System/Kernel
c:\xampp\htdocs\omrs\images> systeminfo
host name: LOVE
os name: Microsoft Windows 10 Pro
os version: 10.0.19042 N/A Build 19042
os manufacturer: Microsoft Corporation
os configuration: Standalone Workstation
os build type: Multiprocessor Free
registered owner: roy
registered organization:
product id: 00330-80112-18556-AA148
original install date: 4/12/2021, 12:14:12 PM
system boot time: 9/15/2023, 10:09:35 PM
system manufacturer: VMware, Inc.
system model: VMware7,1
system type: x64-based PC
processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 23 Model 49 Stepping 0 AuthenticAMD ~2994 Mhz
bios version: VMware, Inc. VMW71.00V.16707776.B64.2008070230, 8/7/2020
windows directory: C:\WINDOWS
system directory: C:\WINDOWS\system32
boot device: \Device\HarddiskVolume3
system locale: en-us;English (United States)
input locale: en-us;English (United States)
time zone: (UTC-08:00) Pacific Time (US & Canada)
total physical memory: 4,095 MB
available physical memory: 2,302 MB
virtual memory: Max Size: 4,799 MB
virtual memory: Available: 2,765 MB
virtual memory: In Use: 2,034 MB
page file location(s): C:\pagefile.sys
domain: WORKGROUP
logon server: \\LOVE
hotfix(s): 9 Hotfix(s) Installed.
[01]: KB4601554
[02]: KB4562830
[03]: KB4570334
[04]: KB4577586
[05]: KB4580325
[06]: KB4586864
[07]: KB4589212
[08]: KB5000802
[09]: KB5000858
network card(s): 1 NIC(s) Installed.
[01]: vmxnet3 Ethernet Adapter
connection name: Ethernet0 2
dhcp enabled: No
IP address(es)
[01]: 10.10.10.239
hyper-v requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
c:\xampp\htdocs\omrs\images> powershell -c Get-ComputerInfo
powershell -c Get-ComputerInfo
windowsbuildlabex : 19041.1.amd64fre.vb_release.191206-1406
windowscurrentversion : 6.3
windowseditionid : Enterprise
windowsinstallationtype : Client
windowsinstalldatefromregistry : 1/1/1970 12:00:00 AM
windowsproductid :
windowsproductname : Windows 10 Enterprise
windowsregisteredorganization :
windowsregisteredowner : roy
windowssystemroot : C:\WINDOWS
windowsversion : 2009
bioscharacteristics : {4, 7, 9, 11...}
biosbiosversion : {INTEL - 6040000, VMW71.00V.16707776.B64.2008070230,
VMware, Inc. - 10000}
biosbuildnumber :
bioscaption : VMW71.00V.16707776.B64.2008070230
bioscodeset :
bioscurrentlanguage :
biosdescription : VMW71.00V.16707776.B64.2008070230
biosembeddedcontrollermajorversion : 255
biosembeddedcontrollerminorversion : 255
biosfirmwaretype : Uefi
biosidentificationcode :
biosinstallablelanguages :
biosinstalldate :
bioslanguageedition :
bioslistoflanguages :
biosmanufacturer : VMware, Inc.
biosname : VMW71.00V.16707776.B64.2008070230
biosothertargetos :
biosprimarybios : True
biosreleasedate : 8/6/2020 5:00:00 PM
biosseralnumber : VMware-42 39 92 be 36 be 67 7a-b7 61 84 71 f6 e3 8a 38
biossmbiosbiosversion : VMW71.00V.16707776.B64.2008070230
biossmbiosmajorversion : 2
biossmbiosminorversion : 7
biossmbiospresent : True
biossoftwareelementstate : Running
biosstatus : OK
biossystembiosmajorversion : 255
biossystembiosminorversion : 255
biostargetoperatingsystem : 0
biosversion : INTEL - 6040000
csadminpasswordstatus : Enabled
csautomaticmanagedpagefile : True
csautomaticresetbootoption : True
csautomaticresetcapability : True
csbootoptiononlimit : DoNotReboot
csbootoptiononwatchdog : DoNotReboot
csbootromsupported : True
csbootstatus : {0, 0, 0, 33...}
csbootupstate : Normal boot
cscaption : LOVE
cschassisbootupstate : Safe
cschassisskunumber :
cscurrenttimezone : -420
csdaylightineffect : True
csdescription : AT/AT COMPATIBLE
csdnshostname : Love
csdomain : WORKGROUP
csdomainrole : StandaloneWorkstation
csenabledaylightsavingstime : True
csfrontpanelresetstatus : Unknown
cshypervisorpresent : True
csinfraredsupported : False
csinitialloadinfo :
csinstalldate :
cskeyboardpasswordstatus : Unknown
cslastloadinfo :
csmanufacturer : VMware, Inc.
