ISSUE 16.32.0 • 2019-09-09

Help: customersupport@askwoody.com

In this issue

LETTER FROM THE EPONYMOUS FACTOTUM: Where we’re headed with AskWoody Plus — an update

BEST OF THE LOUNGE: Taming passwords

LANGALIST: When software just won’t let go

DROLL TALES: LABS: Quantum Bot meets Acronym Bot

UPGRADING: Considerations migrating from Win7 to Win10

SECURITY: How to block malware with Windows’ built-in security

LETTER FROM THE EPONYMOUS FACTOTUM

By Woody Leonhard

At the beginning of the year, we took over the then soon-to-be-closed Windows Secrets and made it part of AskWoody. It wasn’t an easy transition — and it’s still a work in progress.

As planned from the beginning, we’ve been working to keep parts of the AskWoody site free to all, while making other parts available only to AskWoody Plus members — those who have supported the site and newsletter through financial contributions.

(Since you’re reading this newsletter, you’re a Plus member and should not experience any significant changes. But if you do, please drop me a line at customersupport@askwoody.com.)

During this transition, we’ve kept all aspects of AskWoody free. We wanted current AskWoody members and former Windows Secrets subscribers to become comfortable with the site and our ongoing efforts to continue the good work of Brian Livingston. It’s also taken more time than expected to build the infrastructure for both paid and free content.

Eight months into the process, we’re now passing a major milestone: we’re moving parts of the site from free to paid. We’ve already shifted Susan Bradley’s Master Patch List over to a Plus members–only page. (Susan has been building out the Master Patch List with information she’s maintained for years.)

As with the AskWoody site and newsletter, Susan’s Master Patch List is also a work in progress. Microsoft has made huge changes to Windows and Office patching over the past couple of years, and the list is adapting to match those developments. Thus, Susan is asking for help from AskWoody readers. If you’re a Master Patch List user, she’d appreciate your input on the list’s format and usability. Mosey on over to AskWoody and let her know what works — or doesn’t work — for you.

Toward the end of the Windows Secrets era, it cost U.S. $39 to $59 per year to see Susan’s patch list updates. Now, as part of the AskWoody Plus–membership effort, it’s on a simple donation basis — you decide how much you want to spend on your Plus Membership (a welcome return to the original Windows Secrets membership concept).

If all goes well, sometime in the next couple of weeks we’ll complete the enormous task of moving all the old Windows Secrets newsletters onto the AskWoody site. The contents will be shown by issue, not by individual articles. But sometime in the future, we hope to publish a master list for most of those articles. In the meantime, the issues should in fairly short order be indexed by Google and the spiders. (Sounds like a rock band, eh?)

The Windows Secrets archive starts with the first Brian’s Buzz, published in February 2003, and chronicles the growth of the newsletter as I joined the crew — then Fred Langa, Susan Bradley, and many other folks whose names you might recognize. As soon as the archive is ready, we’ll launch it on the AskWoody site.

In the near future, only AskWoody Plus members will be able to view the most recent newsletter. As new issues are published, older issues will be opened to non–Plus readers — and the Windows Secrets archives will be freely accessible to everyone. (In the past, most Windows Secrets stories were available only to paid subscribers — no matter how old the article.)

We’re currently building a routine that’ll immediately show you your Plus membership’s expiration date. It’ll also give you an easy way to renew your membership — with a donation that helps keep the AskWoody forum (the “Lounge”) and newsletter alive.

If you haven’t used the free expert help available through the AskWoody Lounge, take the plunge! Make sure you have a username that isn’t an email address (a security requirement), then check out the Forums list to see where best to ask — or answer! — a technology question.

(If your only AskWoody username is an email address, send a message to customersupport@askwoody.com, and I’ll get you switched over. (Tip! You can’t do it by yourself.)

I don’t say it enough, but here’s a huge thanks to all AskWoody Plus members. Your contributions keep this whole shootin’ match afloat. We’re close to breaking even financially, so every donation — big or small — is important and appreciated by the AskWoody crew.

