The Symantec Endpoint Protection (SEP) client is failing to execute a Host Integrity check. Cscript.exe can be seen running when the check starts, but it fails to process the script. The steps in TECH214426 did not resolve the issue.
Fail to execute Host Integrity check.
Error Type: 0x02000008, Error Code: 0x00000000
JScript class has been modified to point to a different dll as seen via the registry:
HKCR\JScript\CLSID\(Default)
Data: {f414c260-6ac0-11cf-b6d1-00aa00bbbb58}
HKEY_CLASSES_ROOT\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32\(Default)
Data: <path to third party dll>
Note: Additional classes may be similarly modified, such as VBScript:
HKCR\VBScript\CLSID\(Default)
Data: {B54F3741-5B07-11cf-A4B0-00AA004A55E8}
HKCR\CLSID\{B54F3741-5B07-11CF-A4B0-00AA004A55E8}\InprocServer32\(Default)
Data: <path to third party dll>
Expected values:
HKEY_CLASSES_ROOT\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32\(Default)
Data: C:\Windows\System32\jscript.dll
HKEY_CLASSES_ROOT\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32\(Default)
Data: C:\Windows\System32\vbscript.dll