While I'm using my computer a blue window will pop up for a second then go away. The label said windows power shell, I've tried looking at the event viewer but I could not identify anything there since I'm a new user. What could be causing this?
Running windows 10
Sometimes installed programs open up command prompts to run services/init tasks, so its not completely unusual.
I've never seen it happen with powershell however.
it could be innocent and just a program you have installed running init behavior, but it could also be malicious.
the first thing to try is checking what programs are set to startup automatically. if there is a load of bloat, you could try turning off the unnecessary ones and see if it still happens.
but realistically the only real way forward is to get a good quality antivirus, and run a full system scan over your pc to double check. it wont give you 100% certainly as things could possibly get passed it, but realistically if it passes you should be fine
Related
I use Windows-W for something else. For over 20 years now. The muscle memory is strong.
Enter Windows 10: Now, that key is intercepted.
I don't know by what, but my application (which i think is irrelevant to name) isn't receiving it. It's not even a new install, it's one of those programs that you can run out of a folder without installing, carrying it from computer to computer over the yeras. without any behavior ever being disturbed
Windows 10 has grabbed several keys this way.
It seems most solutions out there are about DISABLING the windows key entirely, or DISABLING a specific keystroke (like windows-w in my case).
I don't want it disabled. I want whatever windows is doing to it to stop, and let it pass through the way it did in Windows 7/2K/98/ME [yes going back that far].
A lot of time already spent on this unfortunately.
Recently installed AutoHotKey to remap some keys in order to play a video game. It seemed simple/attractive enough at first. Was not really sure of how it worked but found the .chm file in the download which states in the first line of Usage & Syntax/Using the program:
AutoHotkey doesn't do anything on its own; it needs a script to tell it what to do.
Sounds 'secure' enough to me. Seems like mature software. Maybe overkill (now I know it certainly was overkill) but let's just see how it works.
My remapping was simple enough: change the AWSD keys for the LEFT-UP-DOWN-RIGHT keys. Script syntax is simple enough, just used an example that comes with the install files. Works essentially as expected. Got an annoying pop up after playing the game for a bit from AutoHotKey saying "you've pressed mapped keys 600 times" or something like that. Which was only a little annoying, so I ignored it the first few times. The game I play is real time so getting a even a 5 second interruption while in a match would mean certain loss, so I decided to just disable the script and uninstall.
Lo and behold: when I stop the script, the keys continue to be remapped. Was there some background process running? Maybe. I rebooted only to find that on my Windows login screen my keys continue to be remapped. Huh? Did AHK mess with some registry bindings or something?
I do not know that much about how Windows works, but my vague recollection is that registry bindings is something is active once the OS is active. I search on the web for say 1 hour before I give up for the time being and I end up activating the script again in order to write normally. This works as expected and I literally forget about it until any time I have to reboot.
Honestly a minor annoyance, but due to the world changing very quickly I lately have very few precious minutes that I can actually sit down on my desktop, whereas I used to be able to spend hours on this type of computer issue in order to get to the bottom of it. In other words, my current solution felt good enough. But not anymore. I think something more serious and possibly nefarious may have occurred. I don't want to seem dramatic but I just discovered something else a few minutes ago.
I have a Linux installation on another drive and I just happened to want to load it up after my last Windows blue screen (have gotten a couple of those lately, literally 2 in the space of 2 days and this had maybe only ever happened once before, like 2 years ago, so I am a already concerned about a possible deeper issue). My firmware/bios has a password and guess what I found when I tried inputting it: the keys were still remapped.
At this point I am at a complete loss. I didn't even think this sort of thing was possible. Some OS level software caused a change that was able to be reflected on the bios? Did it affect the keyboard driver? A driver that both windows and the motherboard bios use?
What else have I tried or looked at:
Device Manager claims my Keyboard has 3 instances of "HID Keyboard device". Not entirely sure why it shows 3. Properties show it has 2 driver files: kbdclass.sys and kbdhid.sys, which I suppose are some standard drivers. Not sure how to proceed.
My keyboard is inland (cheapest i could find at microcenter) i am not sure why I cannot find the website for that company. Found some drivers on reddit but they are on some sysadmin's google drive. I will download that exe when i am desperate...
UPDATE
I 'solved' the issue bye getting another keyboard (an old IBM KB-0225) and everything is now in order. I tried disconnecting the Inland keyboard and reconnecting, but after reconnecting I was still experiencing the same issue.
I don't know if I should close this question as there is no longer an issue, but I would like to see if anyone has any other additional theory as to why some software/driver changed occurred inside a keyboard device. As far as I knew, these devices have not internal memory other than possibly some logic gates.
There must be a background process running.
to check that:
note : For windows 10
On your taskbar, click on the ^ button (skip this step if there is no such button)
right-click on the sign.
click on "exit"
If the above steps do not work, try keeping a watch all the time, to see if you notice something uncommon.
I have a computer-based test that takes several hours to complete.
However, the test is timed-out at some point, because my PC "goes to sleep in one way or another".
This is possibly related to the fact that the test consists of two processes which communicate with each other via port, so I'm suspecting that perhaps networking is disabled in some way (even if it's completely "local networking").
I have disabled both screen turn off and sleep in the Settings "page", under Power & Sleep.
Still no luck, the screen is locked with a password at some point, which I suspect causes the test to stop running in the background.
