Release Notes for Virus-Scanning Engine-only SuperDAT Engine Version 4.2.60 Copyright (c) 1992-2003 Networks Associates Technology, Inc. All Rights Reserved. ================================================ Product Release: June 2, 2003 - Engine Version: 4.2.60 ================================================ Thank you for using this engine-only SuperDAT package installer. This readme file contains important information regarding this release. We strongly recommend that you read the entire document. ________________________________________________ IMPORTANT NOTE - This release of the virus-scanning engine functions ONLY with 4266 and later DAT versions. You CANNOT use this software with earlier DAT versions. Please ensure that you update the DAT files on your system to the latest version before applying this engine SuperDAT. ________________________________________________ WHAT'S IN THIS FILE - New Engine Features - What is the SuperDAT Package Installer? - When to Use the SuperDAT Package Installer - Supported McAfee Products - Using the SuperDAT Package Installer - Before You Begin: About the Package Installer - Installing Engine Files - Running the SuperDAT Package Installer - Command-Line Options - Files Included in this SuperDAT Package - Known Engine Issues - Known SuperDAT Issues - Contacting McAfee and Network Associates - Copyright and Trademark Attributions - Trademarks - License Agreement ________________________________________________ NEW ENGINE FEATURES The 4.2.60 McAfee scanning engine included in this SuperDAT package differs from the 4.2.40 engine in the single following respect: - Fix to prevent unintended deletion of data in specific Windows registry keys. ________________________________________________ WHAT IS THE SUPERDAT PACKAGE INSTALLER? New and complex viruses can sometimes require us to upgrade the scan engine in your anti-virus software in order to respond properly to infections. Often, this required a complete product release. With the SuperDAT package installer, however, we provide you with a complete application that installs the scanning engine that your anti-virus software uses to detect and remove virus-infected files. The SuperDAT package installer minimizes the need for complex software deployments each time you receive upgrade components. It takes care of shutting down any active scan operations, services, or other memory-resident software components that might interfere with your updates. It then copies the new files to their proper locations and enables your software to use them immediately. ________________________________________________ WHEN TO USE THE SUPERDAT PACKAGE INSTALLER We recommend that you use the SuperDAT package installer to update and upgrade all supported anti-virus software versions. You can continue to use other update or upgrade methods, but the SuperDAT package installer provides the easiest and most effective method. _______________________________________________ SUPPORTED MCAFEE PRODUCTS This engine-only SuperDAT supports engine upgrading with the following McAfee products: 1. End-node Solutions - McAfee VirusScan for Windows 95/98 4.5 and later. - McAfee VirusScan for Windows NT/2000 4.5 and later. - McAfee VirusScan TC for Windows 95/98/NT/ 2000 6.0 and later. - McAfee NetShield for Windows NT/2000 4.5 and later. - McAfee VirusScan TC 6.0 and 6.1 - VirusScan Enterprise 7.0 - VirusScan Retail and VirusScan Professional 6.0, 6.01, 6.02, and later. 2. Gateway Solutions - GroupShield 4.x for Microsoft Exchange 5.5. - GroupShield 4.x for Microsoft Exchange 2000. - GroupShield 5.x for Microsoft Exchange 5.5. - GroupShield 5.x for Microsoft Exchange 2000. - GroupShield 5.x for Lotus Domino - Intel. - WebShield SMTP 4.5 MR1a - WebShield SMTP e50 v1.0 ________________________________________________ USING THE SUPERDAT PACKAGE INSTALLER BEFORE YOU BEGIN: ABOUT THE PACKAGE INSTALLER The SuperDAT package installer is a standard application that you can double-click to start from within Microsoft Windows. The Windows 95, 98, ME, NT, 2000 and XP versions of the package installer include a graphical user interface that consists of a series of wizard panels -- you can follow the instructions shown in the panels to update your files. NOTE: When the SuperDAT package installer has finished updating or upgrading your anti-virus software, you may delete it from your hard disk, unless