          What's New in NetShield NT v4.0.3 (4014)
      Copyright (c) 1994-99 by Network Associates, Inc.,
      and its Affiliated Companies. All Rights Reserved.


Thank you for using NetShield NT. This What's New file
contains important information regarding this release.
Network Associates strongly recommends that you read the
entire document.

Network Associates welcomes your comments and suggestions.
Please use the information provided in this file to contact
Customer Care or technical support.

**WARNING: Do not attempt to install this version of
NetShield on a Digital Equipment (DEC) Alpha system.**

**IMPORTANT: This version of NetShield NT DOES include
support for Windows NT 3.51. Network Associates recommends
that you install Windows NT Service Pack 5 in order to use
NetShield with this Windows NT version.

Note also that running NetShield NT with Windows NT v4.0
recommends that you have Windows NT v4.0 Service Pack 4
installed.**

___________________
WHAT'S IN THIS FILE

- New Features
- Known Issues
- Installation
- Performing a "Silent" Installation
- Documentation
- Frequently Asked Questions
- Additional Information
- Contacting Network Associates

____________
NEW FEATURES

1.  A new Network Associates scanning engine is at the heart
    of NetShield NT v4.0.3. Created and backed by the
    combined efforts of the McAfee Labs and Dr Solomon
    anti-virus research teams, this engine delivers
    outstanding virus detection and cleaning rates.

2.  NetShield now provides anti-virus protection for key
    Microsoft BackOffice server components, including
    Microsoft Clustering Server and Microsoft Terminal
    Server. NetShield is Cluster Server compatible, but
    not cluster aware. NetShield protection also extends
    to file system support for Microsoft's Distributed
    File System.

3.  Alert Manager can now direct alert messages to McAfee
    Management Edition v2.0 for network-wide administrative
    convenience.

4.  The new scanning engine incorporated in NetShield
    NT comes with improved heuristic scanning capability
    that detects previously unidentified macro and file-
    infector viruses. The engine employs both positive
    heuristics, which allows it to look for "virus-like"
    characteristics in the files it scans, and negative
    heuristics, which allows it to look for file
    characteristics that indicate that questionable code
    does not result from a virus infection. As a result,
    the incidence of false virus identifications is very
    low. See "Additional Information" later in this file
    for more information.

5.  You can use the NetShield Console to centrally
    configure, monitor, and initiate scan operations on
    Windows NT and NetWare servers where you have NetShield
    installed. You can run the Intel-based version of the
    console on both Windows NT, and Windows 95 or
    Windows 98, to perform remote administration.

6.  This NetShield version features enhanced SNMP alerting
    capability for such SNMP management applications as
    HP OpenView.

7.  NetShield includes support for the Banyan Vines network
    operating system. See "Additional Information" later
    in this file for more information.

8.  NetShield NT supports Windows NT 5.0 BETA 2.

9.  You can now enable or disable NetShield NT's on-access
    scanner both from the graphical user interface and from
    an NT Command Prompt window. To learn how to do so,
    see item 12 in "Additional Information" later in this
    file.

10. NetShield's Setup utility will seamlessly remove from
    your target server or workstation all existing
    NetShield NT and VirusScan for Windows NT versions
    earlier than v3.1.4a. Setup will also allow you to
    remove any version later than v3.1.4a and, if you wish,
    to preserve the settings you chose for that earlier
    version.

11. NetShield's Setup utility will remove all existing
    versions of Dr Solomon Anti-Virus Toolkit for
    Windows NT v7.74 and later.


* NEW VIRUSES DETECTED *

              **** IMPORTANT NOTE ****

This release of NetShield NT functions ONLY with the 40XX
.DAT file series. Network Associates recommends that you
use this NetShield NT release with the 4014 .DAT files
included with the program package or series 40XX .DAT files
released later. You CANNOT use NetShield NT with .DAT file
versions from the 30XX, the 97XX or the 98XX series, nor
may you use the .DAT files included in this release with
2.x or 3.x versions of NetShield NT.

                         ****

Because the previous NetShield scanning engine and the
new Network Associates scanning engine identify and classify
viruses in different ways, the .DAT files included with this
NetShield release do not include a list of viruses cleaned.
Future releases will incorporate this information, once
McAfee Labs adopts a standard virus naming convention.

With this .DAT file release, the new scanning engine
detects a total of about 40,715 viruses and variants,
Trojan horse files, and other malicious software. Of
this number these 308 viruses are new:

