A) Here is how to drill down to the item of Comodo Defense+, concerning which I am seeking your help... click Defense+ at top of Main Comodo GUI > Advanced > Predefined security policies > Hi-light Limited application & click Edit > Protection settings B) You now see this> C) I make reference to the item "Windows/WinEvent Hooks" in the above screenshot. Here are Comodo's Help file instructions concerning that item... D) I have read & re-read the quoted instruction, but I remain unsure that I fully understand them. Here is the help I need... 1) An "explanation for dummies" of what the quoted instructions are saying. 2) Consider an example application -- say firefox.exe. If I put an X in the "Windows/WinEvent Hooks" block for firefox.exe, does that mean (a) that firefox is not allowed to set hooks? OR does it mean that (b) firefox is now protected from any application that tries to hook it? 3) Can you give me an example of when it would be useful to put an X the "Windows/WinEvent Hooks" for a given application? E) These are quite possibly "dumb questions" so please be gentle with me.