Master Password
When you run Folder Guard for the first time, it prompts you to choose the Master password:
You will need to enter this password every time you decide to pause the folder protection, or to change the protection settings of your computer. You also need to enter this password when you upgrade or uninstall Folder Guard, again, to stop unauthorized users from removing Folder Guard from your computer without your permission:
If you forget the Master password, click on the Reset password link to perform the Emergency Recovery procedure (that is, to erase the password and let you log in to Folder Guard).
Note that Folder Guard uses several other passwords, as well, such as the folder passwords that you can use to password-protect specific folders. If you forget any of such passwords, simply run Folder Guard and use its commands to set up new passwords for the folders.
When choosing the passwords, keep in mind that the length of a password must be between 1 and 64 characters (at least 6 characters is recommended). Any characters are allowed, including spaces and punctuation. The passwords are case sensitive: If, for example, you have chosen the word Apple as the password, Folder Guard will not accept the words APPLE or apple as the valid passwords.
Note that the passwords used by Folder Guard are stored on your computer in the hashed form only (based on the SHA-1 secure hash algorithm). In other words, it is virtually impossible for someone to discover the text of the passwords by analyzing the contents of your hard drive.
Protecting folders with passwords
To protect a folder with a password, run Folder Guard and choose the Change folder protection settings link:
When the Folder Guard application opens, click on the Protect another folder or file link:
This should prompt you first to specify the folder you want to protect, which you can select by pressing the Browse for folder button:
(Note that only folders can be protected with passwords, so do not select a file to protect here.) On the next screen, select the Lock with a password option and press the Choose the password button to specify the password:
That's it! The password-protected folder will appear in the list of the protected objects in the Folder Guard window. Press the Resume protection button on the toolbar to actually start protecting the folder (or, if the protection is already in effect, press the Apply button to apply the new settings.)
(Note: when you create a password for a folder, Folder Guard applies the Empty and No access restricting attributes to the folder, to make it appear empty and inaccessible while protected.)
If you want to see how the password protection works, run Windows Explorer and try to open the folder you've protected by double-clicking on it. A prompt for the password should appear on the screen:
Note that the password prompt is displayed only when you attempt to open the protected folder by double-clicking on it in a Windows Explorer window, or right-clicking on the folder and selecting Unlock from the shortcut menu:
If you use some other means of opening a folder, such as via a shortcut, or by selecting the folder in the folder tree of Windows Explorer, or via some other program, an Access denied or similar message would be displayed instead of the password prompt.
How to lock the folder back?
Folder Guard offers you an option to lock the folder back when you close the folder:
You can also use the following methods to lock the folder back manually:
- Right-click on the folder and select the Lock command from Windows shortcut menu. Note that you must enable the Add the Lock/Unlock commands to Windows shortcut menu option on the Settings - Protection window for the Lock command to appear on the menu.
- Run Folder Guard and press the Lock all unlocked folders button to lock all previously unlocked folders, if any.
You can also configure Folder Guard to enable protection and lock unlocked folders after a period of user inactivity, when the screensaver wakes up. (See the description of the Settings - Protection window for more information).
How to remove the password from the folder?
If at some point you've decided that you no longer want the folder to be protected by Folder Guard, you can do the following: in the Folder Guard window, right-click on the folder in question and choose the Unrestrict command from the shortcut menu. This will remove the password from the selected folder, and also reset all restricting attributes of the folder to Default. In essence, this will return the folder into the state it was before you started protecting it.
If you don't want to remove the restricting attributes from the folder, and only want to remove the password, you can do it by assigning an empty password to it. That is, use the Password command on the Restrict menu, or right-click on the folder and choose the Password command from the shortcut menu, to display the window asking you to enter a new password for the folder. Leave the new password box empty and press OK, and that will remove the password from the selected folder, while leaving other restricting attributes intact.
Can I password-protect files and programs?
No, only folders can be protected with passwords, sorry.
Does the password protection work over a network, too?
If your computers are connected into a network, you can lock a shared folder with a password, (by installing Folder Guard on the server where the shared folder is physically located), but unlocking such a folder over the network is not possible: if someone attempts to open the protected folder via the network, such a user would simply be denied access to the folder, the password prompt will NOT be displayed. To be able to unlock the folder, the user must login to the server locally or via some remote administration tool.
