To protect or not to protect? |
|
To protect or not to protect? |
|
When deciding which folders you want Folder Guard to protect, consider the following issues:
Special care must be exercised when protecting these folders. DO NOT apply the no access or hidden attributes to them, because this will prevent Windows from working! (Windows is just designed so that these folders must be accessible and visible, at least partially).
If you need to restrict other users from tampering with files located in these folders, then, first of all, backup your entire hard drive, if you have not done so before installing Folder Guard. It will save you hours of your time if anything goes wrong (and believe us, there are things that may go wrong when you are trying to protect these folders).
You may try to make the C:\Windows folder read-only, however keep in mind that Windows and some other programs need to be able to write information into the files kept in this folder in order to operate properly. For example, on Windows Me/98/95, the System.dat and User.dat files (the files used to store the contents of the system registry) are kept in this folder and are constantly updated by Windows while it is operating. As a result, if you assign the read-only attribute to this folder, a registry corruption error may be reported, and Windows may fail to work properly. To remedy this problem, add the REGSVR32 module name to the trusted programs list of Folder Guard. (This module is used by Windows Me/98/95 to write information into the registry files). Under Windows XP/2000/NT, the registry is organized differently (some parts of it are stored in the C:\Windows\System32\Config folder, others are stored under the C:\Documents and Settings folder).
Other programs may also need to write information into the C:\Windows and C:\Documents and Settings folders in order to work correctly. Also, most of the old 16-bit applications store their configuration data in the win.ini or other *.ini files. For example, the old-style File Manager, that is still available in Windows 95/98 as winfile.exe, uses the file winfile.ini, in the Windows folder, to keep its configuration data between sessions. To allow such programs access their configuration files, you need to set up special filters. In case of File Manager, create the following filter:
| Apply to files: | Except for files: |
| winfile.ini | |
| Apply to folders: | Except for folders: |
| C:\Windows | |
| Apply to modules: | Except for modules: |
| winfile |
and assign the full access attribute to this filter. It would make the C:\Windows\winfile.ini file fully accessible to File Manager itself (since its module name is winfile). If some other module attempts to access this file, the filter would not apply, and the read-only attribute of the C:\Windows folder itself would prevent any modifications to this file.
You may need to set up similar filters to allow other programs full access to their configuration files in the C:\Windows folder.
In addition, Windows uses some of the subfolders of the C:\Windows and C:\Documents and Settings folders to store its data, so you will need to mark such subfolders with the full access attribute. Examples of such subfolders are: Spool, Application Data, Cookies, Downloaded Program Files, History, msdownld.tmp, TASKS, TEMP, Temporary Internet Files, and others, depending on your configuration of Windows.
You may try to restrict the visibility of the contents of the C:\Windows folder by marking it Empty with Folder Guard. This may or may not work well for you, depending on Windows components and other software installed on your machine, so you will need to test your protection configuration well.
When restricting the visibility of the Windows folder, keep in mind the following:
Copyright © 2008,
WinAbility® Software Corporation.
All rights reserved.