ISSUE 17.5.0 • 2020-02-03

Help: customersupport@askwoody.com

In this issue

TROUBLESHOOTING: Tools for monitoring drive health

BEST OF THE LOUNGE: Do-it-yourself notebook repair

LANGALIST: Locked out due to one broken keyboard key?

PATCH WATCH: Microsoft agrees to clean up a small Win7 mess

YEARLY TOC: AskWoody Plus Newsletter — 2019 articles

TROUBLESHOOTING

By Lance Whitney

Today’s PC storage media — traditional disk-based drives and newer solid-state models — are remarkably reliable.

And that’s sort of a problem: we can become lulled into forgetting that they do fail — that there’s always a chance of a catastrophic malfunction, especially as the drive ages. So it’s good practice to periodically check your drive’s health and find potential errors before they result in lost data.

There’s a plethora of utilities for checking the reliability and condition of both traditional platter-based drives and solid-state drives. Most use information gathered by the Self-Monitoring, Analysis, and Reporting Technology (S.M.A.R.T. or, simply, SMART) tools built into nearly every modern drive.

Drive-health apps act as the interface to the SMART system, displaying the collected data in a relatively accessible and digestible format. (In truth, they provide more data than most PC users will ever need or understand.) Some also include additional tools such as separate read/write scans and even drive-wiping.

As you use these utilities, you’ll notice that there’s a lot of esoteric technology related to drives. Two you’ll run across are automatic acoustic management (AAM; more info) and advanced power management (APM; more info). You’ll typically want to ignore them — except possibly to check whether they’re enabled. In most cases, it’s probably better to have them turned off.

Note: Drive-health apps will report the same SMART stats, but they’ll differ in how they interpret that information. So while some might report that certain SMART numbers represent a serious issue, others might not. They may also provide different predictions of overall drive health.

Here’s a sampling of drive-health apps. They’re all free and support both traditional drives and SSDs.

If you’re just looking for basic SMART stats, CrystalDiskInfo (see Figure 1) is up for the task. But it’s otherwise a relatively bare-bones package. The Health Status button gives a simple “Good,” “Caution,” “Bad,” and “Unknown” indication of drive status. (It also gives a somewhat mysterious percentage on SSDs.) Below that is a drive-temperature gauge. Other displayed details include drive specs such as firmware, serial number, interface, buffer size, and power-on count and hours. The lower half of the main screen shows the drive stats collected by the SMART system over time.

Figure 1. CrystalDiskInfo is a basic tool for displaying SMART data. But it will also send alerts of possible drive errors.

You can generate graphs of key data and change specific details — though you might have to hunt for them. For example, to switch the temperature reading from the default Celsius scale to Fahrenheit, you must click Function/Advanced Feature/Temperature Type. You can also set up CrystalDiskInfo to send email-based alerts, should your hard drive start to develop any problems.

There’s online help for this app, but it’s rather thin. CrystalDiskInfo is probably best for system admins who know the ins and outs of drive stats and who want to receive alerts when a drive on a managed system is running into trouble. The app comes in both portable (zipped) and “installed” versions.

If you’re looking for a drive utility that’s more user-friendly and has an extended set of tools, HDDScan is a better bet. It will display SMART data, but it also has its own set of drive-scanning options. The main menu has just three buttons: SMART, TESTS, and TOOLS — which includes the temperature monitor.

The SMART button displays a list of specs, and your only options are to save the report to file or print it. Clicking TESTS pops up four options: VERIFY, READ, BUTTERFLY, and ERASE (see Figure 2). The first three of these exercise the drive and report any errors found. You can queue up one test after another and then just let them run unattended to thoroughly analyze your drive. Obviously, you’d select the ERASE option only if you want to scrub everything from a drive.

Figure 2. HDDScan includes its own set of drive-health tests — plus drive-wiping.

HDDScan can also reveal additional information about drives in the TOOLS section (see Figure 3). For example, clicking TOOLS/DRIVE ID displays a wealth of details about the drives it finds — including interface type, sector size, and level of Direct Memory Access (DMA) support.

