Application hooking

Block application hooking to prevent unknown applications from binding themselves to other programs. This type of hooking, which occurs at the kernel level of the API, is needed by some legitimate applications, but can also indicate an attack. For example, a malicious application might try to e-mail itself by hooking to the e-mail application. You can prevent these attacks by blocking application hooking or configure it so that only specific applications bind themselves to other programs. You can also enable automatic Adaptive mode or interactive Learn mode to handle unknown applications trying to hook other applications.

Copyright © 2006 McAfee, Inc. All Rights Reserved.