Powertech Antivirus

NOTE: In versions 4.3 and earlier, Powertech Antivirus was called Stand Guard Anti-Virus.

November 2024

Version 6.3 (6.2.0 Powertech Antivirus Unix/Linux Endpoints)

November 6, 2024

IMPORTANT: This will be the last PTAV Server release that supports Red Hat 7. Red Hat 9 support will follow in the next release.
New Features
  • The Insite migration tools have been removed from the install package. They are now available from the Powertech Antivirus Server download page on the Fortra Support portal.

  • The install package is now self-contained and the need to download PostgreSQL and Java from the Fortra Support portal during installation has been removed. This also removes the need for air-gapped installation steps.

  • The PTAV Server now permits compatible endpoints (version 6.3.0 and above) to pass tags during the registration process. The tag names are case-insensitive and missing tags are created upon registration.

  • Scheduled scans and reports can now be targeted at a subset of endpoints based on individual endpoint tag names. You can preview the endpoints that the chosen filter (both endpoint names and tags) targets.

  • When attempting to set up an SMTP email connection, additional logging is enabled when the “Validate Email Connection” button is pressed. This will assist in diagnosing connection problems. The logging is directed into the file ptavws.log.

  • A new report type "Endpoint Status" has been added. This report can be tailored to include various fields representing the current state of an endpoint.

  • The reports table can be filtered based upon the type of report.

Enhancements
  • The PTAV User Interface has been updated to give it a more modern look and feel.

  • Installer refinements have been made to simplify the output and reduce the number of prompts presented to the user.

  • The Java runtime environment has been upgraded to 11.0.24.

  • PostgreSQL has been upgraded to 13.16.

  • Apache Tomcat has been upgraded to 9.0.91.

  • Flyway database migration tool is upgraded to 9.22.3.

  • Other various library upgrades have been made to address vulnerabilities.

Fixes
  • If an antivirus scan fails abnormally the update message sent to the PTAV server is now processed as expected.

April 2024

Version 6.2 (6.2.0 Powertech Antivirus Unix/Linux Endpoints)

April 4, 2024

New Features
  • Powertech Antivirus now automatically supplies dashboarding capabilities to HelpSystems One upon registration.

  • Extended support for IBM i endpoints:

    • Anti-ransomware functionality can now be configured for IBM i endpoints. *Requires version 8.10 (R8M10) or higher of the Powertech Antivirus for IBM i software to be installed on the IBM i system. This version is planned for release in Q2 2024.

    • IBM i endpoint now provides an on-access scan configuration.

    • On-Demand scans for the IBM i now support the configuration values "Run Priority" and "Log Level".

  • Users can now download PDF reports without the need to email them.

  • Support for Linux/Unix endpoints has been enhanced:

    • The On-Demand scan configurations now allow the user to specify file extensions to be excluded by specifying the Exclude parameter as: *.dbf:*.log:*.ctl.

    • The On-Demand scan configuration now allows users to configure the number of threads used to run during a scan. This requires Endpoint version 6.3.0 which is not yet released.

Enhancements
  • Java runtime environment has been upgraded to 11.0.20.

  • Postgres has been upgraded to 12.18.

  • Kafka has been upgraded to version 3.5.1.

  • Apache Tomcat has been upgraded to 9.0.85.

  • The server used to provide DAT updates via https and sftp has been upgraded to support TLS 1.2.

  • Powertech Antivirus now creates self-signed certificates that can be trusted by client browsers. Documentation has been added to assist customers who wish to replace the self-signed certificates.

  • Support has been added for discreet control over the command used to initiate SMTP connections over TLS.

  • Powertech Antivirus Server can now send email notifications to servers that require a TLS 1.2 connection.

  • Info level Apache Tomcat logging is now enabled by default. Logs are created in /opt/ptavwebsvc/logs with filenames prefixed with Apache Tomcat.

  • The presentation of the side forms in the user interface has been enhanced to reflect our current corporate standard.

  • Reports have been rebranded to use the Fortra logo.

  • The User Guide now contains instructions on how to configure digital certificates for the browser-based user interface and avoiding the certificate warnings from browsers.

  • The User Guide has been expanded to provide more information about managing IBM i endpoints with Powertech Antivirus Server.

