I have Abtrusion Protector and it says it won't let C:program files TDS3\dcmutex.exe load . I have gone into Program file TDS3 and can't find that exe. I have to find it to tell AP to allow it. Please help.

Hi WilliamP, are you sure it is blocking the dcmutex.EXE and not DLL
The DLL is in the TDS-3 directory. Now i see it's renewed after each startup scan i wonder if there is an exe somewhere too. Hmm.....

Hi,

1.
Are you sure it is dcmutex.exe and not dcsmutex.exe ?

2.
OK, let's assume it is a typo, then indeed the same question as Jooske asked:
Are you sure it is dcsmutex.exe and not dcsmutex.dll ?

3.
I have the file dcsmutex.dll on my system (in the TDS-3 dir), but not a file dcsmutex.exe

4.
Hi Jooske, I don't understand what you mean with this:
"Now i see it's renewed after each startup scan...".
How do you see that?
I myself have the file dcsmutex.dll listed in my crcfiles.txt.
So I will be alerted in case it is changed.
The only times (as far as I know) when I see such an alert, is when I run the CRC-test after installing a new radius-file that also has an update for dcsmutex.dll.
Dcsmutex.dll is not updated with every new radius-file.
DiamondCS updates dcsmutex.dll only when necessary.
(The same goes for advscan.dll).

Hi Jan,
i looked in my TDS directory and saw the file had yesterday's date, so i assume it is saved like that after each scan?
I don't think CRC would say there is a change if it is only redated after use, but ...... who knows?

{QUOTE-> quoting: WilliamP link=board=5;threadid=22878;start=0#msg135769 date=1077750787]
I have Abtrusion Protector and it says it won't let C:program files TDS3\dcmutex.exe load . I have gone into Program file TDS3 and can't find that exe. I have to find it to tell AP to allow it. Please help.
<-QUOTE}

Hi William

First it is dcmutex.dll. Solution is simple.

1. Right click on the AP icon in your icon try.
2. Chose settings.
3. Then click on files
4. Leave it on applications and scroll down until you
find dcmutex.dll. It will be colored Red.
5. Click on allow and it will turn green
6. Click on Ok and close.

This does happen on occasion when you update TDS. When I installed TDS I assigned it a package TDS3 in AP. When I update TDS, I switch AP to the install mode, and given it permission to install in the TDS folder.
Then I update, and exit install mode.

This should solve your problem.

Pete

{QUOTE-> quoting: Peter2150 link=board=5;threadid=22878;start=0#msg136194 date=1077829842]
{QUOTE-> quoting: WilliamP link=board=5;threadid=22878;start=0#msg135769 date=1077750787]
I have Abtrusion Protector and it says it won't let C:program files TDS3\dcmutex.exe load . I have gone into Program file TDS3 and can't find that exe. I have to find it to tell AP to allow it. Please help.
<-QUOTE}

Hi William

First it is dcmutex.dll <-QUOTE}

Hi Peter2150,

Just for my understanding:
Is it indeed dcmutex.dll (without the character s),
or is it dcsmutex.dll (with the character s)?

Thanks !

Hi folks. According to the box that pops up it is dcsmutex.exe that it stops. I did have System Safety Monitor and it had problems with it also. I have to find it in order to allow it to load. Allways something.

{QUOTE-> quoting: Jooske link=board=5;threadid=22878;start=0#msg136100 date=1077818895]
Hi Jan,
i looked in my TDS directory and saw the file had yesterday's date, so i assume it is saved like that after each scan?
I don't think CRC would say there is a change if it is only redated after use, but ...... who knows?

<-QUOTE}

Hi Jooske,

The last days there was an update for dcsmutex.dll.
(If you have dcsmutex.dll listed in your crcfiles.txt for some time), then look at your TDS-3 logs).
The CRC-test of TDS-3 will only give an alert in case the CRC32 checksum has been changed.
I will try to look more closely at its date.

FanJ I don"t know how to check the TDS3 log. I have found the DCSMUTEX.dll in the TDS files but AP says( exe.) Maybe AP doesn't know what it is talking about.

{QUOTE-> quoting: WilliamP link=board=5;threadid=22878;start=0#msg136203 date=1077830786]
Hi folks. According to the box that pops up it is dcsmutex.exe that it stops. I did have System Safety Monitor and it had problems with it also. I have to find it in order to allow it to load. Allways something.
<-QUOTE}

First for FanJ. It is indeed DCSMUTEX.DLL. On occasion when TDS is updated, the new version does have to be allowed. It is part of TDS.

For WilliamP

First any file once you try and run it can be allowed ini the manner I described.