ACV
ACVT.1243.DR
ADA
ALABAMA.1560.DAM
ALFONS
ANARCHY.666
ANCEV
ANI
ANTI-CLERIC.877
ANTI-FORTRAN
ANTI-PASCAL.DR
ANTI-PASCAL
APME.GENERATOR NON
ARETHREE.MP
ARUSIEK
ASAHI
ASCII.OW
ASH.280B.DR
ATAKA
ATTITUDE
AVALANCHE
AVISPA.2048.DR
BADCOM
BASIL
BILLBOARD
BIZARRE.2716
BLUE SCORPION.2119
BLUE SHARK.1771
BNE.1115
BNUT.MP
BOEHMEX
BOOTDR 124
BOOTDR121
BOOTDR122
BOOTDR123
BREAKPOINT
BUBBEL
BUPT.1279.E
BUPT
BUZZ.365
BV/COLD.3928
BV/DAMN.1432
BV/MF.249
BV/MF.282
BV/NASTY.1259
BV/SMALL
BW.MBRY.BARNEY.477
BW.MBRY.BARNEY.477
BW.MUT.2055
BW.WHITE NOIZE.1602
CANDY.999CARPE DIEM
CARTUJA
CASINO
CATPHISH
CCBB.MP.2221
CHAOS.1181
CHEMNITZ
CHIMP
CHLORIDE.MP
CHLORIDE.MP.CAV.480
CIVIL WAR
CLAUDI
COMZ.512
COSENZA
COUNTDOWN
CRIMINAL
CROATIA
CRUSADE.MP.3000
CRUSADE.MP.3030
CV.271
CYSTA
DARK MATTER.744
DARK REVENGE.1024
DARK THOUGHTS.6144
DEMON.5350
DESTAGE.1200
DIR KILL
DIWA.377B
DR DOOM.283
DRACULA.827
DREAM WORLD.806
DT.13120
ECHOKEYS
ECHOKEYS.DR
FESIME.379
FICK.7326
FLEEING.1986
FLEEING.625
FONX.1958
FREAK.938
GELDWASH.1819
GIRLFRIEND
GISVI
GLEW.4275
GRACED.1389
HALFA
HARPY.1400
HARPY.1790
HARYANTO.981
HLL.CMP.4658
HLL.CMP.6144
HLL.CMP.8902
HLL.MP.CMP.4407
HLL.OW.4601A
HLL.OW.4601B
HLL.OW.4870.C
HLL.OW.7616
HLLP.10105
HLLP.10932
HLLP.2915
HLLP.4415
HLLP.4859A
HLLP.4859B
HLLP.6279
HLLP.6702
HLLP.8636
HLLP.9583
HLLP.9700
HLLP.9787
HLLT.4942
HLLT.5070
HLLT.5150A
HLLT.5712A
HLLT.5712BHLLT.6387
HLLT.7864
HLLW.8560
HOB
HOLIDAY
ICQHOLE
IOS.1290
IRC/FUN
IRC/LEPHA
IRC/PARMS
IRC/PROTEC.B
ISDEAD.2308
ITHAQUA.MP
ITHAQUA.MP.DR
IVP.MOFFATTS.556
IXBT
IZHEVSK
JERU.AURORA
JERUSALEM.1024
JEST
KEYPRESS.1232R
KHIZHNJAK.160
KIKI.1604
KONTRAGAPI
KOREA WANDERER.1455B
KREMIKOV.1013
LOY
LUPUS
MAGIC HOLE.512
MAILBOMB
MALAISE.1355
MANUEL
MARIN.1296
MARIN.902
MARL.619
MAVERICK.3584B
MESSEV.2778
MESSEV.DR
MINISTRY.474
MORTEZ.MP.2676
MPRMOD
MUTAGEN.2419
MVF.1951
NATALIE.MP.1192
NATURE.715
NIGRO
NOPARTY.OW
NUMB.CAV.330
O97M/JERK
PIOLIN.1176
PKUNK.1586
POLLUTE.829.DAM
PREDATOR.G1
QDEL24
QDEL25
QDEL26
QDEL27
QDEL28
QMAGICK
QRES.328B
QZAP14
RASMIN
RAVEN
RDAE.864
REDARC.267
RELUCTANT.OW
RES.MP
RIP.302
RSA
RUSAK.335
SCHENK
SENDKEY
SILLYRU
SMALLPOX.740
SMUT.MP.938
SOCKETS23
SOULFLY.2000
SPAN.1127
SQUATTER.10389
SQUATTER.8566
SQUATTER.DR
SULEI.692
SUPERVISOR.3760
SUPERVISOR
SYSFLES
SYSTRY
TAIPAN.DAM
TEARDROP
TIE.512
TRIAMBER.1408
TROI
TWISTER
VAS.TIMEBOMB
VCOMM
VCS.KIT
VELVET.OW
VERB.733
VERONIKA.1490.B.DR
VICE1.2406
VIENNA.1000.DAM
VIENNA.353C.DAM
VIENNA.387
VIENNA.638B.DR
VIENNA.641
VIENNA.645D.DR
VIENNA.708DR
VIENNA.769
VIENNA.828.DAM
VIENNA.961
VIENNA
VINNITSA
VIVA
VODKA
VOID
VOYAGER
VOYAGER.4500
VULCAN
W32/HIGHWAY
W32/REPU
W32/SKA
W97M/ALLIANCE
W97M/ARGH
W97M/CALIGULA
W97M/COLOMBIA
W97M/ETHAN
W97M/HAWK
W97M/MENTAL
W97M/MODEL
W97M/PEACE
W97M/STEROID.DAM
W97M/TRISTATE
W97M/VMPCK1.BF
W97M/ZMK.P
W9M/PRI
WG.12288
WIDOWMAKER.MP.5741
WIN32/HIGHWAY
WIN95/HERETIC
WIN95/KENSTON
WIN95/SLIDE
WIN95/WG.12288
WIN95/WG.12288.DR
WIN95/ZERG
WIZ
WM/CABEZA
WM/CS
WM/DECEPT
WM/KARATKA
WM/KATTY
WORM.NUKE
WSCRIPT/DEDICATED
WSCRIPT/DEDICATED.A
WSCRIPT/DEDICATED.B
WSCRIPT/ZULU
X97M/LAROUX.EP
X97M/LAROUX.HJ
X97M/LAROUX.HN
X97M/LAROUX.HO
X97M/PTH
X97M/SW
X97M/TOTALER
X97M/TRISTATE
XANY.125
XANY.126A
XANY.126A.DR
XANY.126B
XANY.140B
XANY.87
XM/LAROUX.DN
XM/LAROUX.EP
XM/LAROUX.HJ
XM/LAROUX.HN
XM/LAROUX.HO
XM/LAROUX.HR
XM/PTH
XM/VCX
XMAS
XRES.889
XRES
XUXA
Y2K
YEARN
YEST.615
ZULU.1390
ZZZ

____________
KNOWN ISSUES

1.  You may not connect to another server on the network to
    run an AutoUpgrade session from that computer. You can,
    however, connect to another server, schedule an
    AutoUpgrade session, then disconnect to allow the remote
    server to run AutoUpgrade itself.

2.  If you add the Simple Network Management Protocol
    service to your server setup after you have installed
    VirusScan, you must re-install VirusScan in order to
    use SNMP as an alerting option with Alert Manager. 

2.  If you have manually uninstalled a previous installation
    of NetShield for Windows NT, and have not rebooted, a
    silent installation of NetShield v4.0.3 will fail.

3.  When installing using the default Windows NT SYSTEM
    account, some product functionality is not available.
    This includes: alert forwarding to other NT servers,
    sending alerts to printers, scheduled AutoUpdates
    from NT file shares, remote event logging, and scheduled
    scans of network drives.

4.  To upgrade a component of NetShield, you must perform
    a full installation. If you perform only a partial
    installation, an error message will appear when you
    restart the system.

5.  The Network Associates McShield Service will not run
    when you start the server if you give it a custom
    account. You must run this service with a system
    account. During installation, however, Setup installs
    the McShield service to run with a system account,
    whether or not you specify a custom account for the 
    rest of the installation.

6.  If you install NetShield NT on a Lotus Notes server, you
    must exclude the Lotus Notes SMTP working directory from
    NetShield NT on-access scan operations. To learn how to
    exclude directories, see the NetShield NT User's Guide.

7.  NetShield will send several alert messages if it finds
    a virus when it scans the boot sector on a floppy disk.
    Although ordinarily this might indicate that the disk
    has several separate infections, here the messages all
    result from the single infection. NetShield generates
    several messages because it scans the floppy disk and
    detects the same virus each time Windows tries to mount
    the disk. If it cannot read a virus-infected boot sector
    on the floppy disk, Windows tries to mount the disk
    several times before it gives up.

    If you have NetShield's on-access scanner set to clean
    or delete infected files, subsequent scanning passes
    should not generate alert messages.

8.  If you create a scan task in NetShield's Scan Wizard,
    then tell NetShield to start the task immediately
    without saving its settings, NetShield will start the
    task without creating a task entry in the AntiVirus
    Console window. This means that you cannot see task
    statistics if you close the Status window after the
    task starts, and it means that you cannot stop the
    scan operation once it's underway.

    To have more control over the scan operation, first
    save your settings, then start the scan operation from
    the AntiVirus Console window. When the task finishes,
    you can delete it from the task list.

9.  If you disable the Network Associates Task Manager 
    Service from the Windows NT Control Panel,
    NetShield's on-access scanning component will not
    disable correctly. Although the system tray icon will
    indicate that the on-access scanner is not active,
    the scanner will continue to monitor your system.
    
    If you choose not to install the Task Manager Service
    component during a custom installation, you will not
    be able to enable or disable the on-access scanning
    component.

10. Setup will not install some NetShield services correctly
    under these conditions:

    * If you have a folder or file named PROGRAM in your
      root directory--C:\PROGRAM, for example.

    * If you have a NETSHIELD directory where Setup expects
      to create the NetShield NT program directory. If, for
      example, you create a NETSHIELD folder in the path
      C:\Program Files\Network Associates, Setup will not
      install some NetShield services correctly.

    This same problem occurs during silent installations.

    To avoid this problem, delete any files or folders in
    the directories noted above, then run Setup and allow
    it to create the correct program directory structure
    during installation.

