System/Kernel
PS C:\Users\viewer> cmd /c ver
Microsoft Windows [Version 10.0.19044.1645]
PS C:\Users\viewer> systeminfo ; Get-ComputerInfo
ERROR: Access denied
WindowsBuildLabEx : 19041.1.amd64fre.vb_release.191206-1406
WindowsCurrentVersion : 6.3
WindowsEditionId : Professional
WindowsInstallationType : Client
WindowsInstallDateFromRegistry : 6/18/2021 12:06:17 PM
WindowsProductId : 00331-10000-00001-AA641
WindowsProductName : Windows 10 Pro
WindowsRegisteredOrganization :
WindowsRegisteredOwner : admin
WindowsSystemRoot : C:\WINDOWS
WindowsVersion : 2009
BiosCharacteristics :
BiosBIOSVersion :
BiosBuildNumber :
BiosCaption :
BiosCodeSet :
BiosCurrentLanguage :
BiosDescription :
BiosEmbeddedControllerMajorVersion :
BiosEmbeddedControllerMinorVersion :
BiosFirmwareType :
BiosIdentificationCode :
BiosInstallableLanguages :
BiosInstallDate :
BiosLanguageEdition :
BiosListOfLanguages :
BiosManufacturer :
BiosName :
BiosOtherTargetOS :
BiosPrimaryBIOS :
BiosReleaseDate :
BiosSeralNumber :
BiosSMBIOSBIOSVersion :
BiosSMBIOSMajorVersion :
BiosSMBIOSMinorVersion :
BiosSMBIOSPresent :
BiosSoftwareElementState :
BiosStatus :
BiosSystemBiosMajorVersion :
BiosSystemBiosMinorVersion :
BiosTargetOperatingSystem :
BiosVersion :
CsAdminPasswordStatus :
CsAutomaticManagedPagefile :
CsAutomaticResetBootOption :
CsAutomaticResetCapability :
CsBootOptionOnLimit :
CsBootOptionOnWatchDog :
CsBootROMSupported :
CsBootStatus :
CsBootupState :
CsCaption :
CsChassisBootupState :
CsChassisSKUNumber :
CsCurrentTimeZone :
CsDaylightInEffect :
CsDescription :
CsDNSHostName :
CsDomain :
CsDomainRole :
CsEnableDaylightSavingsTime :
CsFrontPanelResetStatus :
CsHypervisorPresent :
CsInfraredSupported :
CsInitialLoadInfo :
CsInstallDate :
CsKeyboardPasswordStatus :
CsLastLoadInfo :
CsManufacturer :
CsModel :
CsName :
CsNetworkAdapters :
CsNetworkServerModeEnabled :
CsNumberOfLogicalProcessors :
CsNumberOfProcessors :
CsProcessors :
CsOEMStringArray :
CsPartOfDomain :
CsPauseAfterReset :
CsPCSystemType :
CsPCSystemTypeEx :
CsPowerManagementCapabilities :
CsPowerManagementSupported :
CsPowerOnPasswordStatus :
CsPowerState :
CsPowerSupplyState :
CsPrimaryOwnerContact :
CsPrimaryOwnerName :
CsResetCapability :
CsResetCount :
CsResetLimit :
CsRoles :
CsStatus :
CsSupportContactDescription :
CsSystemFamily :
CsSystemSKUNumber :
CsSystemType :
CsThermalState :
CsTotalPhysicalMemory :
CsPhyicallyInstalledMemory :
CsUserName :
CsWakeUpType :
CsWorkgroup :
OsName :
OsType :
OsOperatingSystemSKU :
OsVersion :
OsCSDVersion :
OsBuildNumber :
OsHotFixes :
OsBootDevice :
OsSystemDevice :
OsSystemDirectory :
OsSystemDrive :
OsWindowsDirectory :
OsCountryCode :
OsCurrentTimeZone :
OsLocaleID :
OsLocale :
OsLocalDateTime :
OsLastBootUpTime :
OsUptime :
OsBuildType :
OsCodeSet :
OsDataExecutionPreventionAvailable :
OsDataExecutionPrevention32BitApplications :
OsDataExecutionPreventionDrivers :
OsDataExecutionPreventionSupportPolicy :
OsDebug :
OsDistributed :
OsEncryptionLevel :
OsForegroundApplicationBoost :
OsTotalVisibleMemorySize :
OsFreePhysicalMemory :
OsTotalVirtualMemorySize :
OsFreeVirtualMemory :
OsInUseVirtualMemory :
OsTotalSwapSpaceSize :
OsSizeStoredInPagingFiles :
OsFreeSpaceInPagingFiles :
OsPagingFiles :
OsHardwareAbstractionLayer :
OsInstallDate :
OsManufacturer :
OsMaxNumberOfProcesses :
OsMaxProcessMemorySize :
OsMuiLanguages :
OsNumberOfLicensedUsers :
OsNumberOfProcesses :
OsNumberOfUsers :
OsOrganization :
OsArchitecture :
OsLanguage :
OsProductSuites :
OsOtherTypeDescription :
OsPAEEnabled :