July 2023

Version 6.12 (6.2.0 Powertech Antivirus Unix/Linux Endpoints)

July 19, 2023

Enhancements
  • Library updates including:

    • Java 11.0.18

    • Tomcat 9.0.73

    • PostgreSQL 11.19

    • Kafka 2.8.2 + reload4j fixes

May 2023

Version 6.11 (6.2.0 Powertech Antivirus Unix/Linux Endpoints)

May 17, 2023

Enhancements
  • The PTAV scanners have been updated to use version 6600 of the Trellix (formerly McAfee) Anti-Malware engine. Changes include: scanning capability for the DEX file-type, new PDF 256-bit AES and RC4 40-bit encryption support, scanning capability for the APK file-type, extended AutoIT 2.x support, improved handling of manipulated MIME headers, improved DMG extraction support to include the APFS filesystem and UDRW format, expansion of hit-type limits to target more malware families, OpenSSL libraries are no longer used, multiple bug fixes and minor feature enhancements.

  • Endpoint installer packages now decompress DAT files during install/upgrade to improve scanner startup time. DAT updates pushed down from the PTAV web service also instruct this decompression. Product install requirements have been updated to recommend increased disk space for the decompression procedure.

  • On-access tracing state will now persist across service restarts.

  • The avupdate tool now has a decompress option to ensure DAT updates result in an optimized DAT set format that loads as fast as possible.

  • The sample script for notifications that is shipped with the product has been modified so that emails sent by using the script will use a formally correct example sender's address, powertech.antivirus_donotreply@yourorganization.com.

  • A log file (avscan.log) for the on-demand scanner (avscan) is now configured by default, and would include infected filenames. A new install would include this configuration, but upgrades might need some manual configuration changes to zlog.conf; see the README file in the endpoint installation for more information.

  • On endpoints running on AIX, when the sample script for notifications, notify-example.sh, was used, it sent email that included a blank instead of the system name in the subject line. This has been corrected. The subject line now does include the system name for notification emails sent from AIX systems through use of the new PTAV_HOSTNAME environment variable.

Updates
  • Endpoint disk space requirements have been increased to 2 GB disk space in /opt, 2.5 GB is recommended.

  • Endpoint installer metadata and tools have been rebranded to Fortra. An updated Fortra SLSA is included in the endpoint install.

  • "McAfee" references have been rebranded to "Trellix" in the endpoint.

Fixes
  • Fixed the condition that causes the error “failed to add fanotify mark for path '0'” on Linux.

  • The avsysinfo script has been fixed for syntax errors on Solaris 10.

  • A fix has been applied to the on-access service to avoid notifiers preventing the safe shutdown of avsvc.

  • The on-access infections count has been corrected for cases where an infected file is cleaned. The SCAN trace message has been updated to show an additional internal counter.

  • Fixed bug in reporting completion and reaping session files for on-demand scans that were started prior to an avinsite restart - that had failed or were cancelled.

March 2023

Version 6.11 (Powertech Antivirus for HelpSystems One)

March 29, 2023

Fixes
  • Fixed an issue in the 6.1 release where lists that should contain items, such as Configurations, are empty and the following error appears in the ptavws.log file:

    "ERROR com.helpsystems.robotweb.server.WebErrorHandler - General exception: Handler dispatch failed; nested exception is java.lang.IncompatibleClassChangeError: Expected non-static field org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.logger".

June 2022

Version 6.1 (Powertech Antivirus for HelpSystems One)

June 27, 2022

New Features
  • Powertech Antivirus now supports IBM i endpoints. The majority of the functionality available through the Powertech Antivirus for IBM i green screen software is available, including:

    • display of antivirus status;

    • scheduled on-demand scans;

    • scheduled scan reports;

    • management of on-demand scan configurations;

    • quarantine management.

  • Tags can now be created and assigned to endpoints. Users can configure tags and use them to filter and search endpoints.

  • A new prechecker script is available. The script can be run prior to installation, and verifies that:

    • required perl modules are installed;

    • the system has access to the HelpSystems One server and McAfee for DAT updates;

    • the cryptographic policy is compatible with the product.

Enhancements
  • Improved installation process.

  • Updated Java Mail client to support TLS 1.2.

  • Reports with defined e-mail recipients now include an "E-mail Report" option, which replaces the "Run" option for reports. The "E-mail Report" option is displayed only if at least one recipient is configured on the report.