Clicking TOOLS/SMART TESTS gives you access to three additional tests: Short, Extended, and Conveyance (which checks for “transportation issues”). The short test is ideal when you want to run a quick check of a drive’s performance. The extended test is, as you might expect, more thorough, but it can take hours to complete.

Figure 3. HDDScan’s TOOLS section

HDDScan is portable — there’s no formal installation — and its limited help is on the hddscan.com home page. It’s a good, general-purpose drive-health utility.

The primary selling point for GSmartControl is its cross-platform support. There are versions for Linux distros, FreeBSD, macOS/Darwin, Windows, and others. As with HDDScan, GSmartControl digs out SMART details and also offers short and extended tests.

Unlike HDDScan, GSmartControl starts out with a quick and basic drive test — simply click the icon listing your drive to see whether it passes, as shown in Figure 4.

Figure 4. GSmartControl has a simple interface that begins with a basic drive test.

Double-clicking the icon opens a more-detailed screen that displays a trove of data about the drive. However, most of that information is displayed as simple text logs, so you’ll have to wade through a lot of technical minutiae.

The General tab shows drive specifications such as model number, capacity, interface, and much more. Attributes tells you whether the drive has failed any specific tests or tasks.

The Statistics section displays information gathered over the life of the drive, including hours in use and temperatures. (This feature doesn’t work with some drives.) The Self-Tests section is where you can run the short and/or extended tests that are built into the drive (see Figure 5).

Figure 5. GSmartControl running a short drive-health test

The Error Log displays any recorded errors found in the tests, and Temperature Log shows the drive’s current temperature plus, on most drives, historical data. The Advanced tab gets you into the deep weeds of drive stats.

GSmartControl comes in both “installed” and portable versions. Documentation is sketchy and found online. It does give a summary of command-line options.

PANTERASoft’s drive-monitoring tool HDD Health is designed to continually audit drives and alert you of possible problems. Once the app is installed, it lives in the Windows notification area. You can get a quick report on drive health and temperature by simply hovering over its icon. Double-click the icon to open the app.

Drive health is reported as a percentage, based on changing SMART stats. The Hard drives tab displays general information about a selected drive, including color-coded health and temperature bars (see Figure 6). The Partitions section shows total and free space for each partition on the drive, and System gives tidbits about your PC’s processor. (Annoyingly, I could not find a way to change the temperature gauge scale from Celsius to Fahrenheit.)

Figure 6. HDD Health provides continuous information on predicted drive health.

To see specific SMART information, click the Drive menu at the top of the window and select SMART Attributes. Select Extended Info to see more details on the drive such as its model number, interface, and serial number. Here you can also find out which specific drive features are supported, including DMA, write cache, and power management.

HDD Health’s few options are found under the File menu, where you can select whether the program starts automatically. You can also customize how and when the app sends alerts (see Figure 7).

Figure 7. HDD Health lets you configure alerts via sounds, popup messages, emails, and network messaging.

There are, of course, other third-party drive-monitoring tools, as an online search will show. You should also check for any drive tools provided by the drive’s manufacturer.

Running any of these apps periodically — and especially when you suspect drive trouble — is good insurance against an unexpected and catastrophic drive failure and data loss (as are, of course, regular system backups).

Lance Whitney is a freelance technology reporter and former IT professional. He’s written for CNET, TechRepublic, PC Magazine, and other publications. He’s authored a book on Windows and another about LinkedIn.

Best of the Lounge

When Plus member Slowpoke47’s aging Acer laptop went dark, the early speculation was a failing battery. Could that account for a screen that’s too dim to read?

Not one to throw out something that can possibly be fixed, Slowpoke47 posted that supposition on the Lounge — and quickly received helpful suggestions. With trusty multimeter in hand, Slowpoke47 cracked open the laptop and tested various components. Ultimately, a new screen put the portable back into full service.

If you’re not already a Lounge member, use the quick registration form to sign up for free.

LANGALIST

By Fred Langa

When your keyboard malfunctions, common PC tasks such as simply typing in your sign-in password can become difficult — or even impossible.

