Logo

Fix Bad Image Error Status 0xc000012f

When you run a program in Windows 10, error 0xc000012f may pop up, mentioning that the files and binaries you’re trying to run are corrupted. Error 0xc000012f means Bad Image, denoting that the program’s executable or one of the supporting modules is corrupt. Or there is probably a DLL mismatch.

This error usually manifests itself after a windows update or after installation of some application, in order to fix it follow the steps below:

  1. Perform SFC scan

    Press ⊞ WINDOWS + X to open the Windows menu
    keyboard with windows and x markedFrom the menu choose command prompt (admin)
    Windows menu command prompt adminIn command prompt type sfc /scannow and press ENTER
    Leave the computer for the operation to be completed and Reboot your computer

  2. Run DISM

    Press ⊞ WINDOWS + X to open the Windows menu
    keyboard with windows and x markedFrom the menu choose command prompt (admin)
    Windows menu command prompt adminin command prompt type: DISM.exe /Online /Cleanup-image /Restorehealth and press ENTER
    wait for the process to be finished and Reboot your computer

  3. Reinstall application

    If this error has been popping up after the application install remove the installed application and install it again. There is the possibility that the application installer has by accident corrupted some files, reinstalling it might fix the issue.

  4. Uninstall Windows update

    In some cases, Windows update can introduce this issue, go to Windows updates, into advanced options, and uninstall the latest update to see if this will fix the error.

  5. Install Visual C++ Redistributable

    Go to the official Microsoft website and download C++ redistributable package and install it

  6. Install new windows update

    If there is a new Windows update install, there is a chance that in the last update something went wrong and it is very likely that it was fixed in the last one.

Do You Need Help with Your Device?

Our Team of Experts May Help
Troubleshoot.Tech Experts are There for You!
Replace damaged files
Restore performance
Free disk space
Remove Malware
Protects WEB browser
Remove Viruses
Stop PC freezing
GET HELP
Troubleshoot.Tech experts work with all versions of Microsoft Windows including Windows 11, with Android, Mac, and more.

Share this article:

You might also like

How to Repair Windows 10 Error 0x800F0922

Error Code 0x800F0922 – What is it?

Error Code 0x800F0922 refers to an issue with downloading the newest version of Microsoft Windows, Windows 10. It could mean that your PC doesn't have enough free space in the System Reserved partition, or that it couldn't connect to the Windows Update servers. This issue is not very common, most users will never see this error code. Some, however, will need to follow the below fixes in order to download and upgrade their systems properly. Common symptoms include:
  • Dialog box appears with the Error Code 0x800F0922
  • Microsoft Windows 10 upgrade is unsuccessful and/or incomplete
  • Users are unable to open applications after attempting the Microsoft Windows 10 upgrade

Solution

Restoro box imageError Causes

There are two standard reasons why this error occurs during the Microsoft Windows 10 upgrade.
  • There may not be enough free space in the “System Reserved” partition of your hard drive.
  • Error Code 0x800F0922 could also mean that your PC was not able to successfully connect to the Microsoft Windows update servers due to a VPN (virtual private network) connection in your home or office network.
  • The .Net framework installation portion of the Windows 10 upgrade fails.

Further Information and Manual Repair

Error Code 0x800F0922 as stated is somewhat rare, but it does occur occasionally. Users who have experienced this error while attempting to upgrade their system to Microsoft Windows 10 have the following options for do-it-yourself fixes.

Method 1:

Use this method if you are operating on a network that uses a VPN connection.
  1. Disconnect from your office or home network.
  2. Turn off your VPN software.
  3. Run the Microsoft Windows 10 upgrade.
  4. Restart your PC.
  5. Reconnect to your home or office network.
  6. Turn your VPN software back on.

Method 2:

This will run the Windows 10 Update troubleshooter that is built into your PC.
  1. Click on the Windows icon on the lower-left corner of your desktop.
  2. Press the “w” key to open the SEARCH function.
  3. Type “troubleshooting” in the search field and press ENTER
  4. When the troubleshooting window opens, select the “view all” option from the left window pane.
  5. Select “Windows update”.
  6. Select “advanced” and then choose the “run as administrator” option.
  7. Click the NEXT button and follow the on-screen prompts.
  8. This troubleshooter will walk you through the steps needed for your specific situation.