Fixes
  • Updated Log4j to 2.17.1 to resolve vulnerabilities.

  • OS details required to enable license management are now sent in the health check data response for Solaris endpoints.

  • Fixed an issue where endpoints were appearing in the Endpoints list but not appearing in the Connection Settings list.

Version 6.1.0 (Powertech Antivirus Unix/Linux endpoints)

June 27, 2022

New Features
  • Powertech Antivirus now uses the McAfee 6300 Anti-Malware Engine, which includes the following new features (from McAfee):
    • Enhanced threat landscape with added support for MPress (LZMAT) and DMG file types.

    • Improved coverage on OLE and Excel file types.

    • Better handling of VBA and Jar files and wider coverage for UPX packed files.

    • Various changes, resulting in improved malware detection.

    • Several bug fixes, and performance and security improvements.

Enhancements
  • Improved signal handling during UI-initiated on-access restarts and configuration pushes.

  • Added Health check process timeouts to prevent the possibility of large backlogs.

  • Starting the on-access service is now prevented for Solaris versions that do not support on-access scanning.

Fixes
  • OS details required to enable license management are now sent in the health check data response for Solaris endpoints.

  • Fixed an issue that caused EBUSY errors upon restart of the on-access scanning service on AIX.

  • Fixed signaling issues during UI-initiated on-access restarts and configuration pushes.

  • Fixed an issue that caused a health check backlog on RHEL6 after disabling on-access scanning.

  • Added library references to allow web server integration for Solaris 11.2 and 11.3 endpoints.

  • On Solaris, running avinsitectl restart now also starts avinsite if it was down, to facilitate the restart process.

  • On Solaris 11.4, fixed an issue that could cause a failure to restart on-access monitoring after reconfiguration from disabled state.

April 2022

Version 6.02

April 27, 2022

Updated the Spring Framework to 5.2.21.RELEASE to address the RCE (CVE-2022-22965) and Data Binding Rules (CVE-2022-22968) vulnerabilities.

December 2021

Version 6.01

December 21, 2021

  • The Apache Log4j JNDI vulnerability has been addressed by updating to 2.16.0.

August 2021

Version 6.0

August 10, 2021

New Features
  • Powertech Antivirus is now supported by the HelpSystems One web browser interface, which allows you to easily initiate and schedule scans, update virus definitions, generate reports, and monitor your systems using HelpSystems One's interactive controls.

    • Endpoints previously integrated with HelpSystems Insite can be easily migrated to HelpSystems One.

    • HTTPS is used for secure integration of Powertech Antivirus with HelpSystems One.

    • On-Demand scans can now be scheduled for one or many endpoints using any selected configuration.

  • The Settings > Endpoint Registration page now includes options to automatically approve endpoints and not require an API key upon registration.

Enhancements
  • Powertech Antivirus now supports threat protection on endpoints running Solaris 10 and 11 on Intel and SPARC.

    NOTE:  
    • Solaris 11 is required for integration with the PTAV web service.
    • Solaris 11.4 is required for on-access scanning support.

  • On-Demand and On-Access scan configurations now require absolute paths for include and exclude filters.

  • Java Virtual Machines (JVMs) now run at the current Long-Term-Support (LTS) version (OpenJDK Java 11.0.10) for improved performance and to support the latest security updates.

  • Powertech Antivirus now uses version 2.3.1 of Apache Kafka.

  • On the Reports page, labels for the time range ("Number of Days" and "Number of Hours") have been clarified. They now read "Last X Days" and "Last X Hours".

  • On-Access Scan statistics are now captured every thirty minutes and retained for six months.

  • It is now possible to enter or edit the API Key used for registering Powertech Antivirus endpoints.

Fixes
  • An issue that could cause a delayed health check result after DAT updates has been resolved.

  • An issue that could cause the integration service to incorrectly determine another instance is running has been resolved.

  • An issue restarting the avinsite service during product updates has been resolved.

  • An issue that could cause AVSCAN to fail to quarantine when run as a non-root user while on-access was running has been resolved.

  • Notices.txt in the Powertech Antivirus endpoint installation now contains the Apache License statement.

  • An issue that caused an AVSCAN noise error when the command found it could not delete a file due to it being quarantined has been resolved.

  • The Unix man-page for avupdate ("avupdate --help" or "man avupdate") now shows the correct example (/opt/sgav/avupdate --avget --sscert --ptavrepo).

