Results 1 to 2 of 2

Thread: Global windows hook

  1. #1
    sapphirel Guest

    Default Global windows hook

    I am using aol 8.0 and after upgrading zone labs security suite, i have noticed under os firewall, ever time i use aol it is executing a global windows hook, Program MD5 85ff7652343413121b841e16ff6bd713 The MD5 hash, or number, that uniquely identifies the executable.
    is there any way to disable this hook? Also internet explorer set a hook, zone labs used to alert me and now it doesn't.Any suggestions.

    Operating System:Windows XP Home Edition
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Global windows hook

    <blockquote><hr>Sapphirel wrote:
    I am using aol 8.0 and after upgrading zone labs security suite, i have noticed under os firewall, ever time i use aol it is executing a global windows hook, Program MD5 85ff7652343413121b841e16ff6bd713 The MD5 hash, or number, that uniquely identifies the executable.
    is there any way to disable this hook? Also internet explorer set a hook, zone labs used to alert me and now it doesn't.Any suggestions.

    Operating System:
    Windows XP Home Edition
    Software Version:
    7.0
    Product Name:
    ZoneAlarm Internet Security Suite

    <hr></blockquote>


    AOL what? browser? AOL browser is a shell for the Internet Explorer or based on the old netscape browser (or is that now changed and they switched to the gecko engine)?

    Yes the Internet Explorer will set keyboard or mouse hooks.
    If the ZA has stopped alerting for the IE hooking events, then it means it may have been allowed in one of the previous alerts.

    Either way the keyboard and mouse hooks by the browsers are legitimate and not a security risk and the hooks should not be disabled or disallowed.

    Keyboard and mouse hook which are watched by the ZA can be disabled within the ZA's backup.xml (sorry no gui interface must be done manually). But it is a global switch for the hooks is either an On or Off setting, with no particular arrangements per specific programs.

    Open the ZA and create a backup .xml configuration file.
    Open the new file with the notepad.exe (not the internet explorer).
    Scroll down to the .....

    &lt;/imsecure&gt;
    &lt;applications securityLevel="high" alertOnBlock="true" denyAskIfNoUI="true" tempAllowRequiresAuth="true" moduleTracking="true" clearoldEntries="true" disableParentCheck="false" disableProcProtect="false" disableKeyboardMouseProtection="false" askOnListen="true" disableAdvProgProtect="false" enableOpenProcess="true" programDisplay="custom" enableCBP="false" disableSendMessageProtect="false" disableDNSProtect="false" askUser="false" programAdvisor="off" PAGUID="" askPA="false" osfwSetting="true" osfwEnable="true" CurrentRunMode="high" DefaultRunMode="high" RunModeRevertDate=" "&gt;&lt;osfirewall majorVersion="1" minorVersion="15"&gt;
    &lt;rulegroup name="protourfiles"&gt;

    and change the disableKeyboardMouseProtection="false" to disableKeyboardMouseProtection="true"

    Then Ok the change to the file when closing, and then restore the newly edited file back into the ZA.
    Then reboot to finalize the change to the ZA setting.

    Oldsod.

    Message Edited by Oldsod on 05-13-2009 02:38 PM
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •