Logo

Fix Screen Aspect Ratio issues in Windows

There are times when you upgrade or install Windows 10 on an old computer and the Aspect Ratio of the screen is in a mess. This issue occurs when a new Windows version does not support the GPU or the driver does not work in Windows 10. And in such cases, Windows uses a generic driver which does not support all the resolution as well as the correct aspect ratio. So in this post, you will be guided on how you can fix the issues with the screen aspect ratio in Windows 10.

It could be that your screen has an aspect ratio of 16:9 but after the upgrade, you changed to screen resolution, and is now set to 16:!0. And later on, you found that you are unable to go back to the previous aspect ratio. Thus, you will notice that everything on the screen might look stretched. You might be wondering if it’s possible to change the aspect ratio in Windows 10 directly even if the GPU does not have the compatible driver, well it really isn’t. However there is another way to resolve the problem. Refer to the options given below to get started.

Option 1 – Try using the Compatibility Mode

The first thing you can do is to run the driver in a Compatibility Mode. Follow the steps below to do so:

  • You need to download the driver and place it on your desktop.
  • After that, right-click on it and select Properties.
  • Next, switch to the Compatibility tab where you should see two options:
    • Compatibility troubleshooter, and let Windows figure out what works best for you. If it fails, follow the next.
    • Manually choose the version of Windows it was correctly working.
  • You also have the option to change the DPI settings and see if that helps. Then click the Apply and OK buttons.
  • Now right-click on the file and select the “Run as administrator” option to install. After that, you should now be able to change your screen aspect ratio to what you were using early on.

Note: If you have other programs that won’t work on the existing version of Windows, then make sure to run the program in a Compatibility mode.

Option 2 – Try to run the Program Compatibility Troubleshooter

You might also want to run the Program Compatibility Troubleshooter. This built-in troubleshooter is available in the Windows Update & Security section. From there, select Troubleshoot. This will find a list of programs for you and since you have already downloaded the driver files, just click on Not Listed located at the top of the program list. After that, browse and select the driver files and then let the program do its job.

Option 3 – Update or rollback your device drivers

If the first option didn’t work for you, then it’s time to either update or roll back the device drivers. It is most likely that after you updated your Windows computer that your driver also needs a refresh. On the other hand, if you have just updated your device drivers then you need to roll back the drivers to their previous versions. Whichever applies to you, refer to the steps below.

  • Open the Devices Manager from the Win X Menu.
  • Then locate the device drivers and right-click on them to open the Properties.
  • After that, switch to the Driver tab and click on the Uninstall Device button.
  • Follow the screen option to completely uninstall it.
  • Finally, restart your computer. It will just reinstall the device drivers automatically.

Note: You can install a dedicated driver on your computer in case you have it or you could also look for it directly from the website of the manufacturer.

Do You Need Help with Your Device?

Our Team of Experts May Help
Troubleshoot.Tech Experts are There for You!
Replace damaged files
Restore performance
Free disk space
Remove Malware
Protects WEB browser
Remove Viruses
Stop PC freezing
GET HELP
Troubleshoot.Tech experts work with all versions of Microsoft Windows including Windows 11, with Android, Mac, and more.

Share this article:

You might also like

Fix missing files in Recycle bin
Have you ever deleted a file by mistake? Do not feel bad, we all have, but what if you deleted the file by mistake and then you went to Recycle bin to restore it only to find out that the bin is empty? If you experienced this kind of issue then you know how unpleasant and frustrating it is but do not worry, we are here to help and provide you with solutions to this problem and hopefully get your file back. Follow the next steps from first to last since they are organized in a way to minimalize the permanent deletion of lost files.
  1. Refresh Recycle bin view

    If you spend any amount of time on this site reading through articles, you know I am a big fan of simple and effective solutions and there is nothing simpler than a single press of a button. Open your recycle bin and press F5 to refresh view or right-click anywhere inside and choose refresh. If your file does not appear with this method go to the next step.
  2. Set Windows to show hidden system files

    In order for this to work first, you will need to open File Explorer by pressing ⊞ WINDOWS + E Keyboard with windows and e markedWhen File Explorer opens go to VIEW > OPTIONS. Inside options select “Show hidden files, folders, and drives”, uncheck “Hide protected operating system files (Recommended)”, and click APPLY > OK Go to the recycle bin and check to see if files have managed to show up.
  3. Check if Don't move the file to the recycle bin is enabled

    Right-click on recycle bin and choose properties, under properties, there is the option that says Don’t move files to the Recycle Bin, Remove files immediately when deleted. This option is not selected by default, but it could be turned on by someone else or by mistake. If you see that this option is enabled sadly your file is gone and you will have to get the file back by using some third-party undelete application, uncheck this option to prevent future deletion of files by mistake.
  4. Increase recycle bin size

    This will not help you to get your file back sadly but it will help you in storing more files in recycle bin. This is helpful since if you reach your recycle bin limit all further files will be permanently deleted and not been able to get them back. So by increasing bin size you will have more space for deleted files to be saved. To do that, right-click on Recycle Bin, select Properties. Now, increase the Maximum size from the Custom size option, and click Apply and OK.
  5. Reset recycle bin

