Automated Malware Analysis Report for Ud-Win-X64.Exe

Total Page:16

File Type:pdf, Size:1020Kb

Automated Malware Analysis Report for Ud-Win-X64.Exe ID: 197137 Sample Name: ud-win-x64.exe Cookbook: default.jbs Time: 21:35:52 Date: 18/12/2019 Version: 28.0.0 Lapis Lazuli Table of Contents Table of Contents 2 Analysis Report ud-win-x64.exe 5 Overview 5 General Information 5 Detection 5 Confidence 6 Classification 6 Analysis Advice 7 Mitre Att&ck Matrix 7 Signature Overview 8 AV Detection: 8 Spreading: 8 Networking: 8 System Summary: 8 Data Obfuscation: 9 Persistence and Installation Behavior: 9 Hooking and other Techniques for Hiding and Protection: 9 Malware Analysis System Evasion: 9 Anti Debugging: 10 HIPS / PFW / Operating System Protection Evasion: 10 Language, Device and Operating System Detection: 10 Malware Configuration 10 Behavior Graph 10 Simulations 11 Behavior and APIs 11 Antivirus, Machine Learning and Genetic Malware Detection 11 Initial Sample 11 Dropped Files 11 Unpacked PE Files 11 Domains 11 URLs 12 Yara Overview 12 Initial Sample 12 PCAP (Network Traffic) 12 Dropped Files 12 Memory Dumps 12 Unpacked PEs 12 Sigma Overview 12 Joe Sandbox View / Context 12 IPs 12 Domains 12 ASN 12 JA3 Fingerprints 13 Dropped Files 13 Screenshots 13 Thumbnails 13 Startup 14 Created / dropped Files 14 Domains and IPs 17 Contacted Domains 17 URLs from Memory and Binaries 18 Contacted IPs 18 Static File Info 18 General 18 File Icon 19 Static PE Info 19 General 19 Entrypoint Preview 19 Data Directories 21 Copyright Joe Security LLC 2019 Page 2 of 40 Sections 21 Resources 22 Imports 22 Version Infos 22 Possible Origin 22 Network Behavior 23 Code Manipulations 23 Statistics 23 Behavior 23 System Behavior 23 Analysis Process: ud-win-x64.exe PID: 4816 Parent PID: 4268 23 General 23 File Activities 24 File Created 24 File Deleted 24 File Written 24 File Read 28 Registry Activities 33 Key Created 33 Analysis Process: conhost.exe PID: 904 Parent PID: 4816 34 General 34 Analysis Process: cmd.exe PID: 5028 Parent PID: 4816 34 General 34 File Activities 34 Analysis Process: WMIC.exe PID: 4232 Parent PID: 5028 34 General 34 File Activities 34 Analysis Process: cmd.exe PID: 4272 Parent PID: 4816 35 General 35 File Activities 35 Analysis Process: WMIC.exe PID: 4568 Parent PID: 4272 35 General 35 File Activities 35 Analysis Process: cmd.exe PID: 4796 Parent PID: 4816 35 General 35 File Activities 36 Analysis Process: WMIC.exe PID: 5040 Parent PID: 4796 36 General 36 File Activities 36 Analysis Process: cmd.exe PID: 4668 Parent PID: 4816 36 General 36 File Activities 36 Analysis Process: WMIC.exe PID: 3012 Parent PID: 4668 37 General 37 File Activities 37 Analysis Process: cmd.exe PID: 2576 Parent PID: 4816 37 General 37 File Activities 37 Analysis Process: WMIC.exe PID: 1816 Parent PID: 2576 37 General 37 File Activities 38 Analysis Process: cmd.exe PID: 4424 Parent PID: 4816 38 General 38 Analysis Process: WMIC.exe PID: 1256 Parent PID: 4424 38 General 38 Analysis Process: cmd.exe PID: 4220 Parent PID: 4816 38 General 38 Analysis Process: WMIC.exe PID: 3020 Parent PID: 4220 39 General 39 Analysis Process: cmd.exe PID: 4552 Parent PID: 4816 39 General 39 Analysis Process: WMIC.exe PID: 3428 Parent PID: 4552 39 General 39 Analysis Process: cmd.exe PID: 4516 Parent PID: 4816 39 General 39 Analysis Process: powershell.exe PID: 3964 Parent PID: 4516 40 General 40 Analysis Process: powershell.exe PID: 4412 Parent PID: 4816 40 General 40 Copyright Joe Security LLC 2019 Page 3 of 40 Disassembly 40 Code Analysis 40 Copyright Joe Security LLC 2019 Page 4 of 40 Analysis Report ud-win-x64.exe Overview General Information Joe Sandbox Version: 28.0.0 Lapis Lazuli Analysis ID: 197137 Start date: 18.12.2019 Start time: 21:35:52 Joe Sandbox Product: CloudBasic Overall analysis duration: 0h 7m 6s Hypervisor based Inspection enabled: false Report type: light Sample file name: ud-win-x64.exe Cookbook file name: default.jbs Analysis system description: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113 Number of analysed new started processes analysed: 27 Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies: HCA enabled EGA enabled HDC enabled AMSI enabled Analysis stop reason: Timeout Detection: MAL Classification: mal76.evad.winEXE@40/14@0/0 EGA Information: Successful, ratio: 100% HDC Information: Successful, ratio: 54.6% (good quality ratio 28.4%) Quality average: 39.8% Quality standard deviation: 43.1% HCA Information: Failed Cookbook Comments: Adjust boot time Enable AMSI Found application associated with file extension: .exe Warnings: Show All Exclude process from analysis (whitelisted): dllhost.exe, TiWorker.exe, conhost.exe, CompatTelRunner.exe, TrustedInstaller.exe Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtEnumerateKey calls found. Report size getting too big, too many NtEnumerateValueKey calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryAttributesFile calls found. Report size getting too big, too many NtQueryValueKey calls found. Report size getting too big, too many NtReadVirtualMemory calls found. Detection Strategy Score Range Reporting Whitelisted Detection Copyright Joe Security LLC 2019 Page 5 of 40 Strategy Score Range Reporting Whitelisted Detection Threshold 76 0 - 100 false Confidence Strategy Score Range Further Analysis Required? Confidence Threshold 5 0 - 5 false Classification Copyright Joe Security LLC 2019 Page 6 of 40 Ransomware Miner Spreading mmaallliiiccciiioouusss malicious Evader Phishing sssuusssppiiiccciiioouusss suspicious cccllleeaann clean Exploiter Banker Spyware Trojan / Bot Adware Analysis Advice Sample drops PE files which have not been started, submit dropped PE samples for a secondary analysis to Joe Sandbox Sample may offer command line options, please run it with the 'Execute binary with arguments' cookbook (it's possible that the command line switches require additional characters like: "-", "/", "--") Sample monitors window changes (e.g. starting applications), analyze the sample with the 'Simulates keyboard and window changes' cookbook Mitre Att&ck Matrix Privilege Credential Lateral Command Initial Access Execution Persistence Escalation Defense Evasion Access Discovery Movement Collection Exfiltration and Control Valid Windows Management Application Access Token Masquerading 1 Credential System Time Application Data from Data Standard Accounts Instrumentation 4 1 1 Shimming 1 Manipulation 1 Dumping Discovery 2 Deployment Local Encrypted 1 Cryptographic Software System Protocol 1 Copyright Joe Security LLC 2019 Page 7 of 40 Privilege Credential Lateral Command Initial Access Execution Persistence Escalation Defense Evasion Access Discovery Movement Collection Exfiltration and Control Replication Command-Line Port Process Software Network Query Registry 1 Remote Data from Exfiltration Fallback Through Interface 2 Monitors Injection 1 2 Packing 1 1 Sniffing Services Removable Over Other Channels Removable Media Network Media Medium External PowerShell 1 Accessibility Application Virtualization/Sandbox Input Capture Virtualization/Sandbox Windows Data from Automated Custom Remote Features Shimming 1 Evasion 3 5 Evasion 3 5 Remote Network Exfiltration Cryptographic Services Management Shared Protocol Drive Drive-by Execution through System DLL Search Access Token Credentials in Process Discovery 2 Logon Input Data Multiband Compromise API 2 Firmware Order Hijacking Manipulation 1 Files Scripts Capture Encrypted Communication Exploit Public- Command-Line Interface Shortcut File System Process Account Application Window Shared Data Scheduled Standard Facing Modification Permissions Injection 1 2 Manipulation Discovery 1 Webroot Staged Transfer Cryptographic Application Weakness Protocol Spearphishing Graphical User Interface Modify New Service Deobfuscate/Decode Brute Force Security Software Third-party Screen Data Commonly Link Existing Files or Information 1 Discovery 5 5 1 Software Capture Transfer Used Port Service Size Limits Spearphishing Scripting Path Scheduled Obfuscated Files or Two-Factor File and Directory Pass the Email Exfiltration Uncommonly Attachment Interception Task Information 2 Authentication Discovery 3 Hash Collection Over Used Port Interception Command and Control Channel Spearphishing Third-party Software Logon Process Indicator Blocking Bash History System Information Remote Clipboard Exfiltration Standard via Service Scripts Injection Discovery 2 3 6 Desktop Data Over Application Protocol Alternative Layer Protocol Protocol Signature Overview • AV Detection • Spreading • Networking • System Summary • Data Obfuscation • Persistence and Installation Behavior • Hooking and other Techniques for Hiding and Protection • Malware Analysis System Evasion • Anti Debugging • HIPS / PFW / Operating System Protection Evasion • Language, Device and Operating System Detection Click to jump to signature section AV Detection: Machine Learning detection for sample Spreading: Contains functionality to query local drives Enumerates the file system Networking: Urls found in memory or binary data System Summary: Contains functionality to communicate with device drivers Copyright Joe Security LLC 2019 Page 8 of 40 Detected
Recommended publications
  • Where Does My Downloaded File Go Find & Delete Files on a Google Pixel Phone
    where does my downloaded file go Find & delete files on a Google Pixel phone. You can usually find your downloaded files in the Files app on your Pixel phone. Find & open files on a Pixel phone. Open your phone's Files app . Learn where to find your apps. Your downloaded files will show. To find other files, tap Menu . To sort by name, date, type, or size, tap More Sort by . To open a file, tap it. Delete files from your Pixel phone. Open your phone's Files app . Tap a file. Tap Delet e Delete . Share, print, save to Drive & more. Share your files from your Pixel phone. Touch and hold the file. Tap Share . Do other actions, like printing or adding to Google Drive. To open a file, tap it. At the top right, look for more options. If needed, tap More . Find music, movies & other content. You can download files like music, movies, or books in various apps. To find that content, go to the app where you downloaded it. For example, learn how to find videos downloaded in the Google Play Movies & TV app. Transfer files to a computer. When you connect your phone to a computer by USB cab l e, open the computer's "Downloads" folder to find the files that are on your phone. Learn how to move files between your computer and your phone. Where can I find downloaded files on my Samsung Galaxy smartphone? The location of your downloaded files will depend on the type of file you have downloaded and the app that you used to download it.