Hiding and restricting access to folders
In addition to protecting folders with passwords, Folder Guard also allows you to completely hide the folders. To hide a folder with Folder Guard, simply assign the Hidden attribute to the folder in question. There are several ways of doing that. For example, you can use the same Wizard that you used to protect a folder with a password, only this time select the second protection method offered:
Press Next, and you should be able to select the desired visibility attribute for the folder:
In addition to the hidden attribute, it's also a good idea to protect the folder with the no access attribute as well, to make other users unable to open files from that folder even if they cannot see them (such as through the previously created shortcuts, for example). To do that, press Next, and select the No access option:
Now resume the protection, and the folder you've made hidden will become invisible to Windows Explorer, Windows applications, MS-DOS programs, command prompt, as well as to the Open/Save As dialogs used by the applications to open and save documents. All files and subfolders that might be located in that folder will be hidden, too, until you pause the protection.
To protect or not to protect?
When deciding which folders you want Folder Guard to protect, consider the following issues:
The main window of Folder Guard
In order to protect files and folders with Folder Guard, you need to run it and use its main window to specify which files and folder you want to be protected, and how exactly you want to protect them:
The main window contains the following areas:
Like the title bars of most other programs, it shows the name of the application. If you've made changes to the current configuration that have not been saved yet, a star character * is displayed next to the name.
The menu bar provides access to the commands of Folder Guard.
The toolbar offer quick access to the frequently used commands of Folder Guard.
You can use the View bar to quickly switch between the different views of Folder Guard. The Protected view lists the currently protected files and folders, as well their restrictions. The Folders view shows the drives and folders that your computer has, along with their attributes, as a tree-like structure. The Filters view displays the list of the filters.
Status bar is used to display the information messages.
Visibility and access attributes
To protect a file or a folder, you need to assign the desired protection attributes to it, using the commands of Folder Guard. The attributes used by Folder Guard are divided into two groups - the access attributes and the visibility attributes:
The "default" attributes:
If you have not applied any restricting attributes to a folder, such a folder is considered to have the default attributes. The visibility of (and access to) such folders is determined by the attributes of their parent folders: if the parent folder is restricted, its files and subfolders become restricted, as well, unless you have assigned different attributes to the files or subfolders, which would override the attributes inherited from the parent folder.
Note that each folder can have different attributes for different users of your computer, so that the folder would be protected differently for each user.
Protecting files and programs
With Folder Guard, you can restrict access not only to folders, but also to individual files and programs. While you can't protect them with passwords, you still can hide them, or make them inaccessible, by applying the appropriate restricting attributes.
For example, suppose you want to protect access to Registry Editor, a powerful Windows tool that can be used to change many internal settings of Windows and applications, but can also create a big disaster if used improperly. You probably don't want other users to be able to use it without your permission. To begin, start the Wizard of Folder Guard, just like when you were protecting folders, but this time use the Browse for file button to select the file you want to protect. In case of Registry Editor, its file name is regedit.exe, and it is located in the C:\Windows folder:
Press Next on the following page, and then leave the default visibility attribute selected, which would not affect the visibility of the file regedit.exe (and leave it visible, as before). On the last page, however, select the No access attribute to apply to this file:
Now resume the protection, and try to run Registry Editor. Instead of allowing to opening, Windows should display a message similar to the following:
What if you yourself want to use Registry Editor? Just run Folder Guard and pause the protection! When you are done using Registry Editor, resume the protection again. Yes, it's that easy.
When protecting programs, be careful not to protect access to some system file used by Windows, because doing so may cause Windows not to work properly. For example, do not restrict access to the file explorer.exe, because this file is used by Windows not only to browse your computer, but also to display your desktop! If you don't want users to browse certain folders, protect the folders themselves, rather than Windows Explorer.
Keep in mind that if you want to restrict access to a program or a file that you usually open via a shortcut, then you should protect the target file, not the shortcut. If you only restrict access to the shortcut, then users would still be able to open the file or run a program directly, bypassing the shortcut.
Using the filters
Note: The functionality described here is only enabled for the customers who have purchased the full, business license for Folder Guard software. It is not available for the home, personal license customers.
Folder Guard lets you control access not only to individual files and/or folders, but also to the whole classes of files. For example, if you need to set up some general access rights to the Excel files, you can use Folder Guard to create a filter that would apply to the Excel files only (that, to the files with the extension .XLS), and then assign the desired access attribute to such a filter, that would make the attribute to apply to any Excel file, no matter where it is located.
Let us explain in more detail. A filter is a set of rules that defines which files it applies to (according to the names of the files, the folders they are located in, and programs that are accessing the files). You may define several different filters, or have no filters at all, depending on how exactly you want your computer to be protected.
