Help: FreeNewsletter@askwoody.com

ADVERTISEMENT

Duplicate Photo Cleaner Duplicate Photo Cleaner is absolutely the best way to remove duplicate photos from your PC and phone! Tired of cluttered photo albums? Get DPC at a special AskWoody discounted price, and delete duplicate and similar photos from your computer and smartphone in a flash! AskWoody special: Add File Cleaner for just $9.95! Click here to claim your exclusive discount! Duplicate photos won’t stand a chance.

INTRODUCTION

It’s been an absolute delight to hear from all of you — over a thousand! — who lost track of the old Windows Secrets team. It’s been a real lift to receive the many kind words about the old gang. Yes, we’re here, we’re sitll kickin’, and we’re doin’ all we can to make your locked down life a little easier.

I’d like to set down a challenge: If you haven’t been to the AskWoody Lounge lately, please give it a shot. Register for a new username if you don’t already have one (click Register in the upper right corner), then take a look around for topics that interest you. We have very active forums on Windows 10, of course, but we’re also deeply involved in Win7 and Office, along with competing platforms such as Android, Chromebook, iOS, macOS, and (gulp) even Linux.

When it comes to tech questions and answers, we have lots of volunteers ready to help Join us!

— Woody

On Security

By Susan Bradley

If your system crashes with an infamous blue screen of death, consider it a cry for help!

BSoDs have always been an ugly side of Windows. Almost invariably, when Windows takes a powder, it’s at a most inopportune moment: right when you’re on deadline, right when you suddenly remember you haven’t hit Save for a while, right when your system is rebooting from an update. I like to joke that computers somehow know when you have to get something done — and now would be a great time to crash or otherwise malfunction. But blue screens of death are honestly a good thing. They are trying to tell you something is wrong with your computer.

BSoDs have also had a humorous side — when they happen to others. Most of us have at one time or another chuckled when seeing the distinctive blue screen at an airport, shopping mall, or movie theater. Who hasn’t been grateful that BSoDs don’t show up in cars? (The only thing possibly worse was Windows rebooting itself in the middle of a TV weather report. Scattered amounts of reboots, anyone?) Need a bit of a laugh? Check out this Oddee post: “12 Most Hilarious Blue Screen of Death Appearances.”

A BSoD — aka, stop errors, aka fatal exception errors — indicates that a PC has reached a point of extreme instability. BSoDs can result from the failure of almost any system component: hardware, software, drivers, and so forth.

Figure 1. Win10’s BSoD might look a bit friendlier than XP’s or Win7’s, but it still spells trouble.

In most cases, a BSoD displays some sort of error code designed to help a developer or tech find the point of failure. Unfortunately for us mere mortals, the message is gibberish. But then even pros can have difficultly deciphering the clues.

Years ago, we started seeing a rash of BSoDs right after Patch Tuesday. That month saw several updates, so just figuring out which patch was the culprit proved challenging. (This was back before our current all-or-nothing updating.) We were forced to uninstall and reinstall the various patches in an attempt to pinpoint the source.

This was back in 2010, and the miscreant turned out to be update MS10-015. Almost immediately upon its release, Microsoft started receiving calls and posts that customers were in trouble — big trouble. The affected machines wouldn’t boot — not even to Safe Mode! PCs were turned into the proverbial door stop.

In a decade-old YouTube video, Microsoft veteran Dustin Childs discusses the challenges and consequences of updating Windows and Office. About 20 minutes into his talk, Dustin describes how a customer called in to get help with a severe crash problem (MS10-015) from MS Support. Microsoft wanted to solve this issue quickly, for obvious reasons, but couldn’t reproduce the problem in its lab or acquire useful system telemetry. (If a system suffers a BSoD and reboots, it can send event data back to Microsoft.) So the company took the extraordinary step of purchasing the broken machine from the customer.

Eventually, Microsoft discovered that the crashes were a side effect of a malicious rootkit. MS10-015 was reacting to code that wasn’t Microsoft’s. As Dustin says in the video, this patch turned out to be an excellent Windows rootkit testing tool, because it crashed when it sensed defective code entered by hackers. Great for Microsoft, but not so much for its customers. The company then changed Windows kernel updates so they would fail to install when encountering counterfeit code. And it’s also one of the reasons Win10 now has kernel hardening and BIOS protection.

(For the record: Dustin has moved over to the Zero Day Initiative and still writes about Patch Tuesday issues.)