    [Show full text]
  • Windows - Run/Kör Kommando
    Windows - Run/Kör kommando Accessibility Controls - access.cpl Network Connections - ncpa.cpl Add Hardware Wizard - hdwwiz.cpl Network Setup Wizard - netsetup.cpl Add/Remove Programs - appwiz.cpl Notepad - notepad Administrative Tools - control admintools Nview Desktop Manager - nvtuicpl.cpl Automatic Updates - wuaucpl.cpl Object Packager - packager Bluetooth Transfer Wizard - fsquirt ODBC Data Source Administrator - odbccp32.cpl Calculator - calc On Screen Keyboard - osk Certificate Manager - certmgr.msc Opens AC3 Filter - ac3filter.cpl Character Map - charmap Password Properties - password.cpl Check Disk Utility - chkdsk Performance Monitor - perfmon.msc Clipboard Viewer - clipbrd Performance Monitor - perfmon Command Prompt - cmd Phone and Modem Options - telephon.cpl Component Services - dcomcnfg Power Configuration - powercfg.cpl Computer Management - compmgmt.msc Printers and Faxes - control printers Control Panel - control panel Printers Folder - printers Date and Time Properties - timedate.cpl Private Character Editor - eudcedit DDE Share - ddeshare Quicktime (If Installed) - QuickTime.cpl Device Manager - devmgmt.msc Regional Settings - intl.cpl Direct X Control Panel -directx.cpl Registry Editor - regedit Direct X Troubleshooter - dxdiag Registry Editor - regedit32 Disk Cleanup Utility - cleanmgr Remote Desktop - mstsc Disk Defragment - dfrg.msc Removable Storage - ntmsmgr.msc Disk Management - diskmgmt.msc Removable Storage Operator Requests - ntmsoprq.msc Disk Partition Manager - diskpart Resultant Set of Policy (XP Prof)
    [Show full text]
  • Laptop Service Guide
    Windows Operating System 3 Turn off visual effects 3 Turn off Windows Search Indexing Feature 4 Defragging Hard Drive 5 Step 1: Locating the Defragment Wizard 5 Step 2: Using Defragment Wizard 6 Checking your hard drive 8 Checking your memory 8 Ensure Windows Defender is enabled 9 Perform Disk cleanup to remove clutter 12 Disable Programs that you do not use frequently from starting when system boots 14 14 Perform regular Windows Defender scans on system 15 Uninstall programs that you do not use anymore 17 Regularly turn off your system when not in use 18 How to shut down your windows machine 19 Perform check disk on hard drive regularly 21 Turn Off Windows Tips and Tricks 23 Turn Off Search Indexing 24 Regularly perform backups as well as create restore points 27 Use Powershell to fix corrupt files: 32 Enable fast start-up: 34 Effect of ram on the system 35 2 Windows Operating System Turn off visual effects I. Open the start menu by pressing the Windows key on your keyboard or by clicking on the icon shown below. a. Type “Advanced System Settings” and click on it when it appears in the Menu. b. Navigate to the “Advanced” tab at the top. c. Click on “Settings” in the “Performance” block d. Select “Adjust for best performance”. e. Click “Ok” to finish the setup. 3 Turn off Windows Search Indexing Feature I. Open the start menu by pressing the Windows key on your keyboard or by clicking on the icon shown below. II. Search for “Index” and choose “Indexing Options” when it appears.
    [Show full text]
  • List of New Applications Added in ARL #2603
    List of New Applications Added in ARL #2603 Application Name Publisher DataConnect 11.5 Actian Source Sans Pro 1.0 Adobe PDF Broker Process for Internet Explorer 21.1 Adobe Creative Suite CS6 Standard Adobe Collaboration Synchronizer 20.1 Adobe Collaboration Synchronizer 21.1 Adobe Connect 2020.12 Adobe AD Group Manager 1.1 Albus Bit AD Group Manager 1.2 Albus Bit Query Reporter 3.3 Allround Automations Monarch 13.0 Classic Altair Engineering IMAGEPro 1.1 AMETEK CrystalControl 2.1 AMETEK NekoHTML 1.9 Andy Clark Sherlock 6.2 Ansys Flash Banner Maker 1.0 Anvsoft Any Video Converter 5.5 Anvsoft TomeePlus 9.0 Apache Software Foundation Falcon 0.1 Apache Software Foundation JaxMe 0.5 Apache Software Foundation A-PDF Split A-PDF.com WealthTrack 9.0 Applied Systems Call Status Report 1.0 Aspect Software Inbound 7.3 Aspect Software CLIQ Web Manager 9.2 ASSA ABLOY CLIQ Web Manager 8.0 ASSA ABLOY Centerprise Data Integrator 7.6 Astera Software Bitbucket 2.0 Atlassian Jira Capture Chrome 1.0 Atlassian AudaEnterprise 4.0 Audatex Encode And Decode Files - Base64 1.0 Automation Anywhere Expert PDF 14.0 Avanquest Software ASG Plugin Avaya Discovery Tool 3.3 AvePoint DocAve 6.6 AvePoint DocAve 6.12 AvePoint DocAve 6.11 AvePoint DocAve 6.3 AvePoint DocAve 6.8 AvePoint DocAve 6.9 AvePoint FLY 4.5 AvePoint Wonderware Application Server Client 2020 AVEVA Group Cloud for Business On-Premises 2.0 Axure Software Solutions Automator 4.5 Axway Convene 5.8 Azeus Zulu 8.50 Azul Systems Zulu 11.35 Azul Systems Zulu 8.48 Azul Systems Zulu 15.28 Azul Systems Zulu