Eponymous factotum Woody Leonhard writes lots of books about Windows and Office, creates the Woody on Windows columns for Computerworld, and raises copious red flags in AskWoody Plus Alerts.

Best of the Lounge

AskWoody Plus member Michael432 has thoughts about the best ways to keep track of unique passwords. Now he’s asking fellow Loungers for their opinions.

Do you save passwords on a sticky note or in a notebook stored in a desk drawer? How many passwords do you have? Do you create them yourself or allow a program to do it for you? Join the debate.

If you’re not already a Lounge member, use the quick registration form to sign up for free.

LANGALIST

By Fred Langa

On the rare occasions that a background software component malfunctions, the associated app might resist user control — or even refuse to run outright!

But the step-by-step process outlined below is almost certain to let you regain control of even the most wayward software.

Plus: Is this an insurmountable Microsoft Word incompatibility?

AskWoody subscriber Marvin Moss has an app he can launch only once! It’ll open again only if he reboots his PC.

His specific issue is with Firefox, but the same kind of problem can happen with any complex piece of software — and the solution likewise applies broadly.

It sounds like Firefox has trouble opening because it’s never really closing.

From your description, “closing” your copy of Firefox is merely closing the visible browser window. I’ll bet lunch that one or more of Firefox’s other software components is improperly remaining alive in the background, even after the “close” command.

Because that component is still running, Firefox never fully closes — and you get an “already open” error when you try to re-launch it.

If you haven’t already done so, try a full Firefox reset (Mozilla support info). It strips out all browser extensions and add-ons (common sources of misbehavior) and returns all browser settings to their default state.

If the problem persists even after a reset, or if a reset isn’t available, then your best option is to manually root out all pieces of the offending software, making sure you take down even the runaway won’t-stop/can’t-stop components.

That means doing more than a conventional uninstall/reinstall. After all, if the software is so seriously broken that it can’t run correctly, there’s no reason to assume that it’ll uninstall itself properly.

You’ll have to add a major verification step between the uninstall and the reinstall to ensure that no trace of the malfunctioning setup remains anywhere on the system: no wayward tasks lurking in the system processes or services, no remnant executables on any drive, and no forgotten or overlooked keys or data left in the Windows registry.

This full uninstall/verify/reinstall process is as thorough as it gets, and it can usually dig out even the most stubbornly clinging software — not just browsers but virtually any software.

The process is easy — though spelling it out makes it look harder than it really is.

It would be extremely unusual for none of the above steps to work. In fact, it’s far more likely that the first few steps listed above — even just the reset alone! — will get things working properly for you.

AskWoody subscriber Ray Merriam is dealing with a strange incompatibility among different versions of Microsoft Word.

That’s an odd failure, complicated by the fact that Word 2007 marked the transition from the old .doc file format to the then-new (and now standard) .docx format. There may well have been some weirdness baked into the code, but even if that were the case, the Word 2007 code is a decade old and no longer supported — so it’ll never be fixed.

I’ll assume you’ve tried exchanging documents in other formats (Word supports some 18 formats in all — not just DOC and DOCX).

I’ll further assume that, when you tried other versions of Word, you first completely removed Word 2007 (or all of Office 2007, if that’s the case) before installing the newer version. If not, the new versions may have picked up and carried over the bug from your malfunctioning setup. (See previous item in this issue for info on how to completely and totally eradicate malfunctioning software from your PC.)

If no Word-compatible file format works, and a clean-reinstall doesn’t help or isn’t possible, your only remaining option is to find a current (i.e., still-supported) Office alternative that has an interface you can live with. There are many available — most are free!

Many of these non-Microsoft productivity suites have a look and feel similar to older versions of MS Office. You didn’t specify what specific aspects of the Word 2003 interface you’re looking for (toolbars, maybe?), but there’s a chance that at least one of the alternatives offers what you seek — or at least something tolerably close.

With you and your fellow document-sharers all using up-to-date (supported) office suites, and with the files saved in a modern, mutually compatible format (e.g., .docx), you should be able to cleanly share documents once again.

