System/Kernel
c:\Windows\system32> systeminfo
systeminfo
host name: CHATTERBOX
os name: Microsoft Windows 7 Professional
os version: 6.1.7601 Service Pack 1 Build 7601
os manufacturer: Microsoft Corporation
os configuration: Standalone Workstation
os build type: Multiprocessor Free
registered owner: Windows User
registered organization:
product id: 00371-222-9819843-86663
original install date: 12/10/2017, 9:18:19 AM
system boot time: 1/21/2023, 8:44:01 AM
system manufacturer: VMware, Inc.
system model: VMware Virtual Platform
system type: X86-based PC
processor(s): 1 Processor(s) Installed.
[01]: x64 Family 23 Model 49 Stepping 0 AuthenticAMD ~2994 Mhz
bios version: Phoenix Technologies LTD 6.00, 12/12/2018
windows directory: C:\Windows
system directory: C:\Windows\system32
boot device: \Device\HarddiskVolume1
system locale: en-us;English (United States)
input locale: en-us;English (United States)
time zone: (UTC-05:00) Eastern Time (US & Canada)
total physical memory: 2,047 MB
available physical memory: 1,548 MB
virtual memory: Max Size: 4,095 MB
virtual memory: Available: 3,625 MB
virtual memory: In Use: 470 MB
page file location(s): C:\pagefile.sys
domain: WORKGROUP
logon server: \\CHATTERBOX
hotfix(s): 183 Hotfix(s) Installed.
[01]: KB2849697
[02]: KB2849696
[03]: KB2841134
[04]: KB2670838
[05]: KB2830477
[06]: KB2592687
[07]: KB2479943
[08]: KB2491683
[09]: KB2506212
[10]: KB2506928
[11]: KB2509553
[12]: KB2533552
[13]: KB2534111
[14]: KB2545698
[15]: KB2547666
[16]: KB2552343
[17]: KB2560656
[18]: KB2563227
[19]: KB2564958
[20]: KB2574819
[21]: KB2579686
[22]: KB2604115
[23]: KB2620704
[24]: KB2621440
[25]: KB2631813
[26]: KB2639308
[27]: KB2640148
[28]: KB2647753
[29]: KB2654428
[30]: KB2660075
[31]: KB2667402
[32]: KB2676562
[33]: KB2685811
[34]: KB2685813
[35]: KB2690533
[36]: KB2698365
[37]: KB2705219
[38]: KB2719857
[39]: KB2726535
[40]: KB2727528
[41]: KB2729094
[42]: KB2732059
[43]: KB2732487
[44]: KB2736422
[45]: KB2742599
[46]: KB2750841
[47]: KB2761217
[48]: KB2763523
[49]: KB2770660
[50]: KB2773072
[51]: KB2786081
[52]: KB2799926
[53]: KB2800095
[54]: KB2807986
[55]: KB2808679
[56]: KB2813430
[57]: KB2820331
[58]: KB2834140
[59]: KB2840631
[60]: KB2843630
[61]: KB2847927
[62]: KB2852386
[63]: KB2853952
[64]: KB2857650
[65]: KB2861698
[66]: KB2862152
[67]: KB2862330
[68]: KB2862335
[69]: KB2864202
[70]: KB2868038
[71]: KB2871997
[72]: KB2884256
[73]: KB2891804
[74]: KB2892074
[75]: KB2893294
[76]: KB2893519
[77]: KB2894844
[78]: KB2900986
[79]: KB2908783
[80]: KB2911501
[81]: KB2912390
[82]: KB2918077
[83]: KB2919469
[84]: KB2923545
[85]: KB2931356
[86]: KB2937610
[87]: KB2943357
[88]: KB2952664
[89]: KB2966583
[90]: KB2968294
[91]: KB2970228
[92]: KB2972100
[93]: KB2973112
[94]: KB2973201
[95]: KB2973351
[96]: KB2977292
[97]: KB2978742
[98]: KB2984972
[99]: KB2985461
[100]: KB2991963
[101]: KB2992611
[102]: KB3003743
[103]: KB3004361
[104]: KB3004375
[105]: KB3006121
[106]: KB3006137
[107]: KB3010788
[108]: KB3011780
[109]: KB3013531
[110]: KB3020370
[111]: KB3020388
[112]: KB3021674
[113]: KB3021917
[114]: KB3022777
[115]: KB3023215
[116]: KB3030377
[117]: KB3035126
[118]: KB3037574
[119]: KB3042058
[120]: KB3045685
[121]: KB3046017
[122]: KB3046269
[123]: KB3054476
[124]: KB3055642
[125]: KB3059317
[126]: KB3060716
[127]: KB3061518
[128]: KB3067903
[129]: KB3068708
[130]: KB3071756
[131]: KB3072305
[132]: KB3074543
[133]: KB3075226
[134]: KB3078601
[135]: KB3078667
[136]: KB3080149
[137]: KB3084135
[138]: KB3086255
[139]: KB3092627
[140]: KB3093513
[141]: KB3097989
[142]: KB3101722
[143]: KB3102429
[144]: KB3107998
[145]: KB3108371
[146]: KB3108381
[147]: KB3108664
[148]: KB3109103
[149]: KB3109560
[150]: KB3110329
[151]: KB3118401
[152]: KB3122648
[153]: KB3123479
[154]: KB3126587
[155]: KB3127220
[156]: KB3133977
[157]: KB3137061
[158]: KB3138378
[159]: KB3138612
[160]: KB3138910
[161]: KB3139398
[162]: KB3139914
[163]: KB3140245
[164]: KB3147071
[165]: KB3150220
[166]: KB3150513
[167]: KB3156016
[168]: KB3156019
[169]: KB3159398
[170]: KB3161102
[171]: KB3161949
[172]: KB3161958
[173]: KB3172605
[174]: KB3177467
[175]: KB3179573
[176]: KB3184143
[177]: KB3185319
[178]: KB4014596
[179]: KB4019990
[180]: KB4040980
[181]: KB976902
[182]: KB982018
[183]: KB4054518
network card(s): 1 NIC(s) Installed.
