 Release Notes for McAfee(R) VirusScan(R) Enterprise
                    Version 8.0i
                      Patch 11
           Copyright (C) 2005 McAfee, Inc.
                 All Rights Reserved


==========================================================

Patch Release:    22 August 2005

This release was developed and tested with:

- VirusScan Enterprise:8.0i
- DAT Version:         4562, August 18 2005
- Engine Version:      4.4.00

Make sure you have installed these versions before
using this release.

==========================================================


Thank you for using VirusScan(R) Enterprise
software. This file contains important information
regarding this release. We strongly recommend that
you read the entire document.


The attached files are provided as is, and with no
warranty either expressed or implied as to their
suitability for any particular use or purpose.
McAfee, Inc. assumes no liability for damages
incurred either directly or indirectly as a result
of the use of these files, including but not limited
to the loss or damage of data or systems, loss of
business or revenue, or incidental damages arising
from their use. Patch files should be applied only
on the advice of McAfee Technical Support, and only
when you are actually experiencing the issue being
addressed by the Patch. Patch files should not be
proactively applied in order to prevent potential
product issues. You are responsible for reading and
following all instructions for preparation,
configuration, and installation of Patch files.
Patch files are not a substitute or replacement for
product Service Packs which may be released by
McAfee, Inc. It is a violation of your software
license agreement to distribute or share these files
with any other person or entity without written
permission from McAfee, Inc. Further, posting of
McAfee Patch files to publicly available Internet
sites is prohibited. McAfee, Inc. reserves the right
to refuse distribution of Patch files to any company
or person guilty of unlawful distribution of McAfee
software products. Questions or issues with McAfee
Patch files should be directed to McAfee Technical
Support.



__________________________________________________________
WHAT'S IN THIS FILE

-   About This Release
   -   Purpose
   -   Resolved Issues
       -   Scanners
       -   Management and Reporting
       -   Other
   -   Previously Resolved Issues
   -   Known Issues
   -   Files Included With This Release
-   Installation
   -   Installation Requirements
   -   Installation Steps
   -   Installation Steps via ePolicy Orchestrator
   -   Installation Steps via McAfee Installation
       Designer
   -   Verifying Installation
-   Contact Information
-   Copyright & Trademark Attributions
-   License Information


__________________________________________________________
ABOUT THIS RELEASE


PURPOSE

This release combines previous patches and updated
binaries into a single Microsoft Patch installer to
address all items listed in "Resolved Issues" and
"Previously Resolved Issues" below.


RESOLVED ISSUES

SCANNERS

1.  ISSUE:
    A "Cannot find the file specified" error message
    could occur when starting Lotus Notes via a
    shortcut, or when starting Lotus Notes from a
    shell.

    The same error message could occur when
    third-party applications that inject an add-on
    into Lotus Notes attempt to invoke the McAfee
    Lotus Notes scanner extensions and fail to find
    NCDAEMON.EXE. BZ211743.

    RESOLUTION:
    NCDAEMON.EXE now loads successfully.

2.  ISSUE:
    A third-party application working with scripts
    can encounter an access violation error if it
    passes a NULL pointer to the Script Scan module
    (SCRIPTPROXY.DLL). The Script Scan module does
    not refer a NULL pointer. BZ235573

    RESOLUTION:
    The Script Scan module can now refer NULL
    pointers.

3.  ISSUE:
    The Japanese version of VirusScan Enterprise,
    when detecting an infected Lotus Notes email,
    takes action upon the note as expected, but
    removes the original message body. BZ214243

    RESOLUTION:
    The original message body is always preserved.
    When the sending client is not Lotus Notes or is
    a different version of Lotus Notes, the warning
    text and infected attachment may be removed.

4.  ISSUE:
    The on-access scanner could sometimes scan a
    process in memory when the scanner service was
    starting. BZ219538

    RESOLUTION:
    The on-access scanner does not scan processes in
    memory.

5.  ISSUE:
    When installed to the debug build of Windows
    2003 Server, VirusScan Enterprise would cause a
    bluescreen (BSOD) from handling a unicode
    instruction. BZ235902

    RESOLUTION:
    The issue has been resolved in the updated
    McAfee file system filter driver.

6.  ISSUE:
    On Microsoft Windows XP SP2, or Windows XP SP1
    with Security Update 885835, a memory-mapped
    write operation may not complete correctly. The
    Set EndOfFileInformation IRP was being issued
    twice to the file system. BZ220262

    RESOLUTION:
    The AV filter driver has been updated to
    correctly issue a single Set
    EndOfFileInformation IRP.