OsPortableOperatingSystem :
OsPrimary :
OsProductType :
OsRegisteredUser :
OsSerialNumber :
OsServicePackMajorVersion :
OsServicePackMinorVersion :
OsStatus :
OsSuites :
OsServerLevel :
KeyboardLayout :
TimeZone : (UTC-08:00) Pacific Time (US & Canada)
LogonServer :
PowerPlatformRole : Desktop
HyperVisorPresent :
HyperVRequirementDataExecutionPreventionAvailable :
HyperVRequirementSecondLevelAddressTranslation :
HyperVRequirementVirtualizationFirmwareEnabled :
HyperVRequirementVMMonitorModeExtensions :
DeviceGuardSmartStatus : Off
DeviceGuardRequiredSecurityProperties :
DeviceGuardAvailableSecurityProperties :
DeviceGuardSecurityServicesConfigured :
DeviceGuardSecurityServicesRunning :
DeviceGuardCodeIntegrityPolicyEnforcementStatus :
DeviceGuardUserModeCodeIntegrityPolicyEnforcementStatus : Microsoft Windows [Version 10.0.19044.1645]WindowsProductName : Windows 10 Pro
Networks
PS C:\Users\viewer> ipconfig /all ; arp -a ; print route
Windows IP Configuration
Host Name . . . . . . . . . . . . : DVR4
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet0 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-9E-4E-DE
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.150.179(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.150.254
DNS Servers . . . . . . . . . . . : 192.168.150.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Interface: 192.168.150.179 --- 0x7
Internet Address Physical Address Type
192.168.150.254 00-50-56-9e-8d-f2 dynamic
192.168.150.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
255.255.255.255 ff-ff-ff-ff-ff-ff static
Unable to initialize device PRNPS C:\Users\viewer> netstat -ano | Select-String LIST
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING 2160
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 924
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING 1236
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 4400
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 700
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1080
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 380
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 668
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 1312
TCP 192.168.150.179:139 0.0.0.0:0 LISTENING 4
TCP [::]:22 [::]:0 LISTENING 2160
TCP [::]:135 [::]:0 LISTENING 924
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:49664 [::]:0 LISTENING 700
TCP [::]:49665 [::]:0 LISTENING 568
TCP [::]:49666 [::]:0 LISTENING 1080
TCP [::]:49667 [::]:0 LISTENING 380
TCP [::]:49668 [::]:0 LISTENING 668
TCP [::]:49669 [::]:0 LISTENING 1312Users & Groups
PS C:\Users\viewer> net users ; ls C:\Users
User accounts for \\
-------------------------------------------------------------------------------
Administrator DefaultAccount Guest
viewer WDAGUtilityAccount
The command completed with one or more errors.
Directory: C:\Users
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 6/21/2021 3:48 AM Administrator
d-r--- 6/18/2021 5:55 AM Public
d----- 2/16/2022 7:02 AM viewerPS C:\Users\viewer> net localgroup ; net group /DOMAIN
Aliases for \\DVR4
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Administrators
*Backup Operators
*Cryptographic Operators
*Device Owners
*Distributed COM Users
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Remote Desktop Users
*Remote Management Users
*Replicator
*System Managed Accounts Group
*Users
The command completed successfully.
The request will be processed at a domain controller for domain WORKGROUP.
System error 1355 has occurred.
