Jan 082018
Virus/mishap protection program. Small, but efficient. | |||
---|---|---|---|
File Name | File Size | Zip Size | Zip Type |
PRINTME.BAT | 115 | 101 | deflated |
README.DOC | 31854 | 7994 | deflated |
README.EXE | 8920 | 8618 | deflated |
REGISTER.TXT | 1832 | 525 | deflated |
VTAC.COM | 22897 | 22049 | deflated |
Download File VTAC50.ZIP Here
Contents of the README.DOC file
[[[ ]]]
==== [[[ ===== ]]] =================================================
[[[ ]]] VTAC 5.0 PC system security program.
[[[ ]]] (C) Copyright 1990,91 Randolph Beck
======= [[[ ]]] ====================================================
[[ ]]
Page 1. OVERVIEW
Memory Requirements
Compatibility
Using this Documentation
Page 2. REGISTRATION AND LICENSING
FILES IN THIS PACKAGE
Page 3. QUICK START-UP INSTRUCTIONS
Installation
Initialization
VTAC Initialization Tests
The VTAC Initialization Log
Page 5. VTAC MODES AND COMMAND SYNTAX
VTAC Operating Modes
Page 6. VTAC COMMAND OPTIONS
Page 7. ERRORLEVEL STATUS REPORTS
Page 8. VTAC ALERT MESSAGES
General Alert Messages
Mode 1 Alert Messages
Initialization Test Warnings
Page 11. ALERT PROCEDURES
Initialization Alerts
Resident Alert Actions
Page 12. BYPASSING AN ALERT
The ALT-F Key
The EXEC Batch File
Page 13. PROBLEMS / TROUBLESHOOTING
Page 14. REFERENCE INFORMATION
Command Summary
Initialization Warning Messages
Resident Alert Messages
Page 16. USER RESPONSE FORM
OVERVIEW Page 1
========
VTAC has been developed to protect PC users, and their data from the
growing threat of virus, trojan and other offensive software.
Equally important: VTAC is designed to remain completely in the
background, without interfering in everyday computing tasks.
VTAC will not allow: Alteration of programs; alteration of system
files; system-level disk alterations; or formatting of hard-disks.
This system was developed for those who need to be completely sure
of data integrity, and yet cannot afford to be encumbered by awkward
security procedures.
System administrators: Please be sure to read about registration,
licensing, operating modes, and about the ALT-F key (page 12).
--------------------------------------------------------------------
Memory Requirements
-------------------
VTAC.COM is a memory-resident program. The bulk of the program is
used only for testing and initialization. This is then jettisoned
after use. Once installed, VTAC uses about six kilobytes (6k).
You can run VTAC.COM many times after loading --for status reports
or to change operating modes. VTAC becomes resident only when it is
first loaded.
--------------------------------------------------------------------
Compatibility
-------------
VTAC can be run easily on most PC compatible systems. However, VTAC
should be disabled prior to running a disk optimizer program.
This program is always being changed. If there is something about
this version of VTAC that is not compatible with previous versions
of the program --or if you have any suggestions or problems-- then
please let us know.
--------------------------------------------------------------------
Using this Documentation
------------------------
This manual is written for you to quickly begin running VTAC, and
follows up with a detailed explanation and reference information.
The README.EXE program responds to PgUp, PgDn and the Up and Down
cursor keys. Page numbers can be changed with the "+" and "-" keys.
REGISTRATION AND LICENSING Page 2
==========================
This is a shareware product and may be copied for free --providing
that it is not altered and is transferred with its documentation.
Its registration policy is now as follows:
* The price is now $5 per user.
* Previously registered users of VTAC do not need to re-register
to use this version. ---
* Users who send $15 or more will receive a diskette with the
most recent version of VTAC and additional utilities.
* You may evaluate VTAC as long as necessary before registering.
Registered users are entitled to support via mail or CompuServe. If
possible, please include a copy or printout of the user registration
form which appears at the end of this listing.
