Powertech Antivirus

NOTE: In versions 4.3 and earlier, Powertech Antivirus was called Stand Guard Anti-Virus.

June 2020

Version 5.4

Jun 4, 2020

New Features
  • Quarantined files can now be viewed and managed using HelpSystems Insite, simplifying the process of working with quarantined files.
  • Licenses can now be deployed to many Powertech Antivirus endpoints simultaneously using a consolidated service.
Enhancements
  • Powertech Antivirus now includes support for the following:
    • RedHat Linux 7.6 (or later) for LinuxOne s390x.
    • SuSE Linux Enterprise Server 12 SP5 (or later) for LinuxOne s390x.
    • Ubuntu 18.04 (or later) for LinuxOne s390x.
  • The Insite PTAV Service and Powertech Antivirus endpoints are now automatically whitelisted during the registration process.
Other Fixes

  • The avupdate command, used to update virus definitions from McAfee, no longer fails when used in conjunction with the Powertech Antivirus DAT file repository and wget 1.9.

March 2020

Version 5.3

March 30, 2020

New Features
  • Powertech Antivirus' On-Access Scan Service can now be stopped, started, and managed on endpoints using HelpSystems Insite.
    • The On-Access Scanning Service status now appears in the Endpoints list.
    • On-Access Service Configuration requests can be rerun to target endpoints whose configuration update failed.
  • Improved virus definition (DAT file) updating:
    • Virus definition updates from McAfee (DAT files) can now be distributed to servers locally over FTP using a local DAT file repository. Using this method, only a single server on your network requires an outside connection to retrieve the latest DAT files. The file server is secured using TLS, ensuring that data transfer is always secure and requires little configuration.
    • An internal HTTP proxy server dedicated to Internet activity can now be used for virus definition downloads rather than accessing the McAfee server directly.
    • DAT file updates are now validated by Powertech Antivirus before endpoints can use them, whether downloaded from McAfee or copied manually to an air-gapped endpoint.
    • DAT update requests can be rerun to target endpoints whose DAT update failed.
    • Powertech Antivirus can now be operated in an 'air-gapped' environment so that Insite and the PTAV Service (including the DAT Repository) can operate without an Internet connection.
Enhancements

  • Virus scans can now be rerun for all endpoints or for only endpoints whose scans failed or were canceled.

  • A Search bar and Search By settings have been added to the Activity Status and Activity Details pages. Activities can now be filtered to their Type and Status.
  • Items can now be sorted by Status on the Activity Status and Activity Details pages.
  • Endpoints running RHEL 6 can now be managed , monitored, have DAT files updated automatically from Insite. (On-Access Scanning is not supported on RHEL 6.)
Other Fixes
  • The term 'Success' is now used to indicate a successful result on the Activity Details page, rather than ‘Completed.’
  • The formatting of the text on the Endpoints page that indicates the Powertech Antivirus version has been corrected.
  • A loading mask has been added to the Activity Details page to indicate progress while switching pages.
  • Field validation has been corrected for On-Demand Configuration settings.

December 2019

Version 5.2
New Features
  • On-Demand scans can now be started and stopped in HelpSystems Insite.
    • Options for starting and stopping scans are available on the Endpoints screen. The Endpoints screen also includes the status for scans currently running on endpoints.
    • Configurations for On-Demand scans can be defined on the Configurations screen. On-Demand scanning Configurations are validated when edited to ensure there are no validation errors.
    • The Configurations screen can be sorted and filtered by Configuration type so that only On-Access or On-Demand scan Configurations are displayed.
    • While running a scan from the Endpoints screen, Configuration settings can changed prior to the scan. The updated settings can be saved as a new Configuration.
    • Status information about configuration updates and virus scan requests is listed on the Activity Status screen and Activity Details list.
    • The number of endpoints with currently active scans is also listed on the Home screen.
  • An internal repository can now be used to download virus definition (DAT file) updates to be distributed to Powertech Antivirus endpoints using an HTTP file server.
    • A new Settings screen now allows you to configure options for running DAT level updates on endpoints.
    • The HTTP file server uses TLS certificates to ensure secure data transfer and requires little configuration. A signed TLS certificate can be used to secure the DAT repository HTTP file server. If a signed TLS certificate is not available the Powertech Antivirus service will generate a self-signed certificate to ensure a secure connection.
    • Row action and group action options for updating DAT files now appear on the Powertech Antivirus Endpoints screen.
    • The number of endpoints with outdated virus definition DAT files is listed on the Powertech Antivirus Home screen.
    • The Powertech Antivirus Home screen shows new information about the DAT file repository and endpoint DAT levels.
    • A new Powertech Antivirus service can be configured to update the DAT file repository when new virus definition updates are available. The most recent three DAT file versions are stored on the remote server, ensuring the local repository can be updated without the risk of interrupting any file transfer requests from endpoints that are currently in progress.
    • The avupdate command now support an new option, --ptavrepo, to indicate the path provided is to the root of a PTAV DAT Repository.
Enhancements
  • Endpoints can be searched by operating system on the Endpoints screen, so that only endpoints running the specified operating systems will be displayed.
  • Running scans can be sorted according to their scanning status on Powertech Antivirus Endpoints screen.
  • Activity Status links have been added to the Powertech Antivirus Home screen, which allow easy access to a list of endpoints with currently running scans and the list of active scans.
  • Filtering options have been added to the Activity Status screen, allowing easier access to the most relevant list of requests.
  • All endpoint items across all pages can now be selected, so that multi-select actions can be applied to all endpoints.
Other Fixes
  • A change has been made to kernel event handling on AIX to avoid a system crash during On-Access operation.
  • An issue causing a failure to quarantine files in the root directory when using AVSCAN has been resolved.

