How does KAV treat VST and other executable plugins?

[Guest]

I do some music production on my machine. In this area, everything revolves around a VST plugins. VST plugin is just a .dll, so it can, in theory, do anything. Editor application loads them during work and runs them.

 

So, here is a situation: a well-known, popular and trusted application with digital signatures from a respected developer regularly loads DLLs, that are untrusted, unsigned and are being downloaded from all over the Internet. Many of them use self-encryption in attempt to apply DRM to what can’t be.

• Does KAV automatically extend the trust for the editor on the DLLs?
• If yes, should I, maybe, explicitly set the editor itself and its modules as a low-trust applications? I tried to do it and got some functions blocked, but maybe I could investigate why if it is worth it.
• Any other advise how to secure that system?

Thanks!

[Wesly.Zhang]

Hello,

Before KAVKISKTS 2019 build, There is a function named ‘Trusted mode’ could be control dll load process. Any untrusted dll by KL could be blocked in order to avoid loading. But unfortunatly, This function has been removed.

My suggestion for system security is to download the program file from the official software website. The downloaded program needs to have a digital signature and verify it. Most software installation packages now have digital signatures, so this verification process is easy to implement. This is also the most secure software usage habit.

Regards.

[Guest]

Hello!

If you do not sure about some dll in general - upload the file to https://opentip.kaspersky.com/ or create a request to Tech Support for additional check of the file for any kind of malware code.