csmodel : VMware7,1
csname : LOVE
csnetworkadapters : {Ethernet0 2}
csnetworkservermodeenabled : True
csnumberoflogicalprocessors : 2
csnumberofprocessors : 1
csprocessors : {AMD EPYC 7302P 16-Core Processor }
csoemstringarray : {[MS_VM_CERT/SHA1/27d66596a61c48dd3dc7216fd715126e33f59ae7],
Welcome to the Virtual Machine}
cspartofdomain : False
cspauseafterreset : 3932100000
cspcsystemtype : Desktop
cspcsystemtypeex : Desktop
cspowermanagementcapabilities :
cspowermanagementsupported :
cspoweronpasswordstatus : Disabled
cspowerstate : Unknown
cspowersupplystate : Safe
csprimaryownercontact :
csprimaryownername : roy
csresetcapability : Other
csresetcount : -1
csresetlimit : -1
csroles : {LM_Workstation, LM_Server, NT, Potential_Browser...}
csstatus : OK
cssupportcontactdescription :
cssystemfamily :
cssystemskunumber :
cssystemtype : x64-based PC
csthermalstate : Safe
cstotalphysicalmemory : 4293898240
csphyicallyinstalledmemory : 4194304
csusername : LOVE\Phoebe
cswakeuptype : PowerSwitch
csworkgroup : WORKGROUP
osname : Microsoft Windows 10 Pro
ostype : WINNT
osoperatingsystemsku : 48
osversion : 10.0.19042
oscsdversion :
osbuildnumber : 19042
oshotfixes : {KB4601554, KB4562830, KB4570334, KB4577586...}
osbootdevice : \Device\HarddiskVolume3
ossystemdevice : \Device\HarddiskVolume4
ossystemdirectory : C:\WINDOWS\system32
ossystemdrive : C:
oswindowsdirectory : C:\WINDOWS
oscountrycode : 1
oscurrenttimezone : -420
oslocaleid : 0409
oslocale : en-US
oslocaldatetime : 9/16/2023 1:41:57 AM
oslastbootuptime : 9/15/2023 10:09:35 PM
osuptime : 03:32:21.7334470
osbuildtype : Multiprocessor Free
oscodeset : 1252
osdataexecutionpreventionavailable : True
osdataexecutionprevention32bitapplications : True
osdataexecutionpreventiondrivers : True
osdataexecutionpreventionsupportpolicy : OptIn
osdebug : False
osdistributed : False
osencryptionlevel : 256
osforegroundapplicationboost : Maximum
ostotalvisiblememorysize : 4193260
osfreephysicalmemory : 2303880
ostotalvirtualmemorysize : 4914156
osfreevirtualmemory : 2776936
osinusevirtualmemory : 2137220
ostotalswapspacesize :
ossizestoredinpagingfiles : 720896
osfreespaceinpagingfiles : 720896
ospagingfiles : {C:\pagefile.sys}
oshardwareabstractionlayer : 10.0.19041.844
osinstalldate : 4/12/2021 1:14:12 PM
osmanufacturer : Microsoft Corporation
osmaxnumberofprocesses : 4294967295
osmaxprocessmemorysize : 137438953344
osmuilanguages : {en-US}
osnumberoflicensedusers :
osnumberofprocesses : 134
osnumberofusers : 2
osorganization :
osarchitecture : 64-bit
oslanguage : en-US
osproductsuites : {TerminalServicesSingleSession}
osothertypedescription :
ospaeenabled :
osportableoperatingsystem : False
osprimary : True
osproducttype : WorkStation
osregistereduser : roy
osserialnumber : 00330-80112-18556-AA148
osservicepackmajorversion : 0
osservicepackminorversion : 0
osstatus : OK
ossuites : {TerminalServices, TerminalServicesSingleSession}
osserverlevel :
keyboardlayout : en-US
timezone : (UTC-08:00) Pacific Time (US & Canada)
logonserver : \\LOVE
powerplatformrole : Desktop
hypervisorpresent : True
deviceguardsmartstatus : OffMicrosoft Windows 10 Pro
10.0.19042 N/A Build 19042
x64-based PC
9 Hotfix(s)
Networks
C:\xampp\htdocs\omrs\images> ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Love
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet0 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-B9-17-BE
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.10.10.239(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.2
DNS Servers . . . . . . . . . . . : 8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled
C:\xampp\htdocs\omrs\images> arp -a
Interface: 10.10.10.239 --- 0x6
Internet Address Physical Address Type
10.10.10.2 00-50-56-b9-9d-31 dynamic
10.10.10.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
C:\xampp\htdocs\omrs\images> netstat -ano
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 6964
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 916
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 6964
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING 6960
TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING 6964
TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING 4768