7.  ISSUE:
    A potentially unwanted program contained in an
    archive file would be detected by an on-demand
    scan, even when that program was excluded.
    BZ218583

    RESOLUTION:
    The on-demand scan now correctly excludes
    potentially unwanted programs contained in
    archive files, when configured to exclude them.

8.  ISSUE:
    Some third-party applications crashed under
    various conditions when the Script Scan feature
    was installed. Note, the feature did not have to
    be enabled. The crash was caused by a
    synchronization issue when Script Scan
    initialized the scan engine. BZ217812, 217201,
    215868

    RESOLUTION:
    The synchronization issue has been resolved in
    the updated McAfee file system filter driver.

9.  ISSUE:
    When the "Blocking" feature of the on-access
    scanner was configured to "Block if an unwanted
    program is detected," the feature blocked a
    remote user even when the potentially unwanted
    program was excluded from detection. BZ217903

    RESOLUTION:
    Potentially unwanted programs that are excluded
    from detection are not blocked by the on-access
    scanner "Blocking" feature.

10. ISSUE:
    If the on-access scanner was configured to be
    disabled and a system entered hibernation mode,
    the on-access scanner was enabled once the
    system awakened. Note, the shield icon and
    Service Control Manager showed that the scanner
    service was disabled. BZ218465

    RESOLUTION:
    If disabled prior to entering hibernation the
    on-access scanner now remains disabled after
    leaving hibernation mode.

11. ISSUE:
    On some Microsoft Windows 2000 Service Pack 4
    systems, the Winlogon process can crash when an
    McAfee update task is launched. This issue
    occurred only after Patch 10 was installed that
    contained an updated SCRIPTPROXY.DLL.

    RESOLUTION:
    The Script Scan binary, SCRIPTPROXY.DLL, is
    updated to resolve this issue.

12. ISSUE:
    When the McAfee Anti-Spyware module is installed
    and an on-demand scan task is configured to scan
    cookies, the on-demand scan can crash.

    RESOLUTION:
    The shared library, MYTILUS.DLL, has been
    updated to resolve this issue.

13. ISSUE:
    The Reg/Lowzones Trojan was not detected by the
    on-access scanner when the primary action was
    "Clean files automatically." More information
    about this Trojan can be found in the virus
    library:
    http://vil.nai.com/vil/content/v_127723.htm

    RESOLUTION:
    The on-access scanner takes appropriate action
    against the Trojan.


ACCESS PROTECTION

1.  ISSUE:
    An incompatibility existed between some
    monitoring software packages and the Buffer
    Overflow protection feature of VirusScan
    Enterprise. This was due to a conflict in
    hooking mechanisms being used. Software
    identified includes SpectorSoft, and WebRoot
    SpySweeper. BZ237453, BZ237598, BZ237595,
    BZ235458, BZ236289, BZ237100

    RESOLUTION:
    The hooking mechanism of the Buffer Overflow
    feature has been modified to be more compatible
    with most third-party applications.

2.  ISSUE:
    A C2 blue screen error (BSOD) could occur when
    the Buffer Overflow feature was enabled. This
    would be seen as a stop code of 0x000000c2 with
    the following parameters (0x00000047,
    0x84b83000, 0x00004b83, 0x000f1ffb). BZ 235367,
    220592

    RESOLUTION:
    The Buffer Overflow driver has been updated to
    resolve the issue.

3.  ISSUE:
    An error in MCSHIELD.EXE can occur on shutdown.
    The memory address referred to in the error
    message is 0x77f966bc or 0x7c964ed1. This
    occurred from attempts to close handles that
    were no longer valid. BZ 212581

    RESOLUTION:
    The software only closes valid handles on
    shutdown.

4.  ISSUE:
    An incompatibility with some third-party
    software was identified that could cause
    LSASS.EXE to perpetually use 100% of CPU
    resources, when buffer overflow protection was
    enabled. The Buffer Overflow feature was in a
    loop. BZ237444, BZ237874

    RESOLUTION:
    The Buffer Overflow feature is updated to
    identify when third-party software creates this
    loop and will not cause the loop to be
    perpetual.

5.  ISSUE:
    On Microsoft Windows 2003 Server with Service
    Pack 1, the Buffer Overflow feature would no
    longer function. BZ235475

    RESOLUTION:
    This release updates the Buffer Overflow feature
    to function properly with the Microsoft service
    pack applied.


