DOCSLIB.ORG

Rootkit Detection & Removal

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Rootkit Detection & Removal BLUE KAIZEN CENTER OF IT SECURITY Cairo Security Camp 2010 Rootkit Detection & Removal Subject : This document gives the user an introduction to Rootkit Detection & Removal including an Alternate Data Streams, Detection and Removal (Automatic - Semi-Automatic - Manual Removal - Advanced Techniques) and MBR Rootkits. Author : Abdul-Rahman Elshafei Version : 1.0 Date : July, 2010 Nb pages : 44 Rootkit Detection & Removal Abdul-Rahman Elshafei Contributing Book Author of “Rootkits For Dummies” Outline Introduction Alternate Data Streams Detection and Removal – Automatic – Semi-Automatic – Manual Removal – Advanced Techniques MBR Rootkits Basics “Rootkits are powerful tools to compromise computer systems without detection. “– G. Hoglund (www.rootkit.com) The purpose of a rootkit is NOT to gain access to a system, but to preserve existing access Rootkits hide processes, ports, files, and other resources from the OS and security programs Other types of stealth also co/exist such as Alternative Data Streams (ADS) and MBR techniques. Basics • Rootkits are about stealth. Stealth is about survival. Survival is about criminal gain. Criminal gain is about control and cash. • Originated from unix platforms • used mostly in the past by hackers hiding trojans and keyloggers • Recently used to spread viruses, spywares and worms • Sometimes used by legitimate commercial software Rootkits Trend Alternate Data Streams (ADS) Attribute of Windows NTFS Allows compatibility with the Macintosh Hierarchical File System (HFS). Piggybacking other files File Summary Information Commonly used by malware and rootkits Few programs detect and remove ADS Alternate Data Streams (ADS) Creation Detection and Removal File: Hijackthis: C:\> type c:\visible.exe > http://www.trendsecure.com/portal/en- ads.txt:hidden.exe US/tools/security_tools/hijackthis/dow Directory: nload C:\test> echo ?test? > :hidden.txt LADS: http://www.heysoft.de/Frames/f_sw_la_e Execution n.htm C:\> start c:\ads.txt:hidden.exe DEMO 1 ADS Vanquish Important Guidelines Before Removing a Rootkit 1. Backup all important data, emails, documents, etc. 2. Disconnect from the internet 3. Close down All Scheduling/Updating + Running Background tasks etc. 4. Disable real-time monitoring programs 5. When scanning for a rootkit, do not use the computer at all 6. Use 2 or more rootkit scanners Automatic Detection and Removal F-secure online scan: http://support.f-secure.com/enu/home/ols.shtml AVG antirootkit Trend-micro Rootkit Buster Panda Antirootkit Avira Antirootkit Mcafee Rootkit Detective Sophos Antirootkit AVG Anti-Rootkit http://free.grisoft.com/doc/download-free-anti-rootkit/us/frt/0 AVG Anti-Rootkit Avira Anti-Rootkit http://www.avira.com/en/support/support_downloads.html Avira Anti-Rootkit Trend Micro RootkitBuster http://www.avira.com/en/support /support_downloads.html Trend Micro RootkitBuster Panda Anti-Rootkit http://research.pandasecurity.com/archive/Panda-AntiRootkit-Released.aspx Mcafee Rootkit Detective http://vil.nai.com/vil/stinger/rkstinger.aspx Mcafee Rootkit Detective Semi-Automatic Rootkit Detection and Removal Semi-Automatic Detection For experienced users Rootkit tools such as: Need to distinguish – GMER rootkits from false – Icesword – Rootkit Unhooker positives – Darkspy – SVV Rootkit Indicators: – VICE – RAIDE 1. Windows service 2. Hidden files related to service Removal Steps Step1: Disable Service Step2: Unhook or unregister any dll files Step3: End executable process(s) Step4: Delete service and related files RKUnhooker RKUnhooker http://www.softpedia.com/get/Antivirus/DarkSpy-Anti-Rootkit.shtml Darkspy Darkspy Manual Rootkit Detection and Removal Manual Detection and Removal Detection Tools Removal RootkitRevealer 1. Safe mode Rootkit Hook 2. DOS Commands Analyzer 3. Manual Removal Sysprot Tools