Page 2 of 5
Security Software Review
Horizon Datasys Drive Vaccine

Installation con't.

In addition, Windows must be set up to save files and certain user-configuration data to the unprotected drive, rather than the system areas normally used. Many applications must be separately configured to do this as well, most notably e-mail clients and web-browsers. Though this can be done after installation, it is better accomplished prior to installation. At the end of this document, are instructions on how to re-direct Windows to save certain information to the unprotected drive. There are also instructions on how to do this with select e-mail clients and web-browsers.

The Installation/User Guide provided by Horizon DataSys gives ample explanation of the process, and there is also an excellent Flash tutorial on their web-site. These instructions won't be repeated here, but the following critical points should be noted:

  1. The term "Data Storage Area" is confusing. This is only for temporary storage of system changes and is not for non-perishable data storage. (Sorry, you still have to have that second drive.)
  2. Choose a large size for your Data Storage Area. The installer program recommends a maximum and minimum. Choose at least the recommended maximum to cover normal operational changes and the Windows Virtual Memory allocation (the swap file), which can be rather large.
  3. Check the Daylight Savings box. Leaving this unchecked will prevent automatic update of your clock setting. While the instructions make this clear, the description used in the installation program is confusing.
  4. The current version incorrectly asks for the Order ID when registering. What is actually required is the Serial Number.
  5. REMEMBER YOUR HOT-KEYS AND PASSWORD. If you forget them, Horizon DataSys can't help you. And, you may find yourself unable to ever change that hard-drive without very drastic measures.
  6. Drive Vaccine can be used to enable any or all of the drives on the computer. Most users should be sure to protect only the main system drive.

There are also a couple good suggestions as to configuring your system outside of Drive Vaccine installation.

  1. Some program data cannot be re-directed to the unprotected drive. In order to take advantage of Drive Vaccine protection, it will be necessary to make some compromises. For instance, for both Windows and applications, MRUs (most recent used files) are stored in the Registry, which should be left protected, and there does not appear to be a way to re-direct the Firefox history file to an unprotected location. Also, most anti-virus/anti-trojan/anti-spyware software saves signature files to the system drive, so you will have to disable Drive Vaccine on a regular basis to permanently update these programs. Auto-updating protective software will update to the protected drive, but the updates will be lost with reboot until updated once again. If the program automatically updates on boot-up, it should be unnecessary to disable Drive Vaccine for the updates, except occasionally.
  2. Do not move entire user accounts. This may seem like a good way to shortcut the process. But, Windows XP user accounts "application data" contain program code, startup routines, and other configuration data that should not be moved. Furthermore, critical parts of the registry related to each user account are stored in each user's account's root directory, and moving them to a different location will destroy the integrity of the registry. Thus, moving entire user accounts is counter to the purpose of installing Drive Vaccine in the first place, and will leave the system vulnerable to a number of attacks. The same is true for Firefox User Profiles.
  3. Optimize your drive before enabling Drive Vaccine. It is a good idea to clean up and defragment the drive before enabling Drive Vaccine. Since Drive Vaccine will keep the system drive static, it will keep the disk optimized until the next time protection is disabled.
  4. Install all executables on the protected drive. In order to avoid the difficulty of re-directing default save locations, one may be tempted to install a program on an unprotectd drive, rather than on the protected system drive (typically in \Program Files). However, this would leave the program vulnerable and defeat the purpose of Drive Vaccine.
  5. The protected drive can be used to store secure backups of data files. It is a good idea to set up a folder on the protected drives where more important data files can be backed up. These backups will be protected from unwanted changes so long as Drive Vaccine is enabled.
  6. Always be careful what you install when unprotected. Drive Vaccine should keep your system running as optimally as when you last enabled it. So long as you don't install the wrong program while it is disabled, you should have a consistently running machine. While Drive Vaccine is enabled., you can even test-install some programs (those that don't require a re-boot).

Using Drive Vaccine

When Drive Vaccine is enabled, it remains enabled. So long as the user does not disable Drive Vaccine, it will remain enabled with each boot. And, while enabled, the protected drive(s) will be transparently write-protected. While working with the computer, the user can access and use the protected drive as though it were unprotected. But, when the computer is re-booted, any changes, additions, or deletions will be lost.

Enabled, Drive Vaccine is stealthed, and there will normally be no Icon in the SysTray. Pressing the hot-keys (selected during installation) will cause a green syringe icon to appear in the SysTray for several seconds. (For the unregistered trial, the icon is blue.) Right clicking on this icon will present a menu offering options to disable the product or check the version information.

If Disable Drive Vaccine is selected, the user will then be prompted to enter the password. Once that is entered, the user will be prompted to reboot now or later. Whichever is chosen, on next boot-up, Drive Vaccine will be disabled. When Drive Vaccine is disabled, there will be a red syringe icon always visible in the SysTray. While Drive Vaccine is disabled, the protected drive(s) is not write protected, and the user can permanently install new programs, make permanent system changes, update the anti-virus, etc. Until it is enabled again, Drive Vaccine will remain disabled for any re-boot. Right-clicking on the red SysTray icon present a menu with options to enable protection, change protected drive configuration, change their password, or check version information. Selecting Enable Drive Vaccine will prompt for the user to reboot now or later. Whichever is chosen, Drive Vaccine will be enabled on the next boot.