MANAGEMENT AND REPORTING

1.  ISSUE:
    Entering an exclusion for the Buffer Overflow
    feature, which is case-sensitive, was converted
    to lowercase, making the exclusion invalid.
    BZ209615

    RESOLUTION:
    The text entered for the exclusion is preserved
    correctly.

2.  ISSUE:
    When the on-access scanner timed out while
    scanning a file, the event was reported to
    ePolicy Orchestrator or Protection Pilot as a
    virus named "_". BZ211157

    RESOLUTION:
    With this release, the on-access scanner
    time-outs do not report as a virus.

3.  ISSUE:
    The "All Port Blocking Events" query produced an
    error when the ePolicy Orchestrator or
    Protection Pilot database was on a SQL7 or MSDE
    v1 server. BZ214123

    RESOLUTION:
    The "All Port Blocking Events" query has been
    corrected.

4.  ISSUE:
    Events are not processed if the language of the
    account used to access SQL is not English, and
    the current day of the month is greater than
    12.
    BZ215577

    RESOLUTION:
    This issue is resolved in the updated Extended
    NAP file.

5.  ISSUE:
    ePolicy Orchestrator or Protection Pilot reports
    might contain sentences that overlap, and chart
    labels might be non-legible. BZ216111

    RESOLUTION:
    This issue is resolved in the updated Extended
    NAP file.

6.  ISSUE:
    On-demand scan tasks configured to stop after
    running for a specified amount of time might not
    stop at the appointed time. The VirusScan
    Enterprise plug-in did not identify the correct
    task. BZ217471

    RESOLUTION:
    The VirusScan Enterprise plug-in has been
    updated to stop the correct scan task after the
    specified amount of time.


OTHER

1.  ISSUE:
    In some environments the VirusScan Enterprise
    Patch 10 release encountered an installation
    issue where the Windows Installer service would
    hang (published in the knowledge base as article
    KB40498). BZ235901

    RESOLUTION:
    The installation of this release temporarily
    disables the Buffer Overflow feature only if it
    is enabled, and enables it again once the
    installation is complete.

2.  ISSUE:
    Alert messages sent to McAfee Alert Manager
    sometimes displayed a user name of "System."
    BZ213251

    RESOLUTION:
    The correct user name is now sent in the alert
    message.

3.  ISSUE:
    An event is captured by the Event log service
    with the ID of 6004. This only occurred after
    installing VirusScan Enterprise 8.0i, and
    occurred when the McAfee TDI filter driver was
    loaded. BZ214636

    RESOLUTION:
    This is resolved with the updated McAfee TDI
    filter driver.

4.  ISSUE:
    A blue screen error (BSOD) could be seen on a
    server operating system, often with a bug check
    code of D1. BZ213144, BZ213656, BZ212909,
    BZ212477

    RESOLUTION:
    This is resolved with the updated McAfee TDI
    filter driver.

5.  ISSUE:
    PatchLink, a third-party application, will crash
    when the Script Scan module is installed.
    BZ242659, BZ237574

    RESOLUTION:
    Updates made to the Script Scan module,
    SCRIPTPROXY.DLL, and a shared scanner module,
    MYTILUS.DLL, resolve the issue.

6.  ISSUE:
    A delay may be noticed when a computer system
    shuts down. Shutdown progresses at a normal rate
    if the McTaskManager service is stopped before
    shutdown.

    RESOLUTION:
    VSTSKMGR.EXE, the McTaskManager service, has
    been updated to correct this issue.

7.  ISSUE:
    During an engine update, scanner components may
    not unload the scan engine, resulting in failure
    to update the Engine because it is still in
    use.

    RESOLUTION:
    VSTSKMGR.EXE has been updated to ensure
    successful Engine updates.


PREVIOUSLY RESOLVED ISSUES

1.  ISSUE:
    A memory leak occurred in non-page pool memory
    when accessing files via the network redirector.
    The TDI driver did not release memory that had
    been allocated for identifying Source IP
    information.

    RESOLUTION:
    Memory is properly released by the TDI driver.

2.  ISSUE:
    If the TDI driver received an I/O Request Packet
    (IRP) that did not have enough stack locations
    to be passed down the stack, a new IRP was
    created and the original IRP was left
    uncompleted. This resulted in a small memory
    leak.

    RESOLUTION:
    The original IRP is now completed.

