From: Cisco Clean Access Users and Administrators
[mailto:[email protected]] On Behalf Of Don Click
Sent: Monday, August 30, 2010 8:31 AM
To: [email protected]
Subject: Windows XP Pro/Home failure
Greetings all!
We are running 4.8.0 in a (non-ha) In-Band solution, and for the most
part, its been working perfectly. However, last night, we had a user
that was getting temporary access due to a failed critical update.
When the user went to M$ to find the update, there are none shown for
the user. The Agent log is attached - Can someone help me understand
what caused the failure?
It does show he passed the SP3 check, but failed on some SP2 stuff? I
don't get it.
Thanks in advance..
User: xxxxxxx Operating System: Windows XP Pro/Home Agent
Version: 4.8.0.32 Compliance Module Version: 3.4.13.1 Agent
Type: Windows Agent Report Type: Login
System Name: xxxxx System Domain: n/a
System User: Original Computer User Domain: xxxxxx
________________________________
1. Windows Critical Updates (Mandatory)
* Passed Checks:
pc_XP_KB980232_MS10-020
pc_KB952954_MS08-046_XP_SP3
pc_XP_KB958869_MS09-062
pc_Windows-XP-SP3
pc_KB958644_MS08-067_XP_SP3
pc_XP_KB980436_MS10-049
pc_XP_KB2079403_MS10-051
pc_XP_KB980195_MS10-034
pc_XP_KB975562_MS10-033
pc_XP_KB973507_MS09-037
pc_XP_KB975713_MS10-007
pc_XP_KB956844_MS09-046
pc_Windows-JScript-ver5_6
pc_XP_KB979482_MS10-033
pc_XP_KB979309_MS10-019
pc_XP_KB2229593_MS10-042
pc_KB956802_MS08-071_XP
pc_XP_KB975560_MS10-013
pc_XP_KB2286198_MS10-046
pc_XP_KB978601_MS10-019
pc_XP_KB977914_MS10-013
pc_KB960803_MS09-013_XP
pc_XP_KB971961_MS09-045_JS58
pc_XP_2115168_MS10-052_FileChk
pc_XP_KB973869_MS09-037
* Failed Checks:
pc_XP64, File Check [c:\windows\syswow64\kernel32.dll
exists ]
pc_Windows-XP-SP2-int, Registry Check
[\HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\windows\CSDVersion
equals 512]
pc_Windows-XP-SP2, Registry Check
[\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\CSDVersion contains Service Pack 2]
pc_Windows_ehkeyctl, File Check
[$SYSTEM_ROOT\ehome\ehkeyctl.dll exists ]
pc_XP_2115168_MS10-052, Registry Check
[\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows
XP\SP4\KB2115168\Filelist\ exists ]
pc_Windows-JScript-ver5_9, File Check
[$SYSTEM_32\Jscript.dll later than 5.9.0.0]
* Not executed Checks:
pc_KB952954_MS08-046_XP_SP2
pc_XP_KB2183461_MS10-053_SP3_IE8
pc_XP_KB2183461_MS10-053_SP3_IE7
pc_XP_KB2183461_MS10-053_SP3_IE6
pc_KB958644_MS08-067_XP_SP2
pc_MSXML3_MS08-069_XP
pc_KB923789_MS06-069_XP_SP2
pc_IE8_0
pc_XP_KB982381_MS10-035_IE8
pc_XP_KB982381_MS10-035_IE7
pc_KB938127_MS07-050_XP_SP2_IE7_V2
pc_XP_KB982381_MS10-035_IE6
pc_IE7_0
pc_IE6_0
pc_Flash_6r79_Registered_LC
pc_Flash_6_0_79
pc_Flash_6r79_Registered_UC
pc_KB938127_MS07-050_XP_SP2_IE7
pc_Windows-XP-SP3-int
pc_XP_MCE_KB973768_MS09-037
pc_XP_KB971961_MS09-045_JS57
pc_XP_KB971961_MS09-045_JS56
2. Verify Antivirus is installed (Mandatory)
* Passed Checks:
av_inst_ANY_vendor
* Not executed Checks:
SunbeltVipre4Install
3. AV Definitions check (Mandatory)
* Passed Checks:
av_def_ANY
* Failed Checks:
SunbeltVipre4Defs, File Check [$SYSTEM_PROGRAMS\Sunbelt
Software\SBEAgent\Definitions\DefVer.txt later than [M](system date - 7
days)]
________________________________
Client AV Info
Product ID:
NortonAV
Product Name:
Norton AntiVirus Corporate Edition
Product Version:
7.60.00.926
Virus Definition File Version:
8/25/2010 rev. 2
Virus Definition File Date:
08/25/2010
Client AS Info
Product ID:
MicrosoftAS
Product Name:
Windows Defender
Product Version:
1.1.1593.0
Spyware Definition File Version:
1.89.207.0
Spyware Definition File Date:
08/23/2010
Product ID:
Lavasoft
Product Name:
Ad-Aware 2007
Product Version:
7.0.1.6
Spyware Definition File Version:
Spyware Definition File Date:
