Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can I prevent a file from being deleted?

Question:

Can I prevent a file from being deleted? I have a file that is
encrypted so that only I can read it. Now the problem is that although
no one can read it, they can still delete it. I want to prevent that
file from being deleted.

The short answer is no. You can’t prevent it.

The longer answer is you can make it more difficult, but if someone
is determined to delete the file, they probably still can.

Become a Patron of Ask Leo! and go ad-free!

I’m going to assume that this file is on a machine where other
people have access to the machine itself. If your file is on a network
or on a server, anywhere where people do not have physical
access to the machine, then the answer’s different. You can prevent the
file from being deleted simply by putting it somewhere that people have
read-only access, or marking the file itself read-only to everyone but
you. Exactly how you do this depends on what kind of an internet server
or network file server you’re running, but it’s typically not that
hard. Your network or system admin can help on that, or the steps
outlined below may apply.

However, when it comes to a PC that other people might have access
to, all bets are off.

Let’s look at how we can make it difficult, and then I’ll describe
how all that can be bypassed.

“If it’s not physically secure, it’s not
secure.”

First, the drive on which you’ve placed the file must be formatted
NTFS for the additional security options we’re about to play with.

Open up Windows Explorer, click on Tools,
Folder Options click on the View tab
and scroll to the bottom of the Advanced Settings
list. You should see something like this:

Folder Options, Advanced Settings

Make sure that Use simple file sharing is
not checked, and OK your way back out.

Now, locate and right click on the file you want to protect and
click on Properties. You’ll see a
Security tab; click on that and you should get
something like this:

File security settings

Now, for each Group or user name in the top list
except Administrator (or perhaps except your own login account
if you are not an administrator), make sure that the
Deny column in the Permissions for…
list is checked. For Administrator the column Allow
should be completely checked.

Press OK.

What this has done is restricted access to the file to only those
with administrative privileges. Anyone else logged into Windows with a
different account will be unable to read, write or delete the file.

Seems like exactly what you were looking for, right?

Here’s the downfall:

If it’s not physically secure,
it’s not secure.

If someone can reboot your machine and boot from a floppy, CD-ROM or
USB drive, then they can boot into any of a number of password and file
recovery programs that can completely bypass the security you’ve just
set up.

In fact, here’s an article on how they can become the administrator:

I’ve lost the password to my Windows Administrator account, how do I
get it back?

At that point, they could reformat the drive, and erase everything
including your file.

Even if you remove all the boot options, if they’re really
motivated, they can steal the machine or drive, and install it into some
other system where they can then proceed to get full access. I’m
guessing stealing the drive also qualifies as deleting the file.

The bottom line is that depending on your situation, “making it
difficult” might well be enough. But be aware that it’s not bullet
proof. Encrypting your data is a great thing to do, but make sure you
have a backup – perhaps of the encrypted container – since it’s quite
possible a motivated someone could come along and delete it no matter
what you do.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

16 comments on “Can I prevent a file from being deleted?”

  1. You have to be careful about using apps that promise to hide a file or folder, I know of one that just moves the file to the app’s directory and doesn’t really hide it at all….easily found using windows explorer. I think the name of the one I’m talking about is “folder lock” I prefer really encryptioning it with trucrypt. With trucrypt you can make a container using any extension like a .dat or .jpg…something no one would expect to be able to read…

    Reply
  2. Don’t forget the ultimate physical threat to data integrity: a big, powerful magnet.

    Actually, I’ve read that what we think of as big
    magnets turn out to be much less effective than we might think.
    Surprising, to me anyway, but apparently so.
    -Leo

    Reply
  3. Dave,
    I found TruCrypt when I Googled that name, but all the sites pointed to a program called TrueCrypt, so I hope that TrueCrypt was the program about which you were talking. When I went to their web site, it looks like the program is disk encryption software. I didn’t see any options for encrypting a single file. Am I not getting the best info from their screenshots? Can you make TrueCrypt hide a file?

    TrueCrypt doesn’t encrypt individual files. You create a container using TrueCrypt and place files (as many as you like) in to the container and they are encrypted automatically. In a way it’s easier than individual encryption since all you need do is mount the container and the files are there to be used normally.

    For individual file encryption I have heard things about http://www.axantum.com/AxCrypt/, but I’ve never used it myself.

    -Leo

    Reply
  4. Though I don’t have to share my computer/laptop with anyone else I use external USB harddrives to keep a good portion of what is on my main drive (C:) In that way I’m more assured of it’s safety and security. The external USB hard drives comes in a variety of compact sizes and are reasonable in price. They are transportable on to other computers.

    Reply
  5. yeah Diana, it’s truecrypt….my bad…you can make a truecrypt container as big or as small as you want or need. When mounted it acts just like another hard drive partition.