But every copy of Windows offers an easy-to-access on-screen keyboard that can help keep you going until your physical keyboard is repaired or replaced. Here’s how to instantly access and use that virtual keyboard.

Ross Taylor asked:

The first thing I usually do is mutter a long string of expletives. A malfunctioning keyboard can be massively frustrating — it can be a struggle to do much of anything with your PC, including signing in. Grrr!

When I’m done cursing, I regain control over my PC with these three steps: an emergency workaround, an interim fix, and a permanent repair.

Step 1 – The emergency workaround: This initial fix truly takes only seconds to implement. All current versions and editions of Windows offer the built-in On-Screen Keyboard (OSK; sometimes also called a soft keyboard). The Windows OSK is not limited to laptops and touch-enabled PCs; it works on any Windows PC.

The OSK is part of Windows’ always-available Ease of access settings. This accessibility feature is primarily designed to assist users who have dexterity or vision issues. But its features and settings can also be used by anyone whose PC is having keyboard or display problems.

Because these settings are fundamental to the OS, they’re always readily at hand. For example, Windows’ default sign-in/unlock screen typically shows three icons in the lower-right corner: Network (or Internet), Ease of access, and Power. (See Figure 1.)

Figure 1. The Ease of access icon is typically found in the lower-right corner of the sign-in screen.

Just click the Ease of access icon, and the menu shown in Figure 2 will appear. Next, click the menu entry On-Screen Keyboard (see Figure 2) — a more-or-less standard 81-character keyboard will appear on your screen (see Figure 3). You can resize and reposition the keyboard as needed.

Figure 2. The common Ease of access settings — including On-Screen Keyboard

Figure 3. Windows’ virtual keyboard

To use the OSK, start by clicking the input field or text-entry area where you’re trying to type (so Windows knows where the characters are supposed to go). Next, simply click the virtual keyboard’s keys as needed, and the characters will appear in the designated area.

For example: To sign in, first click the PIN or Password field area to indicate where you want the characters to go, then click the appropriate OSK keys to enter your PIN or password. You’ll be signed in normally. Easy!

If you’re already signed in to Windows and need the OSK, you can call it up instantly, anytime, with this three-key combination: WinKey + Ctrl + O. If you can’t type the three-key combination because, say, the “Ctrl” key isn’t working, you can call up the virtual keyboard by typing OSK into the Windows search box and selecting On-Screen Keyboard when it’s offered. If none of the keys is working, mouse to Settings/Ease of access/Keyboard, and turn on the toggle under Use the On-Screen Keyboard.

One of the oddities in the OSK is its Options key (Figure 4), which opens a box containing some potentially useful settings.

Figure 4. The OSK’s Options key calls up a dialog box of keyboard settings.

The current (Win10/1909) options are:

There’s some additional OSK information available on the Microsoft Support page “Use the On-Screen Keyboard (OSK) to type.” But, alas, like too many of the current MS online help pages, some of the information is either out of date or just plain wrong. For example, my explanation for Show keys to make it easier to move around the screen is correct. But the Microsoft support page says, “Use this option if you want the keys to light up as you type.” Huh? This setting has nothing to do with that; the OSK keys always light up when you click them. Come on, Microsoft!

The OSK can be a lifesaver in emergencies, but let me say this up front: typing on it isn’t fun. Mousing around a virtual keyboard is a lot slower and clunkier than typing on a real one. Yes, you’ll be able to sign in and use your PC via the OSK, but with reduced speed and efficiency.

So, once the emergency is over, you’ll want to move on to a better fix right away.

Step 2 – An interim broken-keyboard workaround: Your car probably has a spare tire, right? It’s likely to be one of those compact, “donut” temporary spares, intended to keep you rolling for a short distance until you get the real tire repaired.

The OSK solution is handy when you’re traveling, but at home or office, it’s a good idea to have a “spare” keyboard on hand. I keep a generic and inexpensive (about U.S. $10) USB keyboard in my closet. If anything goes wrong with my daily-use keyboard, I can quickly swap in the spare and immediately pick up where I left off. The spare is a wired keyboard, so there are no Bluetooth drivers or dongles to install or configure — and no batteries to recharge.