RootkitRevealer Performs cross-difference comparison of scan results between windows API and low-level disk reads (RAW) Detects files, folders and registry for both user- mode and kernel-mode rootkits Drawback: – Cannot detect DKOM rootkits – No removal methods – False Positives Interpreting RootkitRevealer rootkit exists if rootkitreveler finds one or more of the following entries: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\xxxx HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\xxxxx HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\xxxx HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\xxxxx HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xxxx HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\xxxx HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xxxx HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\xxxx HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xxxx A hidden file may or may not be shown in the scan results Sample RootkitRevealer Output } False Positives Removal Must Identify rootkit service and files first 1. Safe mode 2. Command-Prompt Delete service using Sc stop RKservice regedit or services .msc Sc delete RKservice Locate/Search and delete files Net stop RKservice REG DELETE regpath 3. Manual Removal Tools Delete on reboot using killbox: http://www.bleepingcomputer.com/files/killbo x.php Avenger ComboFix Cfscript.txt ComboFix http://subs.geekstogo.com/ComboFix.exe A manual removal tool to be used under experienced supervision Capable of automatically removing large number of known malware Best to disable antivirus before running Uses a Cfscript.txt file as directives to manual remove hidden/persistent files – ..\Desktop> combofix.exe Cfscript.txt DEMO 2 GMER Icesword Advanced Rootkit Detection and Removal Applicable for Windows 95/98/ME 1. Scanning the OS from an external medium Rootkit intercepts OS calls and filters the information the OS returns to deny the rootkits presence Methods 1. Slaving hard-drive to another computer 2. Using a Bootable CD-ROM – Microsoft WinPE – Bart Preinstallation Environment (BartPE) www.nu2.nu/pebuilder/ – Ultimate Boot CD for Windows (UBCD4Win) www.ubcd4win.com 2. Offline file comparisons 1. Disable as many processes as possible 2. Cleanup all temp files 3. Use command prompt to type the following commands: cd \ dir /s /b /ah > hiddenfiles1.txt dir /s /b /a-h > otherfiles1.txt 4. Boot into Dos using Windows 98 boot disk or through recovery console (XP) 5. At the command prompt type the following commands: dir /s /b /ah > hiddenfiles2.txt dir /s /b /a-h > otherfiles2.txt 6. compare the files hiddenfile1.txt with hiddenfiles2.txt and otherfiles1.txt with otherfiles2.txt Comparison programs: - Compare-It: http://www.grigsoft.com/wc3setup.zip - Examdiff. http://www.prestosoft.com/edp_examdiff.asp 7. If rootkit is found, rename the file in Dos using ren command MBR Rootkits Rootkit replaces the infected system's Master Boot Record The MBR is the first physical sector of the hard drive and contains the first code loaded and executed from the drive during the boot process. Does not require a file or any registry entries MBR Rootkits Detection 1 MBR Rootkit Detection 2 GMER 1.0.12.12010 - http://www.gmer.net Rootkit scan 2008-03-26 09:01:20 Windows 5.1.2600 Dodatek Service Pack 2 ---- Kernel code sections - GMER 1.0.12 ---- PAGE CLASSPNP.SYS!ClassInitialize + F4 F9A934B2 4 Bytes [ 7E, 78, 82, 81 ] PAGE CLASSPNP.SYS!ClassInitialize + FF F9A934BD 4 Bytes [ 28, 24, 82, 81 ] PAGE CLASSPNP.SYS!ClassInitialize + 10A F9A934C8 4 Bytes [ 90, 78, 82, 81 ] PAGE CLASSPNP.SYS!ClassInitialize + 111 F9A934CF 4 Bytes [ 84, 78, 82, 81 ] PAGE CLASSPNP.SYS!ClassInitialize + 118 F9A934D6 4 Bytes [ 8A, 78, 82, 81 ] PAGE ... MBR Rootkits Removal 1. Windows Recovery Console: Windows XP/2k: fixmbr Windows Vista: bootrec.exe /fixmbr 2. Stealth MBR rootkit detector 0.2.2 by Gmer: http://www2.gmer.net/mbr/mbr.exe Questions?.