3.  ISSUE:
    A driver conflict between the McAfee TDI driver
    and a driver from Aventail VPN Client software
    could result in NetBIOS network connectivity
    being lost.

    RESOLUTION:
    NetBIOS network connectivity functions as
    expected when these applications are installed.

4.  ISSUE:
    When a system was under considerable file I/O
    stress, and the path information of a file was
    not examined correctly by the exclusion library,
    an excluded file or a file inside an excluded
    folder could be scanned.

    RESOLUTION:
    The exclusion library has been updated to ensure
    that file path information is examined correctly
    under any stress condition.

5.  ISSUE:
    Malformed JPEG files taking advantage of the
    MS04-028 exploit could be rendered by a browser
    - without first having to cache files locally
    -- to induce an attack on the system. Details of
    the security bulletin can be found at:

       http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx

    RESOLUTION:
    The processes monitored by the Buffer Overflow
    Protection feature are protected against
    malicious code attempting to execute after
    exploiting the MS04-028 vulnerability.

    IMPORTANT:
    When a buffer overflow has occurred, the
    affected process may become unstable and may
    need to be restarted.

    This patch release is not a substitute for any
    security patch(es) provided by Microsoft to
    resolve the MS04-028 vulnerability.

6.  ISSUE:
    Toolbar icons in some applications, including
    IBM WebSphere Studio, display as black boxes.

    RESOLUTION:
    Toolbar icons now display as expected.

7.  ISSUE:
    Web Inspector from Zixcorp would encounter an
    error upon initializing, usually seen at logon.

    RESOLUTION:
    Web Inspector loads without issue.

8.  ISSUE:
    Windows Media Player 10 could stop responding
    after you select the option to listen to a
    "Radio" stream, then select the "Music" tab.

    RESOLUTION:
    Windows Media Player 10 operates correctly
    without interruption when you change from the
    "Radio" tab to "Music" tab, and vice versa.

    NOTE:
    Once the Patch is applied, a reboot may be
    required to resolve this issue.

9.  ISSUE:
    List boxes and message boxes in .NET
    applications do not display any content.

    RESOLUTION:
    List boxes and message boxes now display content
    as expected.

10. ISSUE:
    In some Lotus Notes configurations where user
    mail databases were located in varying
    locations, the Lotus Notes Scanner would not
    find a mailbox to scan.

    RESOLUTION:
    User mailboxes are correctly located, and the
    Lotus Notes scanner protects the database.

11. ISSUE:
    The user interface option that allows you to
    password protect the "On-Access Scanner:
    Detection" page mistakenly protects both the
    On-Access Scan "Detection" and On-Access Scan
    "Set Exclusions" property pages. A user could
    not add exclusions.

    RESOLUTION:
    Choosing to protect the "On-Access Scanner:
    Detection" page from the "User Interface
    Options" now protects only the On-Access Scan
    "Detection" page.

12. ISSUE:
    A delay in responsiveness of the script engine
    would occur when executing scripts
    sequentially.

    RESOLUTION:
    Scripts terminate correctly, allowing the script
    engine to respond to subsequent script
    commands.

13. ISSUE:
    An "Access denied" error appeared in an
    application that used the "delete-on-close" flag
    when working with temporary files. The file
    system filter driver would lose track of the
    "delete-on-close" flag.

    RESOLUTION:
    The updated file system filter driver resolves
    this issue, allowing temporary files to be
    utilized as expected.


KNOWN ISSUES

1.  When installing locally, you may not be prompted
    to reboot after the installation. However, a
    reboot is necessary to unload the previous
    McAfee TDI filter driver and load the new
    driver.

2.  Installing the Patch and specifying a log file
    path using the MSI switch "/L" does not log to
    the specified path. A log capturing full data is
    logged to the folder "NAILogs" under the Temp
    folder.

3.  When using McAfee Installation Designer 8.0 to
    create a new installation package that includes
    Patch 11, and you have VirusScan Enterprise 8.0i
    an MSP installed locally (Patch 10 or Patch 11),
    the resulting package may not install to other
    systems.

    Install McAfee Installation Designer 8.1 and
    create the new installation package that
    includes Patch 11.

4.  When installing Patch 11 interactively and
    canceling the installation on a system where a
    previous Patch was installed, after the rollback
    completes the previous Patch will no longer
    reports to ePolicy Orchestrator or displays in
    the "About VirusScan Enterprise" window.

5.  If the Lotus Notes client is open when Patch 11
    is installed, the installation completes
    successfully but a reboot is required to replace
    the McAfee Lotus scanner files. The new files
    are not used until after a reboot.

