Hi, I have this problem of which I couldnt figure the solution on my own. I am using Win7 Home 64 and I have created second user account on it. My goal is basically to restrict this account from any access besides Program Files Windows folder and his user profile (C:\Users\SecondUser\..) I achieved most of it by denying "List folder contents" permission for that particular user on all drives. Problem is that if I use this on a system (C:\) and second user logs in and wants to (for example) copy something on a desktop or work in Office, it doesnt work properply (C:\ being inaccessible), apparently because Windows/Office need to write temp files to a C:\ (root) all the time, even though you copy/rename/modify files within permission area only (user's profile dir). What I need to know is how to restrict user/account from listing/reading C:\ (root including subfolders) but be able to write/delete this temporary folders/files so it will work as required. Maybe there is some other way around it. I would like to know, anyway that works. Thank you.