Here is a somewhat disturbing event that is under scrutiny through the AdAware forum where a malicous program is modifying the Ignore List of Adaware, thereby preventing detection of spyware.

http://www.lavasoftsupport.com/index.php?showtopic=50560

I'm wondering if PG can prevent modification of files that are not executibles, for example IGNORE.INI.

I tried putting IGNORE.INI in the protection list of PG and then doing a modify on the file. PG did not stop it.

Just wondering! ::)

Hi Siliconeman01, Currently ProcessGuard on caters for executables but wouldn't an ini file initiate the running of a process? If so Execution Protection would probably stop it.

Pilli

All a program has to do is keep a file handle open to prevent that file being deleted, it'd be easy for the Adaware author to add that