6.  If Patch 11 is removed from the ePolicy
    Orchestrator or Protection Pilot repository and
    Patch 10 is added, clients that have Patch 11
    run the Patch 10 package but do not replace any
    files. These systems report that both Patch 10
    and Patch 11 are installed.


FILES INCLUDED WITH THIS RELEASE

This release consists of a package called
VSE80P11.ZIP, which contains the following files:

    PKGCATALOG.Z =
       Package catalog file
    PATCH11.TXT =
       This text file
    VS800DET.MCS =
       VirusScan Enterprise detection script
    PACKING.LST =
       Packing list
    SETUP.EXE =
       Installer for this release
    SETUP.INI =
       Initialization file for SETUP.EXE
    PATCH11.MSP =
       Microsoft Installer Patch file

    The following files are installed to client
    systems:
       ENTAPI.DLL	8.0.0.448
       ENTDRVnx.SYS*	8.0.0.448
       ENTSRV.DLL	8.0.0.448
       FTL.DLL		8.0.0.135
       MCSHIELD.EXE	8.0.0.309
       MIDUTIL.DLL	8.0.0.152
       MVSTDInx.SYS*	8.0.0.301
       MYTILUS.DLL	8.0.0.316
       NAIANN.DLL	8.0.0.308
       NAIAVFnx.SYS*	8.0.0.309
       NCDAEMON.EXE	8.0.0.998
       NCEXTMGR.DLL	8.0.0.998
       NCINSTALL.DLL	8.0.0.998
       NCMENU.DLL	8.0.0.998
       NCSCAN.DLL	8.0.0.998
       NCTRACE.DLL	8.0.0.998
       SCRIPTPROXY.DLL	8.0.0.992
       SHCFG32.EXE	8.0.0.926
       VSIDSVR.DLL	8.0.0.291
       VSPLUGIN.DLL**	8.0.0.981
       VSTSKMGR.EXE	8.0.0.1002

    The following files are checked in to the
    ePolicy Orchestrator or Protection Pilot
    repository:
       VSE800.NAP ***		2.0.0.264
       VSE800REPORTS.NAP	3.0.0.998

    * File name depends on operating system and
    processor architecture.

    ** If managed by ePolicy Orchestrator or
    Protection Pilot where the McAfee Anti-Spyware
    module is installed, the version is 8.0.0.989.

    *** If the McAfee Anti-Spyware module NAP files
    have been added to the repository, do not
    install this NAP file. See "INSTALLATION STEPS
    FOR EPOLICY ORCHESTRATOR" below.


__________________________________________________________
INSTALLATION


INSTALLATION REQUIREMENTS

To use this release, you must have VirusScan
Enterprise 8.0i software installed on the computer
you intend to update with this release.

    NOTE:
    This release does not work with earlier versions
    of VirusScan software.


INSTALLATION STEPS

1.  Extract the Patch files from VSE80P11.ZIP to a
    temporary folder on your hard drive.

2.  Double-click the file SETUP.EXE inside the
    temporary folder created in Step 1.

3.  Follow the instructions of the installation
    wizard.


INSTALLATION STEPS FOR ePOLICY ORCHESTRATOR

1.  On the computer where the ePolicy Orchestrator
    3.x console resides, extract the Patch files
    from VSE80P11.ZIP to a temporary folder on your
    hard drive.

2.  Open the ePolicy Orchestrator 3.x console and
    add the package from the temporary folder
    created in Step 1 to your repository.

    Consult "Checking in Package" on page 206 of the
    ePolicy Orchestrator 3.0 Product Guide, or
    "Checking in PKGCATALOG.Z product packages to
    the master repository" on page 90 of the ePolicy
    Orchestrator 3.5 Product Guide, for instructions
    on adding a package to the repository. The
    package type for this Patch is "Products or
    Updates."

The next time an agent update task runs, the
VirusScan Enterprise client automatically downloads
and installs the Patch.

3.  Skip ahead to Step 4 if you have already added
    the McAfee Anti-Spyware module NAP file to your
    repository.

    Add the management NAP file, VSE800.NAP, from
    the temporary folder created in Step 1 to your
    repository.

    Consult the ePolicy Orchestrator documentation
    for instructions on adding new software to be
    managed to the repository.