After you have set up the filters and enabled the protection, Folder Guard begins to monitor the events of accessing the files on your computer. Whenever a program attempts to access a file, Folder Guard uses the list of filters you've set up to determine whether the file name, the name of the folder where the file is located, and the name of the program that is accessing the file match any of the filters. If Folder Guard finds such a filter, it uses its attribute (full access, read-only, or no access) to allow or deny access to the file.
Folder Guard comes with a pre-loaded set of filters (discussed below). To see the currently defined filters, use the command View - Filters (or press the Filters button in the left-hand view bar):
You can create new filters or modify the existing ones using the commands on the Filter menu. (This menu appears on the menu bar only when the filter view is active).
Note that only the access attributes may be applied to the filters; the visibility cannot be applied to the filters.
How Folder Guard applies the filters
Whenever a program attempts to access a file, Folder Guard takes a note of the following information:
Folder Guard then walks through the list of filters, in the order they are listed in the Folder Guard window, and attempts to match the noted information with each filter that has a non-default access attribute for the user currently logged on to the computer. The match occurs if all of the following conditions are met:
If all three conditions above are met, Folder Guard uses the access attribute assigned to the filter to allow or deny access to the file. If even one condition listed above is not met, Folder Guard skips the filter and continues to search for the matching filter until the end of the list is reached. If no matching filter is found, Folder Guard checks whether you have restricted the file in some other way, using the Protected or Folders views or Folder Guard.
Note: The Trusted Programs list has a higher priority than the list of the filters. That is, a trusted program can access all files unconditionally, even if you have set up a filter that restrict access to certain files for that program.
All masks are case-insensitive. For example, *.exe, *.Exe, and *.EXE all have the same effect. When describing the masks of the filters, the following terms are used:
Examples of masks for the Apply to/Except for files boxes
If a mask must include spaces, it should be enclosed in double quotes. For example, to specify all files that begin with white paper, use the mask "white paper*", including quotes.
Several masks may be separated with spaces, semicolons (;), or commas (,). For example:
Any file that has the file name extension txt, or exe, or doc, or if its file name begins with white paper, would have matched such a composite mask.
Examples of masks for the Apply to/Except for folders boxes
If a mask must include spaces, it should be enclosed in double quotes. For example, to specify all files that reside in subfolders of C:\Program Files, use the mask "C:\Program Files\*", including the quotes.
Note that some applications and Windows components use the short (a.k.a. MS-DOS-style) names for the folders. (For example, C:\PROGRA~1 refers to the same folder as C:\Program Files.) To protect access from such applications, add a mask to match the short name of the folder as well (for example, C:\PROGRA~1\* ).
Several masks may be separated with line breaks, spaces, semicolons (;), or commas (,). For example:
"C:\Program Files\*", C:\PROGRA~1\*, C:\Windows*
Examples of masks for the Apply to/Except for programs boxes
Folder Guard comes with several pre-configured filters, some of which are discussed below. You can use them as they are, or modify them to better suit your needs, delete them or create the new ones. If you don't want the filters to be used, you can reset their attributes with the Attributes - Reset command.
Example 1: Lock applications.
This filter applies to the common executable and script files located in any folder other than the Windows folder (which is usually C:\Windows), or the Program Files folder (which is usually C:\Program Files), or the folder where Folder Guard is installed (to allow you access to Folder Guard!).
You may find this filter useful if you don't want the users of the computer to run arbitrary programs (for example, by downloading them from the Internet or by running them from the removable drives).
If you enable this filter (by assigning the No access attribute to it), it would prevent running any program unless it's a built-in Windows program or a program you have installed in the default location (C:\Program Files). An attempt to run an executable file or a script would result in the Access Denied message.
The users would still be able to download other files or use the removable drives to copy other types of files and documents, because this filter would not apply to such files.
Note that some programs get installed in folders other than C:\Windows or C:\Program Files. If you have such programs, you need to add their folders to the [Except for Folders] list as well. Also note that the list of the exceutable and sript file extensions is not complete: your computer may have other file extensions designated for use as the scripts; if so you need to add them to the Apply to files list.
Keep in mind that such protection is not attack-proof: someone could attach the removable disk to another (unprotected) computer and rename the executable file so that it would have an extension not on the restricted extensions list. The attacker could then attach the disk to the protected computer, copy the file to the C:\Windows folder, and then rename it back. After that, the file would no longer be restricted from executing. If you want to be protected from such an attack, you may want to completely restrict access to the external drives, using another filter described below.