[01]: Intel(R) PRO/1000 MT Network Connection
connection name: Local Area Connection 4
dhcp enabled: No
IP address(es)
[01]: 10.10.10.74Microsoft Windows 7 Professional
6.1.7601 Service Pack 1 Build 7601
X86-based PC
x64 Processor
183 Hotfix(s) Installed
Networks
C:\Windows\system32> netstat -anot -p tcp
netstat -anot -p tcp
Active Connections
Proto Local Address Foreign Address State PID Offload State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 664 InHost
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 InHost
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 352 InHost
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 716 InHost
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 912 InHost
TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING 456 InHost
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING 660 InHost
TCP 0.0.0.0:49157 0.0.0.0:0 LISTENING 464 InHost
TCP 10.10.10.74:139 0.0.0.0:0 LISTENING 4 InHost
TCP 10.10.10.74:9255 0.0.0.0:0 LISTENING 4164 InHost
TCP 10.10.10.74:9256 0.0.0.0:0 LISTENING 4164 InHost
TCP 10.10.10.74:49159 10.10.14.10:9999 ESTABLISHED 4164 InHost Users & Groups
c:\Windows\system32> net user
net user
User accounts for \\CHATTERBOX
-------------------------------------------------------------------------------
Administrator Alfred Guest
The command completed successfully.c:\Windows\system32>net localgroup
net localgroup
Aliases for \\CHATTERBOX
-------------------------------------------------------------------------------
*Administrators
*Backup Operators
*Cryptographic Operators
*Distributed COM Users
*Event Log Readers
*Guests
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Remote Desktop Users
*Replicator
*Users
The command completed successfully.Processes
C:\>tasklist /V
tasklist /V
Image Name PID Session Name Session# Mem Usage Status User Name CPU Time Window Title
========================= ======== ================ =========== ============ =============== ================================================== ============ ========================================================================
System Idle Process 0 Services 0 24 K Unknown NT AUTHORITY\SYSTEM 0:30:17 N/A
System 4 Services 0 500 K Unknown N/A 0:00:07 N/A
smss.exe 232 Services 0 820 K Unknown N/A 0:00:00 N/A
csrss.exe 312 Services 0 3,372 K Unknown N/A 0:00:00 N/A
wininit.exe 352 Services 0 3,308 K Unknown N/A 0:00:00 N/A
csrss.exe 364 Console 1 8,536 K Running N/A 0:00:01 N/A
winlogon.exe 420 Console 1 5,152 K Unknown N/A 0:00:00 N/A
services.exe 456 Services 0 6,572 K Unknown N/A 0:00:01 N/A
lsass.exe 464 Services 0 7,720 K Unknown N/A 0:00:02 N/A
lsm.exe 472 Services 0 3,008 K Unknown N/A 0:00:00 N/A
svchost.exe 576 Services 0 7,324 K Unknown N/A 0:00:01 N/A
vm3dservice.exe 640 Services 0 2,892 K Unknown N/A 0:00:00 N/A
svchost.exe 664 Services 0 5,936 K Unknown N/A 0:00:00 N/A
svchost.exe 716 Services 0 13,052 K Unknown N/A 0:00:01 N/A
svchost.exe 808 Services 0 42,316 K Unknown N/A 0:00:07 N/A
svchost.exe 872 Services 0 11,280 K Unknown N/A 0:00:02 N/A
svchost.exe 920 Services 0 30,564 K Unknown N/A 0:00:06 N/A
svchost.exe 984 Services 0 4,236 K Unknown N/A 0:00:00 N/A
svchost.exe 1104 Services 0 14,844 K Unknown N/A 0:00:01 N/A
spoolsv.exe 1232 Services 0 9,384 K Unknown N/A 0:00:00 N/A
svchost.exe 1300 Services 0 9,448 K Unknown N/A 0:00:00 N/A
taskhost.exe 1348 Console 1 9,420 K Running CHATTERBOX\Alfred 0:00:00 MCI command handling window
dwm.exe 1448 Console 1 4,160 K Running CHATTERBOX\Alfred 0:00:00 DWM Notification Window
explorer.exe 1476 Console 1 27,532 K Running CHATTERBOX\Alfred 0:00:03 N/A
svchost.exe 1556 Services 0 5,280 K Unknown N/A 0:00:00 N/A
vm3dservice.exe 1668 Console 1 3,380 K Running CHATTERBOX\Alfred 0:00:00 VM3DService Hidden window
vmtoolsd.exe 1676 Console 1 8,692 K Running CHATTERBOX\Alfred 0:00:00 N/A
VGAuthService.exe 1840 Services 0 6,964 K Unknown N/A 0:00:00 N/A
vmtoolsd.exe 1872 Services 0 15,580 K Unknown N/A 0:00:01 N/A
rundll32.exe 256 Console 1 8,020 K Running CHATTERBOX\Alfred 0:00:00 N/A
