How to fix Snip & Sketch not working on Windows 10 (Snipping Tool shortcut issues)

I often need to take a screenshot and annotate it a bit before I paste it into a chat, Jira ticket or document. On my Windows system, I love the simplicity of the Microsoft Snip & Sketch app (also known as Snipping Tool), which is always just a shortcut (Win+Shift+S) away. 

Unfortunately, on my work laptop (still running Windows 10), I've recently run into an issue where the shortcut stops working.  When I press the shortcut or even open the app and select to take new snip, no screenshot is taken, and the toolbar doesn’t appear. Instead, I see the cursor spinner for a few seconds, but nothing else happens.

After some troubleshooting, I found a solution, so I thought I'd write it down for future reference and to help anyone else facing the same issue!

Disabling critical battery action

 I have an old laptop with an almost dead battery, which I always use tethered to a power source, mostly as a media device connected to my TV. Occasionally, I need to move it, and if it's open, Windows realizes that the battery is very weak and decides to hibernate, as that's the default critical battery action. This can become very frustrating. The good news is that you can easily address this issue using Windows' powercfg command.

Remove unknown locale qaa-Latn from windows

Got a fresh window 10 installation where I configure US keyboard as default and added Greek as well (the language with π and Σ symbols). I noticed that when I was switching languages a 3rd locale (qaa-Latn) appeared in the list which I couldn't remove from the windows list. In my case the keyboard was emitting Greek characters but the windows spelling couldn't recognize the words. In order to remove the extra locale I had to use the following powershell.

Cancel/Stop DiskPart full disk format

Using DiskPart to clean up hard disk partitions and MBR is fast and easy but you can accidentally invoke a full format which can take a while to finish. In that case, instinctively you would press Ctrl+C only to find that you've just killed DiskPart instead of stopping the format process.
Googling around, people suggest to kill the process using task manager (which you can't) or reboot your system. There is yet an other option, which worked for me, and no one mentioned (at least on the sites I checked).

Create hotspot on your windows machine

Being a developer, you might want to test your localy hosted websites with various mobile devices. The easiest way is to create a virtual hotspot and have the devices connected there. This can be easily done executing the first two commands of the following gist in an administration command prompt (run as admin):
Once connected, your devices will get an ip in the range of 192.168.x.y (mine was 192.168.173.something) and the pc will be available on the 192.168.x.1 ip.
In order to disable the hotspot, just run the last command on the gist.

Deleting multiple small files fast on windows

If you want to delete 21Gb or small txt files from your hard disk you will notice that the GUI is slow (finding files first etc). The fastest way I have found is the following:

del /f/s/q foldername > nul
rmdir /s/q foldername

Thanks Hugo for the tip.

Migrating from eSXi to Hyper-V

In order to transfer a virtual machine from vmware’s eSXI server to Hyper-V we used disk-2-vhd to clone the disk in a vhd. If you are planning to do such a task, make sure you remove the vmware tools *before* you clone the disk cause otherwise the installer will not do it afterwards.

Running webinos widget browser with custom sources

Having installed the webinos widget browser on windows it works fine but if you want to run it using the latest webinos sources from the repository or even use your own custom version, then you need to do some more steps.
So here's the process.

Building openSSL on windows

In order to build openSSL from the source code you will need to install a couple of third party free software. In this post I describe what I did on a virgin windows pc in order to build openSSL 1.0.1c.

Windows Autologin

Sometimes you might need to set a user password although you don’t really need to. The most common reason to set one is to allow the user to connect through remote desktop. This will force you to authenticate every time you boot the machine. In order to avoid that (please make sure you do understand the security risks of doing that, I personally use this only on my virtual machines and only if I don’t care about securing my files) you can follow these simple steps.

Modifying devices and drivers on windows

In this post I am going to show how to reset the auto numbering of new devices, how to see drivers for devices that are not connected on your pc and how to see which usb is connected to which usb controller in order to maximize the data throughput by using both controllers (which is the case of most modern laptops).

Unwanted languages in the language bar.

A few days ago, i noticed that i had in my language bar 5 language options, instead of 2 that i had configured for my English Windows 7. I checked it out and i had, for no obvious reason, Japanese (JP), Chinese (CH) and Korean (KO). I looked in my "Text Services and Input Languages" where i could only see the Greek and English keyboards that i had installed. Reboot didn't help so in order to get rid of them, i had to manually add them and after applying the changes i removed them. That worked for me and now i only have my original keyboard settings. I have no idea how i got them there in the first place...

Just for reference, the steps where:

1. Open "Text Services and Input Languages"
• Right click on the Language bar → Settings...
  OR
• Control Panel → Region and Language → Keyboards and Languages → Change Keyboards... 
2. Click Add...
3. Select the Keyboards you want to add. In my case:
• Chinese (Simplified, PRC) → Chinese (Simplified) - US Keyboard
• Japanese (Japan) → Japanese
• Korean (Korea) → Korean
4. Click OK
5. Click Apply
6. Select and click Remove each language you don't want.