Method 3:

This method will run the DISM (deployment image servicing and management) tool built into your PC.
  1. Press the “windows key” on your keyboard followed by the “x” key.
  2. Select the “command prompt admin” option.
  3. Type the command “exe /online /cleanup-image /scanhealth” into the command prompt field and press ENTER.
  4. Wait for the scan to run completely.
  5. When the scan is complete, a message will appear telling you that “the operation completed successfully”.
  6. Type the command “dism.exe /online /cleanup-image /restorehealth” into the command prompt field and press ENTER.
  7. This will take a while to run completely, but it will restore any missing or corrupted files necessary for the Microsoft Windows 10 update.
  8. Restart your computer.
  9. Attempt the Windows 10 upgrade again.

Method 4: Use this option if you believe the issue is a result of the .NET framework being disabled.

  1. Press the “windows” key followed by the “x” key.
  2. Select the “control panel” option.
  3. When the control panel window opens, click your cursor in the search field on the upper right hand corner.
  4. Search for the phrase “windows features”, then select the link “turn Windows features on or off”.
  5. Select the check box (add a check) to the box next to “.Net framework”.
  6. Click the OK button.
  7. Proceed with your Microsoft Windows 10 upgrade.
To resolve this, all you need is third-party software to increase the size of the System Reserved partition. One of the four methods listed above should fix your Error Code 0x800F0922 issue and allow for a successful Windows 10 upgrade. On an occasion where there isn't enough space, use third-party software to increase the size of the System Reserved partition.  If you do not possess the technical expertise required to accomplish this yourself or do not feel comfortable doing so, download and install a powerful automated tool to get the job done.
Read More
Fix Hello Errors 0x801c004d or 0x80070490
As you know, Windows Hello offers you quick access to computers since you can log in to your Windows devices three times faster compared to passwords with the help of the camera via Face recognition and fingerprint reader. This way, Windows Hello will recognize you right away. However, there are also times when you might encounter some problems when using Windows Hello. For one, if you are trying to add the PIN method to Windows Hello on your Windows 10 computer but you suddenly encountered an error code of 0x801c004d or if you are trying to use your existing pin and you encounter an error code of 0x80070490 along with an error message that says, “Not recognized”, then read on as this post will guide you on how you can fix both of these errors. Here is the complete content for both errors:
  • 0x801c004d – Unable to enroll a device to use a PIN for login”
  • 0x80070490 - Not recognized, Pin and fingerprint are no longer options for signing in”
If you got any of these two errors, there are several potential fixes you can check out to resolve them. You can try to check for any Windows Updates or create the PIN again or check the CNG Key Isolation Service. You could also try to reset the TPM or create a new User Account. For more information, follow the instructions provided below.

Option 1 – Try checking for any available Windows Updates

The first thing you can do is to check for any available Windows Updates. It is possible that your computer may be outdated and is the reason why you’re having troubles with Windows Hello. To check for Windows Updates, just go to Settings and from there, head over to the Update and Security section and click on Windows Updates located on the left pane, and then click on the Check for Updates option. Wait until the process of checking updates is completed and if it finds new updates, install it. After you install the new Windows Updates, check if you can now add the PIN on Windows Hello or not.

Option 2 – Try creating the PIN again

The next thing you can do is to create the PIN again by signing out and signing in again and then try creating the PIN once more. If this does not work, you can try restarting your computer and creating the PIN again. You could also try removing the PIN and then change it.
  • Remove the PIN by going to Settings > Accounts > Sign-in options.
  • From there, go to the PIN section and click on the Remove button.
  • You will be asked to verify your account to proceed in removing the PIN, enter your credentials.
  • Restart your computer and then set up a new PIN.
  • Once you’re done, restart your computer and check if the error is gone now.