I even followed a procedure that I found on the web to disable screen-lock via Regedit in something like 18 steps (why on earth did this company figure out that this is a reasonable user experience).
Is there a solution to this problem?
Found a (very hacky) solution:
If you keep all windows minimized, then the screen doesn't get locked.
What a great operating system, by such a great company!!!
I'm running a test script from batch file.
Because it is test, the programs are expected to fail once in a while. It is file as long as error code is returned so I can continue and mark specific test as failed.
However there is very annoying behavior of executable files under Microsoft Windows - if something fails it pop-ups window like:
This application has failed to start because foo.dll was not found, Re-installing the application may fix the problem
<OK>
Or even better:
The instruction at "..." referenced to memory at "..." ..
Click on OK to terminate the program
Click on CANCEL to debug the program
The result is known - the script execution blocks till somebody presses "Ok" button. And when we talk about automatic scripts that may run automatically at night in some headless virtual machine, it may be very problematic.
Is there a simple way to prevent such behavior and just make an application to exit with failure code - without changing the code of the program itself?
Is this possible at all?
The answer is following: You need to disable WER.
Simplest description for this I found at http://www.noktec.be/archives/259
Simply (ON XP): Right Click on My Computer > Advanced > Error Reporting > Disable
Voila - programs crash silently!
This does not solves problem when DLL is missing, but this is much rare case and this is good enough for me.
You can suppress AV's and such from showing a dialog box by running your application, or the script (the script engine, like cscript.exe), under a debugger.
Use Gflags.exe, or modify the registry directly, and set Image File Execution Options for the image in question. See this article for details on how to use the appropriate registry keys. You can set it up using a debugger commandline like "C:\Debuggers\ntsd.exe -g -G -c'command'", where you can pass commands to ignore certain types of exceptions in the -c"commmand" argument. This will effectively give you a tool to suppress interactive dialogs as a result of exceptions like AV, and will let the process continue (presumably to immediate end after the exception has occured).
This article explains the commands you can use to control exceptions and events from withing the debugger.
The -g and -G flags make sure that the process won't break into the debugger automatically during process start and end respectively. You'll have to play with the various exception suppression options to make sure that you 'eat' all possible first and second chance exceptiosn that might cause the process to break into the debugger.
Also, if you can tolerate a process being broken into the debugger (as against being stuck showing a dialog box), perhaps that would be a better option overall. You can evaluate each debug break in batch mode at a later time and decide which bugs you care to fix.
It is possible. We used to use IBM's Rational Robot product which could monitor the screen for specific items and, if found, send keystrokes to windows and other sorts of things.
We actually used it for fully automated unit and system testing, much like you're trying to do.
Now I thought that Robot has been through quite a few name changes so it may be hard to find but there it is, right on IBM's web page and with a free downloadable trial for you. It's not cheap, clocking in at a smidgeon under USD5,000 but it was worth it for us.
There's also TestComplete where you could get a licence for just unedr USD1,000 - it touts "Black-box testing - Functional testing of any Windows application" as one of its features and also has a downloadable demo to see if it's suitable before purchase.
However, you may be able to find another product to do the same sort of thing.
I initially thought of Expect but the ActiveState one seems to concentrate on console applications which leads me to believe it may not do graphics well.
The only other option I can suggest is to write your own program in VBScript. I've done this before to automate the starting of many processes (log on to work VPN, start mail, log in and so on) so I could be fully set up with one mouseclick instead of having to start everything manually.
You can use AppActivate to bring a window to the foreground and SendKeys to send arbitrary keypresses to it after that. It's possible you may be able to cobble together something from that if you want a cheaper solution.
How can I find what's hanging all new installations on a Windows box?
While testing an installation script on Windows (XP Pro, if it matters) I've run into a situation wherein any and all attempts to install anything on the system hang waiting on who knows what. When the system is restarted, all queued up attempts at installation then go through their exit paths with pop-ups that report the installation is being aborted due to system shutdown having been requested. Of course, reboots do not cure the problem. The system otherwise runs fine.
So... How can I determine what part of the OS I've wedged? (Something in the registry, I suppose, but I'm a real greenhorn when it comes to Windows.) Most likely, something from a preceding install attempt went awry and is now blocking even though I saw no errors reported. Once I figure this out, I want to put in a check for this sort of thing, possibly at both ends of my install scripts, if that seems reasonable.
Thanks for your input.
UPDATE:
Unfortunately for me, rebuilding from scratch to get to the point the system's in now is about 9 hours. I'd like to unwedge it from where it is now rather than reload (again). Procmon seems great but I haven't got SP2 installed, only SP1! -frown- So, other ideas are welcome.
I assume you've tried logging the install to see where things go wrong?
Try rolling back to before things went wrong using "System Restore", if that doesn't solve it and the MSI log files show nothing useful then I'd take the plunge and reload before wasting any more time on it.
That said, if you're developing installers then taking an image of this PC in it's crappy state could be a worthwhile exercise. Some point in the future when you have more time to debug you can try and figure out what the problem is.
P.S. I'm assuming you're asking this question from the point of view of someone developing an installer and not as a tech-support question... otherwise this question should probably be closed as not-programming-related ;)
Try using Procmon to figure out where the installer is having problems, if you set a filter it will report all file and registry activity for that process.