Exec Protection not installed at startup

I have been using TDS for about a week with no problems. After having installed Exec Protection initially, whenever I started up TDS a message would appear in the console, "Exec Protection installed......OK".

Today, I noticed that now when TDS starts up the message is, "Exec Protection not installed". I can still install Exec Protection from the TDS menu and it appears to still be working after I have done that.

However, if I shut TDS down and then restart it, the message is still, "Exec Protection not installed".

Any ideas as to what may have caused this change?

I also run ProcessGuard as well as TDS.

Cheers,

Richard

 

Hi Richard, Make sure that execprot.exe is in your PG protection list, default path to * \ext.sys\ where * is your TDS3 folder and that it has allow always in the PG security list.
BTW. Execprot.exe should have the default allows + terminate on your protection list.

HTH Pilli

 

Hi Pilli,

Thanks for the reply. Are you saying Execprot.exe needs to be able to terminate Protected processes? I thought the whole idea was to block "unprotected" processes from starting in the first place.

Another thing I have noticed since my first post is that Execprot.exe appears to be present and working in TDS even when the startup message says "Exec protection not installed" AND I have NOT installed it manually through the TDS menu system.

I am still unclear about the relationship between TDS and ProcessGuard. Is Execprot.exe part of BOTH TDS and ProcessGuard and if so, could this be the reason that it still works even though it is not installed in TDS?

Cheers,

Richard

 

In the unlikely event that a protected process was compromised then Execprot would need to be able to terminate that process from starting.
Execprot is a part of TDS3 and not of PG
Execprot only fires up briefly to examine an opening process, this can easily be seen in the ProcessGuard alerts log.

No idea but If you have TDS starting with windows then try doing manually after boot up as sometimes the start up scans can cause contention. I would suggest that if the problem still persists you re-install TDS3 over itself.

HTH Pilli

 

Not sure what i am missing here:
Exec prot needs only to be installed once, after TDS installation, registered TDS versions only.
Puzzling me why you would want or have to do that at each TDS execution?
TDS needs to be running for Exec Protect to function though.
Could it be some of this you're seeing?

 

Hi Jooske,

As I said in the my second post on this thread, Exec Protection does actually appear to be installed and working even though when TDS starts the console message says "Exec protection not installed".

At the risk of repeating what I said in my first post, originally TDS worked fine and the console startup message said "Exec Protection installed .... OK". Then about a day ago I started getting the "Exec Protection not installed" message on TDS startup. I initially took this to mean that I would have to manually install Exec Protection through the TDS menu, but later on I noticed that it appeared to be present and working even if I did not install via the TDS menu and the console startup message said "not installed".

It now appears to me that Exec Protection is installed but for some reason (unknown to me) TDS does not recognize this on startup and therefore displays the "not installed" message.

I was just wondering if any interaction between TDS and ProcessGuard (which I installed a few days after TDS) could have caused this.

Regards,

Richard

 

Richard, only in regards to the PG settings as described above.
Please reinstall TDS3 over itself and see what happens as there may be some minor file corruption .


Pilli