11. If you run an intensive series of scan operations on
    a Dell quad-processor system, NetShield will fail
    after a couple of hours of activity with a blue
    screen error. Installing Windows NT Service Pack 4
    remedies this error.

    For more information about the issues surrounding
    this condition, see Document Q180648 in the Microsoft
    Knowledge Base.


12. Do not install NetShield NT to a shared drive on a
    cluster server. The program will not function
    correctly if the shared drive is part of a passive
    server within the cluster.

13. Do not install NetShield NT to a virtual server within
    a server cluster. Installing NetShield to a virtual 
    server causes it to install only to the active server
    within the cluster. NetShield functions properly when
    you install it to a physical server instead.

14. Stopping any of the NetShield services in the Windows
    NT Services control panel can cause NetShield to lose
    track of the status of its on-access scanning
    component.

    For example, if you stop the McTaskManager or the
    McShield services, the system tray icon for the
    NetShield on-access scanner will indicate that the
    scanner is disabled. If you then right-click the icon,
    however, the shortcut menu will show Disable as a menu
    choice instead of Enable.

    Rather than stopping NetShield services to disable the
    scanner, use the NetShield interface to disable it.
    For more details, see item 12 in "Additional
    Information" later in this file.

15. NetShield no longer supports network scanning as a
    feature available through the user interface. You can
    enable this feature by changing a registry setting.
    To learn how to do this, see item 13 in "Additional
    Information" later in this file. Network Associates
    recommends that you leave this feature disabled and
    that you use NetShield to scan its host server for
    incoming and outgoing network traffic.

16. If you use a version earlier than v3.10 (Build 364) of
    Cheyenne Backup Agent for Open Files or a version of
    St. Bernard's Open File Agent earlier than v5.1 during
    system backups, and you have NetShield's on-access
    scanning component active, your server could hang. To
    remedy this problem, upgrade your backup agent software
    to the versions indicated, or to later versions.

17. If you click the Browse button during installation to
    choose a directory for NetShield's program files, you
    will see a Network button. Network Associates
    recommends that you do not install NetShield anywhere
    except to the local server. This button is a default
    feature of the Setup utility and does not function
    correctly in this version.

18. If you have Norton Utilities v2.0 installed, then you
    install NetShield, your system will halt with a blue-
    screen error in the RDR.SYS module as you try to
    restart it. A conflict with the Norton Unerase version
    included with this Norton Utilities release causes this
    error. To resolve this problem, install the latest
    Norton Utilities version available. 


____________
INSTALLATION

* SYSTEM REQUIREMENTS *

NetShield requires Windows NT 4.0 Service Pack 4 to run.
Before you install NetShield, verify that your system has
Windows NT 4.0 and NT Service Pack 4 installed, then follow
the steps below. 

If you plan to run NetShield NT with Windows NT 3.51, verify
that you have installed Windows NT v3.51 Service Pack 5.
NetShield NT functions best with, but does not require,
Service Pack 5.

* INSTALLATION STEPS *

1.  Make sure you have Administrator rights for the server
    on which you are installing NetShield.

2.  Run SETUP.EXE, then follow the prompts.

    NOTE: If you uninstall NetShield in order to install an
    upgrade, Network Associates recommends that you first
    reboot the system before you install the upgrade
    version.

__________________________________
PERFORMING A "SILENT INSTALLATION"

If you want to deploy NetShield as your standard anti-virus
security application, you can use the programs "silent"
installation feature to set up NetShield on each network
node with little or no interaction from end users or other
administrators. During a silent installation, Setup does
not display any of its usual wizard panels or windows, or
offer the end user any configuration options.

Instead, you preset these choices and run Setup in the
background on each target server. If you wish, you can even
install NetShield on any unattended servers, provided you
have all of the necessary administrative privileges.

A silent installation consists of two major steps. First,
you must install the same NetShield components on your
administrative computer or server that you want Setup to
install on each target server. A special Setup mode records
the choices you make during installation and preserves them
in a configuration file called SETUP.ISS.

Next, you must use a different Setup mode to install an
identical NetShield configuration on each target system.
Setup will use the SETUP.ISS file you create in the first
step to guide each subsequent installation you perform.

NOTE: Silent installations use the system account for
installation. This can mean that some NetShield features
will not function after installation. See Known Issue #3
earlier in this file for details.


* RECORDING YOUR PREFERENCES *

To record your installation preferences, follow these
steps:

1.  Look for an existing SETUP.ISS file inside the
    \WINDOWS, the \I386 or the \WINNT folder on your
    administrative computer or server. If you find a
    file with that name there, rename it or delete it.

    As you record your installation preferences, Setup
    will save them into a new SETUP.ISS file in the
    same location.

2.  Choose Run from the Start menu in the Windows
    taskbar.

    The Run dialog box will appear.

3.  Type <X>:\SETUP.EXE -R in the text box provided,
    then click OK.

    Here, <X> represents the drive letter for your
    CD-ROM drive or the path to the folder that
    contains your extracted NetShield files. The -R
    tells Setup to run in its record mode.

    NOTE: If your NetShield copy came on a NetShield
    Security Suite or a Total Virus Defense CD-ROM disc,
    you must also specify which folder contains
    NetShield NT. See the CONTENTS.TXT file included with
    either product suite for details.

4.  Follow the instructions outlined in each wizard panel
    to choose the components and the settings you want each
    of the target servers to have.

    Setup notes the choices you make at each step and
    records them as entries in SETUP.ISS.

    NOTE: Take particular care during this initial
    installation to respond to any questions that appear
    in the wizard panels and to follow the installation
    steps in the sequence presented, or the silent
    installation you run later will abort. You may not
    backtrack during the installation to change your
    settings.
    
    To specify different options, you will need to begin
    the installation again in order for Setup to record
    your choices correctly. If you plan to install
    NetShield on unattended workstations, be sure to
    specify options that do not require user interaction.

5.  Once youve completed the installation, click Finish
    to quit Setup.


* EDITING THE SETUP.ISS FILE *

If you want Setup to silently install NetShield in a
particular directory, or if you want Setup to silently
uninstall previous NetShield versions before it installs
another version, you will need to edit the SETUP.ISS file
you created when you installed NetShield on your
administrative computer or server.

To make network administration easier, for example, you
might want to install all of your NetShield copies in the
same directory on each network node.

SETUP.ISS is simply a specially formatted text file similar
to configuration files such as WIN.INI or SYSTEM.INI. You
can open it in any text editor and change any of its
entries to suit your needs.

NOTE: Network Associates recommends that you make only
limited changes to the SETUP.ISS file. If you want
complete control over the installation process, or if you
want to specify the configuration options for each copy of
NetShield in advance, you can use ISeamless, a powerful
Network Associates scripting tool designed for this
purpose. Contact Network Associates technical support
for details.


Specifying an Installation Directory

SETUP.ISS specifies an installation directory as a value
for the variable szDir, which youll find listed beneath
the header [SdSetupType-x]. By default, this entry reads:

[SdSetupType-0]
szDir=C:\Program Files\Network Associates\NetShield NT\
Result=XXX

Possible values for XXX will normally include 301, 302, or
303, depending on which options you chose when you recorded
your initial installation.

To specify a different installation directory, replace the
path shown with the path you want. The installation
directory you specify here will override the default
installation directory on each target system.