Here are some of the best MS Office alternatives I know of. Because they’re free, you can download and test-drive as many as you wish until you find one that works the way you want.

Top recommendations:

Others:

Still more:

Fred Langa has been writing about tech — and, specifically, about personal computing — for as long as there have been PCs. And he is one of the founding members of the original Windows Secrets newsletter. Check out Langa.com for all Fred’s current projects.

DROLL TALES

By Aaron Uglum

LABS / Twitter / Instagram

UPGRADING

By Susan Bradley

With time winding down on Windows 7 support, more than a few users of that venerable OS are looking for some upgrade clarity.

Top-of-mind for many Win7 users is how painful it’ll be moving to Windows 10. Are in-place upgrades still legal? Does Microsoft care? Can I migrate to Win10 and keep my current setup? Is it free?

Good news! Yes, there is a path from Win7 to Win10 that keeps all your applications installed. There are, of course, a few gotchas. After the upgrade, the drivers for older scanners and printers may no longer work. And you might need to create short cuts for applications you want to have on the desktop. But for the most part, Microsoft has worked out the in-place-upgrade bugs and boiled migrating down to a relatively painless process.

Getting started is easy: just go to Microsoft’s Download Windows 10 page and click Update now. The process may take anywhere from several hours to under an hour, depending on your system’s configuration, its speed, and your Internet bandwidth.

In some cases, the upgrade might be stopped (or “blocked”) due to an incompatible application. In that case, the updating tool will warn you that certain apps need to be uninstalled. It will also list drivers and software that will no longer function once Win10 is installed. At that point, you can cancel the upgrade, with no change to your current Win7 setup.

Recently, I upgraded my dad’s reasonably new Win7 system with no ill effects. But as I worked through the process, I wondered whether you should migrate to Win10 in all cases. If your computer was built before Windows 10 was even in beta testing, I’d argue that it might not be a good candidate for the upgrade.

Forget Microsoft’s minimum configuration for Win10. I’ve found that Win10 machines should have a minimum of eight gigs of RAM, and they should be running in full 64 bits — both hardware and software. For the best security, the system should also support Unified Extensible Firmware Interface (UEFI; more info) and Secure Boot.

Sometimes the best thing you can do for a Win7 machine that has served you well is to put it out to pasture, so to speak. Keep it around for those old programs (such as those classic games) you want to hang on to or that won’t work on Windows 10. Just be sure you don’t use it for surfing the Internet.

For your daily activities that need security, dependability, and speed, purchase a new Windows 10 machine. If funds are tight, you can look online for refurbished PCs coming off lease. Because they’re still relatively new, they make great machines for starting your Windows 10 journey.

We are creatures of habit. It’s likely that once you’ve upgraded to Win10, you’ll want to make your new system look like your old Win7 machine. Keep in mind that Win10’s user interface is more like Win7 than was that of the original Windows 8. On desktops and standard notebooks, most Win10 users won’t see the jarring “Tablet mode,” with its full-screen apps and oversized tiles.

Oh! … And if you find you really miss the Windows 7–style start menu, you can replicate it with either Classic Shell or Start10.

In past years, one of the compelling reasons for not migrating off Win7 was Windows patching. Managing the updating process in Win7 was far easier than in subsequent versions. Fortunately, Microsoft has finally read the users’ memos and provided better patching controls in Win10. Here’s our primary Win10-update recommendation:

Do not use Win10 Home! Upgrading to Professional will give you more control over when updates are installed on your system. And that’s important because Microsoft doesn’t have a sterling record on patch quality.

Unlike Home, Win10 Pro includes the Group Policy Editor (gpedit.msc), where you can make changes to the “local group policy” to push off both “Feature” and monthly “Quality” updates.

To make the change, follow these steps:

Deferring quality updates (which include security fixes) for 15 days gives Microsoft (and us) time to determine whether there are patch issues. Putting off feature updates (e.g., Win10 1803, 1809, 1903, etc.) for nearly a year is a matter of convenience — I can manually install them at any earlier time, once any major problems have been quashed.