Option 3 – Try checking the CNG Key Isolation Service

The CNG Key Isolation Service is the one that stores and uses long-lived keys in a secure process complying with the common criteria requirements and it is possible that the error could be related to this service. This service is hosted in the LSA processes and provides key process isolation to private keys and associated cryptographic operations as required by the common criteria. Thus, you need to check this service to see if it’s the one that’s causing the error.
  • Tap the Win + R keys to open the Run dialog box and type “services.msc” in the field and hit Enter to open the Windows Services Manager.
  • Next, locate the “CNG Key Isolation Service” and once you find it, double click on it to open its Properties box.
  • After opening its Properties, check its Startup type and select Manual. This is the default setting and if it is Disabled, then it’s no wonder why you’re getting errors with Windows Hello, thus, you need to enable it.
  • Once done, restart your computer and check if you can now add the PIN to Windows Hello. If you still get the error, then you might want to try setting the CNG Key Isolation Service from Manual to Automatic and then click on the Start button and see if it fixes the error or not.

Option 4 – Try to reset the Trusted Platform Module or TPM

You might also want to try resetting the Trusted Platform Module or TPM to fix the error. You can do this by opening Windows PowerShell and then executing the “Clear-Tpm” command. After that, check if the error is now resolved.

Option 5 – Try to create a new User Account

You could also try to create a new User Account on your Windows 10 computer to fix the Windows Hello error. Once you have created a new local user or administrator account in Windows 10, check if you are now able to add the PIN from this newly created user account.
Read More
Step By Step Guide to Fixing Regsvr32.exe Error On Windows

What is Regsvr32.exe Error?

Regsvr32 (Microsoft Register Server) is a command-line utility in Microsoft Windows Operating System. This is used for registering and unregistering OLE controls such as ActiveX controls and DLLs in the Windows Registry. This is executed as Regsvr32.exe.  The filename extension .exe is the abbreviation for executable.   It is installed in the %systemroot%System32 folder in Windows XP and new Windows versions. The Regsvr32.exe is an error that occurs when you attempt to run Regsvr32.exe to register a 32 bit DLL (Dynamic Link Library) on a 64-bit version of Windows. The error message is displayed as the following:
  • Filename.dll is not an executable file and no registration helper is registered for this file type.
  • Unrecognized flag: /invalid_flag
  • No DLL name specified
  • Dll_Name is not an executable file and no registration helper is registered for this file type.
  • The module "%1" failed to load.

Solution

Restoro box imageError Causes

There are multiple causes for the Regsvr32.exe error code. These include:
  • Invalid entry (command) path
  • Active X control errors
  • Missing or Damaged .dll files
  • Viral infection (Trojans) (.exe can easily get infected by viruses)
  • Registry issues
If you come across the Regsvr32.exe error code, it is advisable to repair it immediately before the damage sets in. Since this may occur due to viral infection, it can pose privacy and data security risks to your PC.

Further Information and Manual Repair

Here are solutions that you can implement to resolve the Regsvr32.exe error code on your system:
  1. If an invalid entry point is the cause of the error, then simply open an elevated command prompt. If the 32-bit DLL is in the %systemroot%System32 folder, then move it to the %systemroot%SysWoW64 folder. After that run the following command: %systemroot%SysWoW64regsvr32 <full path of the DLL>. This will help resolve the Regsvr32.exe error.
  2. If the cause of the error is a viral infection, then you will need to run a powerful antivirus to detect and remove viruses from your system to resolve the Regsvr32.exe error on your system.
  3. Nonetheless, if the causes for Regsvr32.exe are either Active X controls or registry corruption, then you will need to scan your computer with different tools to resolve each issue separately.
This can be time-consuming and too many program installations at one time can also slow down your system’s performance. This means you’ll also have to compromise on your PC’s speed.