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:5986 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING 3728
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 528
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1188
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 1468
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 2372
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 668
TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING 2648
TCP 10.10.10.239:80 10.10.14.17:35542 ESTABLISHED 6964
TCP 10.10.10.239:80 10.10.14.17:54274 CLOSE_WAIT 6964
TCP 10.10.10.239:139 0.0.0.0:0 LISTENING 4
TCP 10.10.10.239:5040 10.10.14.17:34850 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:35422 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:35434 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:36116 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:36124 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:36132 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:37868 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:39228 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:42764 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:42778 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:45640 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:45642 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:45692 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:45968 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:45978 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:46890 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:46894 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:53412 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:55148 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:55160 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:55422 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:55434 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:56272 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:56288 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:56720 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:57566 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:57572 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:57638 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:57654 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:57748 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:58034 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:58044 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:58332 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:58342 CLOSE_WAIT 4768
TCP 10.10.10.239:5040 10.10.14.17:59380 CLOSE_WAIT 4768
TCP 10.10.10.239:55464 10.10.14.17:9999 CLOSE_WAIT 1940
TCP 10.10.10.239:55468 10.10.14.17:9999 ESTABLISHED 836
TCP [::]:80 [::]:0 LISTENING 6964
TCP [::]:135 [::]:0 LISTENING 916
TCP [::]:443 [::]:0 LISTENING 6964
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:3306 [::]:0 LISTENING 6960
TCP [::]:5000 [::]:0 LISTENING 6964
TCP [::]:5985 [::]:0 LISTENING 4
TCP [::]:5986 [::]:0 LISTENING 4
TCP [::]:7680 [::]:0 LISTENING 3728
TCP [::]:47001 [::]:0 LISTENING 4
TCP [::]:49664 [::]:0 LISTENING 688
TCP [::]:49665 [::]:0 LISTENING 528
TCP [::]:49666 [::]:0 LISTENING 1188
TCP [::]:49667 [::]:0 LISTENING 1468
TCP [::]:49668 [::]:0 LISTENING 2372
TCP [::]:49669 [::]:0 LISTENING 668
TCP [::]:49670 [::]:0 LISTENING 2648
TCP [::1]:3306 [::1]:55466 TIME_WAIT 0
TCP [::1]:55465 [::1]:3306 TIME_WAIT 0
TCP [::1]:55467 [::1]:3306 TIME_WAIT 0
UDP 0.0.0.0:123 *:* 3196
UDP 0.0.0.0:500 *:* 2640
UDP 0.0.0.0:4500 *:* 2640
UDP 0.0.0.0:5050 *:* 4768
UDP 0.0.0.0:5353 *:* 2108
UDP 0.0.0.0:5355 *:* 2108
UDP 0.0.0.0:50463 *:* 2108
UDP 10.10.10.239:137 *:* 4
UDP 10.10.10.239:138 *:* 4
UDP 10.10.10.239:1900 *:* 5680
UDP 10.10.10.239:56188 *:* 5680
UDP 127.0.0.1:1900 *:* 5680
UDP 127.0.0.1:56189 *:* 5680
UDP 127.0.0.1:62002 *:* 3064
UDP [::]:123 *:* 3196
UDP [::]:500 *:* 2640
UDP [::]:4500 *:* 2640
UDP [::]:50463 *:* 2108
UDP [::1]:1900 *:* 5680
UDP [::1]:56187 *:* 5680Users & Groups
c:\xampp\htdocs\omrs\images> net user
User accounts for \\LOVE
-------------------------------------------------------------------------------
Administrator DefaultAccount Guest
Phoebe WDAGUtilityAccount
The command completed successfully.
