Regedit.exe and Global Hook- FYI

Discussion in 'ProcessGuard' started by siliconman01, Jan 28, 2004.

Thread Status:
Not open for further replies.
  1. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    781
    Location:
    West Virginia (USA)
    Doing an Export in Regedit.exe shows:

    Welcome to DiamondCS Process Guard.
    This program does not need to be running for your system to be protected.

    28 Jan 02:18:15 - Window Log Started
    28 Jan 02:18:21 - Process Guard Protection is ACTIVE
    28 Jan 04:35:58 - [HOOK] c:\windows\regedit.exe [2340] was blocked from creating a global hook [00000007][00000000]

    Added to PG and Options-Allow Global Hook. Regedit.exe is in C:\Windows
     
  2. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Hook type 0x7 is WH_MOUSE. Why Regedit wants to hook mouse input when exporting, I'm not sure, as it only occurs after the export occurs - not during. I wouldn't be very concerned about it though, it looks OK from here. :)
     
  3. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    781
    Location:
    West Virginia (USA)
    Thanks Wayne :)

    I suspect there will be several/many more like this as time goes on...Windows does strange things for sure :p.
     
  4. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,194
    I get the same thing here, WinXP Pro. Strange.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.