    To reset and fix corrupted recycle bin do the following: Press ⊞ WINDOWS + X to open the secret Windows menu and click on command prompt (admin) keyboard with windows and x markedIn the command prompt type in the following: rd /s /q C:\$Recycle.bin Reboot your system
Read More
How to Use and Configure Active Hours
The issue with the abrupt system reboots to force Windows 10 updates on a computer has been lessened with Active Hours. This feature keeps a record of the hours during which a system remains active and prevents the installation of updates during such hours. For example, when a system restart is needed to complete the installation of an update, Active Hours delays the update and allows you to finish what you’re doing on your computer. Thus, if you haven’t heard of this feature, then now is the time you do, read this post to configure and use Active Hours in your Windows 10 computer. There are three ways you can configure Active Hours. The first one is for general users, whereas the rest of the two methods are for users who knows their way about the Windows Registry and Group Policy. To get started, refer to every given option below.

Option 1 – Configure Active Hours via Windows 10 Settings

  • Go to Settings > Update & Security. From there, click on the “Change active hours” option under the Windows Update section.
  • Next, you can select a time (“Start time” and “End time”) during which the restart can occur.
  • After that, click on the Save button and exit.
Note: Keep in mind that the values you’ve entered indicate the hours during which your system is in use, namely, ACTIVE. It is important for your active hour’s interval period and it can be anything between 1 and 18 hours since you can’t go beyond 18 hours. In addition, there is no option to configure different active hours on different days and you can’t specify different active hours for weekends and weekdays as well. On the other hand, Windows 10 also offer users an option to override Active Hours. All you have to do is go to Settings > Update & Security > Windows Update > Restart Options. From there, you can choose a custom restart time when your computer will restart to install the updates but this is only a one-time setting.

Option 2 – Configure Active Hours via Registry Editor

  • Tap the Win + R keys to open the Run utility and type “Regedit” in the field and tap Enter or click OK to open the Registry Editor.
  • Next, navigate to this registry path: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsUpdateUXSettings
  • In the given registry path, you can choose to change “ActiveHoursStart” and “ActiveHoursEnd”.
Note: There are no extra settings available in the Registry Editor but you can change the remote computer’s Active hours settings using the Registry Editor.

Option 3 – Configure Active Hours via Group Policy

Note that this option is available for the Windows 10 Pro and Educational or Enterprise versions. It is mostly used by computers in Business or through remote access. To get started, follow these steps:
  • Tap the Win + R keys to launch Run and type “gpedit.msc” in the field and tap Enter or click OK to open the Group Policy Editor.
  • Next, navigate to this group policy setting: Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Windows Updates.
  • From there, look for a policy labeled “Turn off auto-restart for updates during active hours” and double click on it. This will open a new window.
  • Click on the Enabled radio button to enable Active Hours. You also have the option to choose active hours just like in the first given option above. It works just fine except when the following policies don’t override:
    • No Auto-restart with logged-on users for scheduled automatic updates installations.
    • Always automatically restart at the scheduled time.
  • Since Group Policy allows you to reduce the range of active hours, you can configure it if you want it to be less than 18 hours. Just find the policy setting labeled “Specify Active hours range for auto -restarts. The minimum is 8 hours”.
  • After you set the Active Hours, click the Apply and OK buttons to save the changes made.
Read More
How to get rid of My Maps Wizard

My Maps Wizard is a browser extension for Google Chrome Developed by Mindspark Inc. This extension offers users access to different websites that offer route planning, map views, and other traveling tools.

While all this might sound interesting and useful, this extension has been marked as a Browser Hijacker by several popular anti-virus applications.

When installed this extension changes your default home page and new tab page to MyWay.com or Ask.com depending on the extension version. It also monitors and records user browsing activity that it later uses to display sponsored / unwanted ads throughout your browsing sessions. While browsing the internet with this extension active and installed you will see additional pop-up ads, sponsored links, and injected ads into search results.

About Browser Hijackers

Browser hijacking is a form of unwanted software, often a browser add-on or extension, which causes modifications in the browser’s settings. There are lots of reasons why you may experience a browser hijack; however commercial, advertising, and marketing are the primary reasons for their creation. It redirects you to the sponsored websites and injects ads on your internet browser that assists its creator to generate earnings. Although it may seem naive, these tools were created by malicious people who always attempt to take full advantage of you, so that hackers can easily earn money from your naive and distraction. Browser hijackers could also allow other harmful programs without your knowledge to further damage your personal computer.

How you can know whether the web browser is hijacked?

There are numerous symptoms of web browser hijacking: 1. you notice unauthorized modifications to your web browser’s homepage 2. you find new unwanted favorites or bookmarks added, usually directed to ad-filled or pornography sites 3. the default search engine and the default web browser settings are altered 4. you find many toolbars on the internet browser 5. never-ending pop-up ads appear and/or your browser pop-up blocker is disabled 6. your browser has instability problems or exhibits frequent errors 7. you can’t visit specific websites such as homepages of anti-malware software.

