I've just noticed an odd little nit in both PG v3.0 (final) and PG v3.05 (using Win2000-sp4). When a program invokes a standard Windows file-handling dialog (open or save), the Windows dialog may attempt to create a global mouse hook. This happens when you start entering a filename and the first character matches one of the dialog's auto-completion suggestions. To see an example, make sure that ProcessGuard does not authorize global hooks for Notepad (or that it's completely unprotected). Now, start Notepad and select File->Open. With your cursor in the (empty) "File name" field of the dialog, type the first letter of any name that appears in the list above the cursor (a filename or a directory). After typing one character, the drop-down list of "names that match so far" should appear. Simultaneously, PG pops up a balloon saying, "notepad.exe was blocked from creating a global mouse hook". What really happened is that the code in the "open file dialog" tried to create a global mouse hook. Since the dialog is considered a standard part of Windows, most applications with user selectable files could be cited for trying to create a global mouse hook. The good news is that the file-handling dialogs work (more or less) correctly without installing a global mouse hook. The bad news is that some users may become accustomed to enabling global hooks without much thought. For those who don't become enablers, there's a danger that some of PG's popup balloons could become a routine annoyance. Tired of clicking on false-positive alerts, you start to ignore the RED PG-icon for brief periods. You look away for a few seconds, and that's when a second balloon pops up. The RED icon is unchanged and an ominous warning may have just slipped by unnoticed. A more personal annoyance with this nit is a result of auto-hiding my taskbar. For instance, when Notepad's open file dialog triggers a PG balloon and the taskbar devours the western quarter of my screen, it usually hides the new filename I've just started typing. Now I must either feign composure and try to finish typing the invisible filename, or instead, grab the mouse, click the balloon, click the PG icon back to blue, <ALT-TAB> back to the dialog, then mentally prepare, because my next keystroke could restart the cycle. If it's possible for PG to reliably identify these "dialog alerts", then perhaps they can be handled in a more transparent way. If they cannot be distinguished from "an application's own hook requests", then this may be additional reason to consider providing separate options for each specific type of hook a program could install. In the long run, fine grained control may be a good idea, anyway. These "dialog alerts" aren't a huge issue, but I don't want anything to start eroding the sense of stability and security that ProcessGuard should inspire in all its users..