    [Show full text]
  • Introduction to Windows 7
    [Not for Circulation] Introduction to Windows 7 This document provides a basic overview of the new and enhanced features of Windows 7 as well as instructions for how to request an upgrade. Windows 7 at UIS Windows 7 is Microsoft’s latest operating system. Beginning in the fall of 2010, UIS will upgrade all classroom and lab PCs to Windows 7. Any new PC that is ordered will automatically come installed with Windows 7. To request an upgrade, contact the Technology Support Center (TSC) at 217/206-6000 or [email protected]. The TSC will evaluate your machine to see if it’s capable of running Windows 7. (Your computer needs a dual core processor and at least 2 GB of RAM.) Please note that University licensing does NOT cover distribution of Windows 7 for personally owned computers. However, it is available for a discounted price via the WebStore at http://webstore.illinois.edu. What to Consider Before Upgrading There is no direct upgrade path from Windows XP to Windows 7. Therefore, the TSC will take your computer, save your files, and install Windows 7 on a clean hard drive. Please budget a couple days for this process. In some cases, you may have older devices that will not work with Windows 7. While many vendors are providing and will continue to provide drivers for their hardware, in some cases, printers, scanners, and other devices that are more than 5 years old may have issues running on Windows 7. To check the compatibility of your devices with Windows 7, visit the Microsoft Windows 7 Compatibility Center at http://www.microsoft.com/windows/compatibility/windows-7/en-us/default.aspx.
    [Show full text]
  • Run-Commands-Windows-10.Pdf
    Run Commands Windows 10 by Bettertechtips.com Command Action Command Action documents Open Documents Folder devicepairingwizard Device Pairing Wizard videos Open Videos Folder msdt Diagnostics Troubleshooting Wizard downloads Open Downloads Folder tabcal Digitizer Calibration Tool favorites Open Favorites Folder dxdiag DirectX Diagnostic Tool recent Open Recent Folder cleanmgr Disk Cleanup pictures Open Pictures Folder dfrgui Optimie Drive devicepairingwizard Add a new Device diskmgmt.msc Disk Management winver About Windows dialog dpiscaling Display Setting hdwwiz Add Hardware Wizard dccw Display Color Calibration netplwiz User Accounts verifier Driver Verifier Manager azman.msc Authorization Manager utilman Ease of Access Center sdclt Backup and Restore rekeywiz Encryption File System Wizard fsquirt fsquirt eventvwr.msc Event Viewer calc Calculator fxscover Fax Cover Page Editor certmgr.msc Certificates sigverif File Signature Verification systempropertiesperformance Performance Options joy.cpl Game Controllers printui Printer User Interface iexpress IExpress Wizard charmap Character Map iexplore Internet Explorer cttune ClearType text Tuner inetcpl.cpl Internet Properties colorcpl Color Management iscsicpl iSCSI Initiator Configuration Tool cmd Command Prompt lpksetup Language Pack Installer comexp.msc Component Services gpedit.msc Local Group Policy Editor compmgmt.msc Computer Management secpol.msc Local Security Policy: displayswitch Connect to a Projector lusrmgr.msc Local Users and Groups control Control Panel magnify Magnifier
    [Show full text]
  • Desktop and Laptop Option Quick Reference Guide
    1. Veritas™ Desktop and Laptop Option 9.6 Quick Reference Guide for DLO Installation and Configuration 23-Jun-21 Veritas Desktop and Laptop Option: Quick Reference Guide for DLO Installation and Configuration. The software described in this document is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Legal Notice Copyright (c) 2021 Veritas Technologies LLC. All rights reserved. Veritas and the Veritas Logo are trademarks or registered trademarks of Veritas Technologies LLC or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This Veritas product may contain third party software for which Veritas is required to provide attribution to the third party (“Third Party Programs”). Some of the Third Party Programs are available under open source or free software licenses. The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Please see the Third Party Legal Notice Appendix to this Documentation or TPIP ReadMe File accompanying this Veritas product for more information on the Third Party Programs. This Veritas product may contain open source and other third party materials that are subject to a separate license. Please see the applicable Third Party Notice at https://www.veritas.com/about/legal/license-agreements/. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Veritas Technologies LLC and its licensors, if any.