So how does a PC get infected with a browser hijacker?

There are a number of ways your PC can get infected by a browser hijacker. They generally arrive by way of spam email, via file-sharing websites, or by a drive-by download. They may also originate from any BHO, browser extension, toolbar, add-on, or plug-in with malicious intent. A browser hijacker may also come bundled up with some freeware that you unwittingly download to your PC, compromising your internet security. An example of some infamous browser hijacker includes Conduit, Anyprotect, Babylon, SweetPage, DefaultTab, RocketTab, and Delta Search, however, the names are often changing. Browser hijacking can lead to severe privacy problems and even identity theft, affect your web browsing experience by taking control of outgoing traffic, drastically slows down your personal computer by consuming lots of system resources, and cause system instability as well.

Learn how to remove a browser hijacker

Certain browser hijacking can be quite easily stopped by finding and eliminating the corresponding malware software through your control panel. Having said that, the majority of hijackers are quite tenacious and need specialized tools to remove them. Furthermore, manual removals require in-depth system knowledge and therefore could be a very difficult task for novice computer users. Industry experts always suggest users eliminate any malicious software including browser hijacker by using an automatic removal tool, which is simpler, safer, and quicker than the manual removal solution. One of the best tools for correcting browser hijacker infections is SafeBytes Anti-Malware. It will help you remove any pre-existing malicious software on your system and provides you real-time monitoring and protection against new internet threats. Employ a system optimizer (such as Total System Care) along with your antivirus software to correct various registry issues, eliminate computer vulnerabilities, and boost your computer performance.

What To Do When You Cannot Install Safebytes Anti-Malware?

All malware is bad, but certain types of malware do much more damage to your computer or laptop than others. Certain malware variants modify web browser settings by adding a proxy server or change the PC’s DNS configuration settings. In these instances, you’ll be unable to visit certain or all of the sites, and thus not able to download or install the required security software to eliminate the computer virus. So what to do if malicious software keeps you from downloading or installing Anti-Malware? There are a few actions you can take to get around this issue.

Install the anti-malware in Safe Mode

Safe Mode is actually a unique, basic version of Microsoft Windows in which just bare minimum services are loaded to stop viruses as well as other troublesome applications from loading. If the virus is set to load automatically when PC boots, shifting to this mode may prevent it from doing so. To get into Safe Mode or Safe Mode with Networking, press F8 while the system is starting up or run MSConfig and find the “Safe Boot” options under the “Boot” tab. Once you are in safe mode, you can try to install your antivirus application without the hindrance of malicious software. Now, you are able to run the antivirus scan to remove computer viruses and malware without hindrance from another malicious application.

Download the security software in an alternate browser

Malicious code may exploit vulnerabilities in a particular internet browser and block access to all anti-malware software sites. The best solution to avoid this issue is to go with a browser that is well known for its security features. Firefox contains built-in Malware and Phishing Protection to keep you secure online.

Run antivirus from a pen drive

Another way is to download and transfer anti-malware software from a clean PC to run a virus scan on the affected computer. Try these simple measures to clean up your infected computer by using portable anti-malware. 1) Download Safebytes Anti-Malware or Windows Defender Offline onto a virus-free computer system. 2) Mount the USB drive onto the same computer. 3) Double-click on the downloaded file to open the installation wizard. 4) When asked, select the location of the pen drive as the place where you want to store the software files. Follow activation instructions. 5) Remove the pen drive. You can now utilize this portable antivirus on the infected computer. 6) Double click the Safebytes Anti-malware icon on the flash drive to run the application. 7) Press the “Scan Now” button to begin the malware scan.

Let's Talk About SafeBytes Anti-Malware!

If you’re looking to download an anti-malware application for your PC, there are lots of tools out there to consider however, you cannot trust blindly to anyone, regardless of whether it is paid or free software. A few are very good ones, some are decent, and some are merely fake anti-malware applications that will harm your PC themselves! You must pick one that is efficient, practical and has a good reputation for its malware protection. One of the recommended software programs is SafeBytes Anti-Malware. SafeBytes has a superb history of excellent service, and customers are very happy with it. Safebytes is among the well-established computer solutions firms, which provide this complete anti-malware software. Using its cutting-edge technology, this software will help you remove multiples types of malware like viruses, PUPs, trojans, worms, ransomware, adware, and browser hijackers.

SafeBytes anti-malware provides a plethora of advanced features which sets it aside from all others. The following are some of the features you may like in SafeBytes.