To tell Setup to determine where to install the program
files on the target computer, add 100 to the value shown
at XXX so that, for example, 301 becomes 401. This tells
each target computer to disregard the szDir variable and
to assign a directory for the files that reflects the
organization of that computer's operating system.


Uninstalling Previous NetShield Versions

To tell Setup to remove previous NetShield versions
before installing an updated version, open SETUP.ISS
in a text editor, scroll to the bottom of the file,
then add this line:

Preserve=0

Next, save the file in text format, then quit your text
editor.

NOTE: Setup creates a unique SETUP.ISS file for each
Network Associates product on each platform. You must
use the file that corresponds to the operating system
running on the target workstation. You may not, for
example, use a SETUP.ISS file created during a
VirusScan for Windows 95 installation to control a
VirusScan for Windows NT installation.

Network Associates recommends that you use the
SETUP.ISS file you created to perform a test installation
on a single workstation before you use it to deploy
NetShield across your network.


* RUNNING A SILENT INSTALLATION *

Once you have a SETUP.ISS file that lists all of the
components and settings you want each server on your
network to have, you can replicate these settings
exactly for every NetShield copy you install.

You can run a silent installation in a variety of ways,
and with different levels of interaction with network users.
You can, for example, create a script for your users that
runs a silent NetShield installation as soon as they
connect to an authentication server, with no further
interaction beyond that needed to log in. You can also
ask your users or other administrators to run the
installation from a designated server. Still other
options include deploying NetShield through a network
management application such as Zero Administration
Client (ZAC) from Network Associates, System Management
Server (SMS) from Microsoft, or similar packages.

Whichever method you choose, you must first prepare the
NetShield package for installation, then run Setup in
its silent mode. Follow these steps:

1.  Copy the NetShield installation files from the
    NetShield CD-ROM disc or the folder on your
    administrative computer in which your store them
    to a NetShield directory on a central server.

    Your users or your network management application
    will install NetShield from this server.

2.  Locate the SETUP.ISS file stored in the NetShield
    directory on the central server. Rename or delete
    this file.

3.  Copy the SETUP.ISS file you created when you ran
    the recorded installation on your administrative
    computer to the NetShield directory on the central
    server.

    Youll find the file you need to copy in the WINDOWS
    directory on your administrative computer.

    Once you finish this step, your users or your network
    management application can run Setup in its silent
    mode to replicate the installation you recorded.

To run Setup in silent mode, include the line
<X>:\SETUP.EXE -S in any login script you write or
any instructions to your users that describe how to
run Setup.

In this line, <X> represents the path to the folder on
the server that contains the NetShield installation files
and the SETUP.ISS file you created. The -S tells Setup
to run in silent mode. By default, Setup restarts the
workstation when it has finished installing files.

If you do not want Setup to reboot each target workstation,
you must edit the SETUP.ISS file you created during your
recorded installation. Here, you would change the value
in the BootOption entry beneath the heading
[sdFinishReboot - 0] from its current value to zero (0).
This tells Setup not to force the target workstation to
reboot.

As a further step toward enforcing a consistent anti-virus
security policy across your network, you can also copy a
configuration file with the options you want your users to
have into the installation directory on each server. You
can also use password protection to prevent unauthorized
changes to the configuration settings you chose.

To preset your configuration options so that NetShield
installs with them already in place, use the Network
Associates ISeamless scripting utility. This utility
gives you complete control over installation and
configuration options. Contact your sales representative
or Network Associates technical support for details.


* COMPONENTS INSTALLED WITH NETSHIELD *

    Component                Supported Systems
    ---------                -----------------
1.  NetShield Console        Windows NT Servers
                             Windows NT Workstations
                             Windows 95 and Windows 98

2.  NetShield Task Manager   Windows NT Servers only

3.  McShield on-access       Windows NT Servers only
    scanner

3.  Alert Manager            Windows NT Servers only


* PRIMARY PROGRAM FILES FOR NETSHIELD *

Files located in the Install directory:
=======================================

1.  Installed for the Alert Manager/Console/Server:

                    README.1ST = Network Associates
                                 information
                  MCARCHIV.DLL = Archive library file
                    MCCOMM.DLL = NetWare communications
                  MCKRNL32.DLL = Cross-platform file
                     MCRPC.DLL = RPC library
                   MCRUTIL.DLL = NetWare utility library
                  MCUTIL32.DLL = Multipurpose file
                    SHUTIL.DLL = NT utility library
                  AMGRCNFG.EXE = Alert Manager configuration
                                 program
                  MCSEVSHL.EXE = Service installation
                  SCNCFG32.EXE = Task configuration
                   SCNSTAT.EXE = Task statistics
                   SHCFG32.EXE = On-access scanning
                                 configuration
                    SHSTAT.EXE = Shield status monitor
                                 program
                    SVCPWD.EXE = Service account
                                 configuration program
                  VALIDATE.EXE = McAfee file validation
                                 program
                  VIRNOTFY.EXE = Notification utility
                     WCMDR.EXE = Uninstall helper
                  MCCONSOL.HLP = Console help
                   PKGDESC.INI = Update description file
                     WCMDR.INI = Uninstall helper
                  WCMDRSIL.INI = Silent uninstall helper
                    DEISL1.ISU = Uninstall file
                   PACKING.LST = Packing list
                  NAIFILTR.SYS = System files
                  RESELLER.TXT = Network Associates
                                 authorized resellers
                  WHATSNEW.TXT = This document
   

2.  Installed for Alert Manager:

                    SAMPLE.CMD = Sample alert command file
                  DMIALERT.DLL = DMI alerting library
                  MCALSNMP.DLL = SNMP alerting
                  MCSERVIC.DLL = Service installation
                                 library
                  POWERP32.DLL = Alert manager paging
                  AMGRSRVC.EXE = Alert manager service
                                 program
                   ALRTMGR.HLP = Alert manager help file
                  ANTIVIRI.MIB = SNMP trap template
                       NAI.MIB = SNMP trap template
                    MODEMS.TXT = List of modems and
                                 initialization strings
                      OHNO.WAV = Alert message sound file
                   WARNING.WAV = Default alert sound file
                  CENTALRT.TXT = Centralized alerting file

3.  Installed for the Console:

                    SHIELD.CNT = Help link file
                  BROWSENT.DLL = NT browser library
                  INETWH16.DLL = Help file library
                  INETWH32.DLL = Help file library
                   REGEMUL.DLL = Registry emulator library
                   IMPTASK.EXE = Import task file
                  MCCONSOL.EXE = Console manager
                  MCREGEDT.EXE = McAfee registry editor
                  MCUPDATE.EXE = AutoUpdate file
                  SETBROWS.EXE = Sets default browser
                    SHIELD.HLP = On-access scanning help

4.  Installed for the NetShield Task Manager:

                    SCAN32.EXE = On-demand scanner
                  VIRUSCAN.CNT = Help link file
                     CLEAN.DAT = Virus clean definition data
                     NAMES.DAT = Virus names definition data
                      SCAN.DAT = Virus definition data
                   LICENSE.DAT = Virus definition data
                  MESSAGES.DAT = Virus definition data
                   SHLDMSG.DAT = Virus definition data 
                  MCSCAN32.DLL = Scan32 main library
                  MCSERVIC.DLL = Service installation
                                 library
                  VSTSKMGR.EXE = NetShield Task Manager
                                 service
                  MCSHIELD.EXE = NetShield on-access service
                    NAIANN.DLL = Library file that handles
                                 communications between the
                                 McShield service and the
                                 Task Manager service
                  VIRUSCAN.HLP = Scan 32 help
    NETSHIELD ACTIVITY LOG.TXT = NetShield Activity Log
                   DEFAULT.VSC = Default scan32 values

Files located in %SYSTEMROOT%\SYSTEM32:
=======================================

1.  Installed for the Console/Server/Alert Manager:

                   CTL3D32.DLL = 32-bit 3D Windows
                                 controls library
                   DSSDATA.DLL = on-access scanning library


Files located in %SYSTEMROOT%\SYSTEM32\DRIVERS:
=============================================== 

1.  Installed for the on-access scanner:

                  NAIFSREC.SYS = System files

* TESTING YOUR INSTALLATION *

The Eicar Standard AntiVirus Test File is a combined effort
by anti-virus vendors throughout the world to implement one
standard by which customers can verify their anti-virus
installations.

