cancel
Showing results for 
Search instead for 
Did you mean: 

Windows 10 1809 Upgrade

New Member

Windows 10 1809 Upgrade

Hello,

Microsoft upgraded me to the 1809 Release and my customer uses the Pulse Secure client to log onto the VPN. I get a conformity issue because it seems that Opswat is no longer recognizing the restructured Defender. This is what I find in the log:

00163,09 2018/10/09 13:53:13.438 3 SYSTEM PulseSecureService.exe OpswatIMC p132528 t46B38 opsantivirusclient.cpp:129 - 'OpswatImcColData' collecting Antivirus information
00174,09 2018/10/09 13:53:13.979 4 SYSTEM PulseSecureService.exe hcUtils p132528 t46B38 hcUtilsWin.cpp:227 - 'getGMTBias' TimeZone: Mitteleuropäische Sommerzeit GMT Offset: 120 mins
00157,09 2018/10/09 13:53:13.979 3 SYSTEM PulseSecureService.exe OpswatIMC p132528 t46B38 opsantivirusclient.cpp:156 - 'OpswatImcColData' No Antivirus is installed
00194,09 2018/10/09 13:53:13.979 4 SYSTEM PulseSecureService.exe OpswatIMC p132528 t46B38 opsintegritydata.cpp:53 - 'getIMVMessage' IMV Message : <parameter name="AntiVirus" value="is_installed=NO;"> :
00193,09 2018/10/09 13:53:13.979 4 SYSTEM PulseSecureService.exe OpswatIMC p132528 t46B38 opsantivirusdata.cpp:41 - 'toImvMessage' IMV Message : <parameter name="AntiVirus" value="is_installed=NO;"> :

 

Best Regards

 

4 REPLIES 4
Pulser

Re: Windows 10 1809 Upgrade

Hello, 

 

I recommend to open a support case to collect logs and troublshoot the issue. 

New Member

Re: Windows 10 1809 Upgrade

Adding my debug log. There can be seen that in the beginning PulseSecureService.exe identifies Windows Defender successfully (with two statuses? Antivirus[Enabled] and AntiSpyware[Disabled]), but at the end OPSWAT is stating that no Antivirus found. I hope this helps a bit closer to the root issue. No time to open a ticket Smiley Happy

 

SoHHandler.cpp:120 - 'SoHHandler:Smiley TongueopulateHealthDetails' Antivirus Product details - Name : Windows Defender, State - 397568, Status : Enabled - up-to-date
00238,09 2018/10/30 09:27:53.277 3 SYSTEM PulseSecureService.exe SohIMC p6012 t26F8 SoHHandler.cpp:187 - 'SoHHandler:Smiley TongueopulateHealthDetails' AntiSpyware Product details - Name : Windows Defender, State - 397568, Status : not enabled - up-to-date
00125,09 2018/10/30 09:27:53.282 3 SYSTEM PulseSecureService.exe SohIMC p6012 t26F8 SoHHandler.cpp:436 - 'SOHHandler' Health value:0
........
00160,09 2018/10/30 09:28:02.329 3 SYSTEM PulseSecureService.exe OpswatIMC p6012 t26F8 opsantivirusclient.cpp:129 - 'OpswatImcColData' collecting Antivirus information
00154,09 2018/10/30 09:28:08.724 3 SYSTEM PulseSecureService.exe OpswatIMC p6012 t26F8 opsantivirusclient.cpp:156 - 'OpswatImcColData' No Antivirus is installed

Highlighted
Zod
Pulser

Re: Windows 10 1809 Upgrade

Which version of Pulse Secure client are you currently running? 

 

Pulse Secure is currently qualifying Windows 10 Redstone 5 (Version 1809) and will have updates for supported version on our KB, located at 

 

KB43907 - Support for Windows 10 Redstone 5 (Version 1809)

Community Manager

Re: Windows 10 1809 Upgrade

Hello Janar,

 

The SOH (Statement of Health) messages can be ignored.  To get details about OPSWAT, you'll need to increase the log level to Detailed within the Pulse client.  This should give more details in level 4 and 5 about the AV detected and the results.  

 

Are you only detecting for Windows Defender?