I’m using a launcher program called claunch (clock launcher) which by default uses Global Hook.
The program uses clhook.dll which seems cause a lock up of window right after CIS popup show up.
After this I have to ctrl+alt+del->logoff or force reset to come back.
Is their any workaround so that defense+ ignore this dll? I tried adding it to computer security policy as all application but does seem to work…
Have you tried to add the application as a trusted app? Start the GUI > Defense + > Advanced > Computer Security Policy. From there you should be able to add the dll to trusted applications.
Hi, thanks for the replay and the suggestion.
I did at you instructed but it doesn’t seem to work.
It lock the window so I can’t push allow button and only thing I can do is alt+tab or ctrl+alt+del to force log off/reboot. Switching task does seem to help much as entire window is locked so the mouse click wont work.
It seems like CIS is not very compatible with software that uses global hook…
The other thing you could try is to switch D+ to training mode and run claunch, use it for a few minutes, then switch back to the previous mode. Hopefully the necessary rules will be created to allow your application to work.
The warning in defence plus is just lancher → launched application pop-up.
I forgot to mention that this is under proactive security configuration. (With Defence+ set to safe mode)
As bulgroz mentioned I can avoid this via training mode or disabling clhook.dll (by renaming and force launcher not to load dll upon startup) but I figured this isn’t efficient as I may add new program to the launcher. So if I forget to set to training mode or temporary disabling clhook.dll, I can encounter lockup. I’ve done this couple times and occationly had something downloading or unsaved document was their which I don’t have a chance to save.
You can add the permission for the global hook without starting claunch.
Go to Defense + → Advanced → Computer Security Policy → look up claunch and select it → Edit → when it is not set to Custom Policy set it Custom Policy → Access Rights → push the modify button behind Windows/Winevent hooks → in the Allowed Hooks add the cllhook.dll → now Apply and Ok your way back to the main screen and try again.
Thanks for the instruction. I gave your method a try but unfortunately didn’t change the behavior.
I guess I’ll just have to let this one go, I bet this was very rare case of D+ compatibility issue.
But truley appreciate all the tips, advise and concern.
