1. PG 1.200 will protect users from ordinary DLL trojans which inject a DLL via CreateRemoteThread or SetWindowsHookEX. According to http://www.sophos.com/virusinfo/analyses/w32mydooma.html i-worm Mydoom.A includes a backdoor (a DLL trojan called shimgapi.dll). The DLL is registered as an in-process server so that it is run on startup. My question is whether such start-up method will circumvent PG's protection mechanism? If yes: Would it be possible to change this? (I understand that PG also covers the "AppInitDLLs" registry entry.) 2. I addition, I believe that PG is meant to protect the user from file viruses etc. which dynamically disable SFP and then modify system files. I would like to know whether this also applies to WfpAdmin v2.00 by http://www.collakesoftware.com/ . I am not sure whether my own test results are correct (I have not used the PG full version). TIA.