The author may be contacted at this address:
Randolph Beck
VTAC Registration
P.O. Box 56-0487
Orlando, FL 32856-0487
or via CompuServe 72361,753
--------------------------------------------------------------------
Trademark Acknowledgements
IBM is a trademark of International Business Machines
MS-DOS is a trademark of Microsoft Corporation
--------------------------------------------------------------------
FILES IN THIS PACKAGE
=====================
VTAC.COM The VTAC program
README.DOC Documentation text file
README.EXE Program to display documentation
PRINTME.BAT Batch file to print documentation
REGISTER.TXT User registration form
QUICK START-UP INSTRUCTIONS Page 3
===========================
Installation
------------
VTAC.COM is the only file required for installation. This should be
started in the AUTOEXEC.BAT file, for automatic initialization.
For best results, VTAC should be the last resident program loaded.
If this is not convenient, then VTAC should remain in mode 2 (the
default mode) until all resident programs have been initialized.
--------------------------------------------------------------------
Initialization
--------------
VTAC initialization, mode changes, and status reports are accessed
from the command line. Type: VTAC
VTAC mode 2 is the default mode of operation. This protects against
unusual disk activity while allowing normal functions to pass.
There should be no perceptible change in standard disk operations.
(Modes of operation are listed on page 5.)
--------------------------------------------------------------------
VTAC Initialization Tests
-------------------------
The VTAC initialization tests quickly check system integrity using a
status file (VTAC.SYS), which is created during installation.
VTAC tests for changes to the system files and alerts you when
something unusual occurs. Tests are also conducted for a limited
number of common virus signatures.
Page 4
The VTAC Initialization Log
---------------------------
VTAC also generates a log file with date and time stamps. The log
will be updated whenever the status file is modified:
Thu MAR-07-91 11:45pm (new status file)
Wed MAR-20-91 9:11am (new DOS version)
Using the /T parameter, the log file can be forced to update during
each initialization, to give you a bootup log: VTAC /T
Fri MAR-22-91 9:11am
Mon MAR-25-91 9:02am
Add comments --in quotes-- to log batch operations:
VTAC "booting up"
This feature can be used by batch files to customize the log:
Tue MAR-26-91 8:56am "booting up"
Tue MAR-26-91 9:07am "log on to NWC"
Tue MAR-26-91 1:57pm "log off of NWC"
VTAC MODES AND COMMAND SYNTAX Page 5
=============================
The operator may use the DOS command-line to change modes.
The correct syntax for all VTAC commands is:
VTAC [/option(s)] ["log messages"]
examples: VTAC
VTAC /1 "Setting mode 1"
VTAC /2
VTAC Operating Modes
--------------------
VTAC
ENABLES VTAC PROTECTION
Run VTAC without parameters to initialize VTAC, or to
re-enable VTAC in mode 1 or 2. It will return to the mode
which was previously set.
VTAC /1
MAXIMUM PROTECTION for the disk-drives and operating
system. Protects against dangerous disk activity, while
allowing normal disk access.
VTAC mode 1 will alert when loading resident programs.
VTAC /2
SMART-SECURITY: Allows many disk utility programs to
function that would not be permitted under mode 1.
Mode 2 is the default mode of operation.
Although less strict, mode 2 contains effective security
algorithms and is the preferred choice for most users.
VTAC /RO
READ-ONLY: Acts as if all drives (floppies, hard-disks,
and RAM-disks) have been write-protected. Many programs
are not designed to encounter a write-protected hard-disk,
so you must use this for special testing purposes only.
The DOS prompt ("C>") will be modified as a reminder that
READ-ONLY mode is set ("C:[ro]>").
VTAC /F
DISABLES VTAC PROTECTION: VTAC may be disabled to allow
unusual disk utility programs to function. It is up to the
user to judge that the program is "safe".
Use this mode when a hard-disk needs to be formatted or
when special disk utilities are needed that cannot be run
in VTAC mode 2.
VTAC COMMAND OPTIONS Page 6
====================
VTAC /?
Lists the available options.
This command does not initialize the VTAC program.
VTAC "notes"
ANNOTATED TIME LOG
Marks the date, time, and "notes", on the VTAC.LOG file.
VTAC /A
REPORT THE LAST ALERT
Use this after VTAC has alerted while in graphics mode.
ERRORLEVEL returns are listed on the next page.
VTAC /C
CLEAR LAST ALERT REPORTED BY VTAC /A
(See above: VTAC /A)
VTAC /E
EXEMPT RESIDENT PROGRAM
This function allows VTAC to accept the presence of all
recently-loaded resident programs. It is only required for
mode 1 operation.
