Over 1 million tech questions and answers.

need help with PCI compliance

Q: need help with PCI compliance

Dear Bleepingcomputers and friends,
 
I need you guys' help!
 
Have a  customer that need help getting PCI complaint [1] at five of her facilities.   So far I only have two thing left to figure out.  I only have available Window XP Pro sp3 machines to do this on. 
 
1)  I need to set up an internal IDS/IPS [2] scanner.   Antivirus doesn't count (PCI's insistence).  Wireshark?
 
2)  I need to set up an FIM [3] system on each computer with credit card information (PCI's doesn't care that the information is encrypted).  Again, Antivirus doesn't count (PCI insistence). 
 
 
 
Many thanks,
-T
 
1)  http://www.pcicomplianceguide.org/pcifaqs.php
 
2) Intrusion Detection System, Intrusion Preventions System
 
3) File Integrity Monitoring
 
 
 
 

RELEVANCY SCORE 200
Preferred Solution: need help with PCI compliance

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: need help with PCI compliance

price is everything in this question... Establish that and you can pretty much just Google it.
 
Also establishing training and user outlines/ skill-sets would be beneficial... As those XP machines could be nixxed and you could do it very cheap/free if they have decent users...

Read other 7 answers
RELEVANCY SCORE 43.2

Not sure if this is the correct forum for this question...
Recently had a PCI Compliance Scan performed which I failed for the following reason: "Firewall UDP Packet Source Port 53 Ruleset Bypass".  I am using Windows Firewall in Windows 7 Pro and the only place I can find any rule that specifies
port 53 is Core Networking DNS (UDP-Out).  I am not sure if I should disable this rule or not.  Or should I block port 53 in my wireless router?
Thanks in advance!

Read other answers
RELEVANCY SCORE 43.2

I'm working on a government project that includes using PowerPoint slideshows on the internet. If you're at all familiar with the government, you're aware that there is a MAJOR push to make sure all files on the internet are 508 compliant (accessible to users with disabilities.) I'm hearing from some folks that PowerPoint is NOT 508 compliant, while others say it can be MADE compliant. (In my digging around, I found a download that claims to walk you through making a PP slideshow compliant.)

Has anyone out there run into this situation? Have any suggestions?

Thanks in advance!
Terry
 

Read other answers
RELEVANCY SCORE 43.2

Hello,
We are using Windows 8.1 currently in a Fax Appliance. this used by medical and financial offices around the country.
We need to know if Windows 8.1 currently meets HIPAA standards for compliancy. We understand it is no longer in mainstream support, and exist now in a state of extended support and will be EOL by 2023. 
If this product does not meet HIPAA compliance standards we need to know now.
Thank you,
Ron.

Read other answers
RELEVANCY SCORE 43.2

I am currently operating XP Pro 32 bit and Directx 9. In a few days I will be installing from scratch Vista Home premium 64 bit.

What I am not sure of is whether my CPU is compliant with Directx 10.

It is an Intel Pentium D 915.

I have searched Intels site for hours to no avail.

Does anyone have an answer for me please?

Regards

cogs06

A:Directx 10 Compliance

For DirectX 10 to work you need a graphics card that is capable eg ATI HD 2000 series or above

Vista is capable of running DirectX 9 and 10 so you wont need to upgrade your graphics card unless you want to use DirectX 10

Read other 10 answers
RELEVANCY SCORE 43.2

Hello all,

while evaluating a new enterprise tool for our company a question was asked to the suppliers if their software is Vista compliant. One solution only requires a thin client with IE 5.5 or higher to use and say that they will not check if their software is Vista compliant as Vista uses IE 7 and they have tested with IE7 and Windows XP and it works fine.

Is there something that could prevent their software from working in Vista? Should we require them to certify Vista compliance?

BR Martin

Read other answers
RELEVANCY SCORE 43.2

Is there a plan to make MBSA Section 508 compliant (American with Disabilities Act)?