To test your installation, copy the following line into its
own file, then save the file with the name EICAR.COM.

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

The file size will be 69 or 70 bytes.

Next, start your anti-virus software and allow it to scan
the directory that contains EICAR.COM. When your software
scans this file, it will report finding the
EICAR virus.

Note that this file is NOT A VIRUS. Delete the file
when you have finished testing your installation to
avoid alarming unsuspecting users.


* UNINSTALLING NETSHIELD *

To remove NetShield from your server, run the
uninstallation utility that comes with the program. You can
run this utility in normal or "silent" mode. To do so,
follow these steps:

1.  Open a Command Prompt window in Windows NT.

2.  Type either of these lines at the command line:

    a. To uninstall NetShield with no special options, type

        X:\Progra~1\Networ~1\NetShi~1\wcmdr.exe

        followed by this argument:
 
        -iD:\PROGRA~1\NETWOR~1\NETSHI~1\wcmdr.ini

        Here X: represents the drive on which you have
        NetShield installed. If you have installed NetShield
        to a different drive or directory, substitute the
        correct path at the command line. Both the command
        and its argument should appear on the same line.

    b.  To uninstall NetShield "silently," type:

        X:\Program Files\Network Associates\NetSheild NT\wcmdr.exe

        followed by this argument:

        -iD:\PROGRA~1\NETWOR~1\NETSHI~1\wcmdrsil.ini

        Again, X: represents the drive on which you have
        NetShield installed. If you have installed NetShield
        to a different drive or directory, substitute the
        correct path at the command line. Both the command
        and its argument should appear on the same line.

* UNINSTALLING NETSHIELD WITHOUT THE UNINSTALLATION UTILITY *

1.  Before starting, follow these two substeps:

    a. Run the Windows NT utility RDISK to create an
       emergency repair disk.

    b. Run the command UNLODCTR MCSHIELD from the Windows NT
       command line to stop the registry from recording
       performance counter information for the McShield
       service.

2.  Open the Windows NT Services Control Panel, then stop
    the Network Associates Task Manager service, the
    Network Associates McShield service, and the Network
    Associates AlertManager service.

3.  Stop the NetShield console if it is running.

4.  Use the NT Task Manager to end the SHSTAT process.

5.  If you use SNMP, stop the SNMP service in
    Control Panel/Services.

6.  Delete the NetShield installation directory (the
    directory that contains the NetShield executables).

7.  Delete this device driver file from %SYSTEMROOT%
    \SYSTEM32\DRIVERS

    NAIFSREC.SYS

    Delete this file from %SYSTEMROOT%\SYSTEM32\
    
    DSSDATA.DLL
 
8.  If you are using Windows NT 4.0 and if NetShield was
    set to load at startup, remove the following registry
    keys:

    HKLM\software\microsoft\windows\CurrentVersion\Run
     \Shstatexe
    HKLM\software\microsoft\windows\CurrentVersion
     \uninstall\NetShield NT

9.  Remove NetShield installation registry keys:
    HKLM\software\mcafee\mcalsnmp
    HKLM\software\network associates\Netshield NT
    HKLM\software\mcafee\virusscan
    HKLM\software\mcafee\alertmanager (Do not remove this
                                       key if you have
                                       other Network
                                       Associates products
                                       installed that use
                                       Alertmanager.)

10. Remove NetShield device driver and service registry
    keys:
    HKLM\system\CurrentControlSet\Services\Alertmanager 
    HKLM\system\CurrentControlSet\Services\NaiFilter
    HKLM\system\CurrentControlSet\Services\NaiFsrec
    HKLM\system\CurrentControlSet\Services\McShield
    HKLM\system\CurrentControlSet\Services\McTaskManager

11. If you are using Windows NT 4.0 and the
    context-sensitive scanning option was installed, remove
    the following registry keys:
    HKLM\software\classes\comfile\shell\virusscan
    HKLM\software\classes\directory\shell\virusscan
    HKLM\software\classes\drive\shell\virusscan
    HKLM\software\classes\exefile\shell\virusscan
    HKLM\software\classes\word.document.6\shell\virusscan
    HKLM\software\classes\word.document.8\shell\virusscan
    HKLM\software\classes\word.template\shell\virusscan

12. If you are using Windows NT 4.0 and you want to remove
    the Scan for Viruses right-click option, remove the
    following registry keys:
    HKCR\comfile\shell\VirusScan
    HKCR\Directory\shell\VirusScan
    HKCR\Drive\shell\VirusScan
    HKCR\exefile\shell\VirusScan
    HKCR\Excel.Addin\shell\VirusScan
    HKCR\Excel.Chart.5\shell\VirusScan
    HKCR\Excel.Macrosheet\shell\VirusScan
    HKCR\Excel.Sheet.5\shell\VirusScan
    HKCR\Excel.Template\shell\VirusScan
    HKCR\Excel.Workspace\shell\VirusScan
    HKCR\Excel.XLL\shell\VirusScan
    HKCR\exefile\shell\VirusScan
    HKCR\WinZip\shell\VirusScan
    HKCR\Word.Document.6\shell\VirusScan
    HKCR\Word.Template\shell\VirusScan

13. To remove SNMP extension agent, remove the following
    registry value:
    HKLM\system\CurrentControlSet\services\SNMP\parameters\
    ExtensionAgent\McAlSNMP

14. Since entries in HkeyClassesRoot are not derived
    from a hive, it is unneccessary to delete these keys
    manually. When you reboot, NetShield-specific keys
    under HkeyClassesRoot will be removed.

15. Reboot the system.


* CREATING AN EMERGENCY DISK *

This version of NetShield NT includes a utility that allows
you to create an emergency boot disk that can scan your
NetShield server for boot-sector viruses. Use this disk to
restart your server if NetShield detects a boot-sector 
virus during installation, or to scan for boot-sector or
memory-resident viruses any time thereafter.

The emergency disk utility consists of a floppy disk image
file (EDISK.IMG), a disk-copy program (NAIDSKIM.EXE), and
a batch file (MAKEDISK.BAT) that starts the utility to copy
the disk image.

To create the emergency disk, follow these steps:

1.  Click Start in the Windows taskbar, then choose Run.

2.  Click Browse in the Run dialog box to open a dialog box
    you can use to locate the file MAKEDISK.BAT. You'll find
    this file in the \NetShield\EDU directory.

3.  Choose the file, then click OK in the Run dialog box
    to start the batch file.

    The batch file will open a Command Line Prompt window
    and will ask you to insert a write-capable floppy disk
    into your floppy drive.

