One of the nicer little changes to Vista is the re-engineering of Windows File Protection into Windows Resource Protection (WRP). As everyone who’s ever tried to construct a partial checked build knows, replacing a file like ndis.sys in older OSes was a pain - you had to edit the registry and boot with the debugger to keep windows from silently clobbering your replaced file.
Windows Vista takes a much more intelligent approach to the problem: it prevents users from deleting these files in the first place, using the built-in security mechanisms of the OS. Protected resources get an ACL that prevents writes/deletes/etc, and the files are owned by a special user.
Now, if you want to replace a file for testing purposes, life is a lot easier - just take ownership of the file, give yourself full control, and re-name the old file. Drop in the new file and you’re done - no need to worry about the watchdog thread any more.
WRP also protects registry keys now using the same mechanism. More info is available at http://msdn2.microsoft.com/en-us/library/aa382503.aspx