So now you know you can do an in-place upgrade from Windows 7 to Windows 10. But is it legal to do so? There’s been a long-standing argument on various venues and listserves that not paying for an upgrade to Win10 must be legal — because it’s possible to do so, and because Microsoft is turning a blind eye to it.

Many users and pundits point to a ZDNet article that tap-dances its way around the issue. However, the Windows 10 End User License Agreement (EULA) specifically states, “You are authorized to use this software only if you are properly licensed and the software has been properly activated with a genuine product key or by other authorized method.”

Microsoft offered free upgrades when Win10 was first released, but those offers have expired. Upgrading without paying for a legitimate license is risky — especially for small businesses that may be subject to Microsoft’s software-asset audits. Typically, a small company’s exposure to audits increases if it purchases software through Microsoft’s volume-licensing program. As noted on Microsoft’s licensing site:

“If you are found without the proper licensing, you will need to purchase the needed licensing to make your firm whole. If you are not budgeting for this, a lump-sum cost to become legal can be expensive. Alternatively, if you find you are not in compliance, you can opt to subscribe to one of the Office 365 plans that include Windows licenses.

In the small-business space, we’re normally not subject to a legal compliance audit; rather, we get contacted for a voluntary software-asset management process.

(Note to Microsoft: I was contacted to discuss my software licensing and was surprised and offended to discover it’s an up-sell to Office 365. I can understand a business’s right to ensure that we are paying our fair share for software licenses, but I have a real problem when a company uses that process to market a different product to me. One shouldn’t use the threat of a licensing audit and the implied implications of a heavy-handed BSA audit as a selling platform.)

In summary: Can you easily do an in-place upgrade from Windows 7 to Windows 10 now? Yes! Will it activate and indicate that it’s a valid Windows 10 because Microsoft still lets this process occur? Probably. Is it a legal copy without owning a valid product key? No! Confused? Undoubtedly.

So you can end up in this gray area — where your updated Win10 machine is activated but you don’t actually have a valid copy. I just wish Microsoft would honestly and transparently say so as well — or fully enforce its own licensing.

Now is the time to prepare yourself for the final days of Windows 7. Purchase a new Win10 machine, and you’ll keep yourself secure and on the right side of MS licensing.

In real life, Susan Bradley is a Microsoft Security MVP and IT wrangler at a California accounting firm, where she manages a fleet of servers, virtual machines, workstations, iPhones, and other digital devices. She also does forensic investigations of computer systems for the firm.

SECURITY

By Lance Whitney

For years, it seems as though Microsoft gave little thought to malware protection. But the latest tools in Win10 are robust and comprehensive.

These days, malware comes in many forms: viruses, rootkits, ransomware, phishing, and others. More than ever, you need to ensure your personal computer is protected. Until recently, your best bet was to use a full-time, third-party anti-malware product. But if you’re running a current version of Windows 10, the tools built into the OS are now probably all you need.

Those tools include real-time virus protection, manual scans, offline scans, and more. Here’s a quick summary of Win10’s anti-malware features you should review and possibly tweak.

Most of Win10’s malware protection is found in the Windows security-settings section. To get there, open Settings and click Update & Security, then select Windows Security in the left column of options.

The main Windows Security screen gives you a list of “Protected areas,” each with a status indicator (see Figure 1) — in this example, checkmarks in green circles that show everything is good. (Clicking the Open Windows Security button is a bit puzzling — it takes you to a slightly more detailed security window.)

Figure 1. The opening screen for Windows Security gives you a quick system status.

The first step in ensuring your system is clean of malware — especially if Windows is acting oddly and/or you suspect an infection — is to run a system scan. Click Virus & threat protection and then look under “Current threats” for the Scan options link. In the next window, you have several choices: Quick scan, Full scan, Custom scan, or Windows Defender Offline scan. (See Figure 2.)

Figure 2. As with any good anti-malware app, Windows Security offers several types of scans.