you want to keep a copy available for further update or upgrade operations. IMPORTANT: In order to upgrade the scan engine for NetShield anti-virus software for Windows NT and VirusScan anti-virus software for Windows NT, you MUST log on to the target computer with Administrator-level rights. If you log on to a target computer with only user-level rights, the SuperDAT package installer will NOT upgrade the scan engine. If you cannot log on to the target computer as an Administrator directly, you can instead use the AutoUpgrade utility included with both software products to schedule an upgrade task. The AutoUpgrade utility uses Administrator rights when it runs a scheduled update task, but will not use Administrator rights if you click the "Update Now" button. INSTALLING ENGINE FILES We distribute engine file updates in a compressed format to reduce transmission time. With the SuperDAT package installer, these updates come packaged in a single executable file (4260eng.exe). To prepare the SuperDAT package installer to update or upgrade your anti-virus software, create a temporary directory on your hard disk, then download 4260eng.exe from the Network Associates web site to this directory. You do not need to uncompress the file or take any other action to prepare it to run. RUNNING THE SUPERDAT PACKAGE INSTALLER Locate the program icon for the SuperDAT package installer, then double-click it to start the installation wizard. Follow the instructions shown to update your files. NOTE: When the SuperDAT package installer has finished upgrading your anti-virus software, you may delete it from your hard disk, unless you want to keep a copy available for further upgrade operations. You can also run the package installer from a command prompt window, along with any of eight options. See "Command Line Options" later in this file to learn what each option does. To run the SuperDAT package installer from a command prompt, follow these steps: 1. Click Start in the Windows taskbar, then choose Run. 2. Type X:\4260eng.exe in the Run dialog box, along with any options you want to use. Here, X: represents the drive and the path to the location where you stored the 4260eng.exe file. 3. Click OK. 4. The package installer will run with the options you specify. NOTE: Some of the options will not run the installer itself; rather they will provide information about the package, provide online help, or extract package files. See "Command Line Options" for details. COMMAND-LINE OPTIONS The SuperDAT package installer has eight options you can use to specify different update methods or to get information about the utility or the engine file package. These options are: /logfile This option tells the SuperDAT package installer to save a log file with the file name you specify and in the location you specify. By default, the SuperDAT package installer creates a log file in the current working directory. Use this option to create a log file elsewhere on your hard disk. /prompt This option tells the SuperDAT package installer to display only the Shut Down Windows dialog box when it has updated or upgraded your software. Use this option in conjunction with /silent. /silent This option runs the update silently. No dialog boxes appear. /reboot If you use this option in conjunction with the /silent option, the SuperDAT package installer will restart the target computer, but only if the installer must do so in order to complete all file replacements. If you do not use this option from the command line, or do not include a similar command in your update script, the SuperDAT package installer will NOT restart your computer. NOTE: To start using new update files immediately, some McAfee anti-virus products require you to restart the target computer. Others do not. Whether the SuperDAT package installer will actually restart your computer when you use this option depends on: 1. The anti-virus software you have installed, the platform, and the operating system; 2. The program components you have running when you start the SuperDAT package installer; 3. The engine you have already installed. If the package installer does not need to restart your computer in order to use its new files immediately, it will not do so. /e This option tells the SuperDAT package installer to extract the files archived in the SuperDAT package to the directory you specify in . Use this