World-class AntiMalware Protection: Built upon a greatly acclaimed anti-virus engine, this malware removal application can identify and get rid of numerous obstinate malware threats such as browser hijackers, potentially unwanted programs, and ransomware that other typical anti-virus programs will miss. Live Protection: SafeBytes offers complete and real-time security for your PC. It’ll constantly monitor your pc for hacker activity and also provides users with superior firewall protection. Safe Browsing: Through its unique safety rating, SafeBytes informs you whether a site is safe or not to visit it. This will make sure that you’re always certain of your online safety when browsing the web. Light-weight Utility: SafeBytes is a lightweight and user-friendly anti-virus and anti-malware solution. As it uses minimum computer resources, this application leaves the computer power exactly where it belongs to: with you. Fantastic Tech Support Team: You can get high levels of support 24/7 if you’re using their paid version. SafeBytes can keep your personal computer safe from the latest malware threats automatically, thus keeping your internet experience secure and safe. You can be sure that your computer system will be protected in real-time once you put this tool to use. If you want advanced forms of protection features & threat detections, buying SafeBytes Anti-Malware could be worth the money!

Technical Details and Manual Removal (Advanced Users)

To remove My Maps Wizard manually, go to the Add/Remove programs list in the Windows Control Panel and select the offending program you want to get rid of. For internet browser extensions, go to your browser’s Addon/Extension manager and select the add-on you would like to remove or disable. You will additionally also want to totally reset your web browser to its default configuration settings. To ensure complete removal, find the following Windows registry entries on your computer and remove them or reset the values appropriately. But bear in mind, this can be a tricky task and only computer professionals could carry it out safely. In addition, some malicious programs are capable to defend against its removal. You’re advised to do this process in Safe Mode.
Registry: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Shell Folders] Common Startup = C:\windows\start menu\programs\startup [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders] Common Startup = C:\windows\start menu\programs\startup [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices] Whatever = c:\runfolder\program.exe
Read More
Fix Copy & Paste issue in Windows 10
Copy & Paste function is an essential option in properly working Windows, from copying text to weblinks and many other sources like pictures and files it is one of the crucial features in Windows. When the copy and paste feature is not working we are somewhat left in Windows limbo, essentially Windows itself is working but without this specific feature it is very hard, almost impossible to get any work done, if you are an unfortunate user who has faced this particular issue do not worry, we have solutions for you.
  1. Update Windows

    Glitches come in various forms and sometimes they are introduced in updates, check to see if it is available Windows update and if it, download and install it, there is a very high chance that the next update will bring fixes for known glitches.
  2. Disable antivirus

    A good antivirus is an essential piece of software for any PC, however, sometimes it can interfere with the basic operations of windows itself. Disable it completely to see if copying and pasting will start to work, if this is a case, see can you somehow turn options off in antivirus or switch to another one.
  3. Run Check disc

    Corrupted applications and system files can cause issues with Windows functioning, the easiest way to solve this issue is to run build-in Windows Check disk utility and let it scan and fix potential issues.
  4. Run SFC

    If the check disk failed to fix the issue, run command prompt as administrator and type in sfc /scannow, file checker will go through all files and fix if it finds anything including corrupted system files. Reboot your system after the operation completes. Please note that an SFC scan can take a long time sometimes, do not interrupt the scanning process and leave it to finish.
  5. Restart rdpclip process

    Restarting rdpclip.exe can solve the issue. Open task manager and under process find rdpclip.exe, right-click on it and end it, then go to windows/system32 and search for rdpclip.exe and double click it. Please note that you will be able to find this process only if you are on a remote PC machine, on a local user machine rdpclip is not running.
  6. Rollback to the previous system restore point

    If this particular issue was introduced in the latest update and previous solutions have not worked, roll back to the restore point where everything was working as it should.
  7. Stop virtualization

    if you are using virtual software there is a chance that the shared clipboard feature is interfering with Windows, turn the Virtual machine off and try copy & paste again.
Read More
The task image is corrupt/tampered 0x80041321
If you suddenly encountered an error that says, “The Task image is corrupt or has been tampered with”, along with an error code of 0x80041321, read on as this post will guide you on what you can do to resolve this problem in your Windows 10 computer. According to security experts, this kind of error has something to do with a corrupt scheduled backup task wherein each time the task service plans to execute a task, it validates a few things. And if it finds any issue with the integrity or corruption in the registry, it will mark those tasks as corrupt and throws the error 0x80041321. There are several options you can check out to fix the problem. You can try using the Registry Editor to edit and fix the corrupted tasks or you could also delete the schedule keys or the WindowsBackup file, as well as try deleting the task from the Task Scheduler or refresh the User_Feed_Synchronization. But before you of these potential fixes, make sure that you check every option and verify if it’s not associated or trying to run a file which it should not. In addition, make sure that you create a System Restore point as well so that you can undo any changes you will be making if anything goes wrong. Once you have these things covered, refer to each one of the options provided below.

