Application Control - Extent of checking exe and dll.

  • 20 January 2021
  • 2 replies

Userlevel 2

I was wondering to what extent Application Control checks an application before deciding to label it as ‘Trusted’ (or any other) and allowing it to execute/not execute.


We all know the ‘exec’ file is analysed by KSN, Digital Signature, etc.

What about all the .dll libraries that are invoked by the Trusted exec ?  

Are they analyzed by Kaspersky ?  If so, at which stage ?


My concern is that an application determined as  ‘Trusted’ by Kaspersky has the capability of invoking a malicious .dll 






This topic has been closed for comments

2 replies

Userlevel 7
Badge +6

Hi @celsurf , 

if the application is marked as  trusted, it means it at no point can invoke a malicious .dll, unless it changes its version, but that would be a different application, that would not get to Trusted group.

Anyway, Kaspersky monitors applications with File Anti-Virus, System Watcher, Application Control and an attempt to run a malicious .dll would be intercepted. 



Userlevel 2

Hi @celsurf , 

unless it changes its version 



And if the version of the exe stayed the same (Trusted) and some virus managed to insert/modify one of its dll’s to make it malicious, which layer would catch this ? (assuming my scenario is a valid one)

Would a more extensive product like Enterprise protection required to detect something like this.