Release Notes for McAfee(R) VirusScan(R) Command Line Version 4.3.20 Copyright (C) 1992-2003 Networks Associates Technology, Inc. All Rights Reserved ========================================================== - DAT Version: 4307 - Engine Version: 4320 ========================================================== Thank you for using VirusScan(R) software. This file contains important information regarding this release. We strongly recommend that you read the entire document. This release of the VirusScan Command Line software functions ONLY with 4297 and later DAT files. You CANNOT use this software with earlier DAT versions. IMPORTANT: McAfee Security does not support automatic upgrading of a pre-release version of the software. To upgrade to a production release of the software, you must first uninstall the existing version of the software. __________________________________________________________ WHAT'S IN THIS FILE - New Features - System Requirements - Installation - Copying VirusScan Files to Your Hard Disk - List of Main Program Files - Testing Your Installation - Removing the Software - About the Software - Known Issues - Documentation - Participating in the McAfee Security Beta Program - Contacting McAfee Security & Network Associates - Copyright & Trademark Attributions - Trademarks - License Agreement and Attributions __________________________________________________________ NEW FEATURES - Support for Microsoft Office 2003 XML documents - Improved support for RAR formats - Updated support for latest ZIP file formats - Improved support for corrupt ZIP files - Scanning of process memory The engine can now detect and clean viruses that exist only in memory, rather than files. For more information, see the /WINMEM option in the Product Guide. __________________________________________________________ SYSTEM REQUIREMENTS The software runs on these operating systems: DOS 6.22 Windows 95/98 Windows ME Windows NT 4 Windows 2000 Windows XP Windows 2003 __________________________________________________________ INSTALLATION COPYING VIRUSSCAN FILES TO YOUR HARD DISK To copy the files to your hard disk: 1. Make a directory for the VirusScan software on your hard disk. 2. Copy the VirusScan Command Line files to that directory. 3. Use any DOS text editor to open your AUTOEXEC.BAT file, then add the directory you just created to the path statement in that file. To learn how to edit your AUTOEXEC.BAT file, consult your DOS documentation. LIST OF MAIN PROGRAM FILES Files located in the installation directory: AVPARAM.DLL VirusScan support file MCSCAN32.DLL 32-bit scanning engine MCTOOL.EXE Scanning support file RWABS16.DLL VirusScan 16-bit support file RWABS32.DLL VirusScan 32-bit support file SCAN.EXE VirusScan Command-Line program for 32-bit environments SCANPM.EXE VirusScan Command Line program for protected-mode environments CLEAN.DAT Virus definition file NAMES.DAT Virus definition file SCAN.DAT Virus definition file LICENSE.DAT License information MESSAGES.DAT Message contents file PACKING.LST List of file validation codes VALIDATE.EXE File checksum tool CONTACT.TXT List of contact addresses E4320WPG.PDF Product Guide LICENSE.TXT License document README.TXT This document SIGNLIC.TXT Third-party license information TESTING YOUR INSTALLATION You can test the operation of the software by running the EICAR Standard AntiVirus Test File on any computer where you have installed the software. The EICAR Standard AntiVirus Test File is a combined effort by anti-virus vendors throughout the world to implement one standard by which customers can verify their anti-virus installations. To test your installation: 1. Copy the following line into its own file, then save the file with the name EICAR.COM. X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* The file size will be 68 or 70 bytes. 2. Start your anti-virus software and allow it to scan the directory that contains EICAR.COM. When your software scans this file, it will report finding the EICAR test file. 3. Delete the file when you have finished testing your installation to avoid alarming unsuspecting users. IMPORTANT: Please note that this file is NOT A VIRUS. REMOVING THE SOFTWARE Change to the VirusScan Command Line program directory, then delete all VirusScan files from your hard disk. A list of files installed for the VirusScan Command Line software appears earlier in this file. _____________________________________________________ ABOUT THE SOFTWARE The VirusScan Command-Line software consists of a main executable file, SCAN.EXE, and a modular file, SCANPM.EXE, which allows the software to adapt to the environment in which you run it. To start the VirusScan Command Line software, you need only run SCAN.EXE, together with any options you want to use to configure your scan. As it starts, SCAN.EXE examines your