Difference between execprot.DLL and execprot.EXE

Discussion in 'Trojan Defence Suite' started by FanJ, Feb 2, 2004.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest

    Hi all,

    I would like to point you to two TDS-3 files with almost the same name.

    Execprot.dll and execprot.exe

    Although those two files have almost the same name (they only differ in their extension), they have absolutely nothing to do with each other and are completely different things.


    Also named exec protection or execution protection.
    This file is in your TDS-3 directory.

    That’s the one that you see in this line:
    23:42:07 [Init] • Exec Protection : OK. Installed

    The place where to enable/disable Execution Protection is:
    When you have started TDS-3:
    TDS > Execution Protection.

    Execprot.dll is the "hook", the on-access scanner part of TDS-3.
    (a DLL similar to Wormguards, it is NOT execprot.exe)

    From the Help-file:

    "If ExecProt is enabled, executing a file will cause the operating system to ask TDS-3 to scan the file before it is allowed to execute."

    That's why TDS-3 must have been started (either by yourself or at Windows start-up) for ExecProt to be working in the way it is supposed to be.
    If TDS-3 has not been started, ExecProt (= Execution Protection) will give that file back to the Operating System and let the OS do with it what it wants ;)


    This file is in the sub-directory Ext.Sys of your TDS-3 directory.
    Execprot.exe is an optional TDS component, you don't need it.
    This module caters for inter-process communication (IPC) via Dynamic Data Exchange (DDE) with TDS.
    Essentially it is a TDS-specific DDE server for parsing DDE transmissions to TDS-3 via program execution (for example, batch files can't use DDE, but batch files that call execprot.exe can).
    Try this - with TDS running, go to your Windows Start button, select Run, and run this:
    “C:\TDS-3\ext.sys\execprot.exe” TDS|ADDLINE DDE Test|Hello DDE
    Look to your TDS-3 window, you should see the text displayed.
    You will see this:
    01:15:08 [DDE Test] Hello DDE
    (Make that directory TDS-3 the directory in which you yourself installed TDS-3).

    In case you would like to know more about DDE (Dynamic Data Exchange):
    The Help-file says:
    "This is a means of two applications being able to communicate to another. TDS-3 has DDE capabilities which means that programs such as mIRC and pIRCh, can work together with TDS-3".
    The Help-file has a section "DDE Specs for Programmers".
    You can read there more about it.

    I would like to thank Wayne who explained the difference between the two files some time ago.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.