Repair Regsvr32.exe Error With Restoro

To avoid all this hassle yet repair the Regsvr32.exe error, download Restoro. This is a multi-functional and innovative PC repair tool deployed with multiple utilities in one program including features like a registry cleaner and an Active X controls error fixer. It also functions as a system optimizer. It is a one-stop solution for all your PC-related errors including the Regsvr32.dll error. It is safe, efficient, and user-friendly. It is compatible with all Windows versions. When the RAM overloads it leads to damaged dlls and registry corruption. The registry cleaner utility repairs the damaged dll files and the corrupt registry. It wipes out all the unnecessary files cluttering the RAM including the junk files, invalid registry entries, and temporary files. Restoro also has an Active X controls scanning utility. This utility can be of great use if the Regsvr32.exe error is triggered by Active X control-related issues. Click here to download Restoro and resolve Regsvr32.exe on your computer right away.
Read More
uTorrent is not responding on Windows
As you probably know, uTorrent is one of the best software you can use to download torrents over the web. It has been around for many years now and is trusted by lots of users despite having competition here and there. Over the years, uTorrent has changed as it is now packed with tons of features. What’s more, is that this program is no longer the smallest client when it comes to file size. However, just like other software, it is not always working smoothly as there are instances when it’s not responding even when it’s already running. The first thing you can do is to close all the processes of uTorrent and then try opening it again. There are various reasons why your uTorrent program fails to respond. However, it is most likely caused by some virus that was brought on by the file you’ve just downloaded. On the other hand, it could also be caused by other factors as well but whichever the case is, here are some fixes you can check out to resolve the uTorrent issue.

Option 1 – Delete the file you’ve downloaded

As pointed out earlier, uTorrent might have failed to respond due to some file you’ve just downloaded which is why you have to delete it since there really is no point in keeping a file that’s causing this kind of issue. After deleting the file, try opening uTorrent again and see if it now works or not.

Option 2 – Allow uTorrent to run via Windows Defender Firewall

  • Click on the Cortana or the Start button and type “firewall” in the field.
  • From the search results that appear, click on the “Allow an app through Windows firewall”.
  • After that, a new window will pop up and from there, you will see a list of apps that can be allowed or disallowed using a Windows firewall. From this list, you have to search for uTorrent and once you find it, set it to Publick if you are on a public network or Private if you’re in a private network.

Option 3 – Uninstall or reinstall uTorrent software

You can also try to completely uninstall uTorrent from your computer and then reinstall it right back. to do so, follow the steps below.
  • In the search box, type in “control” and then click on Control Panel (desktop app) among the search results.
  • After that, select Programs and Features from the list which will give you a list of all the programs installed on your computer.
  • From there, look for uTorrent and select it and then uninstall it.
  • Once uTorrent is uninstalled, go to uTorrent’s official website and download its latest version.

Option 4 – Try scanning your computer using Windows Defender

  • Tap the Win + I keys to open Update & Security.
  • Then click on the Windows Security option and open Windows Defender Security Center.
  • Next, click on Virus & threat protection > Run a new advanced scan.
  • Now make sure that Full Scan is selected from the menu and then click the Scan Now button to get started.
Read More
How to Repair Error Code 8007002c in Windows 10

What is Error code 8007002c?

Users when upgrading to Windows 10 operating system from Windows 8/8.1 or Windows 7, often encounter error code 8007002c. This error occurs when there’s an attempt made in performing an overall clean boot procedure. During the installation process, it will reach a certain maximum limit, for instance, 75%, and then reverts to its original state. Sometimes, after installation, users will encounter a black screen issue and there is no cursor visible.

Solution

Restoro box imageError Causes

Misconfigured system files that create registry errors within your operating system normally cause error code 8007002c in Windows 10. This registry error happens when there are new programs being installed over old ones without the old programs uninstalled entirely. Another possible cause could be from some malicious software like spyware, adware, and viruses.

Further Information and Manual Repair

Caution: The following steps are complicated. The risk of being in a no-boot situation or data loss might be encountered. It would be best to be supervised by an experienced user, especially in using the command line.

In order to fix Error code 8007002c occurring in Windows 10 upgrade, you can follow this step-by-step manual repair method. Once the repair method is correctly executed, users will most likely quickly resolve issues such as the Error code 8007002c and be able to upgrade to Windows 10 operating system smoothly.