4.  Insert a blank, unlocked floppy disk into your floppy
    drive, then press any key on your keyboard to continue.

    MAKEDISK.BAT will copy these files onto the floppy disk:

    AUTOEXEC.BAT
    BIOS.SYS
    BOOTSCAN.EXE
    CLEAN.DAT
    COMMAND.COM
    GETREPLY.EXE
    KERNEL.SYS
    NAMES.DAT
    SCAN.DAT

5.  When the batch file has finished, press any key on your
    keyboard to continue.

6.  Click the close box in the upper right corner of the 
    Command Prompt window to exit.

7.  Copy to the disk you just created any other utilities
    you need to start your computer, debug your system
    software, manage any extended or expanded memory you
    have, or perform other tasks at startup. If you use a
    disk compression utility, be sure to copy the drivers
    you need to uncompress your files.

8.  When you have finished copying files to the emergency
    disk, remove it from your floppy drive, label it, lock
    it, and store it in a safe place.

    NOTE: A locked floppy disk shows two holes near the edge
    of the disk opposite the metal shutter. If you dont see
    two holes, look for a plastic sliding tab at one of the
    disk corners, then slide the tab until it locks in an
    open position. Because no software can save to a locked
    disk, viruses cannot infect files stored on one.

__________________________
FREQUENTLY ASKED QUESTIONS

Regularly updated lists of frequently asked questions 
about Network Associates products also are available on
the Network Associates BBS and website, and on CompuServe
and America Online.


Q: How can I scan mapped Novell drives with scheduled
   on-demand scans?

A: If you want to scan any Novell-server drives
   (mapped or via UNC) from scheduled tasks, you must
   create the same account/password on the Novell server
   as used by NetShield services on your Windows NT server.


Q:  As an administrator, how can I scan private
    directories that are accessible only to
    individual users?

A:  On-demand (scheduled) scans are launched by the
    NetShield Task Manager service. If you specify a
    user name and password for the service, then the
    scheduled scan will only scan directories for which the
    service name has privileges. If no user name was
    specified, then the service has SYSTEM privileges.

    To perform an on-demand, or scheduled, scan of
    private directories, the NetShield Task Manager
    service must have access to these private areas.
    Following are two ways to address this issue:

    Solution A:

    1. Create a custom user name to be used by the Service.
    2. Give this user name privileges to access the private
       spaces.

       Considerations with Solution A:

       This account can be used to access the private
       directories. To prepare these directories with proper
       rights, open a DOS prompt and enter:

       CACLS /E /G (domain name)\(service account name)

       Enter CACLS at the DOS prompt to get a complete list
       of options. 

    Solution B:
    1. Do not associate a user name to the Service.
    2. Give SYSTEM privileges to access the private spaces.

       Considerations with Solution B:
       Someone could create or use a Service to access your
       information.

    Network Associates recommends Solution B as a more
    secure solution.


Q:  NetShield will not perform an on-demand (scheduled)
    scan of some network drives. Why?

A:  It is possible that the user name you are using for
    the NetShield Task Manager service does not have
    sufficient rights to scan the drives in question. To
    verify whether this is the issue, connect to each drive
    using the user name and password utilized by the
    NetShield Task Manager service from the server where
    the service is running. Confirm that this user name has
    rights on the device by manually running an on-demand
    scan. If you can scan the device while you're logged in,
    then the service should also be able to do it as a
    scheduled scan. When scanning remote locations, Network
    Associates recommends using the UNC path for scheduled
    tasks.

Q:  My scheduled tasks do not run when the NetShield Task
    Manager service is stopped. Why?

A:  The NetShield Task Manager service is responsible for
    starting scheduled on-demand tasks and AutoUpdate tasks.
    If the NetShield Task Manager service is stopped, all of
    these tasks are disabled.

Q:  Can I update NetShield's data files to detect
    new viruses?

A:  Yes, NetShield now includes the Network Associates
    AutoUpdate and AutoUpgrade components, which offer
    powerful updating capabilities that ensure that you
    have the latest NetShield files installed. AutoUpdate
    can automatically update the NetShield data (.DAT)
    files the program uses to detect viruses. AutoUpgrade
    can automatically download new NetShield program
    versions.

    If you need additional assistance with downloading,
    contact Network Associates Download Support at
    (408) 988-3832.


Q:  Does NetShield protect users accessing files accessed
    on my web server or FTP server on this system?

A:  Yes, NetShield detects infections in files transferred
    with Microsoft Internet Information Server (IIS). This
    protects remote users accessing files via HTTP or FTP.


Q:  How do I disable NetShield's on-access scanner?

A:  You can now enable or disable the on-access scanning
    component in NetShield NT both from the graphical user
    interface and from an NT Command Prompt window. To
    learn how to do so, see item 12 in "Additional
    Information" later in this file.

Q:  Can I run a silent installation that removes previous
    NetShield versions before Setup installs a new
    NetShield version?

A:  Yes. To do so, however, you must edit the SETUP.ISS
    file you create when you record your initial
    installation. To learn how to do so, see "Editing
    the SETUP.ISS File" earlier in this file.

______________________
ADDITIONAL INFORMATION

1.  After completing your installation or upgrade of
    NetShield, Network Associates recommends that you
    reboot your computer before you start NetShield. 

2.  NetShield automatically excludes a Microsoft Exchange
    database directory if the following Windows NT Registry
    key exists:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
    \MSExchangeIS\ParametersSystem\DB Log

    This entry allows NetShield Task Manager service to look
    for Microsoft Exchange Server each time it starts. This
    exclusion is needed to avoid potential mail database
    corruption in the event that NetShield detects an
    infected file.

    Note: If Microsoft Exchange Server is installed, an
    entry will be visible in the NetShield Properties
    Exclusions tab.

3.  SVCPWD.EXE is a utility for setting or changing
    usernames and passwords that the Network Associates
    services use.

    SVCPWD requests one command-line parameter which is a
    filename (e.g., computers.txt). Use SVCPWD /? to get
    additional information about command-line options.
    This file (e.g., computers.txt) contains a list of all
    the computers that you want to modify the service
    accounts (username and password)for.

    Example:

    \\COMPUTER1
    \\COMPUTER2
    \\SERVER

    Start the SVCPWD utility by entering the file as
    command-line (i.e. SVCPWD computers.txt). This utility
    contacts all the computers via the network and changes
    the username and password originally given to the
    Network Associates service. The username and password
    are changed to the value that you set when you start
    the utility. All service accounts must be set to user
    "LocalSystem". If a domain\username is entered, then
    the SVCPWD utility will require a password for the
    domain\username.

    When this is completed, the utility contacts all the
    computers and changes the settings.

    Note 1: The domain\username that is used by the services
            needs to be an administrative account.

    Note 2: The person running this utility must have an
            administrative account for all the computers
            that require such changes.

    Note 3: Do not run this utility during an on-demand
            scan operation.

4.  When using an ISeamless Install Script, and running
    setup in standard or silent mode without any parameters,
    setup requires that the custom installation file
    produced by ISeamless be named admin.sis or oem.sis.

5.  If NetShield finds an older version of the file
    WININET.DLL during installation, it upgrades the file
    to the current version.

6.  If you are running any other anti-virus product on the
    system, please exclude that product's installation
    directory within the NetShield Properties Exclusions
    tab.