environment and then uses the appropriate files. NOTE: Although it is possible to run SCANPM.EXE directly under DOS emulation on Windows NT based operating systems, this usage is not supported. _____________________________________________________ KNOWN ISSUES 1. The virus-scanning engine includes Trojan-horse file detection that allows it to shut down harmful Trojan-horse processes and remove all traces of the harmful software from your computer. To enable support for this function on Windows NT systems, you must also have two separate dynamic link library (.DLL) files, PSAPI.DLL and VDMDBG.DLL, installed in the \WINNT\System32 folder on your system. VDMDBG.DLL should already be on your system, however on some NT 4.0 installations it is possible that PSAPI.DLL may not exist. If PSAPI.DLL is not in your \WINNT\System32 folder, contact Microsoft. 2. The virus-scanning engine can scan process memory (using the /WINMEM option). To enable support for this function on Windows NT Server systems, you must have a separate dynamic link library (.DLL) file, PSAPI.DLL, installed in the \WINNT\System32 folder on your system. If PSAPI.DLL is not in your \WINNT\System32 folder already, contact Microsoft. If this file is not present, the engine issues error code 6. 3. When scanning multiple targets and using the /WINMEM option, the engine also scans processes in memory multiple times. __________________________________________________________ DOCUMENTATION Documentation is available with a valid grant number from the McAfee Security download site: https://secure.nai.com/us/forms/downloads/upgrades/login.asp NOTE: Electronic copies of all product manuals are saved as Adobe Acrobat .PDF files. - Product Guide. Introduces the product, describes product features, provides detailed instructions for configuring the software, deployment, and ongoing operation and maintenance. - Online Help system. Online Help, accessed from within the software application, briefly describes the common options. - A LICENSE Agreement. The terms under which you may use the product. Read it carefully. If you install the product, you agree to the license terms. - This README file. - A CONTACT file. Contact information for McAfee Security and Network Associates services and resources: technical support, customer service, AVERT, beta program, and training. It also includes a list of phone numbers, street addresses, web addresses, e-mail addresses, and fax numbers for Network Associates offices in the United States and around the world. __________________________________________________________ PARTICIPATING IN THE MCAFEE SECURITY BETA PROGRAM To download new beta software or to read about the latest beta information, visit the beta web site: http://www.networkassociates.com/us/downloads/beta/ To submit your feedback on any McAfee Security beta product, send e-mail to: avbeta@nai.com McAfee Security is devoted to providing solutions based on your input. __________________________________________________________ CONTACTING MCAFEE SECURITY & NETWORK ASSOCIATES Technical Support Home Page http://www.networkassociates.com/us/support/ KnowledgeBase Search https://knowledgemap.nai.com/phpclient/homepage.aspx PrimeSupport Service Portal http://mysupport.nai.com Login credentials required. McAfee Security Beta Program Beta Web Site http://www.networkassociates.com/us/downloads/beta/ E-mail avbeta@nai.com Security Headquarters -- AVERT (Anti-Virus Emergency Response Team) Home Page http://www.networkassociates.com/us/security/home.asp Virus Information Library http://vil.nai.com Submit a Virus Sample – AVERT WebImmune https://www.webimmune.net/default.asp AVERT DAT Notification Service http://vil.nai.com/vil/join-DAT-list.asp Download Site Home Page http://www.networkassociates.com/us/downloads/ DAT File and Engine Updates http://www.networkassociates.com/us/downloads/updates/ ftp://ftp.nai.com/pub/antivirus/datfiles/4.x Product Upgrades https://secure.nai.com/us/forms/downloads/upgrades/login.asp Valid grant number required. Contact Network Associates Customer Service Training McAfee Security University http://www.networkassociates.com/us/services/education/mcafee/university.htm Network Associates Customer Service US, Canada, and Latin America toll-free: Phone: +1-888-VIRUS NO or +1-888-847-8766 Monday - Friday, 8 a.m. - 8 p.m., Central Time E-mail: services_corporate_division@nai.com Web: http://www.nai.com/us/index.asp http://www.networkassociates.com/us/index.asp For additional information on contacting Network Associates and McAfee Security – including toll-free numbers for other geographic areas -- see the CONTACT file that accompanied your original product release. __________________________________________________________ COPYRIGHT & TRADEMARK ATTRIBUTIONS Copyright (C) 2003 Networks Associates