Read other answers
RELEVANCY SCORE 43.2

Hello,
Can anybody tell me of a good company that provides information about Compliance management? Someone recommended the site "infolocktech"
Any recommendations on this?
_________________
Dual DVD Recorders Football News
 

Read other answers
RELEVANCY SCORE 43.2

I purchased a usb type c spectre late last year (the rose version with i7 and 512GB.  It generally works well but so far the power system is very disappointing.  The basic issue is I purchased this device specifically because it purports to be USB Type C compliant.  That means I should be able to charge the device with any usb type c charger provided it meets the technical specs (e.g. 45 watts and so forth).  But it doesn't.  Instead, the software settings seem to make it in effect a proprietary set up.  If so, this is objectionable and possibly contrary Australian consumer law.  The problem is that I can only charge the device with the supplied charger.  The first issue is the charger is excessively heavy and bulky.  Why does the world's slimest and lightest laptop have such a bulky charger.  It's comparable to the laptop itself.  This is just dumb!The second issue is I can't use the rest of my USB Type C set up including a large battery, and a charger in my car.  Nor can I use my phone charger.  So I have to drag the HP charger everywhere.  The third issue is that only 1 of the 3 ports actually charges other devices at the USB Type C spec.  The 2 lighting ports are not USB Type C at all - they are just 3.1 with a usb type c connector.  So they only charge the phone at 20 per cent, the phone won't transfer data, and various peripherals such as a bluetooth keyboard/mouse don't have enough juice to... Read more

Read other answers
RELEVANCY SCORE 42.8

Hi Team.

I have a client with banking operations.

Long time send MBSA report about scanning servers to Regulatory Office.

There is documentary support about MBSA meet some Regulation, Process or Standard?

Thanks

Read other answers
RELEVANCY SCORE 42.8

Hi guys...an odd question here and I am mad at my IT Manager !!

Being a network Admin in-charge, i want to enforce a few policies at help desk. One of them is, not to create any user account unless an email arrives from HR to HelpDesk, informing of the user's badge ID, the department he/she belongs to. The status of employment and all those things. The procedures are in place but sometimes it so happens that some head of the Dept. call our IT Manager over the phone, or send him an email directly whcih is then forwarded to our Help Desk incharge who is then left with little options but to create the account without due processes.

HelpDesk incharge is bound by his position to defy IT manager and he is scared to tell me (sometimes he does) that IT manager is forcing him to dilute the AD account creation policy.

I don't want to confront IT manager based upon inputs by Helpdesk guys but would rather put a mechanism in place, where I would automatically come to know, that an account has been created and I can ask helpdesk to provide proof of the email from HR arbitrarily and then confront the manager.

I know some Audit trails can be put and they would appear under Securty tab of Event manager ( or so I guess) but I need something more automated that would land in my mailbox.

Is this possible?
 

Read other answers
RELEVANCY SCORE 42.8

Hopefully this is the right forum to post in..
I do IT work and am expanding into medical practices. I understand they must be HIPPA compliant and i was wondering if I need to be certified/take a test or anything to be able to even do IT work for a medical practice (third party IT). Some have said i need to have some certification to see the confidential patient information and I was wondering if any of you could maybe be more specific and show me what requirements they must meet or what certification I need to get to legally be able to work on their stuff, being I will be exposed to private patient information. 
 
Thanks

A:HIPPA Compliance/Certification?

No, there is no certification required.  However, you do need to be fully aware of the HIPAA laws and the security systems on the computer and any transference of data must be HIPAA compliant.
 
For more information, you can read these:
 
http://www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/2003.html
 
http://www.hhs.gov/ocr/privacy/hipaa/understanding/
 
http://smallbusiness.chron.com/hipaa-certification-2810.html
 
Orange Blossom

Read other 4 answers
RELEVANCY SCORE 42.8

Here's my situation. We have 4 systems that get remotely used. How ever we have been upgrading to be PCI-DSS compliant. We now need a way for these specific users to gain remote access to their desktops. Here are my thoughts but not sure which is best. So I'm just looking for your quick thoughts on this.

1. VPN that is PCI compliant. Then remote desktop from within the VPN. Would this still be PCI compliant? We have a Netgear FV338 router that is VPN pci compliant, but 60 bucks a client.

2. Use a 3rd party app such as go to my pc. That claims to be PCI compliant. I find these to vulnerable to changes in PCI compliancy. Will these actually pass our test?

I am just looking for options or if anyone has come across this situation?

Read other answers
RELEVANCY SCORE 42.8

Update: Installation successful, at the cost of one RAM module (remove from system), as suggested in this thread.
However, boot still fails with 2 modules in place.

Original Post:
Hello, my version of Windows 7 has failed to install, both at boot and within windows XP. The in-OS install failed, generically stating that it couldn't read the files it was looking for. (It REALLY needs a details tab for IT experts. It could have been my raid drivers, which seem to be running afoul in other OS's...s) The boot install didn't even start stating that my BIOS was not fully compatible with APCI.
However it is a feature-laden Gigabyte model from this year! There are no BIOS updates in regards to ACPI.

MA790TX-UD4P motherboard....

In my next installation attempt I will mount the ISO with Emulation and install from there, at least until restart.

Full system specs in my profile...

Edit: I've taken a look at this thread, I should note that I have no onboard video and only have access to an Nvidia 9800 GT with this motherboard.
I will attempt the removal of the 2nd DIMM as suggested on page 2.

A:ACPI Compliance Failure? REALLY?

Welcome SI5K,


Sounds like you have been reading some posts first, good start. Must give you a for having your system specs in place. I have found in several of my installs of Win7 that the Bios settings were rather confusing as to how ACPI was enabled or not. So I just made several attemps until I got the right one recognized by Win7 install. that's just one thought. What Build # of win7 are you installing? How did you burn the DVD? 4x speed? seems to work best for most members. You did not state how much memory you have, but you say you took 1 stick out & attempted an install.

No Over-clocking of CPU, right ?

We can start here & other members will jump in with their thoughts, also. Sounds like all the right hardware, just some minor bugs to configure correctly.

" Doc "

Read other 9 answers
RELEVANCY SCORE 42.8

What are the requirements for an existing application to be comaptible on Windows Vista RC1? How they are different from " Works with Windows Vista" requiremnts?

A:Requirements For Application Compliance.

I suspect that you'll have to contact Microsoft on MSDN to find that out. But, since Vista has gone RTM, I suspect they aren't very concerned with RC1 right now.

Read other 2 answers
RELEVANCY SCORE 42.8

Hi
What is a good PCI compliance security analyser primarily for Win 7 but also for later versions?
Thanks
Regards

Read other answers
RELEVANCY SCORE 42.8

Hi all - I'm having an error throughout many of the security and compliance pages in my instance - not getting too much help as yet so thought I'd post here. The errors I'm seeing are as follows:


error








The requested search root 'APCPR06A002.prod.outlook.com/ConfigurationUnits/XXXXXXXXXXXXXX.onmicrosoft.com/Configuration/Transport Settings/Rules/SafeAttachmentVersioned' is not within the scope
of this operation. Cannot perform searches outside the scope 'apcprd06.prod.outlook.com/Configuration/Services/Microsoft Exchange/ExchangeLabs'.








The requested search root 'APCPR06A002.prod.outlook.com/ConfigurationUnits/XXXXXXXXXXXX.onmicrosoft.com/Configuration/Transport Settings/Rules/AntiPhishVersioned' is not within the scope of this operation. Cannot
perform searches outside the scope 'apcprd06.prod.outlook.com/Configuration/Services/Microsoft Exchange/ExchangeLabs'.

The requested search root 'APCPR06A002.prod.outlook.com/ConfigurationUnits/XXXXXXXXX.onmicrosoft.com/Configuration/Transport Settings/Rules/SafeLinksVersioned'
is not within the scope of this operation. Cannot perform searches outside the scope 'apcprd06.prod.outlook.com/Configuration/Services/Microsoft Exchange/ExchangeLabs'.

Any thoughts?

Read other answers
RELEVANCY SCORE 42.8

I work at a very small business with a newer credit card machine that is wired into a Netgear router with an Ethernet cable.

Credit card terminal runs thur no computer, it is hooked directly to the router.

I try to take care of all the IT concerns and problem when they come up.

The new PCI compliance rules that went into effect on Jan 31st 2018 are giving me real problems.

We have a static IP address which has not changed for about 4 years.
We always passed the PCI compliance scan done by a company called Trustwave.

For the pass 2 months we have failed the scans. The reason stated in the report is "Host not detected".

They (Trustwave) has told me that something in the router must be blocking the scan.

Basically they have been no help.

Does anyone know the solution to this problem?? I think that there must be thousands of small business with the same problem, as I tried to call Trustwave support but got only voice mail leave a call back number because of high call volume. I have been communicating with them only by email.

I am thinking that there must be a simple solution to this, but I have not found it yet.

If we passed the last 4 years and nothing on our end has changed then why can we not pass now.?

Makes no sense to me.

Anybody got any ideas ??? Should I call the bank that services the credit card machine ?

Thanks in advance for any help..................
 

Read other answers
RELEVANCY SCORE 42.4

I am having a issue playing Blu Ray disks. I continue to get a HDCP compliance error everytime I try to play a Blu Ray video.  I am using arcsoft TMT6 on windows 7. I checked to make sure my monitor and video card are both HDCP compliant, and they both are. I used to be able to watch Blu Ray movies, and I'm not sure what changed, or why I cant watch them now. Also, I used cyberlink BluRay advisor and it said my "software player was not found" and "video connection type is digital without HDCP". Those are the only two problems found. I have a HP 2310 series wide lcd display and have a ATI Radeon HD 5570 video card, and am using a HDMI cable to the monitor. Can someone please help me with this. 

A:HDCP Compliance Issue, Everything is Compliant Though???

Hi Eric,   The Cyberlink BD Advisor only look for a Cyberlink BD software player.  You might very well have a perfectly good BD HDCP certified software player and Cyberlink won't indicate that you have it.  Your non-Cyberlink BD player might need updating to play the new BD titles.  The other issue might be a loose or faulty HDMI cable, a bad video card, corrupted video driver or a monitor problem. Power off the PC and monitor. Check the cables for tightness.  Be sure that you monitor has only one video connection and that it is a HDMI cable. Now try a monitor reset by unplugging the monitor's power cord and then hold down the power button for 30 seconds.  If you still have issues then try reinstalling the video card driver or installing the latest AMD driver from the AMD web site.

Read other 2 answers
RELEVANCY SCORE 42.4

Hi,

I have been trying to make my web pages 3WC / 4.01 compliant and viewable as much as possible across different browsers (albeit not perfectly)

I have been to http://AnyBrowser.Com and checked my pages in their site viewer. I have looked at the 3WC homepage and their markup Validation service at http://validator.w3.org/

Basically according to all the above, my pages look like crap and have heaps of errors.

I have located the online HTML Tidy service at:

http://cgi.w3.org/cgi-bin/tidy

I have used this HTML Tidy in combination with the Site Viewer at AnyBrowser.com and the Validator at 3WC.

After having reviewed and noted results of my existing pages in the Site Viewer and the Validator, I put my pages through the HTML Tidy, Copied the Page Source, pasted this into Dreamweaver and uploaded new pages.

I have put these new pages back through the Site Viewer and the Validator only to find that the pages are MUCH worse than they were before.

Even in the 3WC Validator the code entered by HTML Tidy is noted as errors (ex: Doc Type is replaced by Tidy code etc).

I can't understand why HTML Tidy would allow this to happen if it is indeed supposed to promote the 3WC compliance?

I am thinking that my only option at this point is to delete my HTML Tidy pages, go back to the originals and go through the errors listed in the 3WC Validator and manually fix them one by one...which (even with the error explanations handy) I am not sure that I can do properly (or indeed ... Read more

Read other answers
RELEVANCY SCORE 42.4

(i was wondering if anyone has a list of all the hipaa guidelines for computers/networks/systems?

i've been trying to find a comprehensive list but all i can find online are legal documents. i'm looking for a list that i can use as a checklist.

like passwords must be this length and workstations must lock after so many minutes.

any assistance is greatly appreciated.

thank you. = ])
 

A:(hipaa compliance cheat sheet?)

Read other 6 answers
RELEVANCY SCORE 42.4

Hi All,
Help!
I have a customer that is trying to jump through Trustwave's
questionnaire on PCI compliance (credit cards).  This is
their explanation of one of the required tests:  they
want both "vulnerability" and "penetration testing".  Now I don't
see the difference, but they do:
       Vulnerability scanning uses automated tools to attempt
       to discover vulnerabilities in the cardholder data
       environment.  Penetration testing goes further by
       having personnel *manually* attempt to exploit
       vulnerabilities and gaps in security the same way a
       criminal would.  Without penetration testing, you may
       know where vulnerabilities may be, but you won't know
       how deep an attacker can get or what he may be able to
       steal.
"Manually"?  How is the world does one do that?  Try to log in
with telnet?  Call the local federal prison and ask to borrow
a hacker for the day?  What can I do manually that the
"automated tools" can't?
Now I an see trying to seal the hole and retesting, but
that is not what they are asking for.  They want me
to sit down and try to breaking into the thing *the same
way a criminal would*!
AAAAAAAAAHHHHH... Read more

A:PCI compliance: vulnerability vs penetration testing

Since you are already receiving help here, please continue in that thread. Do not start new threads or duplicate topics as this causes confusion and makes it more difficult to get the help you need to resolve your issues. Further, it necessitates staff spending time with housecleaning to remove those duplicate postings...time which could have been provided to others needing assistance.Thanks for your cooperation.This thread is closed. If you have any questions, please PM me or another Moderator.

