Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 4373 Source: NTServicePack

Source
Level
Description
<Service Pack/Hotfix> installation failed. Access is denied.
Comments
 
In my case, an infection by rootkit 'Rootkit.TDSS.BQ' made it impossible to install only two updates.
The installation of KB2676562 and KB2633171 failed. After cleaning the system with Kasperskys TDSSKiller the errors where gone. See EV100367 (Anti-rootkit utility TDSSKiller).
This error may happen when you try to install Windows Server 2003 SP1 or SP2 and Administrators don't have appropriate access to the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost

Right click on the registry key and check under Permissions if administrators have FULL ACCESS and READ rights.
This issue may occur if you try to install Windows PowerShell 1.0 in response to the installation instructions that are included with Microsoft Exchange Server 2007. See ME947033 for a workaround.
There is a possibility that the registry is damaged. Run "chkdsk /f".
We got this error when updating Windows 2003 server to SP1. The service pack update was not successful, saying that cmd.exe is opened by some other application. We restarted the server but the same thing happened. Then finally, we scanned the computer for viruses and it turned out it was infected. We scanned the CD with SP1 and the CD itself was infected. We downloaded a fresh copy of SP1 and the update was successful.


If you are having problems installing Windows XP Service Pack 2, then see ME873148 and the link to "Troubleshooting Windows XP Service Pack 2" for information on troubleshooting this problem.

From a newsgroup post: "You may need to reset the permissions on the "system32\dllcache" folder. System and administrator accounts need full access".

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...