c:\xampp\htdocs\omrs\images> dir C:\Users
Volume in drive C has no label.
Volume Serial Number is 56DE-BA30
directory of c:\Users
04/13/2021 06:58 AM <DIR> .
04/13/2021 06:58 AM <DIR> ..
04/12/2021 03:00 PM <DIR> Administrator
04/21/2021 07:01 AM <DIR> Phoebe
04/12/2021 02:10 PM <DIR> Public
0 File(s) 0 bytes
5 Dir(s) 4,035,457,024 bytes freec:\xampp\htdocs\omrs\images> net localgroup
Aliases for \\LOVE
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Administrators
*Backup Operators
*Cryptographic Operators
*Distributed COM Users
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Remote Desktop Users
*Remote Management Users
*Replicator
*System Managed Accounts Group
*Users
The command completed successfully.Processes
C:\xampp\htdocs\omrs\images> tasklist /svc
Image Name PID Services
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
Registry 92 N/A
smss.exe 332 N/A
csrss.exe 420 N/A
wininit.exe 528 N/A
csrss.exe 536 N/A
winlogon.exe 592 N/A
services.exe 668 N/A
lsass.exe 688 KeyIso, SamSs, VaultSvc
svchost.exe 796 BrokerInfrastructure, DcomLaunch, PlugPlay,
Power, SystemEventsBroker
fontdrvhost.exe 816 N/A
fontdrvhost.exe 820 N/A
svchost.exe 916 RpcEptMapper, RpcSs
svchost.exe 968 LSM
dwm.exe 1016 N/A
svchost.exe 64 CryptSvc
svchost.exe 540 AppIDSvc
svchost.exe 316 CoreMessagingRegistrar
svchost.exe 384 DsmSvc
svchost.exe 1096 NcbService
svchost.exe 1104 TimeBrokerSvc
svchost.exe 1188 EventLog
svchost.exe 1252 DispBrokerDesktopSvc
svchost.exe 1284 nsi
svchost.exe 1332 Dhcp
svchost.exe 1468 Schedule
svchost.exe 1500 NlaSvc
vm3dservice.exe 1540 vm3dservice
svchost.exe 1660 ProfSvc
svchost.exe 1672 EventSystem
svchost.exe 1684 SysMain
svchost.exe 1704 Themes
Memory Compression 1788 N/A
svchost.exe 1820 netprofm
svchost.exe 1836 SENS
svchost.exe 1876 AudioEndpointBuilder
svchost.exe 1892 FontCache
svchost.exe 1944 SEMgrSvc
svchost.exe 1292 Audiosrv
svchost.exe 1012 UserManager
svchost.exe 2108 Dnscache
svchost.exe 2116 Wcmsvc
svchost.exe 2124 DusmSvc
svchost.exe 2220 ShellHWDetection
svchost.exe 2276 WinHttpAutoProxySvc
spoolsv.exe 2372 Spooler
svchost.exe 2420 BFE, mpssvc
svchost.exe 2480 LanmanWorkstation
svchost.exe 2640 IKEEXT
svchost.exe 2648 PolicyAgent
svchost.exe 2656 LanmanServer
svchost.exe 2792 Browser
svchost.exe 2804 DiagTrack
svchost.exe 2812 DPS
svchost.exe 2824 Winmgmt
svchost.exe 2896 TrkWks
VGAuthService.exe 2904 VGAuthService
vmtoolsd.exe 2928 VMTools
svchost.exe 2948 WpnService
svchost.exe 3008 WdiServiceHost
svchost.exe 3064 iphlpsvc
dllhost.exe 3376 COMSysApp
WmiPrvSE.exe 3512 N/A
svchost.exe 3728 DoSvc
svchost.exe 3788 wuauserv
svchost.exe 3984 RmSvc
msdtc.exe 3364 MSDTC
sihost.exe 4100 N/A
svchost.exe 4164 CDPUserSvc_39324
svchost.exe 4188 WpnUserService_39324
taskhostw.exe 4304 N/A
MicrosoftEdgeUpdate.exe 4316 N/A
svchost.exe 4408 TokenBroker
svchost.exe 4488 TabletInputService
ctfmon.exe 4544 N/A
svchost.exe 4616 StateRepository
svchost.exe 4668 StorSvc
svchost.exe 4768 CDPSvc
explorer.exe 5200 N/A
svchost.exe 5424 cbdhsvc_39324
svchost.exe 5612 BITS
svchost.exe 5680 SSDPSRV
StartMenuExperienceHost.e 5864 N/A
RuntimeBroker.exe 6016 N/A
SearchApp.exe 5404 N/A
SearchIndexer.exe 4324 WSearch
RuntimeBroker.exe 4920 N/A
vm3dservice.exe 3252 N/A
vmtoolsd.exe 3640 N/A
OneDrive.exe 6688 N/A
xampp-control.exe 6336 N/A
svchost.exe 4996 lmhosts
RuntimeBroker.exe 7004 N/A
httpd.exe 6964 N/A
mysqld.exe 6960 N/A
conhost.exe 6620 N/A
httpd.exe 6900 N/A
dllhost.exe 7776 N/A
ApplicationFrameHost.exe 1424 N/A
svchost.exe 3296 LicenseManager
WinStore.App.exe 7044 N/A
RuntimeBroker.exe 1952 N/A
YourPhone.exe 7768 N/A
RuntimeBroker.exe 4912 N/A
SgrmBroker.exe 5392 SgrmBroker
svchost.exe 5688 UsoSvc
MoUsoCoreWorker.exe 5808 N/A
svchost.exe 1920 WinRM
svchost.exe 8160 wscsvc
svchost.exe 6884 OneSyncSvc_39324
svchost.exe 1640 PcaSvc
SecurityHealthService.exe 8040 SecurityHealthService
ShellExperienceHost.exe 4992 N/A
RuntimeBroker.exe 3444 N/A
svchost.exe 7700 InstallService
svchost.exe 4504 WbioSrvc