However, in such cases where there are complex instructions and thus need an expert, seek help from a Windows professional. You may also want to consider making use of an automated tool whenever needed.

There are several ways to fix Error code 8007002c, but here are the most effective and efficient methods:

Method One: Force Windows Update

 To be able to download and install the necessary updates, you may use the force Windows Update tool. See below for the steps:

  1. Browse to C:\Windows\Software\Distribution\Download. Afterward, delete all the files found in that folder.
  2. Press Windows key + X then click on the Command Prompt (Admin). Type exe /updatenow once the Command Prompt window appears then press Enter.
  3. Open the Control Panel. Select Windows Update. At this point, Windows 10 should now start downloading.
  4. Press again on Windows key + X to open the Command Prompt window. In the Command Prompt, Type or Copy and Paste the following commands one at a time:

NOTE: Don’t forget to hit Enter after every command.

 Dism /Online /Cleanup-Image /CheckHealth

Dism /Online /Cleanup-Image /ScanHealth Dism /Online /Cleanup-Image /RestoreHealth
  1. Input a machine name for your computer. Make sure to use a simple name, having at least 8 characters.

Here’s how you can input a machine name:

  • Click on Start and then right-click on Computer. Afterward, select For users with Windows 8 operating system, press on Windows key + X then click on System.
  • Click on Change settings under the Computer name, domain, and workgroup settings.

Method Two: Diagnose RAM Issues

Another reason why Error code 8007002c occurs is when there’s a defective and wrongly installed memory chip. Try using the Windows Memory Diagnostic to diagnose if there are RAM Issues.

  1. Press on the Windows Key + X then select
  2. Type
  3. Select Windows Memory Diagnostic, from that window, select Restart now, and check for problems

Method Three: Use Selective Startup

One more possible cause why Error code 8007002c occurs is due to third-party software. To fix this error, you can try booting up your device with Selective Startup -- a boot type where you can load a limited set of startups and services.

  1. Open the System Configuration tool. On your Taskbar, type MSCONFIG in the Search Box then hit Enter.
  2. Select the General
  3. Select Selective startup option then tick on the Load system services
  4. Ensure that Load startup items check box is unchecked.
  5. Click Apply and

Can’t seem to put up with the long and technical manual repair process? You can still fix this error by downloading and installing a powerful automated tool that will surely get the job done in a jiffy!

Read More
How to map a network drive in Windows 11
windows 11 network driveMapping network drive has many benefits in terms of speed and ease of access of files via network. It lets you access the hard drive over the whole network like it was the hard drive inside your PC case. In order to easily and quickly map a folder as a network drive follow the guide below.
  1. Open File Explorer
  2. Click on the three dots icon in the Toolbar
  3. Select Map Network Drive
  4. Click the Drive drop-down menu
  5. Select a driver letter that you wish to assign as a network drive
  6. In the folder field enter network device and share name (click on browse to see all devices on local network)
  7. Check the box beside Reconnect at sign-in if you wish to automatically connect to a network drive on Windows startup
  8. Check Connect Using Different Credentials if you wish to connect to a network drive using different credentials that one used to login into Windows.
  9. Click Finish
After finishing setting Windows 11 will try to connect to the network drive and if successful drive icon will appear inside File Explorer and the drive will open up to see its content. If for any reason it cannot connect try checking user credentials, cables, network adapters, etc.
Read More
Fixing Error 0xC1900208, 0x4000C in Windows
As you know, the Windows Update process takes compatibility seriously. The Windows Updates need to be compatible with the hardware as well as all the installed applications in the computer else the Windows Updates will only get stuck in the process. Two of the Windows 10 errors that shows up during this case is the error 0xC1900208, 0x4000C. These error codes are caused by incompatible applications which means that there might be an incompatible app installed in your computer that’s blocking the upgrade process and prevents it from finishing. That’s why you need to make sure that all the applications on your computer are updated to their latest versions and then check the compatibility. So if there are any incompatible apps, be sure to uninstall them and then try doing the upgrade once again. Take note that these error codes are just among many compatibility issues that the Windows Update throws up. Since the error is caused by a compatibility issue, you have three options – first, you can update the incompatible application to the latest version, second, uninstall the application or trick Windows and make it seem like it’s compatible.

