I posted this thread under the "Squawks" section which is for software advice. I haven't got any replies in a while. Perhaps it is not frequented by many. I don't really know. Maybe one of you at this end might know if this is possible. The following that I posted is as such:

I doubt if I would be the first to think of this. The question is, can I set the system32 folder's attributes to "read only." You know the part where you right click and select "properties" and check off read only. It will then ask me if I want all sub-directories and files to be the same attribute, in which everything is read only.

The reasoning behind this is, regardless of whatever security software that you are using, I see it as an added protection against any maleware that might slip by and change important system files or rewrite them and corrupt them. I am aware that when you get say windows updates, or install new software, then certain changes or important archiving must happen to these files. So if I needed to envoke such actions, I could simply uncheck this attribute and simply recheck it when all is said and done. So when the action of "install" is about to happen, I simply perform this simple task of unchecking it.

Now, the all important questions. Will Windows start if I do this or will I screw things up royally and my computer wont start? Will everything function normally such as running applications or just web surfing? Are there viruses that can sneak by even if I do this?

So metaphorically speaking, no one sneaks in the door when I'm not looking and I will have to be there to unlock it and see just who wants in with my permission.

Any input on this would be welcome.

I dont know this for a fact, but it seems to me this wouldn't work. Windows seems to need to log almost everything when you use it (Virus scans, etc...). Denying it the ability to write to these logs might make windows crash, the way i see it. Let me know if you find out about this, it sounds like a good idea if it'll work.:typing:

Good point about the Log Files. I did a search on system32 folder and found a whole mess of files and folders pertaining to logging. Right now as I speak it's Feb 26 and 2:00 AM. When I looked through some of these files, I found yaddy yaddy, blah blah, this and that Feb 26 / 09 1:45. So it would appear something was logged at start-up.

To me, it just seems too simple of a one click, there yu go, doors locked, no one gets past me thing to do.

Oh well, I'm still open for suggestion. I'm sure someone knows the answer to this.
Sky.

Skyferret,

As winslow mentioned, Windows would need to have write-access to those files (not only for the logs, but also for Windows Update). I suspect that it would be very unhappy if things got changed to read-only and you'd wind up getting one of several blue-screen errors about not being able to access a file.

Are you working with XP? If so, the best possible solution for protecting your folder would be to run your user account as "limited" instead of with full admin privileges. This would prevent anything that was able to crack into your user account from making the changes...but if you got into a trojan or other nasty that is run as "system" or "Administrator" then it would still have access. Limited user accounts have their own set of unique problems but for the most part, that is the safest way to run Windows (or any OS).

I guess you should be able to test your idea out by setting a restore point so you've got something to roll back to, making the "read-only" change, and then rebooting again. If Windows doesn't like it, you could use the system restore to ropll things back to the pre-change conditions. Not something I would try on my working install though...I'd do it with a test install of Windows on another hard drive.

Mike: Thanks for sharing that. I'm running XP Home. I'll read up on the account thing and look at it.

Logical assumption tells me only "Admin" account can install new software or make changes, such as in the Control Panel. Having to switch on the fly is no big deal if I had to perform some task.

Thanks.
~Sky~