Read other 1 answers
RELEVANCY SCORE 42.4

I have a web based application and want it to port it on Windows Vista . What are the procedures I must follow to check for its compliance on safe deployment on Vista?

A:Web Based Application Compliance Testing

Let's see. I have no clue, but if I think about it, it must be:
Does your web server software work properly in Vista?
Which flavor of Vista do you plan on using?
Do you have the hardware to support it?
Have you checked into any of the documentation?
If you have checked into the documentation, promptly ignore it, set up your own test box, and see how things shake out. If what you find out on your own correlates with the documentation, then you might start to have some confidence.

That's where I would start if it were me. Essentially, a web service comes down to the web-server software, some sort of a middle tier, and I would imagine some sort of database. Are they compatible with Vista?

Read other 2 answers
RELEVANCY SCORE 42.4

When you change the following registry value to "1", is FIPS enabled in realtime or does the machine need to be rebooted?

HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled

We require FIPS 140-2 compliance on all machines running WinZip. I was wondering if it was possible to enable FIPS when WinZip is opened. FIPS breaks several sites, applications, etc in our environment and trying to find the best way to be FIPS compliant so
that WinZip runs in FIPS mode. FIPS is not needed for anything other than WinZip at this point. Any suggestions?

Read other answers
RELEVANCY SCORE 42.4

Where can I read some quick tutorial on layer 2 and layer 3 connectivity, IOS images, ISO compliance?

Thanks!
 

A:Layer 2 and 3 connectivity, IOS images, and ISO compliance???

http://www.thecertificationhub.com/networkplus/the_osi_ref_model.htm
 

Read other 1 answers
RELEVANCY SCORE 42

A Massachusetts stock broker will pay a $100,000 penalty to the Securities and Exchange Commission for failing to have security software or procedures when intruders stole account information of hundreds of customers and began making transactions with it.



Sunbelt Blog: No anti-virus software or procedures = compliance i$$ue

Read other answers
RELEVANCY SCORE 42

Hello, I'm curently working for a charity and we are in the middle of upgrading our systems. Some computers are being scraped and we are looking to pass these old computers on to other charities to use in Africa.

I've been put in charge of wiping all data from hard drives and I've found the best tool to be Dariks Boot and Nuke. But I need to make sure it's compliant with English laws such as ISO and DPA. I couldn't find anywhere in their faq about english complaince, only american laws.

Can anyone help me here?

Thanks, John
 

A:Dariks Boot and Nuke Compliance UK laws.

Read other 10 answers
RELEVANCY SCORE 42

I have windows 7 enterprise x64 installed on my machine. I've been having troubles for a while. Many updates don't install, and device drivers won't install when a new device is plugged in (extremely annoying). I thought that I could do an in-place upgrade install and possibly fix the problem, but I'm getting the following error message (on both an attempt to upgrade back to win 7 enterprise and also to win 8 enterprise):

"An error prevented a required compliance check from completing. Cancel the installation and try upgrading again."

I've wasted hours and hours on this. Microsoft wants $300 to help me, so I'm hoping that someone here can help me. Thanks in advance for all the help.

Where are the log files for this.

A:Windows Upgrade errors on compliance check

If all of your hardware is fine I would suggest doing a full system image to an external drive and doing a clean install of Win 7 or 8.

Read other 7 answers
RELEVANCY SCORE 42

Hi - I have a yellow warning indicator in my Devices and Printers folder next to my PC. The error message is:

Name - Texas Instruments 1394 OHCI Compliant Host Controller
Device Type - IEEE 1394 Bu host controllers
Device Status - This device cannot start (Code 10)

I am not exactly sure what this is affecting but I am unable to print for one, despite uninstalling and reinstalling the print drivers.

Anyone seen this type of issue before?
 

A:TI compliance host controller error message

What is the make and model of your printer. What type connection does it have? USB, Firewire or wireless?
 

Read other 1 answers
RELEVANCY SCORE 41.2

Hi,

I have a Windows 2016 server that I ran the script fix on:

https://gallery.technet.microsoft.com/scriptcenter/Solve-SWEET32-Birthday-d2df9cf1

How a subsequent scan on this server still showed that the vulnerabilities exist on it. I manually checked the registry values and they were properly modified as per the script. However, still seeing the vulnerabilities.

