Locking a folder in Windows XP

Since some people were having issues with this method of hiding a folder in XP (folder being renamed incorrectly, visible via the command prompt, etc), I am adding to the bottom another way to permanently hide a folder using a program called Free Hide Folder. Please scroll down to read about it.

If you’ve come across this page looking for a way to create a password protected, secure, hidden or locked folder in Windows XP for free, you’ve come to the right place. Unfortunately, Windows XP does not have any user-friendly built-in tools to create secure folders on computers with multiple users. Of course, you can encrypt data on your hard disk, but this only helps if your computer is stolen.

In a previous post, I wrote about how you can hide a folder in Windows XP using a rudimentary built-in feature. This method is useful if you want to hide a folder or file and you’re pretty sure that anyone who is using the computer will have no idea how to un-hide the data. If you’re dealing with someone a little more computer savvy, there is another way to create a secure locked folder without having to buy any 3rd party software.

It basically involves using a script to morph the folder into something completely different so that it’s still visible, but nothing inside the folder is accessible. In order to view the data, you have to run another script to morph it back. Anyone who clicks on the folder will be brought to the Control Panel and simply think it is a shortcut.

Here are the steps to create the protected folder in Windows XP:

• First create a folder that you will use to store your confidential data. For example, I have created a folder called Fonts at the root of my D drive. Since the hidden folder will bring you to the Control Panel, it’s best to name the folder as one of the programs inside there.

• In the same location where you created the new folder, create a new file in Notepad, copy the following below into it, replace Fonts with the name of your folder and save it as loc.bat.

ren Fonts Fonts.{21EC2020-3AEA-1069-A2DD-08002B30309D}

• To save the file as a .bat file in Notepad, just put the whole thing in quotes, like “loc.bat” and then click Save.

• Now you should have a bat file named loc in the same directory as your Fonts folder, not inside the Fonts folder.

• Create another NotePad file and type in the following listed below and save it as “key.bat”.

ren Fonts.{21EC2020-3AEA-1069-A2DD-08002B30309D} Fonts

• Now you’ll have loc.bat and key.bat along with your folder. Go ahead and double-click on loc.bat and your folder will turn into the Control Panel and nothing inside can be viewed. Clicking on it will simply bring you to the Control Panel. You’ll notice the icon should have changed also.

• To view the data inside your folder again, click on key.bat and your folder will return to normal! Pretty simple!

Of course, keeping the key.bat file in the same folder will defeat the purpose of securing the folder, so it’s best to move the key.bat file somewhere else, or even better, put it on a USB stick or CD that only you can access.

Most people will be probably look at the folder and simply ignore it since it has the control panel icon and it links directly there. Of course, if someone knows this trick also, they can create their own key.bat file, etc and open it back up. However, if you’re dealing with someone who can do all of that, it’s best you check out more advanced 3rd party software to lock down a folder.

ALTERNATIVE METHOD:

If you’re having trouble with the above-mentioned method (from what I can see from the comments, a good number of people), then here’s another quick and free way to create a secure folder in Windows XP. There is a very nice program called Free Hide Folder from Cleanersoft that allows you to easily hide your private folders.

Your folders are completely hidden and you must supply a password to open the program to unhide the folders. The personal edition is free, just click the Skip Registration button unless you’re using it for commercial purposes.

I’ve tried this program myself and I cannot access the hidden folder via Windows Explorer nor the command prompt. So if the above method is not working, give this a shot!

.NET Programming Links

Contents

Good Mailing Lists
Useful Search Sites
.NET and Other Resource Sites
Specific Articles of Interest
Installation and Deployment
Standards and Specifications
Whidbey Information
Examples and Components
Additional Tools and Interesting Stuff
.Net Managed Data Providers
.Net Ports to Other Platforms and Enhancements/Research/Languages

Links

Good Mailing Lists
VISBAS-L	http://peach.ease.lsoft.com/archives/visbas-l.html
Developmentor .Net Lists	http://discuss.develop.com/

 

Useful Search Sites
CodeHound – Programmer’s Search Engine	http://www.CodeHound.com
Google Newsgroup Search	http://www.deja.com/