Example 2: Run only allowed applications.
Suppose you don't want other users to run any programs other than MS Word and Excel. You could use the Run only allowed applications filter that would apply to all program files (that is the files with extensions .exe, .com, and .bat), but not to the files winword.exe (MS Word) and excel.exe (MS Excel). Also, this filter would not apply to the files located in the folders that begin with C:\Windows (since these folders contain system files, which should always be accessible in order for Windows to work properly). The programs located in the folder "C:\Program Files\Folder Guard" would also be exempt from this filter, since you want to be able to run Folder Guard files to change or disable the protection as needed.
Now, if you assign the no access attribute to this filter for a particular user, that user would not be able to run any programs other than MS Word and Excel, and the programs located in the Windows folder, or its subfolders.
Example 3: Lock MP3 files.
This filter applies to the MP3 files (*.mp3) located on any drive other than the main one (C:).
You may find this filter useful if you want the users of the computer to play the MP3 files it contains, but not to copy the MP3 files to the removable drives.
If you enable this filter by assigning the No access attribute to it, it would prevent opening or saving an MP3 file to any drive other than C:. At the same time, it would not restrict the MP3 files already located on the C: drive and allow the users to listen to them, modify their properties, etc. If someone were to attach a removable drive to computer, s/he would not be able to copy the MP3 files from the C: drive to the removable drive. (Copying the MP3 files from the removable drives would be restricted, too.)
Note that this filter does not affect files other than MP3: the users would be able to freely copy them to and from the removable drives, as usual.
What if at some point you need to copy some MP3 files to an external drive (for example, to create a backup of your music collection)? Just run Folder Guard and pause the protection. When done, resume the protection back.
Example 4: Lock video files.
This filter works in the same way as the Lock MP3 files filter described above, only it applies to the video files (*.mpg, *.avi, and others). If you assign the No access attribute to this filter, it would prevent users from copying your video files to/from the external drives while allow playing such files that already exist on the C: drive.
Example 5: Lock MS Office documents.
This is another example of a filter that prevents copying of the common Microsoft Office documents to/from the removable drive, while allows their use if they are already present on the C: drive.
Example 6: Lock external drives.
This filter applies to all files located on any drive other than C:. If you enable this filter by assigning the No access attribute to it, it would prevent copying any file to/from any drive other than C:. If, instead, you assign the Read-only attribute to the filter, it would allow opening or copying files from the removable drives, but prevent copying file to them.
With Folder Guard, you can set up different restrictions for different users of your computer. For instance, you can make a folder visible when you log in to Windows, but also make it hidden when some other user logs in.
To control which restrictions should apply to which users, use the User List of Folder Guard. (If it is not visible when you open the main window of Folder Guard, choose the View - User List command from the menu to make it visible:)
The User List originally contains only one item: Default. This user name is used to set up the restrictions that would apply to all users for whom no user-specific restrictions have been set up. To create restrictions that would apply to specific users, first use the User list command on the Tools menu to add the user names to the User List for the users for whom you want to set up separate restrictions. Then, to set up the restrictions for a user, select that user's name in the User List, and assign the desired attributes to the folders: they would be applied to the selected user only.
For example, suppose you want to hide the folder named Private (located in the public documents folder) from all users except yourself. First select the Default name in the User List, and apply the Hidden and No access attributes to this folder:
Now, if you have not done so already, use the Tools - User List command to add your user name (Administrator in this example) to the user list. Then select it in the User List and assign the Visible and Full access attributes to the same folder:
That's it, the user-specific protection of the folder has been set up! If you log in to Windows using the user name Administrator, the folder should be visible and accessible. If any other user logs in to Windows, the Default user's attributes would apply, which would make the folder hidden and inaccessible.
Of course, if you have other users, you can set up restrictions specific to them, too. For instance, if you want some users to be able to see and open files from your private folder, but not to save any changes to them, you would assign the Read-only attribute to the folder for such users. If you don't assign any user-specific attributes to a folder, then when such a user logs in to the computer, the restrictions specified for the Default user would apply.
Designating the "trusted" programs
The protection of folders performed by Folder Guard may confuse some of the system utilities, such as backup or disk managing software. For example, if your backup software allows you to specify which folders to backup, and you leave the protection in effect during the backup, the folders you've made Hidden or Empty with Folder Guard may not be backed up. (On the other hand, if the backup software stores a complete image of the disk disregarding its folder structure, it may be safe to leave the protection on, since Folder Guard does not prevent the direct access to the disk sectors.)