Secondly, I don't have a clue what DCSMUTEX.EXE could be. I don't have one in AP, and I just did a search of my hard drive, and I have no such file on my system. I have every DCS product offered installed on my system. This is a puzzle.

Pete

If it is indeed dcsmutex.exe then the explanation could be this (a little bit guessing now, but I think that that is what is happening):

That dcsmutex.exe file could maybe be a temporary file created and deleted by TDS-3.
When you let TDS-3 download and install a new radius-file, then TDS-3 checks if it contains an update for dcsmutex.dll (same for advscan.dll).
If there is an update for dcsmutex.dll in the new radius-file, then TDS-3 unpacks it and the old dcsmutex.dll will be overwritten with the new dcsmutex.dll.
Maybe during that process there is a temporary file dcsmutex.exe; I don't know.

PS:
Now you might ask yourself: what is happening with dcsmutex.dll when you download a new radius-file manually and copy it into your TDS-3 directory?
Will I then also get a new dcsmutex.dll file in case there was an update for it?
The answer is: yes.
According to Gavin (thanks to both Gavin and Pilli for explaining this to me):
You download radius.td3, the next time you reload/run TDS (or use the commandline "initradius") the new database will be loaded. Everything is unpacked and loaded - if there is an updated ADVScan.dll or dcsmutex.dll its unpacked and overwrites the old file too.

Just for the record:
I really don't know if such a temporary file dcsmutex.exe ever, even temporarily, exists.
Wayne, Gavin or Jason has to jump in here (please ! ;) ).
William, are you absolutely sure that AP tells it?
Do you maybe have or please make a screenshot showing it?

{QUOTE-> quoting: WilliamP link=board=5;threadid=22878;start=0#msg136213 date=1077832032]
FanJ I don"t know how to check the TDS3 log. <-QUOTE}

William,

The logs are in the sub-directory Logs of your TDS-3 directory.
You have to enable the console activity.
See my screenshot.

Okay guys. Just did a little test.

1. I denied dcsmutex.dll privileges in AP.
2. Fired up TDS. It was fine.
3. Started testing.
4. When I hit the Mutex Memory Scan. Bingo

I did indeed get exactly the message WilliamP was describing. AP does indeed block DCSMUTEX.EXE.

Also TDS reports a mutex trojan.

5. Going back and allowing DCSMUTEX.DLL in AP and all runs fine.

I suspect that as part of the mutex scan, this file is created temporarily as part of the scan, and then is deleted. Jason can clarify.

If I got the screen shot uploaded correctly, you can see 3 mutex scans, the first two with the dll blocked by AP and the 3rd with it running normally.

Pete

Okay. I blew the upload.

BOTTOM LINE.

WilliamP Allow DCSMUTEX.DLL in the manner I described above and your problem with AP will be solved.

For Jooske:

I shutdown, restarted, shutdown, restarted TDS-3:
I see no change in date/time of dcsmutex.dll, looking at it via my PowerDesk Pro which is an alternative for Windows Explorer.

I love the help I get on this forum .I did what Pete said and it worked. When I opened TDS3 the AP window didn't pop out. Alls well that ends well. Thank you all for the help.

{QUOTE-> quoting: Peter2150 link=board=5;threadid=22878;start=0#msg136237 date=1077833503]
Okay guys. Just did a little test.

1. I denied dcsmutex.dll privileges in AP.
2. Fired up TDS. It was fine.
3. Started testing.
4. When I hit the Mutex Memory Scan. Bingo

I did indeed get exactly the message WilliamP was describing. AP does indeed block DCSMUTEX.EXE.

Also TDS reports a mutex trojan.

5. Going back and allowing DCSMUTEX.DLL in AP and all runs fine.

I suspect that as part of the mutex scan, this file is created temporarily as part of the scan, and then is deleted. Jason can clarify.

If I got the screen shot uploaded correctly, you can see 3 mutex scans, the first two with the dll blocked by AP and the 3rd with it running normally.

Pete <-QUOTE}

Hi Peter,

Oops sorry, I'm still confused by what you're saying ::)

One time you are talking about dcsmutex.exe and another time about dcsmutex.dll

What IS it exactly ?

{QUOTE->
Okay. I blew the upload.
<-QUOTE}

That's a pity ;)

{QUOTE->
BOTTOM LINE.

WilliamP Allow DCSMUTEX.DLL in the manner I described above and your problem with AP will be solved.
<-QUOTE}

I'm glad it's working for you and William !
Thanks !!!

BTW:
For what's it worth:
I fired up TaskInfo2003 while letting it always stay on top.
Then I started TDS-3.
I really see no dcsmutex.exe in TaskInfo2003....