dinotify.exe 908 Console 1 4,452 K Running CHATTERBOX\Alfred 0:00:00 DINotifyWindowName853
taskeng.exe 944 Console 1 4,276 K Running CHATTERBOX\Alfred 0:00:00 TaskEng - Task Scheduler Engine Process
svchost.exe 968 Services 0 4,296 K Unknown N/A 0:00:00 N/A
WmiPrvSE.exe 1588 Services 0 12,880 K Unknown N/A 0:00:07 N/A
msdtc.exe 2496 Services 0 6,364 K Unknown N/A 0:00:00 N/A
SearchIndexer.exe 2736 Services 0 11,176 K Unknown N/A 0:00:00 N/A
cmd.exe 2312 Console 1 952 K Running CHATTERBOX\Alfred 0:00:00 C:\Windows\system32\cmd.exe - tasklist /V
conhost.exe 2336 Console 1 3,744 K Unknown CHATTERBOX\Alfred 0:00:00 N/A
svchost.exe 2592 Services 0 3,860 K Unknown N/A 0:00:00 N/A
sppsvc.exe 3316 Services 0 6,528 K Unknown N/A 0:00:00 N/A
wuauclt.exe 3036 Console 1 5,300 K Running CHATTERBOX\Alfred 0:00:00 Windows Update Taskbar Notification
svchost.exe 1544 Services 0 4,396 K Unknown N/A 0:00:00 N/A
TrustedInstaller.exe 696 Services 0 10,200 K Unknown N/A 0:00:03 N/A
VSSVC.exe 3164 Services 0 5,344 K Unknown N/A 0:00:00 N/A
AChat.exe 2732 Console 1 11,800 K Running CHATTERBOX\Alfred 0:00:00 AChat v0.150 beta7
tasklist.exe 3308 Console 1 4,440 K Unknown CHATTERBOX\Alfred 0:00:00 N/A
Tasks
c:\> schtasks /QUERY /FO TABLE | findstr /v /i "\Microsoft" | findstr /v /i "access level"
schtasks /QUERY /FO TABLE | findstr /v /i "\Microsoft" | findstr /v /i "access level"
folder: \
TaskName Next Run Time Status
======================================== ====================== ===============
reset achat service 1/21/2023 11:38:00 AM Unknown
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
microsoft antimalware scheduled scan 1/22/2023 2:06:43 AM Could not start
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
AD RMS Rights Policy Template Management Disabled
AD RMS Rights Policy Template Management N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
microsoft compatibility appraiser 1/22/2023 4:21:50 AM Ready
programdataupdater 1/21/2023 11:47:40 PM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Proxy N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UserTask N/A Ready
UserTask-Roam Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
consolidator 1/21/2023 1:00:00 PM Could not start
kernelceiptask 1/26/2023 3:30:00 AM Ready
usbceip 1/22/2023 1:30:00 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
scheduleddefrag 1/25/2023 2:29:28 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
scheduled 1/22/2023 1:00:00 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft-Windows-DiskDiagnosticDataColl Disabled
Microsoft-Windows-DiskDiagnosticResolver Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Notifications N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
WinSAT N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ActivateWindowsSearch N/A Ready
ConfigureInternetTimeService N/A Ready
DispatchRecoveryTasks N/A Ready
ehDRMInit N/A Ready
InstallPlayReady N/A Ready
mcupdate N/A Ready
MediaCenterRecoveryTask N/A Ready
ObjectStoreRecoveryTask N/A Ready
OCURActivate N/A Ready
OCURDiscovery N/A Ready
PBDADiscovery N/A Ready
PBDADiscoveryW1 N/A Ready
PBDADiscoveryW2 N/A Ready
PeriodicScanRetry Disabled
PvrRecoveryTask N/A Ready
PvrScheduleTask N/A Ready
RecordingRestart Disabled
RegisterSearch N/A Ready
ReindexSearchRoot N/A Ready
SqlLiteRecoveryTask N/A Ready
UpdateRecordPath N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
CorruptionDetector N/A Ready
DecompressionFailureDetector N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
HotStart N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
LPRemove N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SystemSoundsService N/A Running
TaskName Next Run Time Status
======================================== ====================== ===============
GatherNetworkInfo N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Background Synchronization Disabled
Logon Synchronization Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
