and maybe other system critical paths.
Moreover some file types may only be altered with administrator rights, thus among many more

which are mostly executable files, which may contain malicious code in the worst. For information that is more detailed please look at the document of Mark Russinovich.

The Problem
By following this concept, it is not possible to take advantage of the established practice to save user data such as basic settings and options to the program path once the program does not run with administrator rights. The widely used workaround to save settings in the registry suffers from the same principle. It is even not enough to be logged in as an administrator but the program must be explicitly started with elevated rights by right mouse click and “run as administrator”.

For the program Metric it is now impossible to save basic settings like measure systems, calibration, exposure time or the connection of measure tables or motor drives – all save in Metric.opt within the program path – with one exception: It has to be started with elevated rights. This in turn would tear down the security wall of the system, if the normal user could start program with administrator rights.

To get rid of these problems, Microsoft established the technique called “UAC virtualization”. If a program does not have the rights to write or alter a file in the path of desire, a copy of this file is stored at a special location and this copy (or even not existing file in the destination directory) is virtually shown in the destination directory.

Example: You are logged in as „YouAsAUser“ with normal user rights and want to save the settings to Metric.opt. As you are not allowed to do that within
„C:\Programme (x86)\Metric\Metric.opt“
, Windows saves a copy of this file to

You now have three different Metric.opt: The one installed from the CD, your private copy and yours colleague private copy, although all of you will just see a single Metric.opt in the application path. The only difference will be presumably the size and the creation time. You now have the advantage, that your colleague may not alter your settings. However, if some basic settings like calibration have to be changed, this has to be done for all workers separately, which may be a lot of work, if many workers do their jobs on this machine.

If in your case this UAC virtualization is a problem, you may work around as follows.

The solution UAC File Exclude
As mentioned above there are file types, which are not virtualized by the UAC. If you add OPT to the list of this file types, the virtualization for Metric.opt (and all other files with the extension opt) will no longer take place.

A simple user now must not change the settings any more. Only the administrator, who explicitly starts Metric with elevated rights, may alter the settings. If this is the desired solution in your case, you are done. The file “uac opt exclusion.reg” contains the registry entry, which does the job for you and adds the file extension OPT to the excluded extensions.

Those hexadecimal characters code for the string “OPT” in DBCS format and an empty string. By double clicking this file and accepting all UAC questions this entry is made to the registry and a final reboot of the system lets the effects run on your system.

The extended solution “write permission”
If normal users should be allowed to change the Metric settings, they have to get write permission to the installation path of Metric “C:\Program files (x86)\Metric”. In this case “alter/change“ would be enough as saving a complete new set of settings in some different file is not necessary. The administrator may thus grant minimum rights and does not need to grant full access to the path.