FanJ, all I know is that AP would pop up a window saying it prevented dcsmutex.exe from loading. When dcsmutex.dll was allowed then everything loaded fine. Now the question I have is why, something must change with that file for AP to disallow it.

{QUOTE-> quoting: FanJ link=board=5;threadid=22878;start=15#msg136273 date=1077836481]

Hi Peter,

Oops sorry, I'm still confused by what you're saying ::)

One time you are talking about dcsmutex.exe and another time about dcsmutex.dll

What IS it exactly ?

{QUOTE->

Hi FanJ. It is both. If you check files, processes, whatever, there is no dcxmutex.exe. A check of the system, shows no dcxmutex.exe exists, only the dLL file. I get no error when I fire up TDS or run many of the tests.
Only on the mutex memory scan does AP protest about running a file dcsmutex.exe, and only if the dcxmutex.dll is blocked from running.

This suggests to me that during that mutex memory scan, TDS is either renaming or somehow creating a temporary exe that AP blocks. It might be something similiar to the virus baiting approach TDS uses to check for viruses.

We need a Jason answer on this one.

Pete


<-QUOTE} <-QUOTE}

OK William and Peter,

Here comes the proof that you both were right !!!!!!!
And that deserves a big karma cookie for you both ;)

I now fired up my WinTasks Pro.
I configured it to make a log.
Then I fired up TDS-3.
Then I started my screen-capture program SnagIt 6 to make a screenshot.
See now my screenshot of the log of WinTasks Pro :)

So, what you see there is that indeed during the startup of TDS-3 on my W98 SE box while doing its initial scans (I myself don't run the Process Memory Scan automatically at TDS-3 startup), during a very short periode there is indeed a process running called dcsmutex.exe

You guys were definitely right :) (or WinTasks Pro is fooling me...).

I am happy that I can now deal with the situation. But I would like to know what changes, that makes AP dislike the file.Or at least it doesn't recognize it.

{QUOTE-> quoting: WilliamP link=board=5;threadid=22878;start=15#msg136314 date=1077840762]
I am happy that I can now deal with the situation. But I would like to know what changes, that makes AP dislike the file.Or at least it doesn't recognize it.
<-QUOTE}

For AP to let any file run it must be in AP's database. Apparently in this case if the DLL file is allowed then the exe that is spawned can run, but if the DLL is not allowed then the spawned exe can't run either. This is good.

Just make sure when you update TDS, that you give TDS temporary install privileges. If you forget then you just need to go in as I related and give the updated file privileges.

This may be a bit off topic but should answer williamp's question.

A simple way to test this and see it work, is if you have winzip (if not get an evaluation version at http://www.winzip.com) and zip up something and make a self extracting exe file and name it test.exe. Try and run it and AP will block it. Then allow it in AP and it will run. Now do the same thing zipping something else, make a self extracting exe, and name the new file test.exe
It will not run, because it's thumbprint is now different and AP will pick that up and block the new file. You will have to allow the new one to get it to run

I had tried SSM and it would key on the same dcsmutex and say that it was not the same file that had been allowed and you had to reallow it. Something changes the file.

Hi FanJ,

I use Goback on this computer and after reading this thread, went back and looked at the logs it creates and comparing with the TDS-3 log, what happens on my system is this:

10:05:58 [Mutex Memory Scan] Started...
10:05:59 Dcsmutex.exe created (info from Goback log)
seconds later: Dcsmutex.tmp created
10:06:00 [Mutex Memory Scan] Finished (no trojan mutexes found).
10:06:00 Dcsmutex.tmp deleted (info from Goback log)
10:06:00 Dcsmutex.exe deleted

WinTasks Pro is not fooling you!

Sneaky little bugger.

{QUOTE-> quoting: VIETNAM_VET link=board=5;threadid=22878;start=15#msg137153 date=1078000650]
Hi FanJ,

I use Goback on this computer and after reading this thread, went back and looked at the logs it creates and comparing with the TDS-3 log, what happens on my system is this:

10:05:58 [Mutex Memory Scan] Started...
10:05:59 Dcsmutex.exe created (info from Goback log)
seconds later: Dcsmutex.tmp created
10:06:00 [Mutex Memory Scan] Finished (no trojan mutexes found).
10:06:00 Dcsmutex.tmp deleted (info from Goback log)
10:06:00 Dcsmutex.exe deleted

WinTasks Pro is not fooling you!
<-QUOTE}

Hi VIETNAM_VET :)

Many, many thanks !!!
A big, very well deserved, karma cookie for you my friend !!!

*puppy*

Cheers, Jan.

FanJ,

My pleasure and thanks for the snack! :D