Load more

Recommended publications
  • Rootkit- Rootkits.For.Dummies 2007.Pdf
    01_917106 ffirs.qxp 12/21/06 12:04 AM Page i Rootkits FOR DUMmIES‰ 01_917106 ffirs.qxp 12/21/06 12:04 AM Page ii 01_917106 ffirs.qxp 12/21/06 12:04 AM Page iii Rootkits FOR DUMmIES‰ by Larry Stevenson and Nancy Altholz 01_917106 ffirs.qxp 12/21/06 12:04 AM Page iv Rootkits For Dummies® Published by Wiley Publishing, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright © 2007 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions. Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission.
    [Show full text]
  • La Sécurité Informatique Edition Livres Pour Tous (
    La sécurité informatique Edition Livres pour tous (www.livrespourtous.com) PDF générés en utilisant l’atelier en source ouvert « mwlib ». Voir http://code.pediapress.com/ pour plus d’informations. PDF generated at: Sat, 13 Jul 2013 18:26:11 UTC Contenus Articles 1-Principes généraux 1 Sécurité de l'information 1 Sécurité des systèmes d'information 2 Insécurité du système d'information 12 Politique de sécurité du système d'information 17 Vulnérabilité (informatique) 21 Identité numérique (Internet) 24 2-Attaque, fraude, analyse et cryptanalyse 31 2.1-Application 32 Exploit (informatique) 32 Dépassement de tampon 34 Rétroingénierie 40 Shellcode 44 2.2-Réseau 47 Attaque de l'homme du milieu 47 Attaque de Mitnick 50 Attaque par rebond 54 Balayage de port 55 Attaque par déni de service 57 Empoisonnement du cache DNS 66 Pharming 69 Prise d'empreinte de la pile TCP/IP 70 Usurpation d'adresse IP 71 Wardriving 73 2.3-Système 74 Écran bleu de la mort 74 Fork bomb 82 2.4-Mot de passe 85 Attaque par dictionnaire 85 Attaque par force brute 87 2.5-Site web 90 Cross-site scripting 90 Défacement 93 2.6-Spam/Fishing 95 Bombardement Google 95 Fraude 4-1-9 99 Hameçonnage 102 2.7-Cloud Computing 106 Sécurité du cloud 106 3-Logiciel malveillant 114 Logiciel malveillant 114 Virus informatique 120 Ver informatique 125 Cheval de Troie (informatique) 129 Hacktool 131 Logiciel espion 132 Rootkit 134 Porte dérobée 145 Composeur (logiciel) 149 Charge utile 150 Fichier de test Eicar 151 Virus de boot 152 4-Concepts et mécanismes de sécurité 153 Authentification forte
    [Show full text]
  • Win Xp Pe Iso Download
    Win Xp Pe Iso Download 1 / 4 Win Xp Pe Iso Download 2 / 4 3 / 4 Download Files. Download PEbuilder 3.1.10 File: Download PEbuilder 3.1.10 File. BartPE Iso WINXP Emulated Version 155MB: .... To start working with WinPE, download and install both the Windows ... To learn how to create a bootable WinPE CD, DVD, ISO, or VHD, see .... A tutorial on installing BartPE onto a bootable USB drive. ... but instead of going straight into the BartPE OS, it loaded the BartPE ISO file into the ... Secondly, download Microsoft's Windows Server 2003 SP1 installation file (this can ... This utility has the ability to properly format a USB disk & install a Windows XP boot sector.. Jump to Boot WinPE/BartPE from an ISO file - Download firadisk.gz from the Beta ... For example, for the Avast BartPE ISO you can use a .... Download BartPE builder from http://www.nu2.nu/pebuilder/ ... When it's done building, image file "c:\pebuilder\pebuilder.iso" should be created properly.. Use Windows 7/XP ISO File or DVD to Create Bootable Install USB Drive ... it also allows you transfer Windows PE( Windows XP / Windows 7 / Vista / 2003 / 2008 ) to usb pen drive in a few clicks. ... Download it from softpedia.. Here we show you 5 Windows PE based boot discs to help technicians and ... disc is fully automated including the downloading of the Windows ISO image file.. 1.1 USB Drive; 1.2 BIOS/UEFI configuration; 1.3 ISO image ... If not, download BartPE; The original CD of Windows XP Professional, not a Windows XP Home ...