July 2019

Version 5.1
New Features
  • The following improvements have been made to Powertech Antivirus-specific features of the HelpSystems Insite web browser interface.
    • The running configuration of the On-access virus scanning service, including notification settings, can now be updated. Configuration updates can be applied to one or several endpoints simultaneously.
    • Notification settings can now be configured for On-demand scanning.
    • A new Insite Powertech Antivirus service has been added.
    • The ability to reference status information about requests sent to Insite's Powertech Antivirus service has been added.
  • A new On-access scanning option allows for scanning of files when opened and closed.
Enhancements
  • Additional information has been added to the Endpoint Properties pane, including OS, Powertech Antivirus version, DAT file version, and scan engine version.
  • Default settings in the configuration file have been updated to improve performance.
Other Fixes
  • Powertech Antivirus no longer checks for an empty parameter when -- is specified.
  • The bash dependency for Powertech Antivirus RPM and DEB packages has been removed.
  • An incorrectly configured notify section in config.ini (for example, a missing dot in name.cmd or name.options) no longer causes avconfig/avscan/avsvc to crash.
  • A potential avscan/avupdate/avsvc crash caused by a malformed license file has been resolved.

June 2019

Version 4.1.5

(Legacy version for OS compatibility (includes previous name Stand Guard Anti-Virus) without On-access scanning support)

  • Curl support has been added for HTTP support acquiring DAT files.
  • The default avupdate action now uses curl to acquire virus definition updates from McAfee's HTTP server.
  • Powertech Antivirus now uses the McAfee 6000 Anti-Malware Engine, which includes the following new features:
    • Enhanced support for JavaScript, including stabilization and performance improvements.
    • Improved VBA file handling capability to detect more threats.
    • Improved access to Win32 APIs enabling better policy control over DAT content.
    • Enhanced support to detect 64-bit PE , ELF , Mach-O and .NET based malware.
    • Improved ELF file handling capability.
    • Optimizations to DAT initialization to improve load times.

April 2019

Version 5.0.1
  • The bash dependency for installing Powertech Antivirus has been removed.

March 2019

Version 5.0
  • Powertech Antivirus is now supported by the HelpSystems Insite web browser interface, which allows you to easily monitor your systems using Insite's Dashboard and interactive controls.

  • Notifications can now be sent from several points in Powertech Antivirus, including On-Demand Scanning and On-Access Scanning. Scheduled emails can also be sent for status updates.

  • Powertech Antivirus now uses the McAfee 6000 Anti-Malware Engine, which includes the following new features:
    • Enhanced support for JavaScript, including stabilization and performance improvements.
    • Improved VBA file handling capability to detect more threats.
    • Improved access to Win32 APIs enabling better policy control over DAT content.
    • Enhanced support to detect 64-bit PE , ELF , Mach-O and .NET based malware.
    • Improved ELF file handling capability.
    • Optimizations to DAT initialization to improve load times.
  • The product has been renamed "Powertech Antivirus." The new name is used throughout the software and accompanying documentation. (Prior to version 5.0, the product was called "Stand Guard Anti-Virus.")

August 2018

Version 4.3 (AIX only)
New Features
  • Stand Guard Anti-Virus can now scan files as they are accessed by users of the system, a process known as On-Access Scanning.
    • An on-access management service is provided, which allows you to start, stop, and query the status of the service, as well as load configuration file updates.
    • On-access scan options are controlled through a configuration file.
    • A reporting tool is provided to display the status of the service.
    • Stand Guard Anti-Virus manages scanning of mounted file systems by detecting unmount and mount actions, resuming the scan procedure accordingly.
    • Scans that take too long can now be aborted after a specified timeout duration.
    • File caching allows for enhanced on-access scanning performance.
  • New diagnostic capabilities have been added that reveal environment details helpful for analysis and troubleshooting.
  • Tools have been provided to validate and update the on-access configuration file.
Enhancements
  • The Stand Guard Anti-Virus installation package now includes a version of the McAfee virus definitions to allow for scanning immediately after installation.
Other Fixes
  • The --cmd option in AVSCAN now scans the script file before execution.
  • All AVSCAN options are now validated.
  • The --loglevel 1 option in AVSCAN no longer results in unexpected behavior.
  • An issue causing an incorrect file count in the AVSCAN scan summary has been corrected.