Option 1 – Try updating the application or software

As mentioned, you can try updating the concerned application or software to its latest version to resolve the compatibility issue and in turn, fix the errors 0xC1900208 – 0x4000C. Note that depending on where you had installed the application, your steps will change. So if you have it installed directly from the website, refer to these steps:
  • Look for the built-in option to check the updates since the most application has this option.
  • You also have the option to go to the website of the application and check if there is a new version available. If there is, download and update the app.
On the other hand, if you have downloaded the app from the Microsoft Store, here’s what you have to do:
  • Open the Store and click on the three dots located at the top-right of the window.
  • Next, click the Download and Updates option.
  • From there, check if there is an update available for the store. If there is, update it.

Option 2 – Try to uninstall the application or software

If updating the app or software to its latest version didn’t help and you’re still getting the error 0xC1900208 – 0x4000C every time you attempt to install the Windows Updates, you may have to uninstall it. You will need to use the usual Program and Features to uninstall it if you have downloaded it from the website.
  • In the search box, type in “control” and then click on Control Panel (desktop app) among the search results.
  • After that, select Programs and Features from the list which will give you a list of all the programs installed on your computer.
  • From there, look for the concerned program and select it and then uninstall it.
Note: If you have downloaded the app from the Windows Store, you can simply right-click on it from the application list and then uninstall it.

Option 3 – Try bypassing the Upgrade Advisor

There are times when a software developer fails to pass the compatibility test for their apps. It could be that they work on Windows 10 upgraded version but just didn’t pass the compatibility check. So if you are pretty certain that the app really works on Windows 10, you can just bypass the Upgrade Advisor.
Read More
How to Fix Error Code 0x80073afc

Error Code 0x80073afc - What is it?

Error code 0x80073afc deals with an antivirus program first built into Windows 8/8.1 This error occurs when Windows Defender, the built-in anti-virus software in Windows 8/8.1 and higher, does not start automatically and users attempt to manually start the program. During the initialization period of the program start-up, something goes wrong and users get a 0x80073afc Error message. The error message states there was a problem with the initialization of the program. Windows Defender provides protection of your computer and it is advised by the Microsoft Corporation that you ensure it starts up automatically on every start-up.

Solution

Restoro box imageFurther Information and Manual Repair

Users have found several manual repairs that have fixed the problem without needing to contact technicians for extra help. While the methods below should solve your problem easily, if this is the first time you have encountered the issue you may want to do a simple restart. This has fixed the problem for some users and is the easiest first troubleshooting move. If it doesn’t work move on to the methods listed below, which are easily completed without extra help.

Before trying any of these methods, please make sure that you are logged into a profile that is listed as the administrator of the computer of his administrative powers enabled. If this is not the case you will not be able to complete the following methods. Please log out and log back in on the administrator profile.

Method 1:

First, check to see if you have a third-party anti-virus program installed on your computer. Some users believe that the built-in Windows Defender program is not powerful enough to handle the safety of their computer so they usually download a third-party program. However, that program may have caused a conflict with Windows Defender and may not allow it to open. If you do have a third-party program installed, try uninstalling it then manually starting Windows Defender.

Method 2:

If method one does not work, you may be infected by malware or a virus that has tampered with the settings on your computer and will not allow Windows Defender to start automatically or manually.

First, open Run by holding the “Win” key and pressing the “R” key. Then type “Regedit”. The program will ask for permission to follow through with this action. Click on “Yes” and the Open Registry Editor will open.

Find the HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionImage File Execution Option and check to see if there are any files similar to MSASCui.exe or MpCmdRun.exe. If there are any file entries that resemble that, you will want to right-click on them before selecting the “Delete” option. If you do not see any entries that match, this is not the issue with your Windows Defender and you will want to try another method.