To avoid such problems, you could add your backup and disk utilities to the Trusted Programs list of Folder Guard. When performing the protection, Folder Guard intercepts the requests from programs to open files, list the contents of folders, etc. If such a request comes from a program that is designated by you as a trusted one, Folder Guard passes the request on to the operating system without any intervention, thus allowing the program to have full access to all folders on your computer. If the name of the program is not in the Trusted Programs list, Folder Guard allows or denies such request according to the attributes of the files and folders set up by you.
Originally, the trusted modules list contains some of several system programs that must have full access to all files and folders on your computer in order for Windows to operate properly. You may change the set of the trusted modules by using the Tools - Trusted Programs command.
Note that only Windows applications (32 bit or 16 bit) can be designated as the trusted ones. You may add a name of a DOS program or a console application to the Trusted Programs list, but it will be ignored by Folder Guard.
Which programs should or should not be made "trusted"?
You may wish to add to the Trusted Modules list the names of the system tools such as anti-virus utility, disk defragmenter, disk scanner, backup utility, etc. If you do so, you won't have to manually disable the protection before running such tools, since they will have full access to all your folder and files anyway, as if Folder Guard was not present in your system at all.
The following programs should NOT be made trusted:
Explorer: If you add this module to the trusted modules list, Windows Explorer will be allowed full access to all files and folders, even to those you have marked as hidden or empty with Folder Guard!
KERNEL32: If your computer is connected to a network and you share some of your drives or folders, this module is used by Windows to provide information about your files and folders on the shared drives over the network. If you make it trusted, all your files and folders will be accessible to other network users.
Protection from "password stealers"
Folder Guard can protect its passwords from malicious programs that intercept passwords by "stealing" the text that you enter into the password prompts. You can enable or disable this protection by changing the Protect password prompts from the "password stealers" option. This option is enabled by default.
When this option is enabled, Folder Guard provides a visual indicator of the protection from the password stealers by showing the diagonal lines in the background of the password entry box:
When the anti-stealer protection is enabled, Folder Guard takes measures to stop the password stealers from obtaining the text of the password that you have entered into the password prompt. Keep in mind that such a protection is not absolute: for example, a spyware could install a dedicated device driver for your keyboard and intercept the keystrokes even before they reach the password prompt. The best way to ensure you are protected from such threats is to have a dedicated anti-virus/anti-spyware software installed and keep it up to date. The protection provided by Folder Guard should only be considered as a secondary (not the primary) line of defense.
Note also that Folder Guard protects from the password stealers only its own passwords, when you enter them into the password prompts displayed by Folder Guard itself. If you enter a password into any other program, or into a web page, Folder Guard does not perform any special protection of such a password. This is yet another good reason to keep your anti-virus software enabled and not to rely on Folder Guard alone to keep your passwords safe from spyware.
There may be a situation when the protection from the password stealers may interfere with other password tools you may be using. For example, if you use a software tool or a fingerprint reader that fills out the password forms for you automatically, then such a tool may not be able to enter your Folder Guard password for you. In this causes a problem, you can choose to either enter your Folder Guard password manually, or disable the Protect password prompts from the "password stealers" option to turn off such a protection. If the anti-stealer protection is disabled, Folder Guard uses the regular password prompt boxes (without the diagonal lines in the background) when you are entering its passwords.
Giving your computer "bullet-proof" protection
The following recommendations will help you prevent others from bypassing the protection of folders performed by Folder Guard:
Command line switches
Command line switches supported by Folder Guard
You can control the operation of Folder Guard by running the file FG32.exe (or FG64.exe if you use Windows x64) with the command line switches described below:
Command line switches supported by the file Setup.exe
You can also use the following command line switches with the file Setup.exe (or Setup64.exe if you use Windows x64) of Folder Guard:
Note that the Setup.exe file does NOT support the /PASSWORD switch.
Suppose that you have installed Folder Guard in the folder C:\Program Files\Folder Guard, and that you have chosen the word Apple as the Master Password of Folder Guard. Also, you have used Folder Guard to restrict access to the folder C:\My Private Files, and you have set up the word green as the unlocking password for this folder. You can use the following commands to perform the following actions:
Protecting files in the "safe mode"
"Safe mode" is a special diagnostic mode of Windows, which you can use to troubleshoot problems with your computer. (You can find more information about the safe mode and how to use it in Windows Help.) When you reboot your computer in the safe mode, only the core Windows components are loaded and activated, leaving most extra software modules (including Folder Guard) in an inactive state. This means that when your computer is restarted in the safe mode, your computer is not protected by Folder Guard.