Update [16/03/2011]:

According to Sinsoul's comment below, the reason appears due to installed MS Office profiling tools. He suggested that you should also remove all unwanted languages from the language options in office profiling tools. Here's how:

Start -> Microsoft Office -> Microsoft Office Tools -> Microsoft Office 2007 Language Settings

On the right list (labeled "Enabled editing languages") select each language you don't want and click Remove.

Automatically Print Both Sides with HP LaserJet P2015dn and Window 7

Since i upgraded my laptop with Windows 7, i couldn't figure out how to automatically print in both sides with my office's HP LaserJet P2015dn. On windows XP and Vista that had "HP LaserJet P2015 PCL5 Plug and Play Print Driver Package" HP drivers installed, there was an easy-to-find-and-understand option (Two-sided Printing) on Print → Preferences → Printing Shortcuts tab. Unfortunately, on Windows 7 the only driver available is the one coming with Windows 7 but there is no such tab and the closest option to it, is to print duplex manually.
Today i tried to fix this, but having spent allot of time using the good old fashion way of trial and error, I decided to call HP's support. They tried to help (not that effectively) but i managed to find the solution by my own while i was waiting for reply...

So here are the steps to fix this:

Disabling OMCI free space event notification

My latest laptop is a DELL Precision which comes with OpenManage Client Instrumentation (OMCI). This program informs us in case of raid failure which is good but also annoys us when a disk is running low on disk space. Since running low on disk space is a relative thing (in my case it was 6Gb free space!), I was receiving disturbing message boxes with the following message:

Disk free space has dropped below the minimum threshold. Free up space on your
hard disk drive by:
1. Backing up your data to a tape backup, ZIP or network drive.
2. Delete unused files.
If you are unsure which files are safe to move or delete, contact your Help Desk or consult your software manuals.

Building openvpn with enable-password-save on windows

If you are looking to download openvpn 2.1.1 with enable-password-save you should check this post.
I have added a few updates on how to build openvpn 2.1.1 on this post

Although I know it’s against security best practices I have just finished building my own version of open vpn 2.1 RC 13 passing the --enable-password-save option (you may download it from here). Thus I can now save the credentials in a plain text file. If you can’t acquire private keys and you don’t care about security that much or you think that you can trust your credentials in a plain text file in your computer, you may also build your own openvpn following the following instructions.
First of all I acquired a fresh copy of a virtual hard disk containing windows xp (you may find some already installed vhd drives here). In order to open the vhd file you’ll be needing Virtual pc.

Windows plus Worms plus Trojans equals Nightmare

I do remember the time when antivirus programs were not obligatory if you were careful and didn’t run “suspicious” applications. Back then, firewall was considered a useless resource consuming application. Over the past few years though, with the broadband evolution, things have changed. Nowadays one receives hundreds of mails, most of them spam which may contain a virus. Even worse, since the Blaster worm in August 12 2003, firewall became a necessity in order to be able to surf on the net without having windows restart every minute or so. Things have changed and we have to adapt… Even if you think you are safe, you may not be. Everyday new vulnerabilities arise from guys who check each and every array to find a buffer overflow which may crush the victim’s computer (DoS attack) or even worse, detect a loophole which will give them remote access to the victim’s computer. But then again, everyone knows these things. Why mention them once more?
Well, I am a windows user (developer to be more precise) and this is my quest for Trojan removal. All started yesterday while I was wandering in the Event Viewer. I noticed that the maximum TCP/IP connections limit was reached twice for that day. Immediately I realized that the web browsing was slow not because someone in the same rooter was downloading, but because my laptop was communicating with someone intensively.
I freaked out. I opened a command prompt (Start-->Run-->type “cmd”) and executed the most useful command in such occasions:

Netstat –ano

A table appeared listing all open ports, the destination ip and which process is handling this port (PID). Needless to say that my laptop was communicating with a lot of (more that 10) web servers (it was connecting to port 80) and all connections where made by a PID 1448. In order to find out the process’s id (PID), normally you may run the “tasklist” command. In my case it displayed an empty list which is equivalent to no processes running. That was impossible, so the tasklist command was modified which verified my virus suspicion. So how do you match a PID to a process without tasklist? Through the Windows Task Manager. You open it, go to the Processes panel and press “view-->select columns…”. From there you may display a lot of useful info concerning the running processes including their PID.
As most worms, the guilty process was svchost.exe. In over simplified words, this process encapsulates many many many libraries and applications. As you may have noticed there are several svchosts running in your windows installation. That is normal. Each is responsible for a totally different task and all together provide windows with network support, encryption, web server, file system etc…
Closing the svchosts also terminated the connections to the remote server and gave me time to go check my firewall settings. I do use the build in firewall of windows XP sp2 which blocks all incoming traffic besides the programs or ports defined in the list of Exceptions. There I came across the third sign which indicated I have picked up a Trojan. A port was open to public under the disguise of “messenger” which is ridiculous in my case since I don’t even have windows messenger installed! Disabling this exception or removing it from the list would not do any good since in every restart in would be recreated and the port would change.
Back in the college days (the days when firewall was not a necessity) we were fooling around with Trojans. These programs provide control of a victim’s pc. You may browse his/hers files, capture video, show funny pop up messages etc. What we did was a contest. Every one who dared to enter the contest would have to get a private file from the computer of the opponent. Our motives were pure educational. No civilians were attacked, only the contestants. Back then, the best Trojan was sub7 which was undetectable by Norton and McAfee. I got a lot of wins but I also ended up formatting my computer too, since a contestant created a Trojan by himself. That was not detectable even by Kaspersky which could detect sub7. When this madness came to an end and we realized that it doesn’t worth reformatting every two days, we got together and started discussing the experiences we had. The one who beat me told me the architecture of the Trojan he created. It was simple. A small process which would be melted into (combined with, in common words) a system process and would listen to a specific port. Actually it would only open the port for thirty seconds every five minutes in order to be stealth. That process would expect a specially crafted message which would contain a port. By receiving that, it would start another bigger process which would be listening to the received port and expose the whole windows api. It was brilliant.
A variant of the above architecture must have hit me now. A small process had melted into something that was loaded by the svchost. That process was responsible to report my online presence in some free web servers (send my ip on a script so that the attacker gets notified that I am online and where to find me) and more over it was opening the port so that the main Trojan could communicate with the attacker and provide him with remote access.
Anyhow, I opened my swish army toolbox which is mostly downloaded from http://www.sysinternals.com/ and started poking with the contaminated svchost. With process explorer I could suspend the process and monitor any threads running. Unfortunately the only suspect process that was executed under the svchost was C:\WINDOWS\system32\wbem\wmiprvse.exe which I verified the hash and seemed to be ok. With Procmon I noted the registry keys and the files modified by the specified process and its children. That was exhausting I must say and it didn’t lead to anything useful. Finally, I tried running the RootkitRevealer but with no luck since I had killed the svchost and the RootkitRevealer could not be executed (actually no installation could begin). By the way, if you kill an svchost, it is almost certain that the annoying “Windows will shut down” message will pop up giving you one minute to save your work. Do not panic. Press Start-->run-->type “shutdown –a” and the message disappears.
I did also try spybot and Adaware but they are specialized in worms and malware rather than Trojans, so nothing came up (besides a couple of hundreds of spy cookies).
In my despair, I started downloading every antivirus available, every Trojan removal tool I could find in trusted web sites. Nothing came up. So I started taking drastic measures. Safe mode and delete any “useless” dll such as the C:\Program Files\Bonjour\mdnsNSP.dll which was referenced a lot by the infected svchost. Nothing happened. The port was still opening and my laptop was socializing with every free web server on the net!!! I installed wireshark (which is a packet sniffer) but the packets I was interested about were encrypted.
I did a lot of google search and I read a lot of opinions. None seemed to fit exactly to my case. As a desperate move, I downloaded a program that would clean up the temp folders, internet history, useless log files in windows etc and then run an antispyware. When the cleaning finished, it managed to remove 250Mb of useless files and I started the file checking. The antispyware didn’t find anything (although it tried hard I may say) and told me that I had to reboot. That was the last time I saw my desktop. Since then after the welcome screen an exception occurred in winlogon.exe and that’s about it… BSOD.
I got my windows XP cd, and repaired the existing windows installation. This process took about 40 minutes. After that I had a windows installation which would once again throw the Blue Screen Of Death after the welcome screen!!!
It was 4 a.m. and I hadn’t copied my files from c:\. I didn’t have a small Philips screwdriver to remove the disk and pick up the data from another pc and leaving the laptop as is was not an option. I had to have the laptop fixed by today. In order to retrieve my data I resorted to Knoppix live dvd. For no apparent reason (actually a driver incompatibility between Toshiba A100-912 and Knoppix) I had to avoid pcmcia auto detection in order to boot. Through the KDE I mounted my file server’s shares and copied everything I needed (basically the whole c:\ partition besides the Windows folder). By 6 o’clock in the morning all data had been transferred. Reboot, format, and here we go again… setup, setup, setup…
To conclude this scary story, I have to admit that I should have listened to my colleagues who told me that since Nod32 could not detect it, it is useless to try to defeat it by myself. That would have saved me a lot of hours since the format was imminent. The moral of this story is that we are never secure. I don’t know if I by mistake executed the infected application or someone else did it for me, the point is that since there are web sites like the http://www.nuclearwintercrew.com/ where a script kid can buy an undetectable Trojan, we have to use our minds in order to protect our digital data. Be always alert, and constantly check your systems. A rootkit could compromise your privacy and cause data loss. Although I used to say that and used to have daily computer checks (with nessusd etc), I got careless since no incident had occurred. On the bright sight, this incident will place me back in track…