NETSCAN v63-B by McAfee Assoc. REGISTRATION $ ..... UTIL JUL90 NETSCAN MCAFEE VIRUS PROTECTION FILES: netsc63b.sdn NETSCAN is the network version of VIRUSCAN. It scans network virtual drives and identifies any pre-existing PC virus infection in the file servers. NETSCAN will indicate the specific files or system areas that are infected and will identify the virus strain which has caused the infection. Removal can then be done manually or, if the infection is widespread, automatic removal utilities are available which can disinfect each virus strain. NETSCAN version V63, when used in conjunction with VIRUSCAN on the individual workstations, can identify 97 major virus strains and numerous sub-varieties for each strain. The 97 viruses include the twelve most common viruses which account for over 95% of all reported PC infections. The complete list of viruses detected is included in the accompanying file: VIRLIST.TXT. It is important to note that existing virus strains can be grouped and counted differently than the ordering outlined in VIRLIST.TXT. DEN ZUK, for example has two separate versions. Likewise, the STONED, VIENNA, ALAMEDA and JERUSALEM-B viruses have been modified a number of times. Some researchers would define each of these modifications, or sub-varieties, as separate viruses. NETSCAN chooses to group them as the same virus, because the same scan string can identify each of them. This is only done if disinfection requirements for the different sub-varieties are identical. If removal procedures differ for different varieties, then NETSCAN will differentiate between them. These viruses infect one of the following areas: The hard disk partition table; the DOS boot sector of hard disks or floppies; or one or more executable files within the system. The executable files may be operating system programs, system device drivers, .COM files, .EXE files, overlay files or any other file which can be loaded into memory and executed. NETSCAN, when used in conjunction with VIRUSCAN on the workstations, identifies every area or file that has become infected and indicates the name of the virus that has infected each file. (SDA format (c)Copyright 1990 The SDN Project - SDNet/Works!)