M
Mark_163
I have re-purposed an old Toshiba Satellite L650 laptop to stream media in my theatre room. I installed an SSD and reinstalled Windows 10.
I have noticed the fan speed would increase and decrease regularly even when I was not touching it. I checked Task Manager and CPU would go up and down at that time, understandably. I noticed Powershell was the culprit. I checked the Powershell event log and a number of entries are logged, something to do with networking, here are a few entries (I have exported more but am unable to attach a file here, the log is full of these events):
Why does this happen??? Seems like some network optimisation process is continually running.
Log Name: Windows PowerShell
Source: PowerShell
Date: 3/02/2019 9:26:11 AM
Event ID: 600
Task Category: Provider Lifecycle
Level: Information
Keywords: Classic
User: N/A
Computer: Lounge
Description:
Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.17763.134
HostId=1cd7df3b-dfea-4c73-b874-85d6b49c3f43
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\/powershell.exe Set-NetTCPSetting -SettingName InternetCustom -Timestamps Enabled | out-file -encoding ASCII -filepath C:\Windows\system32\config\systemprofile\AppData\Roaming\pow\ps51eWf.txt
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="PowerShell" />
<EventID Qualifiers="0">600</EventID>
<Level>4</Level>
<Task>6</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2019-02-02T22:26:11.776545300Z" />
<EventRecordID>42278</EventRecordID>
<Channel>Windows PowerShell</Channel>
<Computer>Lounge</Computer>
<Security />
</System>
<EventData>
<Data>Registry</Data>
<Data>Started</Data>
<Data> ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.17763.134
HostId=1cd7df3b-dfea-4c73-b874-85d6b49c3f43
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\/powershell.exe Set-NetTCPSetting -SettingName InternetCustom -Timestamps Enabled | out-file -encoding ASCII -filepath C:\Windows\system32\config\systemprofile\AppData\Roaming\pow\ps51eWf.txt
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=</Data>
</EventData>
</Event>
Log Name: Windows PowerShell
Source: PowerShell
Date: 3/02/2019 9:26:15 AM
Event ID: 600
Task Category: Provider Lifecycle
Level: Information
Keywords: Classic
User: N/A
Computer: Lounge
Description:
Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.17763.134
HostId=dbe4f3b2-cd71-4c48-b3a0-9050e4f7f9a4
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\/powershell.exe Set-NetTCPSetting -CongestionProvider 2 -SettingName InternetCustom | out-file -encoding ASCII -filepath C:\Windows\system32\config\systemprofile\AppData\Roaming\pow\psOpvCp.txt
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="PowerShell" />
<EventID Qualifiers="0">600</EventID>
<Level>4</Level>
<Task>6</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2019-02-02T22:26:15.764983800Z" />
<EventRecordID>42286</EventRecordID>
<Channel>Windows PowerShell</Channel>
<Computer>Lounge</Computer>
<Security />
</System>
<EventData>
<Data>Registry</Data>
<Data>Started</Data>
<Data> ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.17763.134
HostId=dbe4f3b2-cd71-4c48-b3a0-9050e4f7f9a4
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\/powershell.exe Set-NetTCPSetting -CongestionProvider 2 -SettingName InternetCustom | out-file -encoding ASCII -filepath C:\Windows\system32\config\systemprofile\AppData\Roaming\pow\psOpvCp.txt
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=</Data>
</EventData>
</Event>
Continue reading...
I have noticed the fan speed would increase and decrease regularly even when I was not touching it. I checked Task Manager and CPU would go up and down at that time, understandably. I noticed Powershell was the culprit. I checked the Powershell event log and a number of entries are logged, something to do with networking, here are a few entries (I have exported more but am unable to attach a file here, the log is full of these events):
Why does this happen??? Seems like some network optimisation process is continually running.
Log Name: Windows PowerShell
Source: PowerShell
Date: 3/02/2019 9:26:11 AM
Event ID: 600
Task Category: Provider Lifecycle
Level: Information
Keywords: Classic
User: N/A
Computer: Lounge
Description:
Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.17763.134
HostId=1cd7df3b-dfea-4c73-b874-85d6b49c3f43
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\/powershell.exe Set-NetTCPSetting -SettingName InternetCustom -Timestamps Enabled | out-file -encoding ASCII -filepath C:\Windows\system32\config\systemprofile\AppData\Roaming\pow\ps51eWf.txt
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="PowerShell" />
<EventID Qualifiers="0">600</EventID>
<Level>4</Level>
<Task>6</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2019-02-02T22:26:11.776545300Z" />
<EventRecordID>42278</EventRecordID>
<Channel>Windows PowerShell</Channel>
<Computer>Lounge</Computer>
<Security />
</System>
<EventData>
<Data>Registry</Data>
<Data>Started</Data>
<Data> ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.17763.134
HostId=1cd7df3b-dfea-4c73-b874-85d6b49c3f43
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\/powershell.exe Set-NetTCPSetting -SettingName InternetCustom -Timestamps Enabled | out-file -encoding ASCII -filepath C:\Windows\system32\config\systemprofile\AppData\Roaming\pow\ps51eWf.txt
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=</Data>
</EventData>
</Event>
Log Name: Windows PowerShell
Source: PowerShell
Date: 3/02/2019 9:26:15 AM
Event ID: 600
Task Category: Provider Lifecycle
Level: Information
Keywords: Classic
User: N/A
Computer: Lounge
Description:
Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.17763.134
HostId=dbe4f3b2-cd71-4c48-b3a0-9050e4f7f9a4
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\/powershell.exe Set-NetTCPSetting -CongestionProvider 2 -SettingName InternetCustom | out-file -encoding ASCII -filepath C:\Windows\system32\config\systemprofile\AppData\Roaming\pow\psOpvCp.txt
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="PowerShell" />
<EventID Qualifiers="0">600</EventID>
<Level>4</Level>
<Task>6</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2019-02-02T22:26:15.764983800Z" />
<EventRecordID>42286</EventRecordID>
<Channel>Windows PowerShell</Channel>
<Computer>Lounge</Computer>
<Security />
</System>
<EventData>
<Data>Registry</Data>
<Data>Started</Data>
<Data> ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.17763.134
HostId=dbe4f3b2-cd71-4c48-b3a0-9050e4f7f9a4
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\/powershell.exe Set-NetTCPSetting -CongestionProvider 2 -SettingName InternetCustom | out-file -encoding ASCII -filepath C:\Windows\system32\config\systemprofile\AppData\Roaming\pow\psOpvCp.txt
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine=</Data>
</EventData>
</Event>
Continue reading...