Differences between VDS 2.0 and VDS 2.10 ---------------------------------------- * Improvements: * Now VDS 2.10 can handle DR DOS 6.0 drives as long as they are NOT compressed. It is aware of DR DOS password protection scheme, and it can peacefully co-exist. Read HILITES.TXT for details. * VDS 2.10 can work under MS Windows 3.0 & 3.1 (limited) * Works under 4DOS * Users can specify the path to their command interpreter during installation if they do not have C:\COMMAND.COM as primary shell. * File names are displayed in a window during checking, and a directory tree is shown on the screen. * VDS integrity checker can handle 1500 executable files per partition * Report file has date and time besides viruses found, and is not deleted, but simply appended to. * Audit logs for added, deleted, and modified files are combined into C:\VDS210\VDS-STAT.LOG; date and time are written each time VDS reports something, and audit log is appended to, not overwritten. * Documentation is revised to provide more information, less hype. * Decoy launcher provides more information on active attackers. * Decoy launcher offers to copy the captured attacker to user-specified file, preferably on a diskette. * Decoy names are semi-random. * Decoy launcher checks for "companion" type of attack specifically. * VDS integrity checker TURBO mode is slightly slower, but more secure. * VDS will not automatically add signatures to its databases, but ask the user first. * VDS integrity checker do not look for multiple infections in a file, but stops after the first one is found. * VDS integrity checker -SCAN option is removed. * VDS installation makes one pass to scan and sign files, not two. If an infected file is found, the user is asked to delete it. If it is not deleted, operation will continue so that other infected files may be located. VDS will refuse to install at the end if there are any infected files left. * System files (IBMBIO.COM & IBMDOS.COM or equivalent names) are checked as part of system verification as well as file verification. No recovery is attempted on these two files to avoid absolute writes to the disk. User is advised to run SYS from a clean floppy to restore these files. * MBR and BR is backed up onto VDS emergency disk as is, not encoded, so that VITALFIX can be used to restore MBR if CURE (rarely) fails. * VDSDEV.DDR is backup to the emergency diskette as well. * Any MBR/BR infectors caught by VDSDEV.DDR are examined and numbered by the integrity checker. Up to 10 can be tracked. * VDSFSCAN has five more options: LOG ERRORS: will write error messages to a user-defined file. NETWORK : will continue to scan even if an access error occurs. WILDCARD : users can specify a file spec like *.COM. ALL FILES option is automatically set to YES. QUIET MODE: will not beep when an infected files is found. PAUSE FLAG: will not pause after each infection report. * VDSFSCAN has better context-sensitive help. * If no known infections can be found in a file, NONE IDENTIFIED instead of CLEAN will be reported. This is to emphasize that known virus scanning is only as accurate as the signature database. * Virus signature database is updated to include 35% more viruses. * Both VDSFSCAN and VDS scanner has MtE-recognition capability. * Operation of VDSFSCAN and VITALFIX can be interrupted by pressing CTRL-BREAK as well as the ESCAPE key. * VITALFIX has a new option to search for Extended Partition Records. * VITALFIX can preserve DR DOS security during new MBR construction. * VITALFIX menu options are more self-explanatory. * If the MBR code is intact, but the partition table is modified, then a warning will be issued; however, VDS will NOT attempt auto-recovery to avoid possible damage. * In command line mode of VDSFSCAN, copyright and licensee name do not scroll off any more. * Non-DOS partitions are ignored. * ESC will get you out of input fields as well as menus. * We included a simple batch file (REMVDS.BAT) to uninstall VDS 2.0. * VITALFIX is no longer copied to the hard disk during installation. Due to possible misuse, only PC-techies should have it. * Bug fixes: * If the partition table was not available, VDS would abort operation. Now it not only bypasses such viruses, but also recovers on the fly. If only the partition table is modified, then VDS will ask you if you would like to recover or not. * CURE option did not work in some cases. * Some hidden files were missed. Fixed. * TSRs that grabbed the hardware timer interrupt (08) would get chopped off even when not suspicious. Now VDS is less brutal to such TSRs. * VDSFSCAN would stop after identifying first infected file if the WHOLE option is set to YES. Not any more. * VDSFSCAN would miss a few viruses that append to EXE files; fixed. * On network drives, VDSFSCAN would stop if it came across an inaccessible file such as NET$OBJ.SYS. Now it will only issue an error message (log it as well if LOG ERRORS is set to YES), and continue. For this to work, NETWORK option should be set to YES. * VDSFSCAN output file name had to be 5 characters or more, making it hard to direct output to a printer. Now, you can specify PRN as the output file name to print reports as the scan proceeds. * VDSFSCAN needed two backslashes (as in C:\\) to scan the root. * VITALFIX and VDS would cause memory protection violation in some cases. No more. Try -Xclude option if necessary. * VITALFIX did not recognize non-DOS partitions properly. * On disks with more than 5 partitions, VDS would abort installation. * Blink problem on CGA color monitors is eliminated. * Other * Due to popular demand, academic site license now covers students as well as the employees of the school at no extra charge. * Both 5.25" and 3.5" diskettes are provided. No need to specify. * Pre-paid orders in the U.S.A. and Canada get free shipping.