If you go snooping around, you may find an empty
C:\Program Files\Xerox directory. What's that for?
This directory is being watched by Windows File Protection, because it needs to protect the file
xrxflnch.exe should it ever show up. (Why does the directory have to exist in order for Windows File Protection to be able to watch it? I'm told it's a limitation of the Windows File Protection engine. I suspect it may have something to do with the fact that the
FindFirstChangeNotification function can't watch a directory that doesn't exist.)
xrxflnch.exe so special? I don't know. My guess is that it's some file that is frequently overwritten by setup programs and therefore needs to be protected.