4.  Add the reporting NAP file, VSE800REPORTS.NAP,
    from the temporary folder created in Step 1 to
    your repository by doing the following:

   a.  In the console tree under Reporting | Report
       Repository, remove the VirusScan 8.0
       reporting directory. This removes the
       VSE800Reports.NAP file from the Reporting
       console; it does not remove the management
       NAP file from the server.

   b.  Stop the ePolicy Orchestrator Server service
       and ePolicy Orchestrator Event Parser
       service.

   c.  In the ePolicy Orchestrator installation
       directory, delete the following:

       -   REPORTVERSIONS.SQL file from the AVI
           directory.

       -   VIRUSSCAN8000RPT folder from the
           DB\REPORTS directory.

   d.  Restart the two services from Step b.

   e.  In the ePolicy Orchestrator console, add the
       VSE800Reports.NAP file using the "Check in
       NAP" wizard.

   f.  If applicable, log out of the Reporting
       console.

   g.  Log in to the Reporting console using ePolicy
       Orchestrator authentication.

       When the Reporting console retrieves the new
       reports, the ePolicy Orchestrator console
       crashes.

   h.  Log in to the ePolicy Orchestrator console
       and the Reporting Console to view the
       VirusScan 8.0 reports.


INSTALLATION STEPS VIA MCAFEE INSTALLATION DESIGNER

McAfee recommends that you use McAfee Installation
Designer version 8.1 and follow this procedure:

1.  Extract the files from VSE80P11.ZIP to a
    temporary folder on your hard drive.

2.  Start McAfee Installation Designer 8.1, select
    "Create a new installation package," and select
    a source and destination folder for your
    installation package; then click "Next."

3.  Go to the "Patch Files" section and click "Add."
    Browse to the temporary folder you created in
    Step 1, and select the file PATCH11.MSP.

4.  Click "Finish" and "Save" in the McAfee
    Installation Designer to save a new installation
    package to the destination folder you specified
    in Step 2.


VERIFYING INSTALLATION

Always reboot prior to validating a Patch has
installed successfully.

Patch 11 does not display as installed if an error
occurred during installation, or if a file or files
did not install correctly.

1.  Open the VirusScan Console and choose "About"
    from the "Help" menu. The "About VirusScan
    Enterprise" window "Patch Versions" displays
    "11."

2.  After property information has been collected by
    ePolicy Orchestrator and Protection Pilot
    agents, the client systems show that Patch 11 is
    installed.

3.  Confirm that the expected files are installed by
    checking the version number of individual files.
    File versions should match the list in "FILES
    INCLUDED WITH THIS RELEASE," above.


__________________________________________________________
PARTICIPATING IN THE MCAFEE BETA PROGRAM

To download new beta software or to read about the
latest beta information, visit the McAfee beta web
site located at:
       http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

To submit beta feedback on any McAfee product, send
e-mail to:
       mcafee_beta@mcafee.com

McAfee is devoted to providing solutions based on
your input.


__________________________________________________________
CONTACT INFORMATION

SECURITY HEADQUARTERS:  AVERT
(Anti-Virus & Vulnerability Emergency Response
Team)
    Home Page
       http://www.mcafeesecurity.com/us/security/home.asp

    Virus Information Library
       http://vil.mcafeesecurity.com/

    AVERT WebImmune & Submit a Virus Sample
       https://www.webimmune.net/default.asp

    AVERT DAT Notification Service
       http://vil.mcafeesecurity.com/vil/join-DAT-list.asp


DOWNLOAD SITE
    Home Page
       http://www.mcafeesecurity.com/us/downloads/

    Anti-Virus DAT File and Engine Updates
       http://www.mcafeesecurity.com/us/downloads/updates/

       ftp://ftp.mcafee.com/pub/antivirus/datfiles/4.x

    Anti-Spam Rules File and Engine Updates
       ftp://ftp.nai.com/spamdefs/1.x/

    Product Upgrades
       https://secure.nai.com/us/forms/downloads/upgrades/login.asp

    Valid grant number required (contact Customer
    Service)


TECHNICAL SUPPORT
    Home Page
       http://www.mcafeesecurity.com/us/support/technical_support

    KnowledgeBase Search
       https://knowledgemap.mcafeesecurity.com/phpclient/homepage.aspx

    PrimeSupport Service Portal (Logon credentials
    required)
       https://mysupport.mcafeesecurity.com

    PSVANS  PrimeSupport Vulnerability Alert
    Notification Service
       http://www.mcafeesecurity.com/us/support/primesupport/