Has anyone experienced this issue as well?

Thanks,
Tim

Read other answers
RELEVANCY SCORE 41.2

I'm trying to repair install Windows 7 but every time I'm getting the error "An error prevented a required compliance check from completing". I'm dual booting it with Ubuntu 14.04-lts and sfc /readonly gave the following output (greped the line with [SR] in it). There are many badblocks (like 70 or more) in my 500GB hard disk, but I checked for it (using chkdsk) few weeks ago. Please help.

A:An error prevented a required compliance check from completing

The hard drive is prime suspect. Run the maker's HD Diagnostic CD scan followed by another full Disk Check. If either fail again then I'd replace the HD because you can never trust one after it has failed both tests. I would even replace it if it failed Disk Check with that many errors. You didn't say if they were all repaired. If not then it should have already been replaced.

Read other 9 answers
RELEVANCY SCORE 40.8

Model Hp-P6-2310eaI have upgraded to W10. I now cannot use The DVD player I know that the MS Media player is selected on the auto player.The only fault I can see is :-Unknown USB Device (link in Compliance Mode) Driver error.Is this the problem and how can I resove it. I have update drivers uninstalled the drivers an reinstalled 

Read other answers
RELEVANCY SCORE 40.8

Title says it all, can't get in any of the safe modes. Saw another guy with the same problem so I followed Gringo's advice on how to run FRST and here are the logs. Assumed I should start my own thread, hope that's cool
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2013
Ran by SYSTEM at 14-01-2013 19:50:59
Running from I:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKU\Dan\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-04-27] (Google Inc.)
HKU\Dan\...&#... Read more

A:Internet computer compliance virus infected all safe modes

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

Read other 20 answers
RELEVANCY SCORE 40.4

I have installed EMET 5.1 on Windows 2012R2 member server that I am testing for compliance.
Also, admin template file (EMET.admx) has been added to PolicyDefinitions folder in sysvol.
I can see in GPRESULT output that EMET policies have been applied and I can see in REGEDIT that EMET keys have been created.
For some reason, that I am trying to find out, when scanning with Nessus and using DISA _STIG_Server_2012_MS_v1r3.audit policy definitions, it fails every EMET-related  item.

Does anyone else have the same problem? What is the remedy?
Slava.

Read other answers
RELEVANCY SCORE 39.6

Hi,

       I am running USB 2.0 & 3.0 SCSI Compliance test (LOGO) task in Windows Hardware Certification Kit for Certification for my USB Filter Driver.

Task was failed with RMB bit = 0x1 with Logging an error.

Attaching the log info,
Policy: REQUIRED
Start: ASSERTION: INQUIRY Checking RMB bit, TUID=
Description: For devices into which we can't insert/remove media, example: UFD, RMB bit should be set to 0. For devices into which we can insert/remove media, example: USB card reader, RMB bit should be set to 1. This test is run only on Removable storage devices.
Reference: SCSI Primary Commands - 3 (SPC-3) Revision 23 (or published) specification Section 6.4 http://www.t10.org/ftp/t10/drafts/spc3/spc3r23.pdf
Expectation: Correct value for RMB bit depending on the device
Sending SCSI command to device.
INQUIRY Command:
 12 00 00 00 ff 00
DeviceIoControl SUCCEEDED.
SCSI status: 0x00
    (GOOD)
Sense bytes: 0x00
Data bytes:  0x48

      00       04        08       0C      
      ---------------------------------------------------------------
 000  00800612 43000000  53616E44 69736B00    ....C...SanDisk.
 010  4372757A 65722042  6C616465 00000000    Cruzer Blade....
 020  312E3030 34433533  31303031 34373035    1.004C5310014705
... Read more

Read other answers
RELEVANCY SCORE 37.2

I have applied Microsoft security baseline to Windows 10 IoT.


Can anyone please provide a workaround or a solution to revert back the system to previous/original state?
(Any way which can basically revert the system + group policy + registry settings back to the way it was before applying security baselines)

PS: Microsoft compliance toolkit itself does not have this option which is why I have mention even a workaround would help if you know any.

Note: Just reversing GPO will not help. We will need to revert GPO + registry + (potential changes introduced by baseline).

Read other answers