Some critical Windows processes can easily be edited via Programs > Nonisolated programs
For example, services.exe, svchost.exe, dwm.exe, winlogon.exe, etc, etc
LOL... typical user starts to mess with the rules for such processes and they will quickly black-screen their system
Perhaps for System32 and SysWOW64 rule modifications there should be a stern, bold warning that modification can smash the user's system
Alternatively, for the most critical Windows processes include a bold, distinguishing color for the file name or explicitly designate such files as "Critical Windows System File"
Making it a multi-step process for the most critical Windows processes will require the user to take pause and consider what they are doing
Of course, it is already a multi-step process; have to enable Expert Mode, go in and modify rule
At the same time, you cannot completely disable the ability to modify rules for System32 and SysWOW64 file paths
Difficult problem... to protect users that don't know any better from themselves...
Something to consider
This one requires further discussion I think...
That's an interesting idea. Thanks for your suggestion. We'll definitely give it a think.