svchost.exe 2668 DsSvc
svchost.exe 3196 W32Time
UserOOBEBroker.exe 3500 N/A
taskhostw.exe 3328 N/A
Microsoft.Photos.exe 4884 N/A
svchost.exe 6472 Appinfo
RuntimeBroker.exe 3796 N/A
svchost.exe 5928 WaaSMedicSvc
svchost.exe 2292 ClipSVC
cmd.exe 6856 N/A
conhost.exe 2628 N/A
D3fa1t_shell.exe 836 N/A
cmd.exe 3060 N/A
conhost.exe 5972 N/A
tasklist.exe 4656 N/A httpd.exe
mysqld.exe
spoolsv.exe
Tasks
c:\xampp\htdocs\omrs\images> schtasks /QUERY /FO TABLE | findstr /v /i "\Microsoft" | findstr /v /i "access level" | findstr /v /i "system32"
folder: \
TaskName Next Run Time Status
======================================== ====================== ===============
onedrive standalone update task-s-1-5-21 9/16/2023 3:40:21 PM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Cleanup N/A Ready
Kill Msiexec N/A Ready
Remove Defender Definitions N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
.NET Framework NGEN v4.0.30319 N/A Ready
.NET Framework NGEN v4.0.30319 64 N/A Ready
.NET Framework NGEN v4.0.30319 64 Critic N/A Disabled
.NET Framework NGEN v4.0.30319 Critical N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
AD RMS Rights Policy Template Management N/A Disabled
AD RMS Rights Policy Template Management N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
PolicyConverter N/A Ready
SmartScreenSpecific N/A Ready
VerifiedPublisherCertStoreCheck N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
microsoft compatibility appraiser 9/16/2023 4:45:10 AM Ready
pcapatchdbtask 9/16/2023 4:58:18 AM Ready
ProgramDataUpdater N/A Ready
StartupAppTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
appuriverifierdaily N/A Ready
appuriverifierinstall N/A Ready
CleanupTemporaryState N/A Ready
DsSvcCleanup N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Pre-staged app cleanup N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Proxy N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
BitLocker Encrypt All Drives N/A Ready
BitLocker MDM policy Refresh N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UninstallDeviceTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
BgTaskRegistrationMaintenanceTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UserTask N/A Ready
UserTask-Roam N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ProactiveScan N/A Ready
SyspartRepair N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
culauncher 9/16/2023 10:21:16 PM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
consolidator 9/16/2023 6:00:00 AM Ready
Uploader N/A Ready
UsbCeip N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
data integrity check and scan 9/16/2023 11:42:34 PM Ready
Data Integrity Scan N/A Ready
Data Integrity Scan for Crash Recovery N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ScheduledDefrag N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
device 9/16/2023 4:26:54 AM Ready
Device User N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
RecommendedTroubleshootingScanner N/A Ready
Scheduled N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
DirectXDatabaseUpdater N/A Ready
DXGIAdapterCache N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SilentCleanup N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft-Windows-DiskDiagnosticDataColl N/A Ready
Microsoft-Windows-DiskDiagnosticResolver N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Diagnostics N/A Ready
StorageSense N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
dusmtask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
EDP App Launch Task N/A Ready
EDP Auth Task N/A Ready
StorageCardEncryption Task N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ExploitGuard MDM policy Refresh N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
DmClient N/A Ready
DmClientOnScenarioDownload N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Property Definition Sync N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
File History (maintenance mode) N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
