HELP: Defence+ Image Execution Control. Plz help! [RESOLVED]

I have a simple question, that I cant find info on by myself.
By default IEC checks only exe files, but whats about dll?
If I want to block a dll being executed, should I add “.dll” to the list too?
If it can be done, does it mean I must add access rules for every dll?

How does D+ check for dll modifications/replacements?

Also, if I answer “allow+remember” to every dll call, where do this “remember” lie?


I bet nobody knows it … (:SAD)

If you want alerts for dll-files, yes.

You’ll get an alert for every dll-file(which means a lot), so you’ll have to allow/block it, and add access rights if necessary.

For example, if explorer.exe executes something.dll, it’ll be stored in explorer.exe’s Access rights->Run an executable->Modify…