    [Show full text]
  • Copyrighted Material
    09_574647 bindex.qxd 9/10/04 11:47 AM Page 191 Index A Address Bar described, 85–87 Accessibility accessories, 148, 173–174 illustrated, BP-4 accessories searching Web, 132 accessing, 148–149 Web, navigating, 119 Address Book, 149 Address Book Backup, 161 accessories, 149 Calculator, 149–151 finding someone in, 76 Character Map, 161, 162–163 recipients, adding, 136–138 Command Prompt, 151 addresses, Web defined, 187 adding, 110–117 Disk Cleanup, 161 automatic completion of, 120 Disk Defragmenter, 161, bookmark, adding, 110–112 Entertainment, 156–158 folders, 110 File and Settings Transfer Wizard, 161 offline, 112–114 Magnifier, 148 opening, 112 Microsoft Interactive Training, 158 organizing, 114–116 Narrator, 148 synchronizing, 116–117 Network Connections, 152–153 album information, 57 Notepad, 159 alert dialog boxes, 82 On-Screen Keyboard, 148 Alt key, pull-down menus, 78 Paint, 160–161 Alt+Tab keystroke, Windows version Program Compatibility Wizard, 159 difference, 102–103 Remote Desktop Connection, 153–155 appearance Scanner and Camera Wizard, 160 Control Panel, 175–178 Scheduled Tasks, 162, 163–164 folder, 44–45 Security Center, 162 Windows Media Player, 55 System Information, 162 applications System Restore, 162, 165–166 adding or removing, 2–6 Windows Explorer, 166 in compressed folders, 29–30 Windows Movie Maker, 167–169 default, setting, 5–6 WordPad, 170 defined, 187 accounts files, saving to specific folder, 8 multiple e-mail, 135 frozen, 104 user in Control Panel, 184–186 normally used, opening menu with, BP-6 adding opening,
    [Show full text]
  • Download Snipping Tool for Windows 10 Snipping Tool
    download snipping tool for windows 10 Snipping Tool. Snipping Tool is an easy to use graphic capture application that can help users to very quickly manage image capture of their Windows OS desktop area, with dedicated tools for not only intuitive and detailed area capture but also extensive options for file preparation and exporting. In addition to the local image saving, the app also has built-in support for several major cloud storage locations (including Dropbox , Google Drive , and WebRequest ), an automatically generated shareable link, and even advanced support for the automatic sending of captured desktop area images to FTP server of your choice. While Windows 7 OS (and all newer versions) has a built-in tool for full desktop and area snipping tool for quick capture of screenshots, many users have expressed a need for a bit more comprehensive toolset for managing more advanced types of capture and additional options for screenshot sharing. To provide service that many users desire, Free Snipping Desktop Tool comes with its own feature set. Snipping Tool app can enable anyone to set up their real-time or delayed capture of the entire or predefined desktop area. The captured snips are not just saved to your local storage immediately. You get the chance to review them, and even use built-in highlighting tools to mark them, freely draw on them via the pen tool, or even place some of the available overlay shapes (a wide variation of arrows, rectangles, circles, and more). The user interface of the app features a canvas where your snips are displayed, and a row of 12 main tools, including Upload, Delay, Highlighter tool, Pen tool (both with customizable colors), Shapes, and Reset Snip.