VTAC /N
NO INITIALIZATION TESTS
This will skip the initialization tests.
Use this if your system is modified often.
VTAC /S
REPORT VTAC STATUS
Indicates which mode is set.
ERRORLEVEL returns are listed on the next page.
VTAC /T
TIME LOG
Marks the date and time on the VTAC.LOG file.
(See also: VTAC "notes" --for an annotated time log.)
ERRORLEVEL STATUS REPORTS Page 7
=========================
The Status and Alert commands return ERRORLEVEL
codes which can be used in batch files.
VTAC /S
REPORT VTAC STATUS
Indicates which mode is set.
ERRORLEVEL returns are:
0 = not installed
1 = turned off
2 = VTAC mode 2 is set for easy operation
3 = VTAC mode 1 is set for maximum protection
4 = READ-ONLY mode is set
Example Batch File:
ECHO OFF
VTAC /S
IF ERRORLEVEL 2 ECHO VTAC IS ON
VTAC /A
REPORT THE LAST ALERT
Use this after VTAC has alerted while in graphics mode.
ERRORLEVEL returns are:
0 = not installed
1 = no alerts reported
2 = alert found
Example Batch File:
ECHO OFF
VTAC /A
IF ERRORLEVEL 2 PAUSE
VTAC /C
VTAC ALERT MESSAGES Page 8
===================
General Alert Messages
----------------------
A program is attempting to modify a READ-ONLY or SYSTEM
file attribute.
Mode 2: This alert is prompted only for SYSTEM files.
Mode 1: This alert is also prompted for READ-ONLY files.
"SYSTEM" files are designated with a "SYSTEM" file
attribute. (A .SYS file extension is not a factor.)
VTAC considers this to be a suspected virus operation.
A program is attempting to alter a disk's boot-record.
This is a function of disk formatting utilities.
A program is attempting to bypass the operating system.
Disk write operations may only be performed under the
strict control of DOS.
This message is more common when running certain disk
utility programs while VTAC is in mode 1.
A program is attempting to write to a disk while VTAC is
operating in ReadOnly mode.
(Please refer to the section on VTAC OPERATING MODES for
more information.)
A program that is not familiar to VTAC is attempting format
a floppy disk.
Floppy disks can normally be formatted by the DOS format
command. This message may be displayed if the current
program is unfamiliar. If necessary, see the section on
BYPASSING AN ALERT.
Page 9
A program has tried to delete files in a manner that VTAC
interprets as dangerous and unusual.
This is a very strange and rare occurrance.
A program is attempting to modify the specified drive's
File Allocation Table while bypassing the operating system.
See DIRECT WRITE ATTEMPTED.
A program has attempted to modify a .COM or .EXE file.
VTAC considers this to be a suspected virus operation,
although .COM and .EXE files may sometimes be modified by
installion programs to change default parameters.
HARD-DISK FORMAT ATTEMPTED
VTAC protects against accidental formatting of hard-disks.
Use the EXEC batch file if you really do want to format
your hard-disk.
PARTITION TABLE THREATENED
A program is attempting to alter the hard-disk partition
table.
This is a dangerous operation and should occur only during
setup and initialization of the hard-disk.
"The program just terminating has become resident in memory."
This message is displayed through the standard-error device
(STDERR) to benefit users of mode 2 --who may not otherwise
be informed that the program becomes resident.
VTAC will not wait for user acknowledgement when operating
in mode 2. An alert-prompt is issued in mode 1 only.
Mode 1 Alert Messages Page 10
---------------------
The following messages can appear only if VTAC mode 1 is set.
RESIDENT PROGRAM INSTALLING
A program is now terminating and will remain in memory.
Although this operation will be allowed, any future disk
activity may now be rejected by VTAC. Use the VTAC /E
command to accept these programs, after they have been
loaded. (VTAC /E is required only when using mode 1.)
UNEXEMPTED TSR CONFLICTS
The last resident program loaded has not been exempted by
VTAC using the VTAC /E command.
VTAC issues this alert because it cannot know with absolute
certainty if the present activity is safe.
VTAC will automatically exempt TSR programs when in mode 2.