The specified domain either does not exist or could not be contacted.Processes
PS C:\Users\viewer> cmd /c tasklist /svc ; ps
ERROR: Access denied
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
444 34 10536 25968 2160 0 BvSshServer
94 7 2580 5064 0.03 4296 0 cmd
142 10 4280 10724 0.13 1956 0 conhost
419 15 1700 4792 468 0 csrss
172 10 1568 4608 584 1 csrss
202 17 3852 11272 2260 0 dllhost
258 14 3804 12092 2612 0 dllhost
424 51 7236 18680 3136 0 DVR
267 12 2000 8752 1508 0 DVRWatchdog
699 24 18544 32480 1012 1 dwm
32 5 1376 3572 816 0 fontdrvhost
32 5 1476 3336 824 1 fontdrvhost
0 0 60 8 0 0 Idle
604 33 15268 54268 3424 1 LogonUI
995 24 5376 15160 700 0 lsass
0 0 204 21608 1280 0 Memory Compression
223 13 3448 9248 716 0 msdtc
728 81 165144 109188 2100 0 MsMpEng
208 33 3544 9688 3744 0 NisSrv
981 37 120184 136128 1.47 4480 0 powershell
0 11 2440 9104 92 0 Registry
636 35 17320 21316 3452 0 SearchIndexer
273 13 2788 11948 3104 0 SecurityHealthService
357 10 3796 8188 668 0 services
105 7 3408 6436 1172 0 SgrmBroker
53 3 1060 1112 360 0 smss
1686 66 32588 59284 380 0 svchost
216 13 2676 11744 456 0 svchost
769 18 5544 15584 808 0 svchost
603 33 51264 56884 900 0 svchost
676 16 4144 10440 924 0 svchost
355 20 13112 17732 1060 0 svchost
598 18 14536 19296 1080 0 svchost
1000 86 11804 30704 1236 0 svchost
166 12 1640 7276 1312 0 svchost
767 36 7400 18896 1424 0 svchost
191 10 1860 8180 1456 0 svchost
493 24 16684 32056 1536 0 svchost
127 9 1508 6416 1552 0 svchost
362 12 2252 9468 1568 0 svchost
171 12 4824 14512 1588 0 svchost
403 31 7516 15864 1648 0 svchost
211 13 1752 7840 2144 0 svchost
214 12 2452 10184 3180 0 svchost
205 11 1852 8148 3552 0 svchost
218 13 2012 7528 3760 0 svchost
197 13 2708 17312 5084 0 svchost
1684 0 196 148 4 0 System
154 10 1928 7540 0.03 3824 0 toterms
172 11 2784 8780 2052 0 VGAuthService
117 7 1420 5956 1988 0 vm3dservice
116 8 1520 6344 2244 1 vm3dservice
408 23 9364 19316 2092 0 vmtoolsd
606 41 9060 17452 4400 0 WebServerForAdmin
162 11 1352 6656 568 0 wininit
244 12 2696 17332 660 1 winlogon
147 9 1564 8056 2748 0 WmiApSrv
367 18 8448 18956 416 0 WmiPrvSE BvSshServerDVRDVRWatchdogtotermsWebServerForAdmin
Tasks
PS C:\Users\viewer> Get-ScheduledTask | where {$_.TaskPath -notlike "\Microsoft*" } | ft TaskName,TaskPath,State
Get-ScheduledTask : Cannot connect to CIM server. Access denied
At line:1 char:1
+ Get-ScheduledTask | where {$_.TaskPath -notlike "\Microsoft*" } | ft ...