    [Show full text]
  • (12) Unlted States Patent (10) Patent No.: US 8,086,835 B2 Argus Et A]
    US008086835B2 (12) Unlted States Patent (10) Patent No.: US 8,086,835 B2 Argus et a]. (45) Date of Patent: Dec. 27, 2011 (54) ROOTKIT DETECTION 2005/0081198 A1 * 4/2005 (3110 et a1. .................... .. 717/174 2005/0229250 A1 10/2005 Ring et a1. 75 Inventors: Christo her J. Ar us, Crown oint, IN Zoos/0162915 Al * 7/2008 Pris: et .al' """"""""""" " 713/2 ( ) (Us); clliase N- Doguglass portlivaynes 2008/0282350 A1 * 11/2008 Khllnanl et a1. .............. .. 726/24 IN (US); Dan J. Di Spaltro, Bend, OR FOREIGN PATENT DOCUMENTS (US); Michael D. Fuller, Seattle, WA Ep 656587 A1 7/1995 (Us) OTHER PUBLICATIONS (73) Assignee: International Business Machines Sean’s Blog, Making a bootable USB drive with BartPE or Corporation, Armonk, NY UBCD4Win, Mar‘ 31, 2006, pp‘ 1_3‘* _ _ _ _ _ PCuser, RootKitty BartPE plugin?, Dec. 4, 2006, p. 1.* ( * ) Not1ce: Subject to any d1scla1mer, the term of th1s patent is extended or adjusted under 35 * Cited by eXaminef U.S.C. 154(b) by 1111 days. Primary Examiner * Thomas Lee (21) Appl. No.: 11/757,729 Assistant Examiner * Michael J BroWn (74) Attorney, Agent, orFirm * Steven M. Greenberg, Esq.; (22) Filed: Jun- 41 2007 Carey, Rodriguez, Greenberg & O’Keefe (65) Prior Publication Data (57) ABSTRACT US 2008/0301426 A1 Dec. 4, 2008 Embodiments of the present invention address de?ciencies of the art in respect to rootkit detection and provide a method, (51) Int- Cl- system and computer program product for external rootkit G06F 9/24 (2006-01) detection and remediation. In one embodiment of the inven G06F 15/177 (2006-01) tion, an external rootkit detection tool can be provided.
    [Show full text]
  • What Are Kernel-Mode Rootkits?
    www.it-ebooks.info Hacking Exposed™ Malware & Rootkits Reviews “Accessible but not dumbed-down, this latest addition to the Hacking Exposed series is a stellar example of why this series remains one of the best-selling security franchises out there. System administrators and Average Joe computer users alike need to come to grips with the sophistication and stealth of modern malware, and this book calmly and clearly explains the threat.” —Brian Krebs, Reporter for The Washington Post and author of the Security Fix Blog “A harrowing guide to where the bad guys hide, and how you can find them.” —Dan Kaminsky, Director of Penetration Testing, IOActive, Inc. “The authors tackle malware, a deep and diverse issue in computer security, with common terms and relevant examples. Malware is a cold deadly tool in hacking; the authors address it openly, showing its capabilities with direct technical insight. The result is a good read that moves quickly, filling in the gaps even for the knowledgeable reader.” —Christopher Jordan, VP, Threat Intelligence, McAfee; Principal Investigator to DHS Botnet Research “Remember the end-of-semester review sessions where the instructor would go over everything from the whole term in just enough detail so you would understand all the key points, but also leave you with enough references to dig deeper where you wanted? Hacking Exposed Malware & Rootkits resembles this! A top-notch reference for novices and security professionals alike, this book provides just enough detail to explain the topics being presented, but not too much to dissuade those new to security.” —LTC Ron Dodge, U.S.