  • Unexpected behavior when restoring and deleting quarantined files has been resolved.

March 2021

Version 5.4.2

March 30, 2021

New Features
  • Powertech Antivirus now uses the McAfee 6200 Anti-Malware Engine, which includes the following new features:
    (from McAfee)
    • Enhanced threat landscape with added support for MSIL and AutoIT based malware.
    • Extended coverage for PDF and ISO file types.
    • Added provision to author better content with decoding support for ADC and LZFSE.
    • Introduced better handling capability for Linux threats.
    • Multiple features for better driver handling which improves the detection effectiveness.
    • Several bug fixes and performance improvements.
  • Powertech Antivirus now supports threat protection on endpoints running Ubuntu 20.04.
Fixes
  • The avupdate program on AIX and Linux now searches both /usr/bin and /usr/local/bin directories for curl and wget.
  • An issue that could cause a system lockup resulting from delayed closure of the AIX device driver has been resolved.
  • A small memory leak during license checks on AIX has been resolved.
  • The installation requirements have been reviewed and updated to accommodate FIPS mode.

November 2020

Version 5.4.1

November 16, 2020

New Features
  • On-Access scanning is now supported on endpoints running RedHat Enterprise Linux 6.
  • Powertech Antivirus now allows you to generate reports that include consolidated, filterable scanning statistics for On-Access and On-Demand scans.
    • Reports can be generated manually as needed, or scheduled to run automatically at predetermined intervals.
    • Reports can be viewed in the HelpSystems Insite web browser interface, or distributed to recipients as PDF attachments.
    • Report processes are recorded in Powertech Antivirus' Activity List.
Enhancements
  • The minimum "DAT Update Frequency" interval has been reduced from thirty minutes to five minutes.
  • Virus definitions (DAT files) can now be acquired from McAfee's HTTPS server.
  • The process for managing and dealing with TLS certificate renewal has been improved. (TLS certificates are used for secure communication with Kafka and for secure access to the PostgreSQL database.)
Fixes
  • A vulnerability to a linked-directory DOS exploit has been resolved.
  • Powertech Antivirus now responds appropriately when an attempt is made to save a Configuration whose name already exists.
  • License files named either "license" or "license.xml" are now accepted.
  • Delayed shutdown of avsvc now results in the service being stopped after 20 seconds to cope with servers that have become unresponsive.
  • The Use HTTP server toggle switch is no longer (erroneously) available when the main DAT File Repository toggle is set to Off.
  • An issue causing a UI anomaly on the Add Notification button when saving a Notification has been resolved.

June 2020

Version 5.4

June 4, 2020

New Features
  • Powertech Antivirus now allows you to generate reports that include consolidated, filterable scanning statistics for On-Access and On-Demand scans.
    • Reports can be generated manually as needed, or scheduled to run automatically at predetermined intervals.
    • Reports can be viewed in the HelpSystems Insite web browser interface, or distributed to recipients as PDF attachments.
    • Report processes are recorded in Powertech Antivirus' Activity List.
  • Quarantined files can now be viewed and managed using HelpSystems Insite, simplifying the process of working with quarantined files.
  • Licenses can now be deployed to many Powertech Antivirus endpoints simultaneously using a consolidated service.
Enhancements
  • Powertech Antivirus now includes support for the following:
    • RedHat Linux 7.6 (or later) for IBM LinuxONE and Linux on IBM Z S/390x.
    • SuSE Linux Enterprise Server 12 SP5 (or later) for IBM LinuxONE and Linux on IBM Z S/390x.
    • Ubuntu 18.04 (or later) for IBM LinuxONE and Linux on IBM Z S/390x.
  • The Insite PTAV Service and Powertech Antivirus endpoints are now automatically enabled during the registration process.
Fixes
  • The avupdate command, used to update virus definitions from McAfee, no longer fails when used in conjunction with the Powertech Antivirus DAT file repository and wget 1.9.