ReconcileFeatures N/A Ready
UsageDataFlushing N/A Ready
UsageDataReporting N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
refreshcache 9/16/2023 5:40:01 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
LocalUserSyncDataAvailable N/A Ready
MouseSyncDataAvailable N/A Ready
PenSyncDataAvailable N/A Ready
TouchpadSyncDataAvailable N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
scanforupdates 9/16/2023 5:07:07 PM Ready
ScanForUpdatesAsUser N/A Ready
WakeUpAndContinueUpdates N/A Disabled
WakeUpAndScanForUpdates N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Synchronize Language Settings N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Installation N/A Ready
ReconcileLanguageResources N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
Notifications N/A Ready
WindowsActionDialog N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
WinSAT N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
Cellular N/A Ready
Logon N/A Ready
Retry N/A Disabled
RunOnReboot N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
MapsToastTask N/A Ready
MapsUpdateTask N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
ProcessMemoryDiagnosticEvents N/A Ready
RunFullMemoryDiagnostic N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
MNO Metadata Parser N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
LPRemove N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SystemSoundsService N/A Running
TaskName Next Run Time Status
======================================== ====================== ===============
BindingWorkItemQueueHandler N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
GatherNetworkInfo N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
WiFiTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Background Synchronization N/A Disabled
Logon Synchronization N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
Device Install Group Policy N/A Ready
Device Install Reboot Required N/A Ready
Plug and Play Cleanup N/A Ready
Sysprep Generalize Drivers N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
AnalyzeSystem N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
EduPrintProv N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
VerifyWinRE N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
RegIdleBackup N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
StartComponentCleanup N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
BackgroundUploadTask N/A Ready
NetworkStateChangeTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Account Cleanup N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
FamilySafetyMonitor N/A Ready
FamilySafetyRefreshTask N/A Ready
IndexerAutomaticMaintenance N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UninstallSMB1ClientTask N/A Ready
UninstallSMB1ServerTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SvcRestartTaskLogon N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
SpaceAgentTask N/A Ready
SpaceManagerTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
MaintenanceTasks N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Storage Tiers Management Initialization N/A Ready
Storage Tiers Optimization N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
EnableLicenseAcquisition N/A Ready
LicenseAcquisition N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
HybridDriveCachePrepopulate N/A Disabled
HybridDriveCacheRebalance N/A Disabled
ResPriStaticDbSync N/A Ready
WsSwapAssessmentTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SR N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Interactive N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
RemoteFXvGPUDisableTask N/A Ready
remotefxwarningtask 10/11/2023 1:00:00 PM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
MsCtfMonitor N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ForceSynchronizeTime N/A Ready
SynchronizeTime N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SynchronizeTimeZone N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