--------------------------------------------------------------------
Initialization Test Warnings
----------------------------
The following messages can appear only during VTAC initialization.
"VTAC LOADER CHECK FAILED"
The VTAC.COM file has been altered in some way.
This can also occur if the program's length has been
changed during duplication. Use another copy of VTAC.COM.
"THE STATUS FILE (VTAC.SYS) HAS BEEN CORRUPTED"
A system status file is created when VTAC is first used
(See: VTAC INITIALIZATION TESTS). This file is later used
as a reference to determine system integrity. This message
will be displayed if the status file is altered.
"
This warning will appear if a DOS system file has been
altered since the last time VTAC was initialized.
"
VTAC tests the boot-record and system area for common
viruses during the initialization tests.
ALERT PROCEDURES Page 11
================
VTAC alert messages can occur during two stages of operation:
During the initializing sequence; or while in resident
operation. The circumstances must determine your actions.
Initialization Alerts
---------------------
The alert messages from initialization tests are given by special
warning messages:
WARNING: COMMAND.COM ALTERED OR CHANGED
You must press
there is a known authorized reason for this alert. The
will update the status file, and prevent the alert from recurring.
Initialization alerts are recorded to the VTAC.LOG file.
--------------------------------------------------------------------
Resident Alert Actions
----------------------
Resident VTAC alerts will appear spontaneously.
VTAC will beep when recognizing dangerous activity. You will be
prompted with a warning message (unless graphics mode is on).
------------------------------------------------------------------
VTAC: HARD-DISK FORMAT ATTEMPTED Press ESC to continue
------------------------------------------------------------------
1) Check what the message means (alert messages are listed
elsewhere in this manual). Determine if this alert message is
common for the type of program currently running. (VTAC will
alert for disk utility programs that must perform non-standard
disk operations --especially when using the stricter mode 1.)
If you do wish to run this program then you should refer to the
next section: BYPASSING AN ALERT.
2) Press
operation. With the one exception of resident program warnings,
VTAC will not allow questionable activities to pass.
3) Most programs will then report that the operation has failed.
In graphics mode:
No message is displayed when the monitor is in graphics mode.
VTAC will beep and the disk operation will be prevented.
You should then run VTAC /A to read the last alert message.
BYPASSING AN ALERT Page 12
==================
Many utility programs attempt to circumvent the operating system.
This is be considered by VTAC as suspicious behavior. (VTAC's mode 2
can recognize this, and will eliminate false alarms for most users.)
For those who use extra-sensitive utilities, and for mode 1 users,
there are two methods of bypassing an alert: The ALT-F key; and the
EXEC batch file.
--------------------------------------------------------------------
The ALT-F Key
-------------
THE ALT-F KEY...
may be used instead of pressing
is displayed. This will disable VTAC; ignore the warning; and
allow the program to continue running unchecked.
This is a temporary action: VTAC will automatically return to
the previously active mode (1, 2, or READ-ONLY) when the current
program terminates. This should be used only after very careful
consideration.
THE ALT-F OPTION WILL NOT BE SHOWN ON THE SCREEN, in order to
conceal it from untrained users.
--------------------------------------------------------------------
The EXEC Batch File
-------------------
Sensitive utility programs can also be run through a batch file,
which completely disables VTAC:
EXEC.BAT will disable VTAC to allow a disk utility program to run
then turn protection back on again.
ECHO OFF
VTAC /F
CALL %1 %2 %3 %4 %5 %6 %7 %8 %9
VTAC
Syntax: EXEC
eg: EXEC FORMAT C: /S/V
The CALL statement (in line 3) is implemented in DOS versions 3.3
and above only. Others must replace "CALL" with "COMMAND/C".
PROBLEMS / TROUBLESHOOTING Page 13
==========================
If VTAC does not allow floppy-disk FORMAT:
Floppy-disk formatting activity is normally approved by VTAC.
In the rare event that your version of FORMAT does not pass the
strict screening by VTAC, you may create an EXEC batch file to
format your diskettes (previously discussed).
Example: EXEC FORMAT A: /S
(Be aware that EXEC.BAT deactivates VTAC.)
If VTAC alerts "FILE THREATENED" when downloading a file via modem:
Although this is a rare circumstance, this might occur when
downloading a .COM or .EXE file. This has only been known to
occur with older communications programs.