analyzesystem 1/24/2023 7:25:55 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ractask 1/21/2023 12:12:47 PM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
regidlebackup 1/22/2023 12:23:23 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
WindowsParentalControls Disabled
WindowsParentalControlsMigration Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
AutoWake Disabled
GadgetManager N/A Ready
SessionAgent Disabled Could not start
SystemDataProviders Disabled Could not start
TaskName Next Run Time Status
======================================== ====================== ===============
sr 1/22/2023 12:00:00 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Interactive N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
IpAddressConflict1 N/A Ready
IpAddressConflict2 N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
MsCtfMonitor N/A Running
TaskName Next Run Time Status
======================================== ====================== ===============
synchronizetime 1/22/2023 1:00:00 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ResolutionHost N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
QueueReporting N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
BfeOnServiceStartTypeChange N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UpdateLibrary N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
confignotification 1/22/2023 10:00:00 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Calibration Loader Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
CacheTask N/A Running
TaskName Next Run Time Status
======================================== ====================== ===============
mp scheduled scan 1/22/2023 5:24:21 AM Ready Firewall & AV
C:\>netsh firewall show config
netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
ICMP configuration for Domain profile:
Mode Type Description
-------------------------------------------------------------------
Enable 2 Allow outbound packet too big
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No Network Discovery
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Enable Inbound AChat - LAN chatting application / C:\program files\achat\achat.exe
Enable Inbound AChat - LAN chatting application / C:\program files\achat\achat.exe
Enable Inbound AChat - LAN chatting application / C:\program files\achat\achat.exe
Enable Inbound AChat - LAN chatting application / C:\program files\achat\achat.exe
Enable Inbound AChat - LAN chatting application / C:\program files\achat\achat.exe
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
ICMP configuration for Standard profile:
Mode Type Description
-------------------------------------------------------------------
Enable 2 Allow outbound packet too big
Log configuration:
-------------------------------------------------------------------
File location = C:\Windows\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at http://go.microsoft.com/fwlink/?linkid=121488 .Installed .NET Frameworks
c:\>dir /s C:\Windows\Microsoft.NET\Framework\msbuild
dir /s c:\Windows\Microsoft.NET\Framework\msbuild
Volume in drive C has no label.
Volume Serial Number is 502F-F304
directory of c:\Windows\Microsoft.NET\Framework\v2.0.50727
07/13/2009 09:37 PM <DIR> MSBuild
0 File(s) 0 bytes
directory of c:\Windows\Microsoft.NET\Framework\v3.5
07/13/2009 11:52 PM <DIR> MSBuild
0 File(s) 0 bytes
directory of c:\Windows\Microsoft.NET\Framework\v4.0.30319
12/10/2017 11:12 AM <DIR> MSBuild
0 File(s) 0 bytes
total files listed:
0 File(s) 0 bytes
3 Dir(s) 3,672,346,624 bytes free
c:\>dir /A:D C:\Windows\Microsoft.NET\Framework
dir /a:D C:\Windows\Microsoft.NET\Framework
Volume in drive C has no label.
Volume Serial Number is 502F-F304
directory of c:\Windows\Microsoft.NET\Framework
12/10/2017 12:02 PM <DIR> .
12/10/2017 12:02 PM <DIR> ..
12/10/2017 12:02 PM <DIR> v1.0.3705
07/13/2009 09:37 PM <DIR> v1.1.4322
12/10/2017 12:02 PM <DIR> v2.0.50727
04/11/2011 09:16 PM <DIR> v3.0
12/10/2017 12:01 PM <DIR> v3.5
01/21/2023 11:34 AM <DIR> v4.0.30319
0 File(s) 0 bytes
8 Dir(s) 3,672,346,624 bytes free