RunUpdateNotificationMgr N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
UPnPHostConfig N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Usb-Notifications N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
WiFiTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ResolutionHost N/A Running
TaskName Next Run Time Status
======================================== ====================== ===============
queuereporting 9/16/2023 5:05:22 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
BfeOnServiceStartTypeChange N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UpdateLibrary N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Calibration Loader N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled Start N/A Ready
sih 9/16/2023 1:56:56 PM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
CacheTask N/A Running
TaskName Next Run Time Status
======================================== ====================== ===============
CDSSync N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Work Folders Logon Synchronization N/A Ready
Work Folders Maintenance Work N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Automatic-Device-Join N/A Disabled
Device-Sync N/A Disabled
Recovery-Check N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
NotificationTask N/A Ready
OobeDiscovery N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
XblGameSaveTask N/A Ready Firewall & AV
C:\xampp\htdocs\omrs\images> netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
5986 TCP Enable Inbound Allow WinRM HTTPS
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No Network Discovery
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Enable Inbound Apache HTTP Server / C:\xampp\apache\bin\httpd.exe
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
5986 TCP Enable Inbound Allow WinRM HTTPS
Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .C:\xampp\htdocs\omrs\images> powershell -c Get-MpComputerStatus
AMEngineVersion : 0.0.0.0
AMProductVersion : 4.18.2103.7
AMRunningMode : Not running
AMServiceEnabled : False
AMServiceVersion : 0.0.0.0
AntispywareEnabled : False
AntispywareSignatureAge : 4294967295
AntispywareSignatureLastUpdated :
AntispywareSignatureVersion : 0.0.0.0
AntivirusEnabled : False
AntivirusSignatureAge : 4294967295
AntivirusSignatureLastUpdated :
AntivirusSignatureVersion : 0.0.0.0
BehaviorMonitorEnabled : False
ComputerID : 02E68B12-7B8D-46E9-BC1E-CF352179ABC3
ComputerState : 0
FullScanAge : 4294967295
FullScanEndTime :
FullScanStartTime :
IoavProtectionEnabled : False
IsTamperProtected : False
IsVirtualMachine : True
LastFullScanSource : 0
LastQuickScanSource : 0
NISEnabled : False
NISEngineVersion : 0.0.0.0
NISSignatureAge : 4294967295
NISSignatureLastUpdated :
NISSignatureVersion : 0.0.0.0
OnAccessProtectionEnabled : False
QuickScanAge : 4294967295
QuickScanEndTime :
QuickScanStartTime :
RealTimeProtectionEnabled : False
RealTimeScanDirection : 0
TamperProtectionSource : UI
PSComputerName : Session Architecture
ps c:\xampp\htdocs\omrs\images> [Environment]::Is64BitProcess
FalseInstalled .NET Frameworks
C:\xampp\htdocs\omrs\images> dir /A:D C:\Windows\Microsoft.NET\Framework
dir /A:D C:\Windows\Microsoft.NET\Framework
Volume in drive C has no label.
Volume Serial Number is 56DE-BA30
Directory of C:\Windows\Microsoft.NET\Framework
04/12/2021 02:09 PM <DIR> .
04/12/2021 02:09 PM <DIR> ..
04/12/2021 02:10 PM <DIR> v1.0.3705
04/12/2021 02:10 PM <DIR> v1.1.4322
12/07/2019 02:14 AM <DIR> v2.0.50727
09/15/2023 10:20 PM <DIR> v4.0.30319
0 File(s) 0 bytes
6 Dir(s) 4,023,853,056 bytes free
C:\xampp\htdocs\omrs\images> reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP"
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
C:\xampp\htdocs\omrs\images> reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
SMSvcHostPath REG_SZ C:\Windows\Microsoft.NET\Framework\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.0.NET 4.8.04084