    [Show full text]
  • Bartpe and KNOPPIX
    Portable Operating Systems for the Personal Computer: BartPE and KNOPPIX Eric P. Delozier, Electronic Services Librarian Penn State Harrisburg Library Middletown, PA Abstract • This poster demonstrates how two operating environments that boot and run from a CD-ROM drive are used as platforms for managing technology and delivering instruction. Built from Windows XP or 2003 installation media, BartPE provides a GUI-based environment that is useful for managing employee and public-access computers. KNOPPIX provides a convenient and portable delivery method for educating librarians and end-users on Linux and open source software. Although based on disparate platforms, both provide a vast array of applications that can support a library’s dual-mission of delivering effective information technology services and literacy programs. Distinctions BartPE KNOPPIX Licensing Mostly NonProprietary Proprietary (Open-source) Platform Windows XP or Linux 2003 CD Capacity Under 550 MB 700 MB or Requirements higher Cost Partially Free Free 1 Similarities BartPE KNOPPIX Networking Yes Yes Supported Devices Requires installation Recognizes most of some drivers for devices automatically maximum support. with little intervention. GUI Nu2Menu KDE, IceWM, Fluxbox, TWM VNC/RDP Support TightVNC (VNC), KRDesktop (Supports Remote Desktop VNC and RDP) Client (RDP) BartPE Requirements • Building (PE Builder): • Executing: – Windows XP (SP1 or – Valid Windows higher) or 2003 License Installation Media – 128 MB RAM – Recordable CD or – Compatible SVGA DVD Drive Graphics Adapter – ISO Burning Software – Intel-compatible CPU (Nero, Easy CD (i586 or later) Creator, etc.) – Bootable CD/DVD Drive BartPE Components • PE Builder – Builds BartPE from Windows Installation Media. • Drivers – Minimal included. Others can be easily installed.
    [Show full text]
  • Vmwatcher.Pdf
    Stealthy Malware Detection and Monitoring through VMM-Based “Out-of-the-Box” 12 Semantic View Reconstruction XUXIAN JIANG North Carolina State University XINYUAN WANG George Mason University and DONGYAN XU Purdue University An alarming trend in recent malware incidents is that they are armed with stealthy techniques to detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based antimalware systems is that they run inside the very hosts they are protecting (“in-the-box”), making them vulnerable to counter detection and subversion by malware. To address this limitation, recent solutions based on virtual machine (VM) technologies advocate placing the malware detection facilities outside of the protected VM (“out-of- the-box”). However, they gain tamper resistance at the cost of losing the internal semantic view of the host, which is enjoyed by “in-the-box” approaches. This poses a technical challenge known as the semantic gap. In this article, we present the design, implementation, and evaluation of VMwatcher—an “out- of-the-box” approach that overcomes the semantic gap challenge. A new technique called guest view casting is developed to reconstruct internal semantic views (e.g., files, processes, and ker- nel modules) of a VM nonintrusively from the outside. More specifically, the new technique casts semantic definitions of guest OS data structures and functions on virtual machine monitor (VMM)- level VM states, so that the semantic view can be reconstructed. Furthermore, we extend guest view casting to reconstruct details of system call events (e.g., the process that makes the system This work was supported in part by the US National Science Foundation (NSF) under Grants CNS-0716376, CNS-0716444 and CNS-0546173.