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (MSFT_ScheduledTask:String) [Get-ScheduledTask], CimJobException
+ FullyQualifiedErrorId : CimJob_BrokenCimSession,Get-ScheduledTask
PS C:\Users\viewer> cmd /c schtasks /QUERY /FO TABLE
Folder: \
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Bitvise
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\OneCore
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\.NET Framework
TaskName Next Run Time Status
======================================== ====================== ===============
.NET Framework NGEN v4.0.30319 N/A Ready
.NET Framework NGEN v4.0.30319 64 N/A Ready
.NET Framework NGEN v4.0.30319 64 Critic N/A Disabled
.NET Framework NGEN v4.0.30319 Critical N/A Disabled
Folder: \Microsoft\Windows\Active Directory Rights Management Services Client
TaskName Next Run Time Status
======================================== ====================== ===============
AD RMS Rights Policy Template Management N/A Disabled
AD RMS Rights Policy Template Management N/A Ready
Folder: \Microsoft\Windows\AppID
TaskName Next Run Time Status
======================================== ====================== ===============
PolicyConverter N/A Disabled
VerifiedPublisherCertStoreCheck N/A Disabled
Folder: \Microsoft\Windows\Application Experience
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft Compatibility Appraiser 4/17/2025 4:59:24 AM Ready
PcaPatchDbTask 4/16/2025 4:22:19 PM Ready
ProgramDataUpdater N/A Ready
StartupAppTask N/A Ready
Folder: \Microsoft\Windows\ApplicationData
TaskName Next Run Time Status
======================================== ====================== ===============
appuriverifierdaily N/A Ready
appuriverifierinstall N/A Ready
CleanupTemporaryState N/A Ready
DsSvcCleanup N/A Ready
Folder: \Microsoft\Windows\AppListBackup
TaskName Next Run Time Status
======================================== ====================== ===============
Backup N/A Ready
Folder: \Microsoft\Windows\AppxDeploymentClient
TaskName Next Run Time Status
======================================== ====================== ===============
Pre-staged app cleanup N/A Disabled
Folder: \Microsoft\Windows\Autochk
TaskName Next Run Time Status
======================================== ====================== ===============
Proxy N/A Ready
Folder: \Microsoft\Windows\BitLocker
TaskName Next Run Time Status
======================================== ====================== ===============
BitLocker Encrypt All Drives N/A Ready
BitLocker MDM policy Refresh N/A Ready
Folder: \Microsoft\Windows\Bluetooth
TaskName Next Run Time Status
======================================== ====================== ===============
UninstallDeviceTask N/A Ready
Folder: \Microsoft\Windows\BrokerInfrastructure
TaskName Next Run Time Status
======================================== ====================== ===============
BgTaskRegistrationMaintenanceTask N/A Ready
Folder: \Microsoft\Windows\Chkdsk
TaskName Next Run Time Status
======================================== ====================== ===============
ProactiveScan N/A Ready
SyspartRepair N/A Ready
Folder: \Microsoft\Windows\CloudExperienceHost
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
Folder: \Microsoft\Windows\Customer Experience Improvement Program
TaskName Next Run Time Status
======================================== ====================== ===============
Consolidator 4/16/2025 12:00:00 PM Ready
UsbCeip N/A Ready
Folder: \Microsoft\Windows\Data Integrity Scan
TaskName Next Run Time Status
======================================== ====================== ===============
Data Integrity Check And Scan 4/16/2025 11:13:50 PM Ready
Data Integrity Scan N/A Ready
Data Integrity Scan for Crash Recovery N/A Ready
Folder: \Microsoft\Windows\Defrag
TaskName Next Run Time Status
======================================== ====================== ===============
ScheduledDefrag N/A Ready
Folder: \Microsoft\Windows\Device Information
TaskName Next Run Time Status
======================================== ====================== ===============
Device 4/17/2025 3:20:36 AM Ready
Device User N/A Ready
Folder: \Microsoft\Windows\Diagnosis
TaskName Next Run Time Status
======================================== ====================== ===============
RecommendedTroubleshootingScanner N/A Ready
Scheduled N/A Ready
Folder: \Microsoft\Windows\DirectX
TaskName Next Run Time Status
======================================== ====================== ===============
DirectXDatabaseUpdater N/A Ready
DXGIAdapterCache N/A Ready
Folder: \Microsoft\Windows\DiskCleanup
TaskName Next Run Time Status
======================================== ====================== ===============
SilentCleanup N/A Ready
Folder: \Microsoft\Windows\DiskDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft-Windows-DiskDiagnosticDataColl N/A Disabled
Microsoft-Windows-DiskDiagnosticResolver N/A Disabled
Folder: \Microsoft\Windows\DiskFootprint
TaskName Next Run Time Status
======================================== ====================== ===============
Diagnostics N/A Ready
StorageSense N/A Ready
Folder: \Microsoft\Windows\DUSM
TaskName Next Run Time Status