However, it is possible to configure Folder Guard to protect your computer even in the safe mode. Before you do that, though, make sure you have a system recovery disc and learn how to use the troubleshooting tools it contains, to be able to restore access to your computer should a conflict between Folder Guard and some other software or device on your computer occur. Please note that we DO NOT provide technical support regarding the use of the safe mode or the troubleshooting tools; please contact the manufacturer of your computer regarding such issues.
Operating in the Stealth Mode
If you don't want other users to see the files of Folder Guard on your computer, you can configure Folder Guard to operate in the "stealth mode". To enable or disable this mode, use the Tools - Stealth Mode command of Folder Guard.
When you enable the stealth mode, Folder Guard performs the following actions for you:
Many commands of Folder Guard are not available in the stealth mode:
Since all files and shortcuts to Folder Guard are hidden in the stealth mode, you cannot use them to run Folder Guard or to disable the protection of your computer! The only way to control Folder Guard in the stealth mode is by using the Emergency Recovery Utility.)
Emergency Recovery Utility
The Emergency Recovery Utility is a small program that can help you restore control of Folder Guard if you ever forget its Master Password. It is especially important to have the Emergency Recovery Utility available if you are going to configure Folder Guard to operate in the stealth mode, because you will have no way of disabling the protection or running Folder Guard without the Emergency Recovery Utility!
In order to be able to use the Emergency Recovery Utility, you need to create it first. When you run Folder Guard for the first time after installing Folder Guard, the following prompt to create the Emergency Recovery Utility is displayed automatically for you:
You can also open this window by using the Emergency Recovery command on the Tools menu of Folder Guard.
To actually create the Emergency Recovery Utility, press the Create... button on the window shown above, and then navigate to the folder where you want to store the file of the Emergency Recovery Utility. This should be a folder separate from the installation folder of Folder Guard, because when the stealth mode is enabled, the installation folder will be hidden from you, and you will not be able to run the Emergency Recovery Utility from it! A better choice would be to store the file on a USB or some other removable disk, and store that disk in a safe location.
The Emergency Recovery Utility is also available for free download from our web site. You may find this option useful if you cannot locate the copy of the Emergency Recovery Utility that you yourself have created as described above. However, even though we make the Emergency Recovery Utility available for download from our web site, we still strongly recommend to create and store a local copy of it by yourself, because when the need to use the emergency recovery procedure arises, you may not have handy access to the Internet available to download the file.
To use the Emergency Recovery Utility, simply locate and run the file you have previously created with the Create the Emergency Recovery Utility command described above. If the utility detects that a copy of Folder Guard is operating on your computer, and the protection is in effect, it first asks you to enter your password as you would normally do when you need to disable the protection:
If you no longer remember your password, you can click on the Reset password link to beging the Emergency Recovery procedure. First, it asks you to enter your licensing information into the form:
This step is necessary to stop other users from using the Emergency Recovery Utility to remove protection without your permission. If you have not purchased a license yet, and your copy of Folder Guard is operating in the evaluation mode, simply press the Continue button, and it will perform the Emergency Recovery procedure: the Master Password will be erased, and the protection of your computer will be disabled.
If you don't want anyone to be able to use the Emergency Recovery Utility to erase your password and disable the protection, simply purchase a license for continued use of Folder Guard, and enter your license key into the program. This way, only you will be able to use the Emergency Recovery Utility, since it will not proceed unless a valid license key is entered into it first.
The Folder Guard Administrator's Kit is a set of tools designed to help system administrators with the deployment and management of Folder Guard on a large network.
The kit contains the following files:
You can use the MSI packages to quickly deploy Folder Guard to a large number of computers on your network. You should use the x86 file to install Folder Guard on the 32-bit clients, and the x64 package (that contains the native 64-bit executables) to install it on the clients with the x64 versions of Windows.
The Administrative Template (.adm) file can be used with the Group Policies to deliver the license key of Folder Guard to the client computers without having to enter the license key manually on each computer.
The Folder Guard Administrator's Kit is available as a separate download. Please contact us if you are interested in ordering the kit.