 

.NET and Other Resource Sites
GotDotNet.com	http://www.GotDotNet.com
WindowsForms.Net	http://www.windowsforms.net/Default.aspx
Asp.Net	http://www.asp.net/Default.aspx
Microsoft Patterns and Practices	http://www.microsoft.com/resources/practices
C#.net	http://www.csharp.net
CodeProject C# Site	http://www.codeproject.com/csharp/
.NET Spider	http://www.dotnetspider.com
IIS FAQs	http://www.iisfaq.com/
UDDI Resources	http://www.uddi.org/solutions.html
Microsoft VS.Net Home	http://msdn.microsoft.com/vstudio/
.Net Hosting	http://www.brinkster.com
OpenWave SDK (Phone Emulator)	http://www.openwave.com/products/developer_products/
.NET Rocks Talk Show	http://www.dotnetrocks.com/
A site with tons of connection strings (nice!)	http://www.connectionstrings.com
MSDN TV	http://msdn.microsoft.com/msdntv/

 

<!–

Interview with Grady Booch on the Importance of Design http://www.fawcette.com/dotnetmag/2003_02/online/lthe/default_pf.asp

–>

Specific Articles of Interest
Older Web Services vs. Remoting Performance Comparison	http://msdn.microsoft.com/webservices/building/default.aspx?pull=/library/en-us/dnbda/html/bdadotnetarch14.asp
Death of the Browser – Why you should use Windows Forms	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnadvnet/html/vbnet10142001.asp
Gang of Four (GoF) Patterns for .Net/C#	http://www.dofactory.com/Patterns/Patterns.aspx
Article on Creating HttpHandlers and HttpModules in .Net	http://www.15seconds.com/issue/020417.htm

 

Installation and Deployment
.NET Framework Bootstrap Installer	http://microsoft.com/downloads/details.aspx?FamilyId=66350891-D15B-446B-BD69-F7F849224A00&displaylang=en
Windows Updater Application Block	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/updater.asp?frame=true
How to Distribute Config Files to Smart Clients (Windows Forms Apps) via the Web	http://www.ondotnet.com/pub/a/dotnet/2003/01/27/ztd.html
Windows Forms Deployment Options	http://www.windowsforms.net/Default.aspx?tabindex=3&tabid=40#Deployment

 

Standards and Specifications
C# ECMA Spec	http://www.ecma-international.org/publications/standards/ECMA-334.HTM
C# 2.0 Spec	http://msdn.microsoft.com/vcsharp/team/language/default.aspx
WSDL Spec	http://www.w3.org/TR/wsdl
For programming standards and naming conventions, see the link on the left menu.

 

 

Whidbey (VS .NET 2005) Information
MSDN Whidbey Site (VS .NET 2005)	http://msdn.microsoft.com/vstudio/whidbey/default.aspx
The Whidbey Chronicles – IDE Enhancements for C# Developers	http://msdn.microsoft.com/msdntv/episode.aspx?xml=episodes/en/20040219CSHARPDF/manifest.xml
ASP.NET 2.0	http://www.asp.net/whidbey/

 

Examples and Components
Terrarium (Better than Pong.Net!)	http://www.gotdotnet.com/terrarium/whatis/
Google Web Service	http://www.google.com/apis/
Microsoft Exception Handling Application Block	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/emab-rm.asp
VS.Net Power Toys and other Stuff	http://www.gotdotnet.com/team/ide/

 

Additional Tools, Test-Driven Development, and Interesting Stuff
NUnit Unit Testing Framework	http://www.nunit.org/
XML Acceleration Appliance (Good for Web Services)	http://www.datapower.com/

 

<!–

eInfoDesigns dbProvider MySQL Managed Provider http://www.einfodesigns.com/products.aspx

