I am using Windows XP Pro Service Pack 2 (AMD XP 1.5GHZ 760MB RAM 120Gig HDD).

I needed to temporarily disable my Windows File Protection in order to patch a file so I downloaded this program from here:

http://www.snapfiles.com/download/dlwfpadmin.html

I was interested to see if Process Guard would alert me to this applications attempt at disabling Windows File Protection so I left all of Process Guards protection enabled which includes all of the ''General Protection'' options.

Although I had to permit this program to run from MD5 execution protection, when it did run it disabled Windows File Protection with no alerts from Process Guard at all.

I emailed DCS regarding this twice with no reply so I post here instead. Perhaps there was a problem with email I don't know.

I just feel that this program being able to disable WPF with no alert from Process Guard should be looked into. I tried this on Process Guard V3 public Beta with the same results.

ProcessGuard is for process and kernel protection, watching WFP (files) doesn't really fit under that umbrella so PG was never designed for that. PG does actually block many WFP-disabling methods due to its protection techniques, but they're not specific to WFP.

WFP isn't a very strong form of protection anyway (f.e. the developers of the excellent LitePC (http://www.litepc.com/newsarchive.html) program have recently incorporated one of my tricks to gracefully defeat WFP so that users of the program no longer need to reboot before they can use it), and trojan/virus/worm authors have never found WFP to be a barrier - it can even be bypassed to some extent without having to disable it anyway. I don't recommend using it for security purposes, but rather to prevent things like accidental deletion.

We may add WFP-watching capabilities into a future build of PG, but at this stage I wouldn't consider it a high priority addition. We'll see...

Cheers,
Wayne