CUSTOMER SERVICE
    US, Canada, and Latin America toll-free:
   Phone:     +1-888-VIRUS NO or +1-888-847-8766
              Monday-Friday, 8am-8pm, Central Time

   E-mail:    https://secure.nai.com/us/forms/support/request_form.asp

   Web:       http://www.mcafeesecurity.com/us/support/default.asp


MCAFEE BETA PROGRAM
    Download Site:
       http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

    E-mail to Submit Beta Feedback:
       mcafee_beta@mcafee.com


TRAINING: MCAFEE UNIVERSITY
       http://www.mcafeesecurity.com/us/services/education/mcafee/university.htm


WORLDWIDE OFFICES
    For addresses and phone numbers of worldwide
    offices:

       http://www.mcafeesecurity.com/us/contact/home.htm


_____________________________________________________
COPYRIGHT AND TRADEMARK ATTRIBUTIONS

Copyright (C) 2005 McAfee, Inc. All Rights Reserved.
No part of this publication may be reproduced,
transmitted, transcribed, stored in a retrieval
system, or translated into any language in any form
orbyany means without the written permission of
McAfee, Inc., or its suppliers or affiliate
companies.


TRADEMARKS

ACTIVE FIREWALL, ACTIVE SECURITY, ACTIVESECURITY
(AND IN KATAKANA), ACTIVESHIELD, CLEAN-UP, DESIGN
(STYLIZED E), DESIGN (STYLIZED N), ENTERCEPT,
EPOLICY ORCHESTRATOR,  FIRST AID, GROUPSHIELD,
GROUPSHIELD (AND IN KATAKANA),  INTRUSHIELD,
INTRUSION PREVENTION THROUGH INNOVATION,  MCAFEE,
MCAFEE (AND IN KATAKANA), MCAFEE AND DESIGN,
MCAFEE.COM, MCAFEE VIRUSSCAN, NA NETWORK ASSOCIATES,
NET TOOLS, NET TOOLS (AND IN KATAKANA), NETSCAN,
NETSHIELD, NETWORK ASSOCIATES, NUTS & BOLTS, OIL
CHANGE, PRIMESUPPORT, SPAMKILLER, THREATSCAN, TOTAL
VIRUS DEFENSE, VIREX, VIRUS FORUM, VIRUSCAN,
VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN,
WEBSHIELD, WEBSHIELD (AND IN KATAKANA), YOUR
NETWORK. OUR BUSINESS.  are registered trademarks or
trademarks of McAfee, Inc. and/or its affiliates in
the US and/or other countries.  The color red in
connection with security is distinctive of McAfee
brand products.  All other registered and
unregistered trademarks herein are the sole property
of their respective owners.



_____________________________________________________
LICENSE & PATENT INFORMATION

LICENSE AGREEMENT

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE
LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU
PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND
CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF
YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE
ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED
LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT
ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE
RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A
BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE
AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED
THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF
THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL
THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE
PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A
FULL REFUND.