7.  When installing NetShield to remote systems on your
    network, the destination systems must have a proper 
    security relationship (i.e., they must reside on the 
    same domain or share a trust relationship, and the
    account being used must have Administrator privileges on
    the machine being installed to) with the system you are
    performing the installation from. If the computers do
    not have a proper security relationship, the remote
    installation will not be performed properly.

8.  If compressed file scanning is turned on, NetShield 
    temporarily uses additional hard disk space when
    scanning compressed files (i.e., ZIP, LZH/LHA, UUENCODE,
    etc.).

9.  When performing a silent installation using the default
    SETUP.ISS file, via either AutoUpgrade or the command
    setup -s, your service user resets to the LocalSystem
    account and the server reboots if necessary when the
    installation is completed. If you wish to keep your
    settings, record your own SETUP.ISS file for use during
    silent installations (see the NetShield User's Guide for
    detailed information on creating your own setup.iss
    file).

10. By default, NetShield's on-access scanning component
    does not have heuristic scanning activated. You can
    activate this feature by entering the values shown for
    the REG_DWORD entries in these registry keys:

    HKLM\McAfee\VirusScan\McShield\CurrentVersion
      dwMacroHeuristicsLevel:REG_DWORD:0 or 1
      dwProgramHeuristicsLevel:REG_DWORD:0 or 1

11. The new NAI.MIB and ANTIVIRI.MIB files included with
    this release improve the data reporting capabilities of
    SNMP traps sent via Alert Manager. You can compile these
    files into your SNMP management utility so that the
    utility can decode traps sent from Alert Manager. Some
    SNMP managers also allow you to write scripts that will
    act on the information received via the SNMP traps.

    New alert items include:

    ALERT NAME                     WHAT IT REPORTS    

    naiTrapAgent                   Names the agent that 
                                    sent the trap
    naiTrapAgentVersion            Gives the version of the
                                    agent
    naiTrapSeverity                Gives the severity code
                                    the alert message
    naiTrapDescription             Describes the trap
    naiTrapAlarmSourceAddress      Gives the IP or IPX
                                    address of the computer
                                    that sends the trap
    naiTrapAlarmSourceDNSName      Lists the fully qualified
                                    DNS name or computer
                                    name
    naiTrapGMTTime                 Lists the GMT time at
                                    which the alert
                                    generation occurred
    naiTrapLocalTime               Lists the time local to
                                    the computer that 
                                    generated the trap
    naiTrapURL                     Gives a URL link to an
                                    HTML or FTP file
    naiTrapPseudoID                Lists the Pseudo Trap ID
                                    or Message ID for the
                                    generated trap
    naiAntiVirusTrapAgentUser      Lists the name of the
                                    active user account
                                    that generated the trap
    naiAntiVirusTrapInfectedFile   Names the infected file
                                    that caused the computer
                                    to generate a trap
    naiAntiVirusTrapVirusName      Names the infecting virus
    naiAntiVirusTrapTaskName       Names the active task
                                    that generated the trap
    naiAntiVirusTrapStatus         Gives the status of the
                                    file that caused the
                                    computer to send a trap
    naiAntiVirusTrapOS             Lists the active
                                    operating system on the
                                    computer that sent the
                                    trap
    naiAntiVirusTrapEngineVersion  Lists the version number
                                    of the NetShield scan
                                    engine
    naiAntiVirusTrapDATVersion     Lists the version number
                                    of the current .DAT file

12. To enable or disable NetShield NT's on-access scanning
    component, you can use one of these methods:

    - If you have installed NetShield on your local NT
      server, you can disable on-access scanning from the
      NetShield graphical user interface. You cannot use
      this method if you have installed NetShield on a
      remote server. To disable on-access scanning, first
      verify that the NetShield NT shield icon appears in
      your system tray to the left of the clock.

      If the icon appears there, right-click it to display
      a shortcut menu, then choose Disable. The icon will
      appear with a red line through it, which indicates
      that on-access scanning is disabled. To enable
      on-access scanning again, right-click the icon,
      then choose Enable from the shortcut menu.

      If the icon does not appear in your system tray,
      verify that you have installed the on-access
      component correctly.

    - If you have installed NetShield on your local NT
      server, you can also disable on-access scanning from
      a Windows NT Command Prompt window. You cannot use
      this method if you have installed NetShield on a
      remote server. To disable on-access scanning, open
      a Command Prompt window, then type:
  
      SHSTAT.EXE -DISABLE

      To enable on-access scanning again, type

      SHSTAT.EXE -ENABLE
  
      at the prompt.

    - If you have installed NetShield NT on your local
      NT server OR on a remote server, you can disable
      and enable on-access scanning from NetShield's
      AntiVirus Console. To do so, open the Console, then
      log on, if necessary, to the NetShield NT server
      with the active on-access scanning component you
      want to disable.

      Next, select the NetShield On-Access Monitor task
      in the task list, then click the Stop button in the
      Console toolbar, or choose Disable from the
      Console's Scan menu. To enable the on-access
      component again, select the On-Access Monitor task,
      then click the Play button in the Console toolbar,
      or choose Enable from the Console's Task menu.

13. To enable NetShield to scan network drives, start the
    Windows registry editor, then locate this key:

    HKLM\SOFTWARE\McAfee\VirusScan\McShield\CurrentVersion

    Change the value for the bNetworkScanEnabled key from
    0 to 1 to enable this feature. To disable the feature,
    change the value back to 0.

    NOTE: Network Associates recommends that you leave this
    feature disabled, and that you use NetShield to scan
    incoming and outgoing network traffic for the host
    server.

14. If you schedule an AutoUpdate or AutoUpgrade session
    that downloads the installation package from a NetWare
    server to an NT system, you can use the optional
    File Copy Utility shipped with NetShield. To install
    this component, you must choose it as a Custom
    installation option during Setup. To learn more about
    this component, contact your PrimeSupport
    representative.

_____________
DOCUMENTATION

For more information, refer to the users guides for each
product included on the CD-ROM or available from Network
Associates electronic services. Each product user's guide
is saved in Adobe Acrobat Portable Document Format (.PDF).
You can view and print this document with Adobe's Acrobat
Reader. PDF files can include hypertext links and other
navigation features to assist you in finding answers to
questions about your Network Associates product.

To download Adobe Acrobat Reader from the World Wide Web,
visit Adobe's website at:

http://www.adobe.com/prodindex/acrobat/readstep.html

To download documentation for Network Associates anti-virus
software, visit the Network Associates FTP site at:

ftp://www.nai.com/pub/manuals/total_virus_defense

Additional contact information appears in the following
section.

Documentation feedback is welcome. Send e-mail to
tvd_documentation@nai.com.

_____________________________
CONTACTING NETWORK ASSOCIATES

On December 1, 1997, McAfee Associates merged with
Network General Corporation, Pretty Good Privacy, Inc.,
and Helix Software, Inc. to form Network Associates, Inc.
The combined Company subsequently acquired Dr Solomon's
Software and CyberMedia, Inc.

Network Associates continues to market and support the
product lines from each of the former entities. You may
direct all questions, comments and technical support
requests to the Network Associates Customer Care department
at any of the addresses or phone numbers listed below.