The Registry on your computer is very important. It helps tell your computer what programs are safe to run, what programs should be run, and what programs should not be run. If it is tampered with by a virus or Malware, multiple system operations can be affected.

However, if you did find similar file names, and you deleted them, try to start Windows Defender manually. If it does not work again, move on to the next method. 

Method 3:

If the first two methods do not work for your issue, and you are still receiving error code 0x80073afc when attempting to start Windows Defender, this step should solve the problem if you have Restore Point installed on your computer, which you most likely do.

For this method, we will be restoring your computer to a previous Restore Point. First, just like in method two, hold the “Win” key and press the “R” key. This will open run. Next type “Rstrui.exe” and click “ok”. After some time, you will see System Restore Windows. Click “Next” and select the restore point that you would like to go back to. After your computer has restored to the point you selected, check to ensure that Windows Defender has started correctly.

If the above methods aren't able to rectify the issue, you might have to download and install a powerful automated tool to get the job done.

Read More
Android malware spies while posing as a Update
New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated. The spyware can only be installed as a 'System Update' app available via third-party Android app stores as it was never available on Google's Play Store. This drastically limits the number of devices it can infect, given that most experienced users will most likely avoid installing it in the first place. The malware also lacks a method to infect other Android devices on its own, adding to its limited spreading capabilities. However, when it comes to stealing your data, this remote access trojan (RAT) can collect and exfiltrate an extensive array of information to its command-and-control server. Zimperium researchers who spotted it observed it while "stealing data, messages, images and taking control of Android phones."

What happens when malicious software is installed

"Once in control, hackers can record audio and phone calls, take photos, review browser history, access WhatsApp messages, and more," they added. Zimperium said its extensive range of data theft capabilities includes:
  • Stealing instant messenger messages;
  • Stealing instant messenger database files (if the root is available);
  • Inspecting the default browser's bookmarks and searches;
  • Inspecting the bookmark and search history from Google Chrome, Mozilla Firefox, and Samsung Internet Browser;
  • Searching for files with specific extensions (including .pdf, .doc, .docx, and .xls, .xlsx);
  • Inspecting the clipboard data;
  • Inspecting the content of the notifications;
  • Recording audio;
  • Recording phone calls;
  • Periodically take pictures (either through the front or back cameras);
  • Listing of the installed applications;
  • Stealing images and videos;
  • Monitoring the GPS location;
  • Stealing SMS messages;
  • Stealing phone contacts;
  • Stealing call logs;
  • Exfiltrating device information (e.g., installed applications, device name, storage stats).

How does it work?

Once installed on an Android device, the malware will send several pieces of info to its Firebase command-and-control (C2) server, including storage stats, the internet connection type, and the presence of various apps such as WhatsApp. The spyware harvests data directly if it has root access or will use Accessibility Services after tricking the victims into enabling the feature on the compromised device. It will also scan the external storage for any stored or cached data, harvest it, and deliver it to the C2 servers when the user connects to a Wi-Fi network. Unlike other malware designed to steal data, this one will get triggered using Android's contentObserver and Broadcast receivers only when some conditions are met, like the addition of a new contact, new text messages, or new apps being installed. "Commands received through the Firebase messaging service initiate actions such as recording of audio from the microphone and exfiltration of data such as SMS messages," Zimperium said. "The Firebase communication is only used to issue the commands, and a dedicated C&C server is used to collect the stolen data by using a POST request."

Camouflage

The malware will also display fake "Searching for the update.." system update notifications when it receives new commands from its masters to camouflage its malicious activity. The spyware also conceals its presence on infected Android devices by hiding the icon from the drawer/menu. To further evade detection, it will only steal thumbnails of videos and images it finds, thus reducing the victims' bandwidth consumption to avoid drawing their attention to the background data exfiltration activity. Unlike other malware that harvests data in bulk, this one will also make sure that it exfiltrates only the most recent data, collecting location data created and photos taken within the last few minutes. If you would like to read more helpful articles and tips about various software and hardware visit errortools.com daily.
Read More
How to change system font in Windows 11

Windows 11 is a good-looking operating system but people love to make things personal and to their liking so we decided to help you in this mission with small customization of changing default system fonts inside Windows 11.