Solving problems with applications failing to start or operate properly
If some application that you have on your computer started to display errors or does not start at all after you have enabled protection with Folder Guard, it could be because you have configured Folder Guard to restrict access to a file or folder that the applications uses during its operation. For example, many programs need to be able to save files into their installation folders, and if you assign the read-only or no-access attributes to such folders, it may cause such applications to fail. Other applications may need to be able to write information into the files located in the C:\Windows folder. Again, if you restrict access to the C:\Windows folder, such applications may start displaying errors. To solve such problems, review the folder restrictions you have set up with Folder Guard, and remove protection from the folders that you suspect may be causing the errors. You may also find the To protect or not to protect section of this guide of use.
Solving problems with Windows failing to start properly
If Windows cannot start properly after you have enabled protection with Folder Guard, it could be because you have configured Folder Guard to restrict access to some system file or folder that Windows uses during its work. For example, if you assign the no-access attribute to the C:\Windows folder, or to the C:\Users or C:\Documents and Settings folders, or to the whole C: drive, it will most probably cause Windows to fail. If that happens, simply reboot Windows in the "safe mode" (see below), run Folder Guard in that mode, and remove protection from the folders in question, then restart your computer as usual.
How to restart your computer in the "safe mode"
Restart your computer and when the restart begins, press F8 several times until the startup menu appears on the screen. Choose safe mode from the menu.
Once in the safe mode, choose Start - Programs - Folder Guard - Uninstall to remove Folder Guard from your computer. Then restart your computer as usual.
Performing a clean test of Folder Guard
If you suspect that the error you see is caused by a restriction you have configured with Folder Guard, try the following: completely uninstall Folder Guard from your computer (choose to erase its settings, when prompted), then install it back and configure it to protect just one test folder, such as C:\Test. Assign the No Access attribute to the test folder, and do not set up any other restriction. If the problem does not occur in this case, try to restrict other folders, as needed, one at a time, testing the condition that previously resulted in an error after each significant change. This could give you an idea of which restriction is causing the problem.
Solving problems caused by incompatibility between Folder Guard and some other program
If the problem persists even when you've protected just one test folder as described above, then another reason could be an incompatibility between Folder Guard and some other program you have (such as anti-virus, disk utilities, programs that install icons in the taskbar next to the system clock, etc.) You may want to try to temporarily disable such programs, one at a time, and see if that corrects the situation. If you discover which other program is causing the conflict, please let us know and we will investigate.
The Protect menu of Folder Guard offers the following commands:
Resumes or pauses the protection performed by Folder Guard. When the protection is paused, all files and folders become unprotected, as if Folder Guard was not present on the computer. Note that if you pause the protection, it will be resumed automatically next time you restart the computer, or when you log in or log out of Windows. If you don't want the protection to resume automatically, use the Deactivate and Exit command described below.
Any changes to the protection settings you make with the Folder Guard program do not take effect immediately. They take effect only when you use the Resume Protection command, or, if the protection is already in effect, use the Apply changes command make the changes effective.
If you've made changes to the protection settings that have not been applied yet, and you changed your mind about the changes, you can use this command to discard such changes. Note that if you have used the Resume Protection or Apply changes commands, such changes cannot be discarded: you must revert them manually.
Clear all restrictions
This command removes all restrictions from all files and folders that you might have previously set up. Use this command if you want to start setting up the protection from scratch.
Use this command to adjust the settings of Folder Guard by displaying the Folder Guard Settings dialog box.
Use this command to change the Master Password of Folder Guard.
Deactivate and Exit
Use this command if you want to disable Folder Guard without uninstalling it. This command stops the folder protection, and also prevents Folder Guard from resuming the protection automatically when you restart the computer. If also disables the hot key and the notification icon of Folder Guard, if you have previously enabled them. If later on you decide to enable the folder protection again, run Folder Guard and use the Resume Protection command.
This command prompts you to resume (or continue) the folder protection, and then exits Folder Guard.
The Restrict menu of Folder Guard offers the following commands:
You can use this command to set up the protection of a file or a folder using the Wizard interface.
Creates, changes, or removes the password for the currently selected folder.
Commands to change the access attributes of the selected file, folder, or filter.
Commands to change the visibility attributes of the selected file or folder.
Removes all restrictions from the selected file or folder.
Adds one or more files to the list of object displayed in the main window of Folder Guard.
Removes the selected file from the list of objects displayed in the main window of Folder Guard. (The file itself is NOT deleted when you use this command!)