Technology, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Networks Associates Technology, Inc., or its suppliers or affiliate companies. To obtain this permission, write to the attention of the Network Associates legal department at: 5000 Headquarters Drive, Plano, Texas 75024, or call +1-972- 963-8000. TRADEMARKS Active Firewall, Active Security, Active Security (in Katakana), ActiveHelp, ActiveShield, AntiVirus Anyware and design, Appera, AVERT, Bomb Shelter, Certified Network Expert, Clean-Up, CleanUp Wizard, ClickNet, CNX, CNX Certification Certified Network Expert and design, Covert, Design (stylized N), Disk Minder, Distributed Sniffer System, Distributed Sniffer System (in Katakana), Dr Solomon’s, Dr Solomon’s label, E and Design, Entercept, Enterprise SecureCast, Enterprise SecureCast (in Katakana), ePolicy Orchestrator, Event Orchestrator (in Katakana), EZ SetUp, First Aid, ForceField, GMT, GroupShield, GroupShield (in Katakana), Guard Dog, HelpDesk, HelpDesk IQ, HomeGuard, Hunter, Impermia, InfiniStream, Intrusion Prevention Through Innovation, IntruShield, IntruVert Networks, LANGuru, LANGuru (in Katakana), M and design, Magic Solutions, Magic Solutions (in Katakana), Magic University, MagicSpy, MagicTree, McAfee, McAfee (in Katakana), McAfee and design, McAfee.com, MultiMedia Cloaking, NA Network Associates, Net Tools, Net Tools (in Katakana), NetAsyst, NetCrypto, NetOctopus, NetScan, NetShield, NetStalker, Network Associates, Network Performance Orchestrator, NetXray, NotesGuard, nPO, Nuts & Bolts, Oil Change, PC Medic, PCNotary, PortalShield, Powered by SpamAssassin, PrimeSupport, Recoverkey, Recoverkey – International, Registry Wizard, Remote Desktop, ReportMagic, RingFence, Router PM, Safe & Sound, SalesMagic, SecureCast, SecureSelect, SecurityShield, Service Level Manager, ServiceMagic, SmartDesk, Sniffer, Sniffer (in Hangul), SpamKiller, SpamAssassin, Stalker, SupportMagic, ThreatScan, TIS, TMEG, Total Network Security, Total Network Visibility, Total Network Visibility (in Katakana), Total Service Desk, Total Virus Defense, Trusted Mail, UnInstaller, VIDS, Virex, Virus Forum, ViruScan, VirusScan, WebScan, WebShield, WebShield (in Katakana), WebSniffer, WebStalker, WebWall, What's The State Of Your IDS?, Who’s Watching Your Network, WinGauge, Your E-Business Defender, ZAC 2000, Zip Manager are registered trademarks or trademarks of Network Associates, Inc. and/or its affiliates in the US and/or other countries. Sniffer(R) brand products are made only by Network Associates, Inc. All other registered and unregistered trademarks herein are the sole property of their respective owners. LICENSE INFORMATION License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO NETWORK ASSOCIATES, INC. OR THE PLACE OF PURCHASE FOR A FULL REFUND. Attributions This product includes or may include: - Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). - Cryptographic software written by Eric Young and software written by Tim J. Hudson. - Some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that Network Associates provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. - Software originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer. - Software originally written by Robert Nordier, Copyright (C) 1996-7 Robert Nordier. All rights reserved. - Software written by Douglas W. Sauder. - Software developed by the Apache Software Foundation (http://www.apache.org/). - International Components for Unicode ("ICU") Copyright (C) 1995-2002 International Business Machines Corporation and others. All rights reserved. - Software developed by CrystalClear Software, Inc., Copyright (C) 2000 CrystalClear Software, Inc. - FEAD(R) Optimizer(R) technology, Copyright Netopsystems AG, Berlin, Germany. - Outside In(R) Viewer Technology (C) 1992-2001 Stellent Chicago, Inc. and/or Outside In(R) HTML Export, (C) 2001 Stellent Chicago, Inc. - Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, (C) 1998, 1999, 2000. - Software copyrighted by Expat maintainers. - Software copyrighted by The Regents of the University of California, (C) 1989. - Software copyrighted by Gunnar Ritter. - Software copyrighted by Sun Microsystems(C), Inc. - Software copyrighted by Gisle Aas. All rights reserved, (C) 1995-2003. - Software copyrighted by Michael A. Chase, (C) 1999-2000. - Software copyrighted by Neil Winton, (C) 1995-1996. - Software copyrighted by RSA Data Security, Inc., (C) 1990-1992. - Software copyrighted by Sean M. Burke, (C) 1999, 2000. - Software copyrighted by Martijn Koster, (C) 1995. - Software copyrighted by Brad Appleton, (C) 1996-1999. - Software copyrighted by Michael G. Schwern, (C) 2001. - Software copyrighted by Graham Barr, (C) 1998. - Software copyrighted by Larry Wall and Clark Cooper, (C) 1998-2000. - Software copyrighted by Frodo Looijaard, (C) 1997. V2.3.1 DBN 330-EN