Out of curiosity: would PG3's modification protection mend the glaring hole in Windows Firewall (namely, that any application can add itself to the exceptions list, and invisibly if it likes)?
The exception list for Windows XP's firewall is stored in the Windows Registry. PG does not control access to the registry (except for AppInit DLL's which are a separate matter entirely) so would not prevent alterations to this list, assuming you have chosen to run the program that made them. Using registry monitoring or control software (RegDefend being one good example) would flag this - switching to a third-party firewall with more secure configuration would also avoid this situation.
Okay, thanks for the answer, Paranoid. I don't use Windows Firewall anyway, but I was just hoping PG3 might actually make it functional. Still, protecting the registry isn't such a bad alternative. DiamondCS even has a free utility for that. Does anyone know how it compares to RegDefend?