June 2018

Version 4.1.4 (AIX only)
  • The --delay option now allows you to specify a pause (in milliseconds) as a CPU limiting technique to manage system resources under heavy use.

May 2018

Version 4.2 (Linux only)
New Features
  • Stand Guard Anti-Virus can now scan files as they are accessed by users of the system, a process known as On-Access Scanning.
    • An on-access management service is provided, which allows you to start, stop, and query the status of the service, as well as load configuration file updates.
    • On-access scan options are controlled through a configuration file.
    • A reporting tool is provided to display the status of the service.
    • Stand Guard Anti-Virus manages scanning of mounted file systems by detecting unmount and mount actions, resuming the scan procedure accordingly.
    • Scans that take too long can now be aborted after a specified timeout duration.
    • File caching allows for enhanced on-access scanning performance.
  • New diagnostic capabilities have been added that reveal environment details helpful for analysis and troubleshooting.
  • Tools have been provided to validate and update the on-access configuration file.
Enhancements
  • The Stand Guard Anti-Virus installation package now includes a version of the McAfee virus definitions to allow for scanning immediately after installation.
Other Fixes
  • The --cmd option in AVSCAN now scans the script file before execution.
  • All AVSCAN options are now validated.
  • The --loglevel 1 option in AVSCAN no longer results in unexpected behavior.
  • An issue causing an incorrect file count in the AVSCAN scan summary has been corrected.
  • --passive is now the default option on RedHat systems.

February 2018

Version 4.1.3
  • The --maxwait, --exclude, --cmd, --timeout, and --loglevel options are now validated prior to running the command in order to eliminate unexpected behavior.
  • The AVSCAN options summary now displays PUP scan options correctly.
  • The AVSCAN --cmd option now scans script files before execution.
  • The AVSCAN summary now accurately displays the number of files that were scanned. The scanner no longer counts the files identified as infected twice.
  • Unexpected behavior caused by using loglevel1 has been resolved.
  • Directories are no longer potentially skipped after a large or infected archive is detected.

November 2017

Version 4.1.2
Enhancements
  • Scan results from many Stand Guard Anti-Virus installations can now be directed to SYSLOG in order to provide centralized monitoring.
  • Stand Guard Anti-Virus now supports RHEL 7.1 (and later) Power Linux Little Endian and SLES 12 Power Linux Little Endian. (Linux only)
  • Support for Wget has been added. (Linux only)
Other Updates
  • AVSCAN no longer scans the /Quarantined folder, which is unnecessary and results in extraneous nested folders.

October 2017

Version 4.1
  • Stand Guard Anti-Virus now supports Power RHEL 6 & 7 and SLES 11 Big Endian Linux.

For more information, visit the McAfee website.

June 2017

Version 4.0-13
  • Stand Guard Anti-Virus now uses the new McAfee 5900 Anti-Malware Engine, which includes the following:
    • Enhanced support of JavaScript malware detection
    • Enhancements to DAT content to improve predictability of content processing
    • A new high-performance executable packer (MPRESS) to decompress executables
    • Dotfuscator .NET obfuscation functionality for string obfuscation

    • Improved support of OLE file format Platform enhancements

For more information, visit the McAfee website.

November 2016

Version 4.0-12
  • Updated McAfee Scan Engine 5800.
    • Enhancements to PDF format to improve exploit detection capabilities.
    • Improved unpacking of .NET, VBA, Shockwave Flash and generic unpacking improvements to detect more threats.
    • Performance optimizations of initialization and scanning.
  • Ability to run real-time scans interactively.
  • Use your favorite scheduler to run system scans and download DAT file updates. CRON is no longer required.
  • Simplified User Interface for enhanced user experience.
  • Improved Stability.
  • Support for 64-bit systems.

February 2016

Version 4.0-11
  • Updated McAfee Scan Engine 5800.
    • Enhancements to PDF format to improve exploit detection capabilities.
    • Improved unpacking of .NET, VBA, Shockwave Flash and generic unpacking improvements to detect more threats.
    • Performance optimizations of initialization and scanning.
  • Ability to run real-time scans interactively.
  • Use your favorite scheduler to run system scans and download DAT file updates. CRON is no longer required.
  • Simplified User Interface for enhanced user experience.
  • Improved Stability.

Back to Product Index