    Reply
  6. I’ve often tried to delete a Windows directory and gotten stopped because of a flash??.ocx (?? stands for 8c or 9b or some other version code). Even from another windows installation or Windows PE CD, it can’t be deleted, so I know the file isn’t in use. I can’t figure out how (or why) Adobe makes it undeletable. It would seem there is some technique that might be useful for protecting other files.

    Reply
  7. I wanted to put a file(video) in an USB thumbdrive and doesn’t want to be deleted. I want it permanently there. I heard from my friend that in order to do this, i must do it in desktop or notebook, can’t do it in USB. Once the file became “undeletable” at the computer, we can copy to the USB and the file will be permanently at both computer and USB. Is it true? You have any better way of doing it?
    Thanks for your help.

    Reply
  8. THIS IS LEO’S ANSWER:

    “The short answer is no. You can’t prevent it.”

    YOU ARE WRONG!!!
    YES YOU CAN PREVENT A FILE FROM BEING DELETED. THERE IS A WAY. THE PROBLEM IS WE DON’T KNOW HOW. TRY PANDA USB VACCINE. IT WILL CREATE AN “AUTORUN” FILE ON YOU FLASHDRIVE WHICH WILL IMMUNIZE IT FROM VIRUSES. YOU KNOW WHAT? ONLY FORMATING YOUR FLASHDRIVE CAN DELETE THAT “AUTORUN” FILE. ALSO BEEN WONDERING HOW THEY DO IT. TRY IT AND YOU’LL BE AMAZED.

    I still disagree. I’m sure there’s a way to delete it.

    – Leo
    25-May-2009
    Reply
  9. If deleting means making inaccessible, then its simple to destroy whatever drive the data is on.

    Formatting a drive can delete it too.

    No way to prevent it from being deleted if anyone else has access to it. (best bet is a thumb drive in your pocket, but that’s not guaranteed either).

    Reply
  10. Ya know, AL CORTEZ, you are full of it…

    “YES YOU CAN PREVENT A FILE FROM BEING DELETED. THERE IS A WAY. THE PROBLEM IS WE DON’T KNOW HOW. TRY PANDA USB VACCINE. IT WILL CREATE AN “AUTORUN” FILE ON YOU FLASHDRIVE WHICH WILL IMMUNIZE IT FROM VIRUSES. YOU KNOW WHAT? ONLY FORMATING YOUR FLASHDRIVE CAN DELETE THAT “AUTORUN” FILE. ALSO BEEN WONDERING HOW THEY DO IT. TRY IT AND YOU’LL BE AMAZED.”

    If you don’t know how, then you obviously don’t know much. Also, creating an “Autorun” file on a USB Flash can still be deleted by the simpelist means. I have several USB’s that have Autorun files on them and even when hidden and read only, they can be deleted by simply highlighting and deleting the file in the ordinary fashion.

    Simply put… there is NO WAY TO PREVENT A FILE FROM BEING DELETED EXCEPT by issuing Administrator Privilages such as they have at Libraries and other Computer Cafe’s… in those systems, you cannot delete a file unless you created it, and you cannot download, access or otherwise mess with any system files because the Admin has set them to restricted access to general public users.

    Reply
  11. I want to make the Executable .exe file undeletable from virus guards. As some times they detect them as virus. I have tried like manipulating some settings in the virus guards to allow them but how ever sometimes it fails. Hence could you suggest me any software (Portable) that will protect the .exe files being getting deleted.

    Thank you in advance

    I’ll assume you’re not attempting to write a virus. I don’t know of a way, and I hope there isn’t one, because virus writers would use it.

    Leo
    09-Apr-2010

    Reply
  12. THERE’S ONE THING I LIKE TO ASK TO YOU HOW CAN MY FAVORITE GAME IN MY COMPUTER(STILL I HOLD THE GUEST)TO BE IMMUNE TO DELETE BECAUSE MY MOTHER WANT TO DELETE IT FROM THE GUEST DOCUMENTS? MY MOTHER HOLDS THE ADMIN PLEASE HELP ME.

    Talk to your moter and convince her not to delete it.

    Leo
    06-Apr-2011

    Reply
  13. We need to prevent deletion of files from a USB drive but allow them to be printed or copied off the drive. Also, the user may plug the drive into a Mac or a PC. Easy way to accomplish this?

    Reply
  14. Why do many of you leave up sites that are obsolete?

    I have Vista which is now old and there is no “Use simple file sharing” option to untick.

    I am sure Windows 7 doesn’t have it either.

    XP is now ancient!

    While it’s in decline XP is still in use by nearly half the computers on the panet. Ancient, maybe, but many people rely on it.

    Leo
    21-Jan-2012
    Reply
  15. Every time I highlight a file to open it, a window comes up wanting me to delete this file. I can’t hardly get this window to go away. I have had to delete the file, then restore it from recycle bin. I am frustrated. I need help.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.