Advanced - Reset all attributes for user
Resets the attributes of all files, folders, and filters to default for the user currently selected in the User List.
Advanced - Copy all attributes between users
Copies the attributes of all files, folders, and filters between different users in the User List.
Go to Special Folder
Opens the Go to Special Folder dialog box.
The Filter menu appears only when you switch its window into the Filters view mode. It offers the following commands:
Creates a new filter of Folder Guard.
Lets you rename the currently selected filter.
Deletes the currently selected filter from the list.
|Module||Control Panel icons|
|INETCPL.CPL||Internet settings, user accounts on Windows 95,98,Me|
|MAIN.CPL||Fonts, Keyboard, Mouse, PC Card (PCMCIA), Printers|
|NUSRMGR.CPL||User manager on Windows XP|
|ODBCCP32.CPL||ODBC Data Source Administrator|
(You may have other CPL files, or not all of the files listed above, depending on the software installed on your computer).
To restrict access to Control Panel, use Folder Guard to restrict access to the appropriate CPL files, by assigning the no access attribute to them.
If you've just protected a folder that you used to have for some time, then it's quite possible that if you use Windows Search command to search for the files in that folder, the search results would display the protected files. The problem is, the search results are displayed from the search index that Windows builds and keeps separate from the original files. That's why the file names of the protected files may appear in the search results even though the files themselves are protected with Folder Guard.
To solve this problem, you need to configure the search command of Windows not to index the protected folders. The procedure depends on the version of Windows that you have. Please refer to Windows Help for the specific instruction on how to exclude the protected folders from the search indexing.
You can use Folder Guard to restrict access to folders located on the removable drives, but such protection will be in effect only on your computer, where Folder Guard is installed and configured properly. If you connect the removable drive to some other computer (that does not have FolderGuard on it), the folders on the removable drive will NOT be protected.
If you need your removable drives to be protected on other computers as well, you need to use an encryption program, such as our software USBCrypt. Please visit the following web page for more information:
If your computer is configured to boot more than one version of Windows, and you want Folder Guard to protect the resources of the computer for each of such versions, then you need to install and configure Folder Guard under each version of Windows that your computer is able to boot with.
For example, if you can boot your computer with either Windows 32-bit or Windows x64, then you need to install and configure one copy of Folder Guard after booting with Windows 32-bit, and then reboot with Windows x64 and install another copy of Folder Guard, into a separate folder, and configure it separately.
If your computer can boot a non-Windows operating system, such as Linux, then the folder protection will NOT be in effect when you boot it. To protect your files in such a case, you need to use an encryption program, such as USBCrypt instead of Folder Guard.
You can use Folder Guard to restrict access to the CD/DVD drive of your computer, but such protection will be in effect only on your computer, where Folder Guard is installed and configured properly. If you insert a disc in the CD/DVD drive of some other computer (that does not have FolderGuard on it), the disc will NOT be protected.
If you need to create password-protected CD/DVD discs, you need to use an appropriate encryption program. Please visit the following web page for more information:
If you restrict access of hide a folder with Folder Guard, then virtually no program, including the anti-virus one, will see or be able to open the files in the protected folder. To allow your anti-virus program check all files for viruses, you need to either disable the protection before scanning your hard drive for viruses, or add your anti-virus program to the Trusted Programs list.
It depends on the backup program you have. If the backup is performed in the DOS mode, or some other mode when Windows is not operating, then Folder Guard will not be protecting your files, and the backup program should be able to backup all your files, as usual. If, however, your backup program runs under Windows, when folder protection is in effect, then it will have no access to your protected files, and it will not back them up! To allow your backup program to backup your protected files, you need to either disable the protection before starting the backup program, or add your backup program to the Trusted Programs list of Folder Guard. Don't forget to test your backup set of files to make sure your protected files have actually been backed up! To prevent other users from running the backup program and being able to access your protected documents that way, you may want to protect the backup program itself with a password.
Yes, you may give the installation files of our programs to your friends and associates. However, you may NOT share your license key, if any, with anybody else. Please remember that the license key we provide you with are for your own use only. If your friends like our programs, please let them purchase their own license keys. To avoid possible confusion, please give out the original installation files that you may download from our web site.
There are several other simple, but important conditions which we impose on further redistribution of our products. Please refer to the file License.txt in the folder where you have installed Folder Guard for the complete description of our distribution requirements.
This user's guide is available online in the printed-friendly format:
Simply open the link above in your web browser and use the web browser's Print command to print it out on your printer.