Understanding and Working in Protected Mode IE: Finding Low Integrity Write Locations.

Long and short of it: call IEGetWriteableFolderPath().

I don't think there's a way to disable Protected Mode programmatically. I assume we have to live with it. Find some pointers of how to do this in: HowTo: Deal with Protected Mode API in Internet Explorer 7 and IE8.

Here is the solution:

Fire up RegEdit and go to this key:

HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones

On my machine (Windows 7) the Local System account is S-1-5-18. This might be the same for all versions of Windows, but I don't know about that.

In that registry key, there are five more keys 1, 2, 3, 4 and 5 - each representing a Zone.

For every zone, if there is a DWORD value with the name "2500", set its value to 0 to turn protected mode off. Note that you don't have to add it if it isn't there.

The value "2500" is supposed to control the tick box "Enable protected mode".

Or, if you want to just alter Protected Mode settings for Current User then go to the HKEY_CURRENT_USER version of the above registry key, and I think there may also be one for HKEY_LOCAL_MACHINE (feel free to check) and use whichever one you prefer.