Surely, the $10 keyboard won’t be as heavy-duty and comfortable as your standard device — like a car’s spare tire, it’s best suited for short-term use. But even a cheap physical keyboard is likely to be much better to type on than the virtual OSK. And it’ll certainly serve until your main keyboard gets fixed or replaced.

Where can you find very inexpensive, keep-as-a-spare keyboards? Oh, just about everywhere, as this Google search shows: usb+keyboard. Really! Ten-dollar (and under!) keyboards are common.

Step 3 – A permanent fix for a broken keyboard: No mystery here: when feasible, repair or replace the original defective keyboard. There’s a world of excellent Bluetooth and plug-in (USB) keyboards available for just about every typing preference and budget.

But no matter what, while you’re sorting out the repair or replacement, your spare keyboard — or even the OSK — can keep you typing in the meantime.

By the way: While you’re checking out the OSK, note Windows’ other Ease of access features. For example, Narrator can speak aloud Windows’ menus, dialog boxes, and some app contents to help you navigate and use Windows — even if your PC’s display is dead or malfunctioning.

You can also use Win10’s built-in voice recognition to speak aloud some kinds of Windows and app commands — and to record free-form speech-to-text dictation. (It requires prior setup.) For more information, see the Microsoft support articles Use voice recognition in Windows 10 and Use dictation to talk instead of type on your PC. Supported voice commands are listed in the article Windows Speech Recognition commands.

For more overall information on Windows’ Ease of access options, see the MS Support article “Make your PC easier to use,” or visit the main Microsoft Accessibility site.

Fred Langa has been writing about tech — and, specifically, about personal computing — for as long as there have been PCs. And he is one of the founding members of the original Windows Secrets newsletter. Check out Langa.com for all Fred’s current projects.

PATCH WATCH

By Susan Bradley

The NSA might have rained on Windows 10’s patching parade in January, but most of the attention was focused on the demise of Windows 7.

You’d think Microsoft would get the last batch of free Win7 updates right — but apparently not. January’s Patch Tuesday fixes broke Win7’s wallpaper. If you used the “Stretch” option for background slide shows, you ended up with just black! Microsoft’s initial response? The fix would be offered only to those who had purchased Win7 Extended Security Updates (ESU) keys.

Really, Microsoft? Sure, it’s a relatively minor problem … but you’re going to end general support for a still-widely used OS by breaking it? Fortunately, saner minds prevailed; Microsoft backtracked and stated that a fix would be released to all. We don’t yet know how or when, but it’s reassuring when Microsoft cleans up after itself.

Is your Win7 system still getting the upgrade-nag popup? Keep in mind that it’s not too late to purchase a Windows 7 ESU license by filling out the Harbor Computer Services request form. For more info on ESUs, see my article and discussion via an AskWoody post.

Other January patch notes: The first 2020 updates for Windows 8.1 and 10 workstations appear to be playing nicely. But I am tracking some isolated issues with Windows Server fixes. For example, there are reports of constant reboots after installing monthly rollup KB 4534297 on domain controllers running Server 2012 R2. At this time, there are no workarounds — the only solution is to uninstall the update.

Microsoft has resumed posting preview updates for most versions of Windows. As always, these updates are completely optional, and we don’t recommend installing them on production systems.

Chromium-based Edge: The new Edge might have a better core, but keep in mind that any bug impacting Google’s Chrome will also be felt by Microsoft’s latest Edge edition. The real question is whether Microsoft’s documentation will be able to keep up with Chromium’s fast updating cadence. For example, Microsoft waited until January 28 to post an advisory that the new Edge had been updated on January 15.

Given “classic” Edge’s rather unimpressive history, I recommend checking out New Edge (aka Edge Chromium, aka Chredge). Of course, many of you are already using one of the alternatives: in addition to Google Chrome and Firefox, consider old standards such as Opera, Brave, and Vivaldi.

Exploits du jour: As I noted in the previous Patch Watch, 2020 patching started off with a bang in the form of a U.S. National Security Agency advisory. The NSA took the extraordinary step of recommending that all Windows 10 users immediately install Microsoft’s January updates to block CVE-2020-0601 (aka crypt32.dll).