Option 1 – Try to use the Registry Editor to edit and fix corrupted tasks

The first thing you can do to fix the problem is to edit those tasks via Registry Editor, as well as fix the corrupted ones in System32. Before you proceed, keep in mind that since you are dealing with the Backup triggered by the Task Scheduler, you can find the entries for the tasks in different locations. You can find the Task Scheduler at Task Scheduler Library > Microsoft > Windows > Windows Backup, whereas, you can find it in this path in the Registry Editor, HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows NT CurrentVersion Schedule WindowsBackup AutomaticBackup. On the other hand, you can find the Windows System folder at C:/Windows/System32/Tasks/MicrosoftWindows/WindowsBackup. You need to ensure that the name of the task name is the same as everywhere and take note of the name. Once you have these covered, follow the steps below.
  • Tap the Win + R keys to open Run and type “Regedit” in the field and hit Enter to open the Registry Editor.
  • Next, navigate to this key: ComputerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeMicrosoftWindowsWindowsBackup
  • From there, take note of the GUID value in the ID entry of the task under the AutomaticBackup and Windows Backup Monitor folder.
  • After that, you have to remove the task registry entries related to the ID from these locations
    • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCachePlain
    • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheLogon
    • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheBoot
  • Once done, you have to create a temporary copy of the corrupted task file by going to this location: C:/Windows/System32/Tasks/MicrosoftWindows/WindowsBackup
  • From there, look for the AutomaticBackup and Windows Backup Monitor tasks and copy them to a location where you can keep them safe.
  • Next, you have to fix the corrupted task by deleting it from this location: C:/Windows/System32/Tasks/MicrosoftWindows/WindowsBackup
  • After that, you have to recreate the task by going to Task Scheduler > Microsoft > Windows> Windows Backup.
  • Now click on the Action menu and on Import task and navigate to the backup files and import them.
  • Once you’ve created the tasks, run them manually and see if the error is now fixed.

Option 2 – Try to delete the Schedule keys in the Registry

  • Launch the Registry Editor and go to this key: HKLMSOFTWAREMicrosoftWindows NTCurrent VersionSchedule
  • From there, delete all of its sub-keys.
  • Once done, exit the Registry Editor and check if the Backup Tasks are now working.

Option 3 – Try to remove the WindowsBackup file

The next thing you can do to fix the problem is to remove the WindowsBackup file if the first two options didn’t work. It is possible that the problem has something to do with corrupted Task files. The task files are XML files that include parameters, programs to use, and many more. If any of these files end up getting corrupted, the task scheduler will have trouble running it and will throw the “The Task image is corrupt or has been tampered with” error.
  • To delete it, go to C:WindowsSystem32TasksMicrosoftWindowsWindowsBackup.
  • From this location, get rid of all the files. You could also these files via Command Prompt using the DEL command.
  • Once done, go to the Backup and Restore in the Control Panel and set up the Windows Backup again.

Option 4 – Try to delete the task from the Task Scheduler

If you don’t want to delete the files from Windows Explorer, you can delete them instead via Task Scheduler.
  • Open the Task Scheduler and go to Task Schedule LibraryMicrosoftWindowsWindowsBackup.
  • From there, delete both of the tasks and set up Windows Backup again.
  • Once done, go to the Task Manager and run the AutomaticBackup task again and see if it works.

Option 5 – Try to restart the Task Scheduler service

As mentioned, it is possible that the Task Scheduler service could be disabled. You could have disabled it when trying to enhance your computer’s performance and whatnot. Thus, you need to verify if it’s running or not and then restart it.
  • First, you need to tap the Win + R keys on your keyboard to open the Run dialog box.
  • Next, type “services.msc” in the field and click OK or tap Enter to open the Windows Services Manager.
  • You will see a list of Services and from there, look for the Task Scheduler service and double click on it.
  • After that, go to the General tab and click on the Startup Type options and then select “Automatically” from the given list.
  • Click on the “RUN” option and select the “Restart the Service” option.
  • And click on the “After Second Failure” option and then select the “Restart-Service” option again.
  • Now click on the “After Subsequent Failures” tab and select the “Restart the Service” option.
  • Finally, click on the Apply and OK buttons and then run the Task Scheduler and see if the issue is now fixed.

Option 6 – Try refreshing the User_Feed_Synchronization

According to security experts, enabling and disabling the User Feed sync also known as the User_Feed_Synchronization task can help resolve the problem.
  • Tap the Win + X keys and select the PowerShell (admin) option from the menu.
  • Next, type the “msfeedssync disable” command and tap Enter.
  • Repeat the same process but this time run the “msfeedssync enable” command.
Read More
Android malware spies while posing as a Update
New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated. The spyware can only be installed as a 'System Update' app available via third-party Android app stores as it was never available on Google's Play Store. This drastically limits the number of devices it can infect, given that most experienced users will most likely avoid installing it in the first place. The malware also lacks a method to infect other Android devices on its own, adding to its limited spreading capabilities. However, when it comes to stealing your data, this remote access trojan (RAT) can collect and exfiltrate an extensive array of information to its command-and-control server. Zimperium researchers who spotted it observed it while "stealing data, messages, images and taking control of Android phones."