Since there is no really easy way to just switch the font windows is using for itself we will have to tweak a registry a little so before we start please do make a backup of the registry file and follow the steps as they are presented in order to avoid any errors and break the system.

windows 11 transparency off

So, if all precautions are made and you are ready to change your Windows appearance let's dive right into it:

Find and/or install the font that you wish to use

There are vast free font sites on the internet where you can find fonts that you like and wish to use but be very careful with your desired font selection. The font that you choose needs to be a complete typeface, meaning that it has to contain all glyphs, large and small font sizes, all special characters, etc or you will experience that in certain areas nothing will be displayed.

Once you have found the font that you like and made sure it is a complete font, install it on your system (you can skip this step if you just want to change the system font with one already installed on your system)

Create REG file

Open notepad or a similar plain text editor in order to create a file that will apply changes directly into the registry and create a new file. Inside the file paste this text:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"Segoe UI (TrueType)"=""
"Segoe UI Bold (TrueType)"=""
"Segoe UI Bold Italic (TrueType)"=""
"Segoe UI Italic (TrueType)"=""
"Segoe UI Light (TrueType)"=""
"Segoe UI Semibold (TrueType)"=""
"Segoe UI Symbol (TrueType)"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes]

"Segoe UI"="NEW-FONT"

All the way to the bottom where it says: "Segoe UI"="NEW-FONT", change NEW-FONT with the font name that you have chosen or installed in the previous step. For example: "Segoe UI"="Ubuntu".

Now go to File > Save As and name your file however you want but give it REG extension so it looks like: my_new_windows_font.REG

Apply changes

Now that you have your registry entry saved, locate it and double-click on it, at this stage Windows warning will probably pop up, you can just ignore it and click on YES since you wrote the file and know what it is. After registry entry is applied reboot your PC in order for changes to take effect.

Rolling back

If you want to change the font to another one, just repeat this procedure again. If you want to roll back to using the default Windows font, repeat the process but with this code instead of the one provided in the REG file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"Segoe UI (TrueType)"="segoeui.ttf"
"Segoe UI Black (TrueType)"="seguibl.ttf"
"Segoe UI Black Italic (TrueType)"="seguibli.ttf"
"Segoe UI Bold (TrueType)"="segoeuib.ttf"
"Segoe UI Bold Italic (TrueType)"="segoeuiz.ttf"
"Segoe UI Emoji (TrueType)"="seguiemj.ttf"
"Segoe UI Historic (TrueType)"="seguihis.ttf"
"Segoe UI Italic (TrueType)"="segoeuii.ttf"
"Segoe UI Light (TrueType)"="segoeuil.ttf"
"Segoe UI Light Italic (TrueType)"="seguili.ttf"
"Segoe UI Semibold (TrueType)"="seguisb.ttf"
"Segoe UI Semibold Italic (TrueType)"="seguisbi.ttf"
"Segoe UI Semilight (TrueType)"="segoeuisl.ttf"
"Segoe UI Semilight Italic (TrueType)"="seguisli.ttf"
"Segoe UI Symbol (TrueType)"="seguisym.ttf"
"Segoe MDL2 Assets (TrueType)"="segmdl2.ttf"
"Segoe Print (TrueType)"="segoepr.ttf"
"Segoe Print Bold (TrueType)"="segoeprb.ttf"
"Segoe Script (TrueType)"="segoesc.ttf"
"Segoe Script Bold (TrueType)"="segoescb.ttf"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes]
"Segoe UI"=-
Read More
1 2 3 171
Logo
Copyright © 2023, ErrorTools. All Rights Reserved
Trademark: Microsoft Windows logos are registered trademarks of Microsoft. Disclaimer: ErrorTools.com is not affiliated with Microsoft, nor claims direct affiliation.
The information on this page is provided for information purposes only.
DMCA.com Protection Status