    [Show full text]
  • Program Name Run Command About Windows Winver Add a Device
    List of Run Commands in Win7/8 to Windows Managment By Shree Krishna Maharjan in some commands need to use .msc Program Name Run Command About Windows winver Add a Device devicepairingwizard Add Hardware Wizard hdwwiz Advanced User Accounts netplwiz Authorization Manager azman Backup and Restore sdclt Bluetooth File Transfer fsquirt Calculator calc Certificates certmgr Change Computer Performance Settings systempropertiesperformance Change Data Execution Prevention Settings systempropertiesdataexecutionprevention Change Printer Settings printui Character Map charmap ClearType Tuner cttune Color Management colorcpl Command Prompt cmd Component Services comexp Component Services dcomcnfg Computer Management compmgmt.msc Computer Management compmgmtlauncher Connect to a Network Projector netproj Connect to a Projector displayswitch Control Panel control Create A Shared Folder Wizard shrpubw Create a System Repair Disc recdisc Credential Backup and Restore Wizard credwiz Data Execution Prevention systempropertiesdataexecutionprevention Default Location locationnotifications Device Manager devmgmt.msc Device Pairing Wizard devicepairingwizard Diagnostics Troubleshooting Wizard msdt Digitizer Calibration Tool tabcal DirectX Diagnostic Tool dxdiag Disk Cleanup cleanmgr Disk Defragmenter dfrgui Disk Management diskmgmt.msc Display dpiscaling Display Color Calibration dccw Display Switch displayswitch DPAPI Key Migration Wizard dpapimig Driver Verifier Manager verifier Ease of Access Center utilman EFS REKEY Wizard rekeywiz Encrypting File System
    [Show full text]
  • Creating a Screenshot in Windows 7
    BRYN MAWR COLLEGE February 2015 Library & Information Technology Services Creating a Screenshot in Windows 7 You can take screenshots to capture all or part of what is currently on your screen. Screenshots are useful for extracting images, relaying error messages or particular elements of your screen, and creating graphics. There multiple methods for taking screenshots, each with different capabilities. An example screenshot is shown below. Method One: Snipping Tool The Snipping Tool is found within the Start menu under All Programs -> Accessories. Once the Snipping Tool is open, use the drop-down arrow next to the New button to select what you would like to capture: the full screen, a select window, a drawn rectangle, or a free-form shape. If you selected the full screen, it will automatically capture a picture of your entire screen except for the Snipping Tool win- dow. If you select a window, you will need to click on the window you want to capture. Once selected, it will take a picture. If you select a rectangle, you will be given a crosshair cursor, indicating that you should drag and draw a rectangle around the area you would like to be captured. Once you release the cursor after dragging the rectangle, it will take a picture of your selection. If you select a free-form shape, you can then draw a shape on your screen while holding down your cursor (left mouse button). When you release the button, the Snipping Tool will capture everything in that shape. You will then be shown a preview of your capture.
    [Show full text]
  • Veritas Enterprise Vault™ Administrator's Guide
    Veritas Enterprise Vault™ Administrator's Guide 12.1 Veritas Enterprise Vault: Administrator's Guide Last updated: 2017-07-28. Legal Notice Copyright © 2017 Veritas Technologies LLC. All rights reserved. Veritas, the Veritas Logo, Enterprise Vault, Compliance Accelerator, and Discovery Accelerator are trademarks or registered trademarks of Veritas Technologies LLC or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This product may contain third party software for which Veritas is required to provide attribution to the third party (“Third Party Programs”). Some of the Third Party Programs are available under open source or free software licenses. The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Refer to the third party legal notices document accompanying this Veritas product or available at: https://www.veritas.com/about/legal/license-agreements The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Veritas Technologies LLC and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. VERITAS TECHNOLOGIES LLC SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION.
    [Show full text]