As yet, there are no reports of in-the-wild attacks using this exploit. (It’s still mostly “proof of concept.”) In fact, I would not expect to see headlines about actual crypt32.dll attacks — it’s a bug that can silently wiggle into systems. More important, the major antivirus vendors are incorporating defenses into their products, and Windows Defender will sense when a maliciously signed certificate is being used.

In the previous Patch Watch, I was more concerned about vulnerabilities related to Remote Desktop (a client-side app) and Remote Desktop Gateway, often used by businesses for allowing remote access to their systems. Of the two, RDG was the more worrisome.

Over the past two weeks, I’ve become less anxious about this threat. Currently, CVE-2020-0609 and CVE-2020-0610 can be exploited only from within a network — i.e., it can’t be used remotely (more info). That’s good news: it means an attacker can’t use SSL port 443 for an external connection. At this time, attacks can be launched via port 3391 — a port I’ve never opened when I’ve deployed Remote Desktop Gateway.

Last month’s updates were a real test of potential threats versus waiting to see whether any major patch issues showed themselves. Given the nature of the NSA-revealed vulnerabilities, the early recommendation was that large firms and organizations should patch sooner than usual. That advice turned out to be largely unnecessary. Nevertheless, January’s updates proved well behaved.

What to do: At this time, both business and consumer Windows users should install January’s Windows and Office updates, if they’ve not done so already.

I promise: This is the last time I’ll remind Windows 1803 users that it’s way past time to move up. PKCano posted how to bump up to Version 1809; I recommend Version 1903.

Servicing-stack updates

Cumulative updates

.NET Framework

This month’s .NET updates include security patches, so they need more attention. Note that Win10 1809 has three updates listed. But you should see only one to be installed.

Preview cumulative updates

Here’s the list of preview updates. (There’s no preview for Version 1703 at this time.) Again, we do not recommend installing them on production systems. The following were released on January 23 and 28.

Windows 7 users who are Win10-phobic should consider Windows 8.1. Its monthly rollup format will be familiar.

The workaround for Windows 7’s simple black-wallpaper bug is to use a slide-show setting other than “Stretch” — at least until Microsoft sends us a fix.

Be aware of the ongoing Cluster Shared Volume flaw.

January’s security updates fix a remote-code-execution vulnerability.

Office 2016

Office 2013 SP1

Office 2010 SP2

The following Office non-security enhancements and fixes were released January 7, 2020.

Office 2016

Office 2013 and 2010

There are no new non-security updates for Office 2013 and Office 2010.

It’s a new month of patching. Once again, here are our current recommendations for patching Windows and Office. They may change as Microsoft evolves its updating process.

Stay safe out there.

In real life, Susan Bradley is a Microsoft Security MVP and IT wrangler at a California accounting firm, where she manages a fleet of servers, virtual machines, workstations, iPhones, and other digital devices. She also does forensic investigations of computer systems for the firm.

YEARLY TOC

No doubt about it: 2019 was a banner year for both AskWoody and Windows Secrets. We restored the Windows Secrets newsletter and brought back many of your favorite contributors.

Over the year, we reported extensively on the final days of Windows 7: how to prepare for its end of support, how to choose an alternative operating system, and where to get extended security updates.

But we also published such diverse stories as securing your technology toys (16.2.0), a substitute for Facebook (issue 16.4.0), and a three-part series on using Chromebooks and Chrome OS (16.44.0 – 16.46.0).

And, of course, there were the regular columns: Patch Watch, Best Utilities, and the ever-helpful LangaList.

We know that you have these newsletters safely tucked away in your email archives. But that’s not an easy way to locate specific articles that you might want to read through again. So here’s the full list for 2019.

Thanks for your ongoing support!

Publisher: AskWoody LLC (woody@askwoody.com); editor: Tracey Capen (editor@askwoody.com).

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody, Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody LLC. All other marks are the trademarks or service marks of their respective owners.

Your email subscription:

• Subscription help: customersupport@askwoody.com

Copyright © 2020 AskWoody LLC, All rights reserved.