home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
High Voltage Shareware
/
high1.zip
/
high1
/
DIR14
/
VDS30C.ZIP
/
HILITES.TXT
< prev
next >
Wrap
Text File
|
1993-12-02
|
8KB
|
142 lines
Virus Detection System 3.0c
Shareware Release
Copyright (c) 1992-1993 by VDS Advanced Research Group
December 2, 1993
WHAT IS VDS?
------------
VDS (Virus Detection System) is a comprehensive anti-virus package for
IBM PC compatible computers running MS/PC DOS 3.0 and higher. It contains
a set of well-designed tools that offer detection and easy removal of PC
viruses. VDS is the result of more than five years of research in the field
of computer viruses. Unlike many other packages, VDS includes many advanced
features such as "decoy launching", self-recovery, and real-time anti-virus
monitoring to deal with both old and new viruses in an effective manner.
COMPATIBILITY and NETWORK SUPPORT
---------------------------------
VDS is Novell Netware-aware. It is not confused by dynamic drive mappings.
It recognizes Netware server volumes. What this means is that instead of
creating an integrity database for each mapped drive letter, you can create
one for each volume. Even if the mappings change, you can still use the
database for that volume.
MULTI-LEVEL INTEGRITY STRUCTURE
-------------------------------
An important but less evident enhancement is the addition of a catalog
system to maintain a flexible and multi-level integrity structure. Now you
can create fingerprints for drives as well as subdirectories. And if you do
not have a database for a subdirectory, you can still use an upper level
database to verify the integrity of programs in that directory. In other
words, if you wish to verify only the files in the DOS directory and you
have created a fingerprint only for the whole drive, you can simply highlight
the DOS directory and choose verify; VDS will do the rest. This approach
makes more sense since an upper level database contains all the integrity
info for the programs that reside in the lower levels of the directory tree.
VDS can track up to a 32 different integrity databases easily! If you have
some extended memory available, each integrity database can store up to
16000 fingerprints for programs.
EASY INSTALLATION FOR NETWORKS
------------------------------
We have received many requests to implement a simpler installation procedure
for networked environments. System administrators voiced their concerns
about having to go to each workstation to install. They wanted a package that
can be installed from the server down onto the workstation during login. We
have listened. In this release, VDS 3.0 allows the installation to be part of
the login procedure. It automatically determines the system parameters needed
for a given workstation and loads itself onto the local hard drive if VDS is
not already installed. The system administrator can further customize the
operation of VDS by simply editing the default configuration file.
FLEXIBLE CONFIGURATION
----------------------
Yet another new feature is the addition of a configuration file in the spirit
of Windows(tm) .INI files. This approach facilitates maintenance of several
configurations based on different needs. You can now keep all your integrity
data on a floppy diskette, for example. Furthermore, you can specify which
files are to be checked based on their extensions. VDS 3.0 can be used
to verify the integrity of data files as well as programs.
OBJECT-ORIENTED USER INTERFACE
------------------------------
The most visible change in VDS 3.0 is the revamped user interface. We
think that it is one of the most functional user interfaces implemented in
any anti-viral we have seen. Judge for yourself and please let us know if
there are any other areas that would help make it even simpler. The main
idea behind the new facelift is shifting the emphasis from action-oriented
menus to object-oriented menus. No, we are not talking about polymorphism
and all that jazz! It goes like this: There are certain objects to manipulate
such as drives, directories, and files. The user concentrates on those. Then
there are certain actions applied to those objects such as scanning,
verification, and initialization. One-keystroke operations using the function
keys are displayed at the bottom of the screen as a reminder. There is
almost nothing to remember! Learn the concepts, and don't worry about the
trivial details. If you need help, just press the F1 key. By shifting the
focus from actions to objects, VDS provides a more natural interface that
many people seem to prefer.
UNUSUAL FEATURES
----------------
Unusual features such as decoy launching are still present and they are even
more elaborate now. You can launch a decoy in any directory you wish! We
cleaned half of our virus zoo using this operation.
Yet another unusual feature we have added is generic virus cleaning. This
technique allows VDS to restore infected programs to their original
state by using the integrity information. As the name suggests, the cleaning
operation is generic and does not depend on knowing which virus attacked the
file. Overwriting viruses obviously cannot be removed this way (or any other
way besides restoration using originals). We had good success with most of
the appending viruses that attach themselves to the programs without
destroying the contents of the original file. After the restoration attempt,
VDS double-checks the recovered program to see that it is exactly as the
original. If this is not the case, it recommends restoration using clean
backup copies, which is always the safest and the recommended solution.
MORE MODERN SCANNING
--------------------
Perhaps the most perceptible improvement is the increased scanning speed in
VDS 3.0. We implemented a more modern scanning technique based on the
combination of the Shift-AND technique and hashing. The nice thing about this
approach is that the speed is only slightly affected even if you add many
new signatures.
MEMORY-RESIDENT SCANNER (Not available in unregistered shareware release)
-----------------------
Due to popular demand, we have added a new component to VDS package:
VDSTSR (late release of VDS 1.0 also included VDSTSR). This is a
memory-resident virus scanner that checks each program before execution or
copy operation for known viruses. The program weighs in at 28K, but it can
be loaded high easily under DOS 5.0 and later versions as well as other
popular memory managers that provide upper memory blocks.
MORE NETWORK SUPPORT (Not available in unregistered shareware release)
--------------------
To help out the network administrators, we are providing a utility called
ISVDSTSR (a 17-byte program) that returns a DOS error level depending on
whether VDSTSR is loaded in memory. By checking the error level in a batch
file, the system administrator can implement several solutions to protect
the LAN. For example, he/she can display a warning message and deny access
until the user enables VDSTSR. What's even better is that he/she can load
a copy of VDSTSR from the server at the time of login; this way, even if a
user does not comply with the policy of having VDSTSR loaded on the
workstation, the system administrator can have it his/her way!
COMMITMENT TO QUALITY SERVICE AND PRODUCTS
------------------------------------------
VDS Advanced Research Group is committed to providing you with the
state-of-the-art tools to deal with computer viruses that threaten your
PCs. We develop anti-virus software and provide technical information on
many topics such as polymorphic viruses (ask for a copy of our Polymorphic
Engines paper). However, no solution can be effective unless it is properly
used. We encourage managers to increase virus awareness among their people
so that everyone stays alert. With a good dose of anti-viral software and
some user-awareness, you can rest assured that your systems are
well-protected against this 20th century electronic ailment.