======================================== ====================== ===============
dusmtask N/A Ready
Folder: \Microsoft\Windows\EDP
TaskName Next Run Time Status
======================================== ====================== ===============
EDP App Launch Task N/A Ready
EDP Auth Task N/A Ready
EDP Inaccessible Credentials Task N/A Ready
StorageCardEncryption Task N/A Ready
Folder: \Microsoft\Windows\ExploitGuard
TaskName Next Run Time Status
======================================== ====================== ===============
ExploitGuard MDM policy Refresh N/A Ready
Folder: \Microsoft\Windows\Feedback
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Feedback\Siuf
TaskName Next Run Time Status
======================================== ====================== ===============
DmClient N/A Ready
DmClientOnScenarioDownload N/A Ready
Folder: \Microsoft\Windows\File Classification Infrastructure
TaskName Next Run Time Status
======================================== ====================== ===============
Property Definition Sync N/A Disabled
Folder: \Microsoft\Windows\FileHistory
TaskName Next Run Time Status
======================================== ====================== ===============
File History (maintenance mode) N/A Ready
Folder: \Microsoft\Windows\Flighting
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Flighting\FeatureConfig
TaskName Next Run Time Status
======================================== ====================== ===============
ReconcileFeatures N/A Ready
UsageDataFlushing N/A Ready
UsageDataReporting N/A Ready
Folder: \Microsoft\Windows\Flighting\OneSettings
TaskName Next Run Time Status
======================================== ====================== ===============
RefreshCache 4/16/2025 3:18:23 PM Ready
Folder: \Microsoft\Windows\HelloFace
TaskName Next Run Time Status
======================================== ====================== ===============
FODCleanupTask N/A Ready
Folder: \Microsoft\Windows\Input
TaskName Next Run Time Status
======================================== ====================== ===============
LocalUserSyncDataAvailable N/A Ready
MouseSyncDataAvailable N/A Ready
PenSyncDataAvailable N/A Ready
TouchpadSyncDataAvailable N/A Ready
Folder: \Microsoft\Windows\InstallService
TaskName Next Run Time Status
======================================== ====================== ===============
ScanForUpdates 4/16/2025 7:57:20 PM Ready
ScanForUpdatesAsUser N/A Ready
WakeUpAndContinueUpdates N/A Disabled
WakeUpAndScanForUpdates N/A Disabled
Folder: \Microsoft\Windows\Live
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Location
TaskName Next Run Time Status
======================================== ====================== ===============
Notifications N/A Ready
WindowsActionDialog N/A Ready
Folder: \Microsoft\Windows\Maintenance
TaskName Next Run Time Status
======================================== ====================== ===============
WinSAT N/A Ready
Folder: \Microsoft\Windows\Management
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Management\Provisioning
TaskName Next Run Time Status
======================================== ====================== ===============
Cellular N/A Ready
Logon N/A Ready
Retry N/A Disabled
RunOnReboot N/A Disabled
Folder: \Microsoft\Windows\Maps
TaskName Next Run Time Status
======================================== ====================== ===============
MapsToastTask N/A Ready
MapsUpdateTask N/A Disabled
Folder: \Microsoft\Windows\MemoryDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
ProcessMemoryDiagnosticEvents N/A Ready
RunFullMemoryDiagnostic N/A Ready
Folder: \Microsoft\Windows\Mobile Broadband Accounts
TaskName Next Run Time Status
======================================== ====================== ===============
MNO Metadata Parser N/A Ready
Folder: \Microsoft\Windows\MUI
TaskName Next Run Time Status
======================================== ====================== ===============
LPRemove N/A Ready
Folder: \Microsoft\Windows\Multimedia
TaskName Next Run Time Status
======================================== ====================== ===============
SystemSoundsService N/A Ready
Folder: \Microsoft\Windows\NetTrace
TaskName Next Run Time Status
======================================== ====================== ===============
GatherNetworkInfo N/A Ready
Folder: \Microsoft\Windows\NlaSvc
TaskName Next Run Time Status
======================================== ====================== ===============
WiFiTask N/A Ready
Folder: \Microsoft\Windows\Offline Files
TaskName Next Run Time Status
======================================== ====================== ===============
Background Synchronization N/A Disabled
Logon Synchronization N/A Disabled
Folder: \Microsoft\Windows\PLA
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Plug and Play
TaskName Next Run Time Status
======================================== ====================== ===============
Device Install Group Policy N/A Ready
Device Install Reboot Required N/A Ready
Sysprep Generalize Drivers N/A Ready
Folder: \Microsoft\Windows\Power Efficiency Diagnostics
TaskName Next Run Time Status
======================================== ====================== ===============