Crashes resulting in blue screens of death are far less common in Windows 10 than they were with XP and Win7. I rarely see them these days. In fact, if you’ve ever noticed Win10 “blink” and rebuild the system tray, you’ve probably suffered what would have been a BSoD in those older OSes. Now those events are just a momentary annoyance.

But let’s just say your Win10 system does crash with a classic blue screen. What will help resolve the problem? As long as the system did not completely stop, Windows should generate a BSoD memory-dump file (memory.dmp). And the tool I like best for examining that information is NirSoft’s BlueScreenView. (The NirSoft site has an excellent collection of PC diagnostic tools.)

The utility lets you see what’s in the dump file, giving you — or a service tech — clues as to the root cause (see Figure 2). If the file is saved to the default c: \Windows folder, BlueScreenView will find it. (Note to advanced users: You can move the memory.dmp file from a crippled machine to a working system and view it with BlueScreenView.)

Figure 2. A Vintage BSOD from a Win Server 2012 R2 system: the crash was triggered by Bitlocker and outdated firmware.

The object of the dump file is to help reveal what file or driver was involved in the crash. BlueScreenView shows you the crash information in date order. Typically, the older the data on a driver issue, the more likely you can ignore it — the driver probably has been fixed or replaced by now. On the other hand, recent entries probably provide a clue to the incident.

For example, if particular drivers are listed in the lower part of the viewer pane, they were in memory when the system crashed — and are good candidates for further investigation. I often find old video drivers listed, in which case I search for newer drivers. In other cases, Googling the stop-error code will give me a hint as to the cause.

Yes, most of the information in a dump file will be gibberish to the average Windows user. But any crash information you can glean might help service techs — or members of the AskWoody Lounge — find a solution.

Bottom line: The next time you get a BSoD, you’ll know that your computer is informing you — in dramatic fashion — that it has a significant problem. Even if you’re not a Windows troubleshooting virtuoso, use NirSoft’s BlueScreenView to gather crash information. And remember, one of your best resources for general computing help is the AskWoody forums.

In real life, Susan Bradley is a Microsoft Security MVP and IT wrangler at a California accounting firm, where she manages a fleet of servers, virtual machines, workstations, iPhones, and other digital devices. She also does forensic investigations of computer systems for the firm.

Best of the Lounge

Upgrading to Windows 10 isn’t everyone’s idea of creating a safer computing environment. Some people are weighing whether to harden their Win7 environment to the extent possible or to take the more challenging step of veering away from Windows altogether.

For Plus member Larry B, staying safe and comfortable online means keeping Win7 fully patched, working in a standard user account, and running a battery of security apps: Microsoft’s EMET, ZoneAlarm Free Firewall, Kaspersky Free AV, and Firefox 75.0.0 in a sandbox. Well, mostly comfortable. As noted in his forum post, Larry prefers to use Linux Lite (more info) for online financial tasks and visiting unfamiliar websites. Larry’s question for fellow Loungers? Which OS is safer to use? And the debate is on.

If you’re not already a Lounge member, use the quick registration form to sign up for free.

	LANGALIST A weird “Known Folders/Event 1002” error By Fred Langa Windows’ system-managed Known Folders (Documents, Desktop, Pictures, Music, Videos, etc.) rarely cause problems. But when they do, the fix can be messy. There are basically two options: a detailed diagnosis and repair — with uncertain outcome — or a crude but almost sure-to-work end run around the problem. It’s your call!
	SMALL BUSINESS COMPUTING COVID-19: Protecting your customers By Amy Babinchak As an IT-services firm that often works directly with our clients, we’ve had to develop policies for safely returning to the field. Those policies aren’t just for our safety; they are also designed to give our clients the comfort and confidence needed to let us back into their offices. (This is a two-way street; we must be assured that the customer has plans for our safety, too.) This requirement isn’t unique to IT firms — every service business needs to establish post-pandemic plans for working with customers, face to face.
	OFFICE The new Office for Android By Lincoln Spector Microsoft recently took a major step in letting us do some work while we’re running around town (which we look forward to doing again, someday). For years, MS Office on Android phones and tablets wasn’t really Office; it was a collection of separate and watered-down versions of Word, Excel, and so forth. But the new Office Mobile for Android (info page) combines Word, Excel, and PowerPoint, along with some additional capabilities, into a single app. The new Office is now a fairly useful suite … for use on smartphones and tablets, especially because it’s still free!