Select the file you wish to download; Specify a different name
to your communications program; Rename the file with the
original name and extension.
If another resident program will not co-exist with VTAC:
Ensure that VTAC is the last resident program loaded. If
another resident program still causes problems with VTAC then
follow these steps:
Load VTAC;
Disable VTAC with VTAC /F;
Load the other resident program;
Then run VTAC /E to re-enable and exempt the other program.
Please report any major problems to the author.
REFERENCE INFORMATION Page 14
=====================
This section contains an abbreviated summary of information that can
be found elsewhere in this manual.
Command Summary
---------------
VTAC --enable VTAC protection
VTAC /? --list options
VTAC /1 --mode 1 for maximum protection
VTAC /2 --mode 2 for smart-security
VTAC /A --report the last alert
VTAC /C --clear last alert reported by VTAC /A
VTAC /E --exempt resident program
VTAC /F --disable VTAC protection
VTAC /N --no initialization tests
VTAC /RO --READ-ONLY mode
VTAC /S --report VTAC status
VTAC /T --time log
VTAC "notes" --annotated time log
--------------------------------------------------------------------
Initialization Warning Messages
-------------------------------
The following messages can appear only during VTAC initialization.
"VTAC LOADER CHECK FAILED"
The VTAC.COM file has been altered in some way.
"THE STATUS FILE (VTAC.SYS) HAS BEEN CORRUPTED"
The VTAC status file is altered
"
A DOS system file has been altered since
"
VTAC tests the boot-record and system area for common
viruses during the initialization tests.
Page 15
Resident Alert Messages
-----------------------
--- ATTR THREATENED
Signals an attempt to modify a READ-ONLY file attribute
(in mode 1) or SYSTEM file attribute (in all active modes)
--- BOOT RECORD THREATENED
A program is attempting to alter a disk's boot-record
(all active modes)
--- DIRECT WRITE ATTEMPTED
A program is attempting to bypass the operating system
(all active modes)
--- DISK WRITE ATTEMPTED
A program is attempting to write to a disk while VTAC is
operating in ReadOnly mode
--- DISKETTE FORMAT ATTEMPTED
A program that is not familiar to VTAC is attempting to
format a floppy disk (all active modes)
--- ERASE ATTEMPTED
A program has tried to delete files in a manner that VTAC
interprets as dangerous and unusual (all active modes)
--- FAT TABLE THREATENED
A program is attempting to modify the File Allocation Table
while bypassing the operating system
(all active modes)
--- FILE THREATENED
A program has attempted to modify a .COM or .EXE file
(all active modes)
--- HARD-DISK FORMAT ATTEMPTED
An attempt is in progress to format a hard-disk
(all active modes)
--- PARTITION TABLE THREATENED
An attempt to write to the hard-disk partition table is
under way (all active modes)
--- RESIDENT PROGRAM INSTALLING
A program is now terminating and will remain in memory
(mode 1 only)
--- UNEXEMPTED TSR CONFLICTS
A resident program has not been exempted by VTAC using the
VTAC /E command
(mode 1 only)
"The program just terminating has become resident in memory."
This message is presented to warn mode 2 users --who might
not otherwise be aware that a program becomes resident.
USER RESPONSE FORM Page 16
==================
Please fill in as much of this form as possible:
1. What type of computer do you have?
_____________________________________________________________
2. Type of hard-disk system: (if applicable)
_____________________________________________________________
3. Type of video display:
_____________________________________________________________
4. Is VTAC being run on a network?
______ What type? _________________________________________
5. VTAC is developed to minimize false alarms:
Has VTAC alerted on your system?
_____________________________________________________________
6. In which mode do you normally run VTAC?
Priority 1___ Priority 2___ No preference___
7. Where did you get this copy of VTAC?
A friend___ CompuServe___ National BBS___________________
Local BBS____________________________________________________
Shareware distributer________________________________________
Additional Comments______________________________________________
_____________________________________________________________
Name__________________________________________________________
Address__________________________________________________________
__________________________________________________________
Your registration form and user fee should be sent to:
Randolph Beck
VTAC Registration
P.O. Box 56-0487
Orlando, FL 32856
This form is duplicated in the file REGISTER.TXT
January 8, 2018
Add comments