What happens when malicious software is installed

"Once in control, hackers can record audio and phone calls, take photos, review browser history, access WhatsApp messages, and more," they added. Zimperium said its extensive range of data theft capabilities includes:
  • Stealing instant messenger messages;
  • Stealing instant messenger database files (if the root is available);
  • Inspecting the default browser's bookmarks and searches;
  • Inspecting the bookmark and search history from Google Chrome, Mozilla Firefox, and Samsung Internet Browser;
  • Searching for files with specific extensions (including .pdf, .doc, .docx, and .xls, .xlsx);
  • Inspecting the clipboard data;
  • Inspecting the content of the notifications;
  • Recording audio;
  • Recording phone calls;
  • Periodically take pictures (either through the front or back cameras);
  • Listing of the installed applications;
  • Stealing images and videos;
  • Monitoring the GPS location;
  • Stealing SMS messages;
  • Stealing phone contacts;
  • Stealing call logs;
  • Exfiltrating device information (e.g., installed applications, device name, storage stats).

How does it work?

Once installed on an Android device, the malware will send several pieces of info to its Firebase command-and-control (C2) server, including storage stats, the internet connection type, and the presence of various apps such as WhatsApp. The spyware harvests data directly if it has root access or will use Accessibility Services after tricking the victims into enabling the feature on the compromised device. It will also scan the external storage for any stored or cached data, harvest it, and deliver it to the C2 servers when the user connects to a Wi-Fi network. Unlike other malware designed to steal data, this one will get triggered using Android's contentObserver and Broadcast receivers only when some conditions are met, like the addition of a new contact, new text messages, or new apps being installed. "Commands received through the Firebase messaging service initiate actions such as recording of audio from the microphone and exfiltration of data such as SMS messages," Zimperium said. "The Firebase communication is only used to issue the commands, and a dedicated C&C server is used to collect the stolen data by using a POST request."

Camouflage

The malware will also display fake "Searching for the update.." system update notifications when it receives new commands from its masters to camouflage its malicious activity. The spyware also conceals its presence on infected Android devices by hiding the icon from the drawer/menu. To further evade detection, it will only steal thumbnails of videos and images it finds, thus reducing the victims' bandwidth consumption to avoid drawing their attention to the background data exfiltration activity. Unlike other malware that harvests data in bulk, this one will also make sure that it exfiltrates only the most recent data, collecting location data created and photos taken within the last few minutes. If you would like to read more helpful articles and tips about various software and hardware visit errortools.com daily.
Read More
SettingSyncHost.exe High CPU usage
One of the important processes in the Windows operating system is the Setting Synchronization or SettingSyncHost.exe. This process is the one responsible for synchronizing the settings of your computer with other devices. It is the one that replicates settings like OneDrive, Internet Explorer, wallpapers, and so on, to other systems. However, it has been known to cause high CPU usage in Windows 10 and there are times when it causes the system to freeze or system lags. So if you notice that the SettingSyncHost.exe process is causing high CPU usage in your computer, worry not for this post will guide you in fixing them. You have to be cautious when you notice high CPU usages caused by system processes since cybercriminals mostly set the names of viruses in a way that the system or the user won’t be able to identify them. Cyber crooks could name the virus and malware the same as one of the system processes like SettingSyncHost.exe to make it seem like it’s a legitimate process. Thus, you need to keep in mind that original system processes like the SettingSyncHost.exe file are located in the System32 folder. The original SettingSyncHost.exe file is located in the System32 folder. To check for the same, right-click on the troublesome process in the Task Manager and select Open file location. If the place is any other than the System32 folder, run a full system anti-virus scan on the system. The SettingSyncHost.exe causes high CPU usage when it gets stuck in the sync process and is not able to come out of the loop. To fix this problem, you need to follow the solutions offered below but before you proceed, make sure that you create a System Restore point first.

Option 1 – Apply some registry tweak

The first thing you can do is to apply some tweaks to the Windows Registry. To get started, follow these steps:
  • Tap the Win + R keys to open the Run utility and type “Regedit” in the field and then tap Enter to open the Registry Editor.
  • Next, navigate to this registry path: HKEY_CURRENT_USERSoftwareMicrosoftInputPersonalizationTrainedDataStore
  • From there, right-click on the key and select Permissions.
  • After that, check the box next to “Allow” for Full Permission for every user group.
  • Now click on the Apply and OK buttons to save the changes made.
  • Then restart your computer.

Option 2 – Close the Host process for setting synchronization

If the registry tweak didn’t work, you can try to close the host process for setting synchronization, especially if this process continues to hog resources. You can terminate this process by opening the Task Manager. From there, end the process or task of the host process. On the other hand, you can also turn off the Host process for synchronization by opening Settings > Accounts > Sync settings located in the left pane. After that, turn off the Sync setting.

Option 3 – Run the Hardware and Devices Troubleshooter or the Performance Troubleshooter

Hardware and Devices Troubleshooter:

  • The first thing you need to do is click on Start and then on the gear-like icon to pull up the window for Settings.
  • After opening Settings, look for the Update and Security option and select it.
  • From there, go to the Troubleshoot option located on the left-hand side of the list.
  • Next, select Hardware and Devices from the list and open the Troubleshooter and run it. Once it is doing its job, wait for it to complete the process and then restart the system.
  • After the system restarts, check if the problem’s now fixed. If not, refer to the next option given below.