LICENSE ATTRIBUTIONS

This product includes or may include:
*Software developed by the OpenSSL Project for use
in the OpenSSL Toolkit (http://www.openssl.org/).
*Cryptographic software written by Eric A. Young
and software written by Tim J. Hudson. *Some
software programs that are licensed (or sublicensed)
to the user under the GNU General Public License
(GPL) or other similar Free Software licenses which,
among other rights, permit the user to copy, modify
and redistribute certain programs, or portions
thereof, and have access to the source code. The GPL
requires that for any software covered under the GPL
which is distributed to someone in an executable
binary format, that the source code also be made
available to those users. For any such software
covered under the GPL, the source code is made
available on this CD. If any Free Software licenses
require that McAfee provide rights to use, copy or
modify a software program that are broader than the
rights granted in this agreement, then such rights
shall take precedence over the rights and
restrictions herein.  *Software originally written
by Henry Spencer, Copyright 1992, 1993, 1994, 1997
Henry Spencer.  *Software originally written by
Robert Nordier, Copyright (C)1996-7 Robert Nordier.
*Software written by Douglas W. Sauder.  *Software
developed by the Apache Software Foundation
(http://www.apache.org/). A copy of the license
agreement for this software can be found at
www.apache.org/licenses/LICENSE-2.0.txt.
*International Components for Unicode ("ICU")
Copyright (C)1995-2002 International Business
Machines Corporation and others.  *Software
developed by CrystalClear Software, Inc., Copyright
(C)2000 CrystalClear Software, Inc. *FEAD(R)
Optimizer(R) technology, Copyright Netopsystems AG,
Berlin, Germany. *Outside In(R) Viewer Technology
(C)1992-2001 Stellent Chicago, Inc. and/or Outside
In(R) HTML Export, (C)2001 Stellent Chicago, Inc.
*Software copyrighted by Thai Open Source Software
Center Ltd. and Clark Cooper, (C)1998, 1999, 2000.
*Software copyrighted by Expat maintainers.
*Software copyrighted by The Regents of the
University of California, (C)1989.  *Software
copyrighted by Gunnar Ritter.  *Software
copyrighted by Sun Microsystems(R), Inc. (C)2003.
*Software copyrighted by Gisle Aas. (C)1995-2003.
*Software copyrighted by Michael A. Chase,
(C)1999-2000.  *Software copyrighted by Neil
Winton, (C)1995-1996.  *Software copyrighted by
RSA Data Security, Inc., (C)1990-1992.  *Software
copyrighted by Sean M. Burke, (C)1999, 2000.
*Software copyrighted by Martijn Koster, (C)1995.
*Software copyrighted by Brad Appleton,
(C)1996-1999.  *Software copyrighted by Michael G.
Schwern, (C)2001.  *Software copyrighted by Graham
Barr, (C)1998.  *Software copyrighted by Larry
Wall and Clark Cooper, (C)1998-2000.  *Software
copyrighted by Frodo Looijaard, (C)1997.
*Software copyrighted by the Python Software
Foundation, Copyright (C)2001, 2002, 2003. A copy
of the license agreement for this software can be
found at www.python.org.  *Software copyrighted by
Beman Dawes, (C)1994-1999, 2002.  *Software
written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G.
Siek (C)1997-2000 University of Notre Dame.
*Software copyrighted by Simone Bordet & Marco
Cravero, (C)2002.  *Software copyrighted by
Stephen Purcell, (C)2001.  *Software developed by
the Indiana University Extreme! Lab
http://www.extreme.indiana.edu/).  *Software
copyrighted by International Business Machines
Corporation and others, (C)1995-2003.  *Software
developed by the University of California, Berkeley
and its contributors.  *Software developed by Ralf
S. Engelschall <rse@engelschall.com> for use in the
mod_ssl project (http://www.modssl.org/).
*Software copyrighted by Kevlin Henney,
(C)2000-2002.  *Software copyrighted by Peter
Dimov and Multi Media Ltd. (C)2001, 2002.
*Software copyrighted by David Abrahams, (C)2001,
2002. See http://www.boost.org/libs/bind/ bind.html
for documentation.  *Software copyrighted by Steve
Cleary, Beman Dawes, Howard Hinnant & John Maddock,
(C)2000.  *Software copyrighted by Boost.org,
(C)1999-2002.  *Software copyrighted by Nicolai M.
Josuttis, (C)1999.  *Software copyrighted by
Jeremy Siek, (C)1999-2001.  *Software copyrighted
by Daryle Walker, (C)2001.  *Software copyrighted
by Chuck Allison and Jeremy Siek, (C)2001, 2002.
*Software copyrighted by Samuel Krempp, (C)2001.
See http://www.boost.org for updates, documentation,
and revision history.  *Software copyrighted by
Doug Gregor (gregod@cs.rpi.edu), (C)2001, 2002.
*Software copyrighted by Cadenza New Zealand Ltd.,
(C)2000.  *Software copyrighted by Jens Maurer,
(C)2000, 2001.  *Software copyrighted by Jaakko
Jrvi (jaakko.jarvi@cs.utu.fi), (C)1999, 2000.
*Software copyrighted by Ronald Garcia, (C)2002.
*Software copyrighted by David Abrahams, Jeremy
Siek, and Daryle Walker, (C)1999-2001.  *Software
copyrighted by Stephen Cleary (shammah@voyager.net),
(C)2000.  *Software copyrighted by Housemarque Oy
<http:// www.housemarque.com>,(C)2001.  *Software
copyrighted by Paul Moore, (C)1999.  *Software
copyrighted by Dr. John Maddock, (C)1998-2002.
*Software copyrighted by Greg Colvin and Beman
Dawes, (C)1998, 1999.  *Software copyrighted by
Peter Dimov, (C)2001, 2002.  *Software copyrighted
by Jeremy Siek and John R. Bandela, (C)2001.
*Software copyrighted by Joerg Walter and Mathias
Koch, (C)2000-2002.



V3.1.2