Typically, a Quick scan should suffice; it checks all folders and files that are likely to harbor infections. You might run a Full scan if the quick scan doesn’t turn up anything but you still suspect there’s a virus in the system. A Custom scan is helpful if you wish to scan a specific area, such as an external drive or mapped network drive.

Malware can be quite adept at hiding on your PC — while Windows is running. The solution is to boot the machine with another operating system and run a malware scan from within that other OS (Linux, for example). This lets the anti-malware software look deep into the installed version of Windows, and it’s about the only effective way to find and remove viruses such as rootkits (info).

The Windows Defender Offline scan option (more info) uses this trick. It’ll reboot your system and then run its anti-malware tools from a specialized and separate version of Windows.

To start, let’s take a look at Quick scan. After selecting that option, click the Scan now button. The process should take just a few minutes, and Windows Security should automatically remove any malware it finds. After the scan is finished, you’ll see the results in the same window.

With the quick scan done, click the left (back) arrow to return to the main Virus & threat protection screen. Under Virus & threat protection settings, click the Manage settings link. You’ll now see three options: Real-time protection, Cloud-delivered protection, and Automatic sample submission. They should all be enabled, as shown in Figure 3.

Figure 3. In the Virus & threat protection settings window, ensure that the first three options are enabled.

The next option — Tamper protection — was introduced with Win10 Version 1903. Its purpose is to prevent malicious apps from changing Windows Security settings such as real-time protection and cloud-delivered protection. According to Microsoft, it should be turned on by default — and it should be, to provide an extra layer of protection. Note, however, that if Tamper protection is active, you might bump into problems when trying to change security settings through third-party programs. The simple solution is to temporarily turn tamper protection off.

Next up, Controlled folder access should also be enabled; it prevents malicious programs from changing system and personal-profile files and folders. Click on the Manage Controlled folder access link (which opens the Ransomware protection window) and flip the switch to “On” (see Figure 4).

Figure 4. The Controlled folder access option prevents malicious apps from making unwanted changes to Windows files, folders, and memory.

Clicking the Protected folders link lets you see what’s protected. If “Controlled folder access” proves too aggressive and blocks a desirable (and safe) app, you can select the Allow an app through Controlled folder access link and add it to an exceptions list (more info).

Now return to the Virus & threat protection settings screen. The next option — Exclusions — lets you add files or folders that you don’t want scanned by Windows Defender. The only items you should need to enter are legitimate files, folders, file types, or processes that Windows Defender incorrectly flags as malicious.

The final Notifications settings control where and how you’re notified of certain security events. To check current settings and make changes, click the Change notification settings link. By default, every option should be enabled — I recommend leaving them that way.

Next, go back to the main Virus & threat protection screen. Windows should automatically keep your security software updated. To manually download new virus signatures, click the link under Virus & threat protection updates and then select the Check for updates button (see Figure 5).

Figure 5. You can be sure you have the latest virus information by clicking Check for updates in the Protection updates window.

The final major option under Virus & threat protection is Ransomware protection. You’ve already seen this screen — it was enabled when you turned on Controlled folder access. All current versions of Windows 10 include an option to set up OneDrive as a backup location, in case any of your important files are corrupted or lost due to malware. (Whether you use OneDrive or another service, you should always have local and online backups of your critical files and documents.)

Finally, you’ll want to check out the other Windows Security categories, including Account protection, Firewall & network protection, Device security, and others. But if you do nothing else, at least review your Virus & threat protection settings — it’s a solid step toward protecting yourself, your computer, and your critical files.

Lance Whitney is a freelance technology reporter and former IT professional. He’s written for CNET, TechRepublic, PC Magazine, and other publications. He’s authored a book on Windows and another about LinkedIn.

Publisher: AskWoody LLC (woody@askwoody.com); editor: Tracey Capen (editor@askwoody.com).

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody, Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody LLC. All other marks are the trademarks or service marks of their respective owners.

Your email subscription:

• Subscription help: customersupport@askwoody.com

Copyright © 2019 AskWoody LLC, All rights reserved.