option to validate the files from the package. This option does NOT run the SuperDAT package installer or cause it to update your software. If you do not specify a , the SuperDAT package installer will extract its contents to the current working directory. /v This option displays validation information for the SuperDAT package on Windows 95, Windows 98, Windows ME, Windows NT and Windows 2000 systems. This information includes file version information and time stamps drawn from the files themselves, along with cyclical redundancy check (CRC) validation codes. You can compare this data with that shown in the SDATPACK.LST file that comes with the SuperDAT package. This option does NOT run the SuperDAT package installer or cause it to update your software. /f This option tells the SuperDAT package installer to use the files that come with its current package to update and upgrade your software, regardless of which file versions you have already installed. Use this option to "force" an update to the current file versions in order to overwrite corrupted files or enforce your anti-virus security policies. /? This option displays an online description of the command line options available for the SuperDAT package installer. It does NOT run the package installer or cause it to update your software. FILES INCLUDED WITH THIS SUPERDAT PACKAGE SUPERDAT INSTALLER COMPONENTS GLOBALS.NSG = Global variables definition file NAISCRIP.NSC = Script file SDATPACK.LST = Packing list and codes for use with VALIDATE.EXE GSDSUPER.DLL = GroupShield for Lotus Domino support file GENERAL ENGINE COMPONENTS MCSCAN32.DLL = Virus-scanning engine SIGNLIC.TXT = 3rd party license information MCTOOL.EXE = Support file used by engine to preserve last access dates on Novell NetWare server volumes AVPARAM.DLL = VirusScan 32-bit/16-bit support file PSAPI.DLL = NT support library FILES FOR VIRUSSCAN ANTI-VIRUS SOFTWARE FOR WINDOWS 95 AND WINDOWS 98 MCSCAN32.VXD = Virus-scanning engine VSHIELD.VXD = VShield scanner that runs in the background RWABS16.DLL = VirusScan 16-bit support file RWABS32.DLL = VirusScan 32-bit support file FILES FOR VIRUSSCAN COMMAND LINE ANTI-VIRUS SOFTWARE LICENSE.DAT = License information for use by VirusScan software MESSAGES.DAT = Message contents file BOOTSCAN.EXE = Emergency Disk Command-line scanner SCAN.EXE = VirusScan Command-Line scanner for 32-bit environments SCANPM.EXE = VirusScan Command-Line scanner for protected mode environments SCAN86.EXE = VirusScan Command-Line scanner for real mode environments (4.1.40) ________________________________________________ KNOWN ENGINE ISSUES 1. Some mail clients (such as PINE, Eudora, Netscape, and Pegasus Mail) use a file structure similar to concatenated MIME as their mailbox format. These clients also tend to access the files frequently. Some McAfee desktop products allow the user to enable the scanning of MIME files. Depending on the size of the mailbox, on-access scanning of these files could take a considerable time. Therefore we recommend that these files are excluded from on-access scanning. ________________________________________________ KNOWN SUPERDAT ISSUES 1. The SuperDAT log file is currently limited to a maximum length of 64Kb. After that point, the SuperDAT utility will continue to log events, but will truncate the file. 2. If you run the SuperDAT package installer to update and upgrade an existing version of VirusScan software for Windows 95 and Windows 98 -- 4.0.3, for example -- then you install a later version of the same software package -- 4.5.1 for example -- you must run the SuperDAT package installer again to ensure that you have the most recent engine files. 3. The SuperDAT package installer does not currently support the @ symbol used in the Novell NetWare login script. McAfee does not create, supply, or support login scripts for individual environments. 