March 2020

Version 5.3

March 30, 2020

New Features
  • Powertech Antivirus' On-Access Scan Service can now be stopped, started, and managed on endpoints using HelpSystems Insite.
    • The On-Access Scanning Service status now appears in the Endpoints list.
    • On-Access Service Configuration requests can be rerun to target endpoints whose configuration update failed.
  • Improved virus definition (DAT file) updating:
    • Virus definition updates from McAfee (DAT files) can now be distributed to servers locally over FTP using a local DAT file repository. Using this method, only a single server on your network requires an outside connection to retrieve the latest DAT files. The file server is secured using TLS, ensuring that data transfer is always secure and requires little configuration.
    • An internal HTTP proxy server dedicated to Internet activity can now be used for virus definition downloads rather than accessing the McAfee server directly.
    • DAT file updates are now validated by Powertech Antivirus before endpoints can use them, whether downloaded from McAfee or copied manually to an air-gapped endpoint.
    • DAT update requests can be rerun to target endpoints whose DAT update failed.
    • Powertech Antivirus can now be operated in an 'air-gapped' environment so that Insite and the PTAV Service (including the DAT Repository) can operate without an Internet connection.
Enhancements
  • Virus scans can now be rerun for all endpoints or for only endpoints whose scans failed or were canceled.

  • A Search bar and Search By settings have been added to the Activity Status and Activity Details pages. Activities can now be filtered to their Type and Status.
  • Items can now be sorted by Status on the Activity Status and Activity Details pages.
  • Endpoints running RHEL 6 can now be managed , monitored, have DAT files updated automatically from Insite. (On-Access Scanning is not supported on RHEL 6.)
Fixes
  • The term 'Success' is now used to indicate a successful result on the Activity Details page, rather than ‘Completed.’
  • The formatting of the text on the Endpoints page that indicates the Powertech Antivirus version has been corrected.
  • A loading mask has been added to the Activity Details page to indicate progress while switching pages.
  • Field validation has been corrected for On-Demand Configuration settings.

December 2019

Version 5.2
New Features
  • On-Demand scans can now be started and stopped in HelpSystems Insite.
    • Options for starting and stopping scans are available on the Endpoints screen. The Endpoints screen also includes the status for scans currently running on endpoints.
    • Configurations for On-Demand scans can be defined on the Configurations screen. On-Demand scanning Configurations are validated when edited to ensure there are no validation errors.
    • The Configurations screen can be sorted and filtered by Configuration type so that only On-Access or On-Demand scan Configurations are displayed.
    • While running a scan from the Endpoints screen, Configuration settings can changed prior to the scan. The updated settings can be saved as a new Configuration.
    • Status information about configuration updates and virus scan requests is listed on the Activity Status screen and Activity Details list.
    • The number of endpoints with currently active scans is also listed on the Home screen.
  • An internal repository can now be used to download virus definition (DAT file) updates to be distributed to Powertech Antivirus endpoints using an HTTP file server.
    • A new Settings screen now allows you to configure options for running DAT level updates on endpoints.
    • The HTTP file server uses TLS certificates to ensure secure data transfer and requires little configuration. A signed TLS certificate can be used to secure the DAT repository HTTP file server. If a signed TLS certificate is not available the Powertech Antivirus service will generate a self-signed certificate to ensure a secure connection.
    • Row action and group action options for updating DAT files now appear on the Powertech Antivirus Endpoints screen.
    • The number of endpoints with outdated virus definition DAT files is listed on the Powertech Antivirus Home screen.
    • The Powertech Antivirus Home screen shows new information about the DAT file repository and endpoint DAT levels.
    • A new Powertech Antivirus service can be configured to update the DAT file repository when new virus definition updates are available. The most recent three DAT file versions are stored on the remote server, ensuring the local repository can be updated without the risk of interrupting any file transfer requests from endpoints that are currently in progress.
    • The avupdate command now support an new option, --ptavrepo, to indicate the path provided is to the root of a PTAV DAT Repository.
Enhancements
  • Endpoints can be searched by operating system on the Endpoints screen, so that only endpoints running the specified operating systems will be displayed.
  • Running scans can be sorted according to their scanning status on Powertech Antivirus Endpoints screen.
  • Activity Status links have been added to the Powertech Antivirus Home screen, which allow easy access to a list of endpoints with currently running scans and the list of active scans.
  • Filtering options have been added to the Activity Status screen, allowing easier access to the most relevant list of requests.
  • All endpoint items across all pages can now be selected, so that multi-select actions can be applied to all endpoints.
Fixes
  • A change has been made to kernel event handling on AIX to avoid a system crash during On-Access operation.
  • An issue causing a failure to quarantine files in the root directory when using AVSCAN has been resolved.

