You have a powerful method to control who can access what files and programs, if you have Windows XP Professional and have formatted your drive(s) using the NTFS file system. For example, you want to restrict access to certain individuals from using the Windows Messenger, but still allow everyone else to use it. No problem, if you're using Windows XP Professional and NTFS. Here's what you can do:

1. Make sure that the user you're trying to control is not an administrator. You can't limit an administrator, so you must first make your Messenger abuser a "limited user". To do this, go into the Control Panel and open the User Accounts applet. In the Pick a task window, select the Change an account option. Then select the user account, and finally select the Change the account type option. Make sure you select the Limited option. Once you change the abuser's account to Limited, he won't be able to undo the changes you make.
2. Open the Windows Explorer and find the Programs\Messenger folder. It should be on the same drive as the Windows folder.
3. Right click on the Messenger folder and click the Sharing and Security command.
4. In the Messenger Properties dialog box, click on the Security tab. There you'll see a list of groups and user names in the top half of the dialog box. Click the Add button.
5. In the Select Users or Groups dialog box, type the user name in the text box under where it says "Enter the object names to select". After you enter the name, click the Check Names button. You should see the entry you typed in change to something like COMPUTERNAME\Username. Click OK.
6. The user name will now appear on the list of users and groups. Click on that user. In the lower half of the dialog box, put a checkmark in the Deny checkbox for the Full Control entry. Notice how all the checkboxes in the Deny column fill in automatically.
7. Click on the Advanced button. Place a checkmark in the Replace permission entries on all child objects with entries shown here that apply to child objects checkbox. Click Apply. Click Yes in the Security dialog box that pops up. Click OK. Click OK again in the Messenger Properties dialog box.

That's it. Now when the forbidden user tries to run the Messenger application, the application won't run. What's even more fun is that when the limited user tries to install Windows Messenger, the application won't install.