Performance Troubleshooter:

  • Tap the Win + R keys to open the Run dialog box.
  • Type “exe /id PerformanceDiagnostic” in the field and hit Enter to open the Performance troubleshooter.
  • Then click on Next to get started. Wait until the process is completed.

Option 4 – Try scanning your computer using Windows Defender

As mentioned, it is possible that the SettingSyncHost.exe could be infected with a virus or malware. To eliminate it, you have to scan your computer using security programs like Windows Defender.
  • Tap the Win + I keys to open Update & Security.
  • Then click on the Windows Security option and open Windows Defender Security Center.
  • Next, click on Virus & threat protection > Run a new advanced scan.
  • Now make sure that Full Scan is selected from the menu and then click the Scan Now button to get started.
Read More
Can’t type in Win apps, Search, Cortana, etc.
If you are typing inside the Search bar, Cortana, Taskbar, Windows 10 apps, etc., and then everything seems invisible then read on as this post will guide you in fixing this issue. At first, you might think that something is wrong with your keyboard but it really has nothing to do with it. The problem actually lies with the apps from Microsoft Store. Thus, if you can’t type anything in any of the apps from Microsoft Store in Windows 10, refer to the options given below to fix them.

Option 1 – Ensure that ctfmon.exe is running

Ctfmon.exe is a Microsoft process in Windows 10 that controls the Alternative User Input as well as the Office Language bar. In other words, it enables end-users to control the computer using on-screen keyboard inputs, speech, and even pen for various languages. It would be better if you launch the program once by going to the C:/Windows/system32 folder. Doing so will ensure that whatever API is needed for the keyboard typing to work properly again. You also have to make sure that its startup status is not disabled. In addition, you can also try the following steps, alternatively.
  • Open the Task Scheduler.
  • Then go to Microsoft > Windows > TextServicesFramework.
  • And on the MsCtfMonitor, right-click and enable the task.
  • Now restart your computer.
This will ensure that all the text boxes will start to work again. And if the task MsCtfMonitor is missing from the list of tasks, you can import it with the XML file from basics.net. Then download and create a task to run it each time you log in to your PC.

Option 2 – Use the Windows Store Apps Troubleshooter

You might also try running the Windows Store Apps Troubleshooter as it can help in resolving issues with the Windows Store apps. This built-in tool can resolve most of the app-related problems. To use it, go to Settings > Update & Security > Troubleshooting > Windows Store Apps and from there, click the start the troubleshooter button. The Windows Store Apps Troubleshooter will scan the computer for any issues with the Windows store apps and will automatically fix them if it finds any.

Option 3 – Re-register all the Windows 10 UWP apps using PowerShell

  • First, make sure to close all the running applications on your computer.
  • Next, in the Start search, type in PowerShell and right click on the result, and select the “Run as administrator” option.
  • After that, type the following commands to re-register the Windows 10 apps. Make sure to hit Enter on each line:
    • reg delete "HKCUSoftwareMicrosoftWindows NTCurrentVersionTileDataModelMigrationTileStore" /va /f
    • get-appxpackage -packageType bundle |% {add-appxpackage -register -disabledevelopmentmode ($_.installlocation + "appxmetadataappxbundlemanifest.xml")}
    • $bundlefamilies = (get-appxpackage -packagetype Bundle).packagefamilyname
    • get-appxpackage -packagetype main |? {-not ($bundlefamilies -contains $_.packagefamilyname)} |% {add-appxpackage -register -disabledevelopmentmode ($_.installlocation + "appxmanifest.xml")}

Option 4 – Try to run the DISM tool

You can also run the DISM Tool as it helps in repairing the Windows System Image as well as the Windows Component Store in Windows 10. Using this built-in tool, you have various options such as the “/ScanHealth”, “/CheckHealth”, and “/RestoreHealth” which could help in fixing the problem.
  • Open the Command Prompt with admin privileges.
  • Then type in the following commands and make sure to hit Enter right after you type each one of them:
    • Dism /Online /Cleanup-Image /CheckHealth
    • Dism /Online /Cleanup-Image /ScanHealth
    • exe /Online /Cleanup-image /Restorehealth
  • Do not close the window if the process takes a while as it will probably take a few minutes to finish.

Option 5 – Run the System File Checker Scan

System File Checker or SFC is a built-in command utility that helps in restoring corrupted files as well as missing files. It replaces bad and corrupted system files to good system files. To run the SFC command, follow the steps given below.
  • Tap Win + R to launch Run.
  • Type in cmd in the field and tap Enter.
  • After opening Command Prompt, type in sfc /scannow
The command will start a system scan which will take a few whiles before it finishes. Once it’s done, you could get the following results:
  1. Windows Resource Protection did not find any integrity violations.
  2. Windows Resource Protection found corrupt files and successfully repaired them.
  3. Windows Resource Protection found corrupt files but was unable to fix some of them.
  • Restart your PC.
Read More
Disabling File Grouping in Explorer in Windows
Browsing your files on a computer seamlessly is made possible by the File Explorer in Windows 10 as it provides users with a great sense of customization for both listing and performing operations on a file. You have the option to arrange the folders and files being browsed by their name, type, date, size, and so on. Moreover, files that share a common attribute can be also be grouped accordingly using the grouping feature. However, there are times when instead of helping, it causes some problems for some users. This is why in this post, you will be guided on how you can disable the File Grouping feature in the File Explorer in Windows 10. There are two methods you need to consider in disabling the File Grouping feature in Windows 10. First, you can disable it for only one folder or you can disable it for all the folders on your computer. For more details, follow the instructions given below.