July 2019

Version 5.1
New Features
  • The following improvements have been made to Powertech Antivirus-specific features of the HelpSystems Insite web browser interface.
    • The running configuration of the On-access virus scanning service, including notification settings, can now be updated. Configuration updates can be applied to one or several endpoints simultaneously.
    • Notification settings can now be configured for On-demand scanning.
    • A new Insite Powertech Antivirus service has been added.
    • The ability to reference status information about requests sent to Insite's Powertech Antivirus service has been added.
  • A new On-access scanning option allows for scanning of files when opened and closed.
Enhancements
  • Additional information has been added to the Endpoint Properties pane, including OS, Powertech Antivirus version, DAT file version, and scan engine version.
  • Default settings in the configuration file have been updated to improve performance.
Fixes
  • Powertech Antivirus no longer checks for an empty parameter when -- is specified.
  • The bash dependency for Powertech Antivirus RPM and DEB packages has been removed.
  • An incorrectly configured notify section in config.ini (for example, a missing dot in name.cmd or name.options) no longer causes avconfig/avscan/avsvc to crash.
  • A potential avscan/avupdate/avsvc crash caused by a malformed license file has been resolved.

June 2019

Version 4.1.5

(Legacy version for OS compatibility (includes previous name Stand Guard Anti-Virus) without On-access scanning support)

  • Curl support has been added for HTTP support acquiring DAT files.
  • The default avupdate action now uses curl to acquire virus definition updates from McAfee's HTTP server.
  • Powertech Antivirus now uses the McAfee 6000 Anti-Malware Engine, which includes the following new features:
    • Enhanced support for JavaScript, including stabilization and performance improvements.
    • Improved VBA file handling capability to detect more threats.
    • Improved access to Win32 APIs enabling better policy control over DAT content.
    • Enhanced support to detect 64-bit PE , ELF , Mach-O and .NET based malware.
    • Improved ELF file handling capability.
    • Optimizations to DAT initialization to improve load times.

April 2019

Version 5.0.1
  • The bash dependency for installing Powertech Antivirus has been removed.

March 2019

Version 5.0
  • Powertech Antivirus is now supported by the HelpSystems Insite web browser interface, which allows you to easily monitor your systems using Insite's Dashboard and interactive controls.
  • Notifications can now be sent from several points in Powertech Antivirus, including On-Demand Scanning and On-Access Scanning. Scheduled emails can also be sent for status updates.

  • Powertech Antivirus now uses the McAfee 6000 Anti-Malware Engine, which includes the following new features:
    • Enhanced support for JavaScript, including stabilization and performance improvements.
    • Improved VBA file handling capability to detect more threats.
    • Improved access to Win32 APIs enabling better policy control over DAT content.
    • Enhanced support to detect 64-bit PE , ELF , Mach-O and .NET based malware.
    • Improved ELF file handling capability.
    • Optimizations to DAT initialization to improve load times.
  • The product has been renamed "Powertech Antivirus." The new name is used throughout the software and accompanying documentation. (Prior to version 5.0, the product was called "Stand Guard Anti-Virus.")

August 2018

Version 4.3 (AIX only)
New Features
  • Stand Guard Anti-Virus can now scan files as they are accessed by users of the system, a process known as On-Access Scanning.
    • An on-access management service is provided, which allows you to start, stop, and query the status of the service, as well as load configuration file updates.
    • On-access scan options are controlled through a configuration file.
    • A reporting tool is provided to display the status of the service.
    • Stand Guard Anti-Virus manages scanning of mounted file systems by detecting unmount and mount actions, resuming the scan procedure accordingly.
    • Scans that take too long can now be aborted after a specified timeout duration.
    • File caching allows for enhanced on-access scanning performance.
  • New diagnostic capabilities have been added that reveal environment details helpful for analysis and troubleshooting.
  • Tools have been provided to validate and update the on-access configuration file.
Enhancements
  • The Stand Guard Anti-Virus installation package now includes a version of the McAfee virus definitions to allow for scanning immediately after installation.
Fixes
  • The --cmd option in AVSCAN now scans the script file before execution.
  • All AVSCAN options are now validated.
  • The --loglevel 1 option in AVSCAN no longer results in unexpected behavior.
  • An issue causing an incorrect file count in the AVSCAN scan summary has been corrected.