    [Show full text]
  • NTFS from Wikipedia, the Free Encyclopedia Jump To: Navigation, Search NTFS Developer Microsoft Introduced July 1993 (Windows
    NTFS From Wikipedia, the free encyclopedia Jump to: navigation, search NTFS Developer Microsoft Introduced July 1993 (Windows NT 3.1) Partition identifier 0x07 (MBR) EBD0A0A2-B9E5-4433-87C0-68B6B72699C7 (GPT) Structures Directory contents B+ tree[1] File allocation Bitmap/Extents Bad blocks $badclus Limits Max file size 264 bytes (16 EiB) minus 1 KiB [2] Max number of files 4,294,967,295 (232-1)[2] Max filename length 255 UTF-16 code units[3] Max volume size 264 ? 1 clusters [2] Allowed characters in filenames In Posix namespace, any UTF-16 code unit (case sensitive) except U+0000 (NUL) and / (slash). In Win32 namespace, any UTF-16 code unit (case insensitive) except U+0000 (NUL) / (slash) \ (backslash) : (colon) * (asterisk) ? (Question mark) " (quote) < (less than) > (greater than) and | (pipe) [3] Features Dates recorded Creation, modification, POSIX change, access Date range 1 January 1601 ʹ 28 May 60056 (File times are 64-bit numbers counting 100- nanosecond intervals (ten million per second) since 1601, which is 58,000+ years) Date resolution 100ns Forks Yes (see Alternate data streams below) Attributes Read-only, hidden, system, archive, not content indexed, off-line, temporary File system permissions ACLs Transparent compression Per-file, LZ77 (Windows NT 3.51 onward) Transparent encryption Per-file, DESX (Windows 2000 onward), Triple DES (Windows XP onward), AES (Windows XP Service Pack 1, Windows Server 2003 onward) Single Instance Storage Yes Supported operating systems Windows NT family (Windows NT 3.1 to Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008) NTFS is the standard file system of Windows NT, including its later versions Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, and Windows Vista.[4] NTFS supersedes the FAT file system as the preferred file system for Microsoft͛s ͞Windows͟-branded operating systems.
    [Show full text]
  • Curriculum Vitae
    CURRICULUM VITAE Amr El Sayed Abdel Latif PERSONAL DATA Address :The American University in Cairo, Social Research Center, P.O. BOX 2511, Cairo, Egypt. Phone (202) 2763-5157 (Home ) (202) 2615-1405 (Work ) (20100)373-2775 (Mob) Birth date : Nov. 17.1970 Nationality : Egyptian E-mail: [email protected] EDUCATION Oct 1996 Cairo University Oct 1997 Institute of Statistical Studies and Research. Qualifying studies for master degree Oct 1994 Cairo University May 1996 Institute of Statistical Studies and Research. Diploma in demography Sept 1988 Cairo University May 1993 Faculty of Science BS - Mathematical Statistics (Very Good) WORK EXPERIENCE Official Work May 1997 The American University In Cairo To date Social Research Center Officer, Research, Field & Training Amr el sayed 1 July 1993 Cairo Demography Center May 1997 Research Assistant June 1996 Saudi Arabia Sept 1996 Project of planning, Abha Data coordination and analysis Experience I have an intensive experience in working (as data analyst, using the SPSS) with Demographic and Health Survey (DHS) and the Maternal and Child Health Surveys (PAPCHILD) Data files of Egypt and other countries, as well to design data entry programs and worked as data analysis trainer in many workshops. Teaching classes - Teaching SPSS, Stata and Spectrum classes to the participants in the "Research Methods Workshop”, from 2000 till 2017. - Teaching SPSS Classes in the following: - The Social Fund for Development - Yemen, 2006. - Faculty of Economics and Political Sciences - Cairo University, 2010.