Option 1 – Disable File Grouping in only one folder

This first option is relatively straightforward and simple which will work if you only want to disable File Grouping in one folder.
  • First, open File Explorer, and go to the folder you want to disable File Grouping.
  • Next, right-click anywhere on that folder.
  • And then select Group by > None. This will disable File Grouping for only that particular folder.

Option 2 – Disable File Grouping in all the folders

If you wish to disable File Grouping in all the folders on your computer, then you need to follow this option. If you have already tried the first one, then continue with the given steps below.
  • Tap the Alt + V key combination.
  • Then tap the Alt + Y keys and then tap Alt + O keys.
  • After that, navigate to the View tab, and under the Folder views section, select Apply to Folders.
  • Now click on the Apply and OK buttons to save the changes made. This will disable File Grouping in all the folders listed in the File Explorer.
Read More
There is No Sleep Option in Power Menu
If the Sleep option is missing from the Power Menu then this could be caused by the power settings, local group policy configuration, etc. in your computer. Based on the reports of users who experience the same problem, the issue occurred after they’ve updated or upgraded their Windows 10 computers. As you know, the sleep mode is quite useful in certain cases and is utilized by most users. If you put your computer in sleep mode, it actually minimizes the power usage of your computer while at the same time keeps your current session running. So if sleep mode is suddenly missing, then that could be a problem but worry not for this post will give you possible fixes to resolve the issue. Make sure to follow each one of them carefully to achieve good results.

Option 1 – Check the Power settings

As mentioned, one of the reasons why the Sleep option is missing could be the power settings in your computer. To check this possibility, make sure that you’ve enabled the sleep mode in the Power options setting window. How? Refer to these steps:
  • First, go to the Start menu, and from there open Control Panel.
  • Next, set the View by Large icons and select the Power Options.
  • After that, click on the “Choose what the power buttons do” option on the left-hand side.
  • Then click on the “Change settings that are currently unavailable” option and make sure that Sleep is checked under the Shutdown settings.
  • Afterward, click on Save changes.

Option 2 – Modify the Local Group Policy

If the Power setting isn’t the cause of the problem, then you might want to check the Local Group Policy and modify it. There is a dedicated policy for showing the sleep option in the power menu and if this policy is disabled, then it’s no wonder why you don’t see the sleep option in the power menu. To change this policy, refer to the steps below.
  • Tap the Win + R keys to open the Run dialog box.
  • Then type “gpedit.msc” in the field and hit Enter to open the Group Policy Editor.
  • Next, navigate to this path: Computer Configuration -> Administrative Templates -> Windows Components -> File Explorer
  • Look for the “Show sleep in the power options menu” option from the right-hand side pane and double click on it.
  • Now change it to Enabled and click on the Apply and OK buttons to save the changes made and restart your computer.

Option 3 – Try to turn on Standby

Standby, also known as InstantGo, is a feature in Windows 8 and 10 that allows users to maintain network connectivity after a computer has been put into sleep mode. Thus, if this feature is disabled, it can cause the Sleep option to disappear from the power menu. To turn it on, follow these steps:
  • Tap the Win + R keys to open Run.
  • And type “Regedit” in the field and tap Enter to open the Registry Editor.
  • Next, navigate to this path: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlPower
  • From this path, look for the “CsEnabled” key on the right-hand side of the pane and double-click on it.
  • Set its value to “1” and click OK to save the changes made.
  • Now reboot your PC.
Note: If you were not able to find the CsEnabled key, then this indicates that your computer does not support the Standby feature. And if that’s the case, proceed to the next given option below.

Option 4 – Try to install a Video Card driver

On the other hand, some users reported that the problem was caused by the video card driver. And if your computer lacks the video adapter driver, it can also cause the same problem. Windows 10 typically install the video card driver on its own, however, there are rare cases when it doesn’t which is why you have to do it yourself manually. All you have to do is go to your manufacturer’s website and look for the video card driver, download it and then install it. Once you’ve installed the video card driver, reboot your computer and check if it has fixed the problem.
Read More
1 2 3 171
Logo
Copyright © 2023, ErrorTools. All Rights Reserved
Trademark: Microsoft Windows logos are registered trademarks of Microsoft. Disclaimer: ErrorTools.com is not affiliated with Microsoft, nor claims direct affiliation.
The information on this page is provided for information purposes only.
DMCA.com Protection Status