June 2018

Version 4.1.4 (AIX only)
  • The --delay option now allows you to specify a pause (in milliseconds) as a CPU limiting technique to manage system resources under heavy use.

May 2018

Version 4.2 (Linux only)
New Features
  • Stand Guard Anti-Virus can now scan files as they are accessed by users of the system, a process known as On-Access Scanning.
    • An on-access management service is provided, which allows you to start, stop, and query the status of the service, as well as load configuration file updates.
    • On-access scan options are controlled through a configuration file.
    • A reporting tool is provided to display the status of the service.
    • Stand Guard Anti-Virus manages scanning of mounted file systems by detecting unmount and mount actions, resuming the scan procedure accordingly.
    • Scans that take too long can now be aborted after a specified timeout duration.
    • File caching allows for enhanced on-access scanning performance.
  • New diagnostic capabilities have been added that reveal environment details helpful for analysis and troubleshooting.
  • Tools have been provided to validate and update the on-access configuration file.
Enhancements
  • The Stand Guard Anti-Virus installation package now includes a version of the McAfee virus definitions to allow for scanning immediately after installation.
Fixes
  • The --cmd option in AVSCAN now scans the script file before execution.
  • All AVSCAN options are now validated.
  • The --loglevel 1 option in AVSCAN no longer results in unexpected behavior.
  • An issue causing an incorrect file count in the AVSCAN scan summary has been corrected.
  • --passive is now the default option on RedHat systems.

February 2018

Version 4.1.3
  • The --maxwait, --exclude, --cmd, --timeout, and --loglevel options are now validated prior to running the command in order to eliminate unexpected behavior.
  • The AVSCAN options summary now displays PUP scan options correctly.
  • The AVSCAN --cmd option now scans script files before execution.
  • The AVSCAN summary now accurately displays the number of files that were scanned. The scanner no longer counts the files identified as infected twice.
  • Unexpected behavior caused by using loglevel1 has been resolved.
  • Directories are no longer potentially skipped after a large or infected archive is detected.

November 2017

Version 4.1.2
Enhancements
  • Scan results from many Stand Guard Anti-Virus installations can now be directed to SYSLOG in order to provide centralized monitoring.
  • Stand Guard Anti-Virus now supports RHEL 7.1 (and later) Power Linux Little Endian and SLES 12 Power Linux Little Endian. (Linux only)
  • Support for Wget has been added. (Linux only)
Other Updates
  • AVSCAN no longer scans the /Quarantined folder, which is unnecessary and results in extraneous nested folders.

October 2017

Version 4.1
  • Stand Guard Anti-Virus now supports Power RHEL 6 & 7 and SLES 11 Big Endian Linux.

For more information, visit the McAfee website.

June 2017

Version 4.0-13
  • Stand Guard Anti-Virus now uses the new McAfee 5900 Anti-Malware Engine, which includes the following:
    • Enhanced support of JavaScript malware detection
    • Enhancements to DAT content to improve predictability of content processing
    • A new high-performance executable packer (MPRESS) to decompress executables
    • Dotfuscator .NET obfuscation functionality for string obfuscation
    • Improved support of OLE file format Platform enhancements

For more information, visit the McAfee website.

November 2016

Version 4.0-12
  • Updated McAfee Scan Engine 5800.
    • Enhancements to PDF format to improve exploit detection capabilities.
    • Improved unpacking of .NET, VBA, Shockwave Flash and generic unpacking improvements to detect more threats.
    • Performance optimizations of initialization and scanning.
  • Ability to run real-time scans interactively.
  • Use your favorite scheduler to run system scans and download DAT file updates. CRON is no longer required.
  • Simplified User Interface for enhanced user experience.
  • Improved Stability.
  • Support for 64-bit systems.

February 2016

Version 4.0-11
  • Updated McAfee Scan Engine 5800.
    • Enhancements to PDF format to improve exploit detection capabilities.
    • Improved unpacking of .NET, VBA, Shockwave Flash and generic unpacking improvements to detect more threats.
    • Performance optimizations of initialization and scanning.
  • Ability to run real-time scans interactively.
  • Use your favorite scheduler to run system scans and download DAT file updates. CRON is no longer required.
  • Simplified User Interface for enhanced user experience.
  • Improved Stability.

Back to Powertech Products