Contact the Network Associates Customer Care
department at: 

1.  Phone (408) 988-3832
    Monday-Friday, 6:00 A.M. - 6:00 P.M. Pacific time

2.  Fax (408) 970-9727
    24-hour, Group III Fax 

3.  Fax-back automated response system (408) 346-3414

 
Send correspondence to any of the following Network
Associates locations:
  
     Network Associates Corporate Headquarters  
     3965 Freedom Circle
     McCandless Towers   
     Santa Clara, CA 95054

     Phone numbers for corporate-licensed customers:
     Phone: (408) 988-3832
     Fax:   (408) 970-9727

     Phone numbers for retail-licensed customers:
     Phone: (972) 278-6100
     Fax:   (408) 970-9727

Network Associates offices outside the United States:

     Network Associates Australia
     Level 1, 500 Pacific Highway
     St. Leonards, NSW
     Sydney, Australia 2065
     Phone: 61-2-8425-4200
     Fax:   61-2-9439-5166 

     Network Associates Austria
     Pulvermuehlstrasse 17
     Linz, Austria
     Postal Code A-4040
     Phone: 43-732-757-244
     Fax:   43-732-757-244-20

     Network Associates Belgium
     Bessenveldtstraat 25a
     Diegem, Belgium - 1831
     Phone: 32-3-716-4070
     Fax:   61-2-716-4770

     Network Associates do Brasil
     Rua Geraldo Flausino Gomez 78
     Cj. - 51 Brooklin Novo - So Paulo
     SP - 04575-060 - Brasil
     Phone:  (55 11) 5505 1009
     Fax:    (55 11) 5505 1006

     Network Associates Canada
     139 Main Street, Suite 201
     Unionville, Ontario
     Canada L3R 2G6
     Phone: (905) 479-4189
     Fax:   (905) 479-4540

     Network Associates People's Republic of China
     New Century Office Tower, Room 1557
     No. 6 Southern Road Capitol Gym 
     Beijing
     People's Republic of China 100044
     Phone: 86 10 6849-2650
     Fax:   86 10 6849-2069

     NA Network Associates Oy
     Sinikalliontie 9, 3rd Floor
     02630 Espoo
     Finland
     Phone: 358 9 5270 70
     Fax:   358 9 5270 7100

     Network Associates France S.A.   
     50 Rue de Londres    
     75008 Paris     
     France
     Phone: 33 1 44 908 737
     Fax:   33 1 45 227 554  

     Network Associates GmbH
     Ohmstrae 1
     D-85716 Unterschleiheim
     Deutschland
     Phone: 49 (0)89/3707-0
     Fax:   49 (0)89/3707-1199


     Network Associates Hong Kong
     19th Floor, Matheson Centre
     3 Matheson Way
     Causeway Bay
     Hong Kong 63225
     Phone: 852-2832-9525
     Fax:   852-2832-9530

     Network Associates Srl
     Centro Direzionale Summit     
     Palazzo D/1
     Via Brescia, 28
     20063 - Cernusco sul Naviglio (MI)
     ITALY  
     Phone: 39 (0)2 9214 1555   
     Fax:   39 (0)2 9214 1644

     Network Associates Japan, Inc.
     Toranomon 33 Mori Bldg.
     3-8-21 Toranomon Minato-ku
     Tokyo 105-0001 Japan
     Phone: 81 3 5408 0700
     Fax:   81 3 5408 0780

     Network Associates Latin America
     150 South Pine Island Road, Suite 205
     Plantation, Florida 33324
     United States
     Phone: (954) 452-1731
     Fax:   (954) 236-8031

     Network Associates de Mexico
     Andres Bello No. 10, 4 Piso
     4th Floor
     Col. Polanco
     Mexico City, Mexico D.F. 11560
     Phone: (525) 282-9180
     Fax:   (525) 282-9183

     Network Associates International B.V.   
     Gatwickstraat 25   
     1043 GL Amsterdam    
     The Netherlands    
     Phone: 31 20 586 6100
     Fax:   31 20 586 6101

     Network Associates Portugal
     Av. da Liberdade, 114
     1269-046 Lisboa
     Portugal
     Phone:  351 1 340 4543
     Fax:    351 1 340 4575

     Net Tools Network Associates South Africa
     Bardev House, St. Andrews
     Meadowbrook Lane
     Epson Downs, P.O. Box 7062
     Bryanston, Johannesburg
     South Africa 2021
     Phone: 27 11 706-1629
     Fax:   27 11 706-1569

     Network Associates South East Asia
     78 Shenton Way
     #29-02
     Singapore 079120
     Phone: 65 222-7555
     Fax:   65 222-7555

     Network Associates Spain
     Orense 4, 4a Planta.
     Edificio Trieste
     28020 Madrid
     Spain
     Phone: 34 91 598 18 00
     Fax:   34 91 556 14 04

     Network Associates Sweden
     Datavgen 3A
     Box 596
     S-175 26 Jrflla
     Sweden
     Phone: 46 (0) 8 580 88 400
     Fax:   46 (0) 8 580 88 405

     Network Associates AG
     Baeulerwisenstrasse 3
     8152 Glattbrugg
     Switzerland
     Phone: 0041 1 808 99 66
     Fax:   0041 1 808 99 77

     Network Associates Taiwan
     Suite 6, 11F
     No. 188, Sec. 5
     Nan King E. Rd.
     Taipei, Taiwan, Republic of China
     Phone: 886-2-27-474-8800
     Fax:   886-2-27-635-5864

     Network Associates International Ltd.
     Minton Place, Victoria Street
     Windsor, Berkshire
     SL4 1EG
     United Kingdom
     Phone: 44 (0)1753 827 500
     Fax:   44 (0)1753 827 520


Or, you can receive online assistance through any
of the following resources:

 1.  Internet E-mail: support@nai.com

 2.  Internet FTP: ftp.nai.com

 3.  World Wide Web: http://support.nai.com

 4.  America Online: keyword MCAFEE

 5.  CompuServe: GO NAI

To provide the answers you need quickly and efficiently,
the Network Associates technical support staff needs
some information about your computer and your software.
Please have this information ready when you call:
                          
 - Program name and version number
 - Computer brand and model
 - Any additional hardware or peripherals connected to
   your computer
 - Operating system type and version numbers
 - Network name, operating system, and version
 - Network card installed, where applicable
 - Modem manufacturer, model, and baud, where applicable
 - Relevant browsers or applications and their version 
   numbers, where applicable
 - How to reproduce your problem: when it occurs, whether
   you can reproduce it regularly, and under what 
   conditions
 - Information needed to contact you by voice, fax, or 
   e-mail

We also seek and appreciate general feedback.

 
* FOR PRODUCT UPGRADES *

To make it easier for you to receive and use Network
Associates products, we have established a reseller's
program to provide service, sales, and support for our
products worldwide. For a listing of resellers, see the
resellers.txt file or contact Network Associates
Customer Care for resellers near you.

 
* FOR REPORTING PROBLEMS *

Network Associates prides itself on delivering a
high-quality product. If you find any problems, please
take a moment to review the contents of this file. If
the problem you've encountered is documented, there is
no need to report the problem to Network Associates.

If you find any feature that does not appear to
function properly on your system, or if you believe
an application would benefit greatly from enhancement,
please contact Network Associates with your suggestions
or concerns.


* FOR ON-SITE TRAINING INFORMATION *

Contact Network Associates Customer Service at
(800) 338-8754.


* NETWORK ASSOCIATES BETA SITE *

Get pre-release software, including .DAT files, through
http://www.avertlabs.com. You will have access to Public
Beta and External Test Areas. Your feedback will make
a difference.