–>

.NET Managed Data Providers
CoreLab MySQL Direct Managed Provider	http://crlab.com/mysqlnet/
MySqlNet MySQL and Postgres Managed Provider	http://sourceforge.net/projects/mysqlnet/
CoreLab Oracle Direct Managed Provider	http://crlab.com/oranet/
Corelab Postgres Direct Managed Provider	http://crlab.com/pgsqlnet/
Microsoft Oracle Managed Provider	http://www.microsoft.com/downloads/details.aspx?FamilyId=4F55D429-17DC-45EA-BFB3-076D1C052524&displaylang=en
Oracle ODP Managed Provider	http://otn.oracle.com/tech/windows/odpnet/content.html

 

.NET Ports to Other Platforms and Enhancements/Research/Languages
Mono on Linux	http://www.go-mono.com/
Microsoft Shared Source CLI – Rotor (Free BSD, OS X, Win XP)	http://msdn.microsoft.com/net/sscli
On the Death of Microsoft Shared Source CLI Community Site	http://weblogs.cs.cornell.edu/AllThingsDistributed/archives/000525.html
Old Generics Support in C# (SSCLI Gyro)	http://research.microsoft.com/projects/clrgen/
Microsoft F#	http://research.microsoft.com/projects/ilx/fsharp.aspx

Impersonation

At times users access a resource as though they were someone else. This is known as impersonation. For example, if a web page has no access controls, then any user can access that web page. HTML pages, ASP pages, and components in version 3.0 and earlier can be accessed through two accounts named IUSR_machinename and IWAM_machinename. Both the accounts are set up during IIS installation, and are automatically added to all the folders in every web site on the server.

Anonymous access to a resource in IIS makes the task of identifying a user extremely difficult. But there is no need to authenticate a user in the case of IIS. When IIS receives a request for a web page or other resource that has permission for anonymous access, IIS treats the IUSR_machinename account as the user’s account, to access the resources. If the resource requested by the user is an ASP page that uses a COM or COM+ component, that component is executed using the IWAM_machinename account.

In ASP.NET, when impersonation is turned off, the resources can be accessed using a “local system process” account. When impersonation is turned on, ASP.NET executes every resource using the account of a specified user who is authenticated when the user makes the request. If you specify the IUSR_machinename account to be used as the user account, then ASP.NET will behave like previous versions of ASP, in providing access to the resources.

In ASP.NET, you first need to check whether the application is configured to use impersonation. In the case of IIS, the IIS impersonates users with its own IUSR account. In the case of ASP.NET, impersonation is used to decide whether the user’s request should be executed using the account of the requested user, or that of a local system-process account that ASP.NET uses for anonymous requests.

The concept of impersonation is complex to some extent due to the fact that ASP.NET uses the dynamic compilation features of the .NET Framework. The IUSR account has only limited permissions on the local machine, and so is not suitable without some reconfiguration. This account is also used by IIS to access resources like HTML pages, documents, and zip files that are not executed as part of the .NET Framework.

If impersonation is enabled in an ASP.NET application then:
• If anonymous access is enabled in IIS, the request is made using the IUSR_machinename account.
• If anonymous access is disabled in IIS, the request is made using the account of the authenticated user.
• In either case, permissions for the account are checked in the Windows Access Control List (ACL) for the resource(s) that a user requests, and a resource is only available if the account they are running under is valid for that resource.

If impersonation is disabled in an ASP.NET application then:
• If anonymous access is enabled in IIS, the request is made using the system-level process account.
• If anonymous access is disabled in IIS, the request is made using the account of the authenticated user.
• In either case, permissions for the account are checked in the Windows ACL for the resource(s) that a user requests, and a resource is only available if the account they are running under is valid for that resource.

Code and Performance Analysis using Visual Studio 2005 System

A set of tools for code and performance analysis is essential for the developers if they need to develop reliable and robust software. These tools should be capable of detecting the errors and the defects in the coding and the performance errors so that they are corrected at an earlier stage in the development.

This is essential to reduce the overall cost of developing that application. In the earlier versions of the Visual Studio there were no Analysis tools available. Hence the developers have to depend on the third party tools or create their own custom analysis tools or ship the code without analysis.

This is overcome in the latest version of the Visual Studio Team System. With the integration of the Analysis Tools in the Visual Studio environment it is possible to work efficiently in building the application.

