Verisys Discrepancy Report (Full Details)

This report shows data from 2 discrepancy reports, containing a total of 8 discrepancies

Discrepancies by Type
 ModifiedRemovedAddedTotal
File Server2002
Payment Processing Server5016
Total7018
Discrepancies by Priority
 LowMediumHighEmergencyTotal
File Server01102
Payment Processing Server01506
Total02608
All Discrepancies
 TimestampAgentRuleTypePriorityObject
+21-MAY-2016 21:46Payment Processing ServerWindows Server 2008 System FilesModifiedHighC:\Windows\shell.exe
AttributeExpected ValueActual Value
AttributesArchiveHidden, Archive
Permissions DACL: D:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU) Account SID: S-1-5-18 Account Name: NT AUTHORITY\SYSTEM Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-544 Account Name: BUILTIN\Administrators Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-545 Account Name: BUILTIN\Users Type: Allow Inherited: Yes Inheritance: None Rights: ReadAndExecute, Synchronize DACL: D:(A;;FA;;;WD)(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU) Account SID: S-1-1-0 Account Name: Everyone Type: Allow Inherited: No Inheritance: None Rights: FullControl Account SID: S-1-5-18 Account Name: NT AUTHORITY\SYSTEM Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-544 Account Name: BUILTIN\Administrators Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-545 Account Name: BUILTIN\Users Type: Allow Inherited: Yes Inheritance: None Rights: ReadAndExecute, Synchronize
+21-MAY-2016 21:46Payment Processing ServerWindows Server 2008 System FilesModifiedHighC:\Windows\system32\comms.sys
AttributeExpected ValueActual Value
Modified Time2015-06-07T19:56:00.0000000Z2016-05-21T20:46:04.3302659Z
Size38127
CRCFC0C263EFE4CA530
Hash9B845F457388D9C34BB4F1C36C14B143FCEBD65FF034EC6F3C6CD41F632D5471C5369BFEB9367586342796BDAEDC6CE4A6E76616BE10BAB9402BD891392FF42D
+21-MAY-2016 21:46Payment Processing ServerWindows Server 2008 System FilesModifiedHighC:\Windows\system32\ip_stack.dll
AttributeExpected ValueActual Value
Modified Time2015-06-07T19:56:00.0000000Z2016-05-21T20:46:04.3302659Z
Size38127
CRCFC0C263EFE4CA530
Hash9B845F457388D9C34BB4F1C36C14B143FCEBD65FF034EC6F3C6CD41F632D5471C5369BFEB9367586342796BDAEDC6CE4A6E76616BE10BAB9402BD891392FF42D
+21-MAY-2016 21:46Payment Processing ServerWindows Server 2008 System FilesAddedHighC:\Windows\system32\keylogger.sys
AttributeExpected ValueActual Value
Created Time2016-05-21T20:46:04.2834658Z
Modified Time2016-05-21T20:46:04.2834658Z
Size41
CRCFD4BCF7E
Hash15AD402CE3528BA48C2F10CC0E9AD8E7B7C6E0426B77CC4A15F86CD394A200D9
Owner Account SID: S-1-5-32-544 Account Name: BUILTIN\Administrators
Primary Group Account SID: S-1-5-21-305035777-899029998-720635935-513 Account Name: KVAERNER-NO\Domain Users
AttributesArchive
Permissions DACL: D:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU) Account SID: S-1-5-18 Account Name: NT AUTHORITY\SYSTEM Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-544 Account Name: BUILTIN\Administrators Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-545 Account Name: BUILTIN\Users Type: Allow Inherited: Yes Inheritance: None Rights: ReadAndExecute, Synchronize
Audit RulesSACL:
+21-MAY-2016 21:46Payment Processing ServerWindows Server 2008 System FilesModifiedHighC:\Windows\system32\logon.exe
AttributeExpected ValueActual Value
Modified Time2015-06-07T19:56:00.0000000Z2016-05-21T20:46:04.3458659Z
Size38127
CRCFC0C263EFE4CA530
Hash9B845F457388D9C34BB4F1C36C14B143FCEBD65FF034EC6F3C6CD41F632D5471C5369BFEB9367586342796BDAEDC6CE4A6E76616BE10BAB9402BD891392FF42D
AttributesArchiveReadOnly, Archive
+21-MAY-2016 21:46Payment Processing ServerWindows Server 2008 Network FilesModifiedMediumC:\Windows\system32\drivers\etc\hosts
AttributeExpected ValueActual Value
Modified Time2015-06-07T19:56:00.0000000Z2016-05-21T20:46:04.2834658Z
Size2628
CRCFE16DFAEFF18C403
HashF0EF3092BE99D84879D21FF98A32EFCBD9BC27A901AB01E719B9386E005FFD184EE7C8230D51DFDF604045FCA3F3F17C87067C008314EA8CB2DF42ED1E0E1C87
Permissions DACL: D:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU) Account SID: S-1-5-18 Account Name: NT AUTHORITY\SYSTEM Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-544 Account Name: BUILTIN\Administrators Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-545 Account Name: BUILTIN\Users Type: Allow Inherited: Yes Inheritance: None Rights: ReadAndExecute, Synchronize DACL: D:(A;;FA;;;WD)(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU) Account SID: S-1-1-0 Account Name: Everyone Type: Allow Inherited: No Inheritance: None Rights: FullControl Account SID: S-1-5-18 Account Name: NT AUTHORITY\SYSTEM Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-544 Account Name: BUILTIN\Administrators Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-545 Account Name: BUILTIN\Users Type: Allow Inherited: Yes Inheritance: None Rights: ReadAndExecute, Synchronize
+21-MAY-2016 21:46File ServerWindows Server 2012 System FilesModifiedHighC:\Windows\system32\ip_stack.dll
AttributeExpected ValueActual Value
Modified Time2015-06-07T19:56:00.0000000Z2016-05-21T20:46:04.4238661Z
Size38127
CRCFC0C263EFE4CA530
Hash9B845F457388D9C34BB4F1C36C14B143FCEBD65FF034EC6F3C6CD41F632D5471C5369BFEB9367586342796BDAEDC6CE4A6E76616BE10BAB9402BD891392FF42D
AttributesArchiveHidden, Archive
+21-MAY-2016 21:46File ServerWindows Server 2012 Network FilesModifiedMediumC:\Windows\system32\drivers\etc\hosts
AttributeExpected ValueActual Value
Permissions DACL: D:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU) Account SID: S-1-5-18 Account Name: NT AUTHORITY\SYSTEM Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-544 Account Name: BUILTIN\Administrators Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-545 Account Name: BUILTIN\Users Type: Allow Inherited: Yes Inheritance: None Rights: ReadAndExecute, Synchronize DACL: D:(A;;FA;;;WD)(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x1200a9;;;BU) Account SID: S-1-1-0 Account Name: Everyone Type: Allow Inherited: No Inheritance: None Rights: FullControl Account SID: S-1-5-18 Account Name: NT AUTHORITY\SYSTEM Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-544 Account Name: BUILTIN\Administrators Type: Allow Inherited: Yes Inheritance: None Rights: FullControl Account SID: S-1-5-32-545 Account Name: BUILTIN\Users Type: Allow Inherited: Yes Inheritance: None Rights: ReadAndExecute, Synchronize
All report times are shown as UTC (Coordinated Universal Time)