    [Show full text]
  • BMA User & Reference Manual V7.5 Build 1730 EN
    BootManage® Administrator User & Reference Manual 1 Contents OPERATING SYSTEMS AND OPERATION MODES ................................................................................... 5 OVERVIEW ........................................................................................................................................................... 6 Operating system installation (with automatic hardware detection) .............................................................. 6 Imaging for installation ................................................................................................................................... 6 Diskless operation ........................................................................................................................................... 7 Performing one time activities on a Managed PC .......................................................................................... 7 Diskless Linux network boot ........................................................................................................................... 8 Remove an operating system ........................................................................................................................... 9 Hard Disk Partitioning.................................................................................................................................... 9 CLIENT INSTALLATION ................................................................................................................................ 11 Client
    [Show full text]
  • A Windows XP Diagnostic Guide Step 1
    home.comcast.net 20/11/2010 12:26 Diagnose XP Diagnose XP - Step 1 - Malware A Windows XP Removal Diagnostic Guide Malware Infection which includes Viruses, Worms, Trojans, Spyware, Adware and Rootkits can cause or mimic just about any system problem. These in- clude: Application Errors, Lock-ups (freezing), The following Free guide will help you Blue Screen Stop Errors (BSOD) and Random troubleshoot the most common causes of sys- Reboots. tem problems. Diagnosing System problems can be very complicated and time consuming. There Malware Removal Guide - Malware is short are no simple solutions. Windows XP systems should for «Malicious Software». It is a general never Lock-up (freeze), display Blue Screen Stop term that refers to any software or program Errors or Randomly Reboot. These are all warning code designed to infiltrate or damage a computer signs something is wrong or misconfigured with system without the owner’s informed consent. This your system. Unless you are a highly trained, expe- includes Viruses, Worms, Trojans, Spyware, Adware rienced PC Technician do not skip any of the fol- and Rootkits. This 3 step guide will show you how lowing steps. to remove these infections and protect yourself from future infections for free using free software. Notes - Overclocking can cause almost any system problem. It is strongly recommended to only run FACT: 89% of consumer PCs are infected with your system at the correct frequencies. Troubles- spyware hooting any problem on an Overclocked system is feedback a complete waste of time. Set the system back to its ^ TOP default frequencies before you begin troubleshoo- ting.
    [Show full text]
  • Como Entender As Denúncias De Vigilantismo Global
    PROTEÇÃO DE DADOS A BITCOIN e-SAÚDE na União Europeia pode derrubar os EUA e privacidade no Brasil o instituto nupef é uma organização sem fi ns Uma publicação do Instituto Nupef • outubro / 2013 • www.politics.org.br de lucro dedicada à refl exão, análise, produção de conhecimento e formação, principalmente centradas em questões relacionadas às tecnologias da informação e Comunicação (tiCs) e suas relações políticas com os direitos humanos, a democracia, o desenvolvimen- to sustentável e a justiça social. além de realizar cursos, eventos, desenvolver pesquisas e estudos de caso, o nupef edita a politiCs, a rets (revista do terceiro setor) e mantém o projeto tiwa – provedor de serviços internet voltado exclusivamente para instituições sem fi ns lucrativos – resultado de um trabalho iniciado há 21 anos, com a criação do alternex (o pri- meiro provedor de serviços internet aberto ao público no Brasil). o tiwa é um provedor comprometido prioritariamente com a pri- vacidade e a segurança dos dados das entidades associadas; com a garantia de sua liberdade de expressão; com o uso de software livre e de plataformas abertas não-proprietárias. Tecnologias e pessoas com defi ciência: questão política rua sorocaba 219, 501 | parte | Botafogo | CeP 22271-110 | rio de Janeiro | rJ | Brasil Como entender telefone/fax +55 (21) 3259-0370 | www.nupef.org.br as denúncias de vigilantismo global nº16 EDITOR CARLOS A. AFONSO CAPA, PROJETO GRÁFICO E DIAGRAMAÇÃO MONTE DESIGN DISTRIBUIÇÃO VIVIANE GOMES Índice TRADUÇÕES RICARDO SILVEIRA 02 >Como entender as denúncias Esta é uma publicação do Instituto Nupef. de vigilantismo global Versão digitalizada disponível em www.politics.org.br e no sítio do Nupef - www.nupef.org.br Pedro Antonio Dourado de Rezende Para enviar sugestões, críticas ou outros comentários: [email protected] >10 Rua Sorocaba, 219 | 501 - parte | Botafogo | 22271-110 Sugestões relativas às políticas públicas brasileiras sobre Rio de Janeiro RJ Brasil | telefone +55 21 2527-0294 tecnologias assistivas para pessoas com deficiência visual Apoio: Fernando H.
    [Show full text]