The analysis tools in the Visual Studio 2005 Team System can be categorized into two types. They are the Code Analysis Tools and the Performance Analysis Tools. These tools are integrated in the Visual Studio environment itself. If needed, you can also use these tools from the command line.

Visual Studio 2005 Team System has two tools for code analysis. They are PREfast and FxCop. PREfast is a tool that is used for static analysis. It analysis the code (C/C++) and gives you the defects that are likely to appear in the code.

Some of the defects that could be indicated by the use of PREfast are null pointer reference, memory leaks, resource leaks, un-initialized memory and buffer overrun. This tool is integrated in the Visual Studio 2005 Team System and you can enable or disable this tool as you wish.

You can access this from the property pages of the project. If you enable PREfast and if there is any error that is detected by PREfast then it appears in the Error list. If you double click the warning given by PREfast in the error list, it will take you to the actual code that causes error in the code editor. It is also possible to treat those warning as errors or ignore the warning. This is achieved by using the directive called #pragma. The code to treat warning as error is,

#pragma warning (error: 6260)

The code to ignore or disable warning is,

#pragma warning (disable: 6011)

This tool also supports annotation where you can get the information on conditions before function parameter is used and after a function parameter is used. You can also get information on return types. You can also use the PREfast tool in the command line.

The tool FxCop is used to analyze the code for the violation in design rules and programming. It also gives you information on the assemblies. The violation of the design and programming rules are compared to the rules given in the Design Guidelines of Microsoft .Net Framework.

You can also refer these guidelines in MSDN website. If possible this tool also gives information on how to fix the violation that is found by the FxCop tool. Since the tool is integrated with the Visual Studio 2005 Team System you can access this tool from the Property Pages of the project. You can use the checkbox option Run FxCop in the property pages. Just click the checkbox to enable running this tool.

You can select the configuration properties and then select the Rules option to enable the different types of Rules. You can select Rules like ComRules, NamingRules, and SecurityRules using the checkboxes available for that purpose.

In addition to selecting the Rules that you want to enable, you can also set whether you want those Rules to be treated as Errors or Warnings when they are violated. When the Project is build the rule violation are reported in the Error List as Warnings or Errors as selected by you. You can navigate to the exact code of violation by double clicking the Warning or the Error in the Error List that is displayed.

The Performance related problems in the code are identified using the Performance Tools available in the Visual Studio 2005 Team System. These tools allow you to measure and evaluate the issues related to performance. Two types of profiling are done with these performance tools.

They are Sampling and Instrumentation. Data is collected periodically by interrupting the application in the sampling method. The data thus collected is used to create a report file which can be analyzed later using the features available for reporting. The data in sampling method is collected after the application exits. One of the advantages of using Sampling method is that the application is interrupted only periodically.

One of the drawbacks of this method is that you get information based on random sampling. Instrumentation is a method that gets data for a section of the application. Probes are inserted which signals the start and stop of collecting data. The data collected are store for later analysis. The users can get the exact data that were used during the execution.

Using the Performance Session Wizard available in Visual Studio 2005 Team System you can create profiling for the applications. You can begin with sampling and then based on the results of sampling you can use instrumentation for a specific portion of the application.

The profiling environment can be setup using the Performance Session Wizard. Support for ASP.Net, EXE, and DLL applications are provided by the Performance Session Wizard. You can go to Tools -> Performance Tools -> Performance Wizard to start a new Performance Session. Instead you can also use the New Performance Session option to create it manually.

You can use the Performance Explorer to get more information about the Performance Session. Performance Reports are automatically added to the Reports node in the Performance Explorer after the application has finished running.

Different types of views are available for viewing the reports. Summary, Functions, Caller/Callee, CallStack and Type are the views that are available for the reports. The Summary view is used as the starting point of the analysis.

The Functions view gives the functions that were executed when the application was run. The functions that are displayed depend on the method of profiling used. To get information on the functions that are listed you have to use the Caller/Callee view.

For more information on the tools used for the code analysis and performance analysis you can always refer to the MSDN website. It’s no wonder that these tools are used for building reliable and robust applications.