4. The SuperDAT package installer works within your system's existing security structures. For Windows NT systems, this usually means that you must have certain administrative rights to upgrade the scan engine for your anti-virus software, because you need those rights to stop and start system services. Logging on to the system with the same identity you used to install your anti-virus software should give you sufficient rights. _______________________________________________ CONTACTING MCAFEE SECURITY & NETWORK ASSOCIATES Technical Support Home Page http://www.nai.com/naicommon/services/technical-support/intro.asp KnowledgeBase Search https://knowledgemap.nai.com/phpclient/Homepage.aspx PrimeSupport Service Portal http://mysupport.nai.com Login credentials required. McAfee Security Beta Program Beta Web Site www.mcafeeb2b.com/beta/ E-mail avbeta@nai.com AVERT Anti-Virus Emergency Response Team Home Page www.mcafeeb2b.com/naicommon/avert/default.asp Virus Information Library http://vil.nai.com Submit a Virus Sample https://www.webimmune.net/default.asp Download Site Home Page www.mcafeeb2b.com/naicommon/download/ DAT File and Engine Updates www.mcafeeb2b.com/naicommon/download/dats/find.asp ftp://ftp.nai.com/pub/antivirus/datfiles/4.x Product Upgrades www.mcafeeb2b.com/naicommon/download/upgrade/login.asp Valid grant number required. Contact Network Associates Customer Service Training On-Site Training www.mcafeeb2b.com/services/mcafee-training/default.asp McAfee Security University http://www.mcafeeb2b.com/services/mcafeesecurityu.asp Network Associates Customer Service US, Canada, and Latin America toll-free: Phone: +1-888-VIRUS NO or +1-888-847-8766 Monday - Friday, 8 a.m. - 8 p.m., Central Time E-mail: services_corporate_division@nai.com Web: www.nai.com www.mcafeeb2b.com For additional information on contacting Network Associates and McAfee Security – including toll-free numbers for other geographic areas -- see the CONTACT file that accompanied your original product release. _______________________________________________ COPYRIGHT AND TRADEMARK ATTRIBUTIONS © 2003 Networks Associates Technology, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Networks Associates Technology, Inc., or its suppliers or affiliate companies. To obtain this permission, write to the attention of the Network Associates legal department at: 5000 Headquarters Drive, Plano, Texas 75024, or call +1-972-308-9960. TRADEMARKS Active Firewall, Active Security, Active Security (in Katakana), ActiveHelp, ActiveShield, AntiVirus Anyware and design, AVERT, Bomb Shelter, Certified Network Expert, Clean-Up, CleanUp Wizard, CNX, CNX Certification Certified Network Expert and design, Covert, Design (stylized N), Disk Minder, Distributed Sniffer System, Distributed Sniffer System (in Katakana), Dr Solomon’s, Dr Solomon’s label, Enterprise SecureCast, Enterprise SecureCast (in Katakana), ePolicy Orchestrator, Event Orchestrator (in Katakana), EZ SetUp, First Aid, ForceField, GMT, GroupShield, GroupShield (in Katakana), Guard Dog, HelpDesk, HomeGuard, Hunter, LANGuru, LANGuru (in Katakana), M and design, Magic Solutions, Magic Solutions (in Katakana), Magic University, MagicSpy, MagicTree, McAfee, McAfee (in Katakana), McAfee and design, McAfee.com, MultiMedia Cloaking, Net Tools, Net Tools (in Katakana), NetCrypto, NetOctopus, NetScan, NetShield, NetStalker, Network Associates, Network Policy Orchestrator, NetXray, NotesGuard, nPO, Nuts & Bolts, Oil Change, PC Medic, PCNotary, PortalShield, Powered by SpamAssassin, PrimeSupport, Recoverkey, Recoverkey – International, Registry Wizard, Remote Desktop, ReportMagic, RingFence, Router PM, Safe & Sound, SalesMagic, SecureCast, Service Level Manager, ServiceMagic, SmartDesk, Sniffer, Sniffer (in Hangul), SpamKiller, SpamAssassin, Stalker, SupportMagic, ThreatScan, TIS, TMEG, Total Network Security, Total Network Visibility, Total Network Visibility (in Katakana), Total Service Desk, Total Virus Defense, Trusted Mail, UnInstaller, Virex, Virus Forum, ViruScan, VirusScan, WebScan, WebShield, WebShield (in Katakana), WebSniffer, WebStalker, WebWall, Who’s Watching Your Network, WinGauge, Your E-Business Defender, ZAC 2000, Zip Manager are registered trademarks or trademarks of Network Associates, Inc. and/or its affiliates in the US and/or other countries. Sniffer® brand products are made only by Network Associates, Inc. All other registered and unregistered trademarks in this document are the sole property of their respective owners. This product includes or may include software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes or may include cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes or may include some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that Network Associates provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO NETWORK ASSOCIATES, INC. OR THE PLACE OF PURCHASE FOR A FULL REFUND.