AnalyzeSystem N/A Ready
Folder: \Microsoft\Windows\Printing
TaskName Next Run Time Status
======================================== ====================== ===============
EduPrintProv N/A Ready
Folder: \Microsoft\Windows\RecoveryEnvironment
TaskName Next Run Time Status
======================================== ====================== ===============
VerifyWinRE N/A Disabled
Folder: \Microsoft\Windows\Servicing
TaskName Next Run Time Status
======================================== ====================== ===============
StartComponentCleanup N/A Ready
Folder: \Microsoft\Windows\SettingSync
TaskName Next Run Time Status
======================================== ====================== ===============
BackgroundUploadTask N/A Ready
NetworkStateChangeTask N/A Ready
Folder: \Microsoft\Windows\SharedPC
TaskName Next Run Time Status
======================================== ====================== ===============
Account Cleanup N/A Disabled
Folder: \Microsoft\Windows\Shell
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
FamilySafetyMonitor N/A Ready
FamilySafetyRefreshTask N/A Ready
IndexerAutomaticMaintenance N/A Ready
Folder: \Microsoft\Windows\SpacePort
TaskName Next Run Time Status
======================================== ====================== ===============
SpaceAgentTask N/A Ready
SpaceManagerTask N/A Ready
Folder: \Microsoft\Windows\Speech
TaskName Next Run Time Status
======================================== ====================== ===============
HeadsetButtonPress N/A Ready
SpeechModelDownloadTask 4/17/2025 1:08:25 AM Ready
Folder: \Microsoft\Windows\StateRepository
TaskName Next Run Time Status
======================================== ====================== ===============
MaintenanceTasks N/A Ready
Folder: \Microsoft\Windows\Storage Tiers Management
TaskName Next Run Time Status
======================================== ====================== ===============
Storage Tiers Management Initialization N/A Ready
Storage Tiers Optimization N/A Disabled
Folder: \Microsoft\Windows\Subscription
TaskName Next Run Time Status
======================================== ====================== ===============
EnableLicenseAcquisition N/A Ready
LicenseAcquisition N/A Disabled
Folder: \Microsoft\Windows\Sysmain
TaskName Next Run Time Status
======================================== ====================== ===============
HybridDriveCachePrepopulate N/A Disabled
HybridDriveCacheRebalance N/A Disabled
ResPriStaticDbSync N/A Ready
WsSwapAssessmentTask N/A Ready
Folder: \Microsoft\Windows\SystemRestore
TaskName Next Run Time Status
======================================== ====================== ===============
SR N/A Ready
Folder: \Microsoft\Windows\TextServicesFramework
TaskName Next Run Time Status
======================================== ====================== ===============
MsCtfMonitor N/A Ready
Folder: \Microsoft\Windows\Time Synchronization
TaskName Next Run Time Status
======================================== ====================== ===============
ForceSynchronizeTime N/A Ready
SynchronizeTime N/A Ready
Folder: \Microsoft\Windows\Time Zone
TaskName Next Run Time Status
======================================== ====================== ===============
SynchronizeTimeZone N/A Ready
Folder: \Microsoft\Windows\UNP
TaskName Next Run Time Status
======================================== ====================== ===============
RunUpdateNotificationMgr N/A Disabled
Folder: \Microsoft\Windows\UPnP
TaskName Next Run Time Status
======================================== ====================== ===============
UPnPHostConfig N/A Ready
Folder: \Microsoft\Windows\USB
TaskName Next Run Time Status
======================================== ====================== ===============
Usb-Notifications N/A Ready
Folder: \Microsoft\Windows\WCM
TaskName Next Run Time Status
======================================== ====================== ===============
WiFiTask N/A Ready
Folder: \Microsoft\Windows\Windows Defender
TaskName Next Run Time Status
======================================== ====================== ===============
Windows Defender Cache Maintenance N/A Ready
Windows Defender Cleanup N/A Ready
Windows Defender Scheduled Scan N/A Ready
Windows Defender Verification N/A Ready
Folder: \Microsoft\Windows\Windows Error Reporting
TaskName Next Run Time Status
======================================== ====================== ===============
QueueReporting 4/16/2025 1:56:37 PM Ready
Folder: \Microsoft\Windows\Windows Filtering Platform
TaskName Next Run Time Status
======================================== ====================== ===============
BfeOnServiceStartTypeChange N/A Ready
Folder: \Microsoft\Windows\Windows Media Sharing
TaskName Next Run Time Status
======================================== ====================== ===============
UpdateLibrary N/A Ready
Folder: \Microsoft\Windows\WindowsColorSystem
TaskName Next Run Time Status
======================================== ====================== ===============
Calibration Loader N/A Ready
Folder: \Microsoft\Windows\WindowsUpdate
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled Start 4/17/2025 9:49:16 AM Ready
Folder: \Microsoft\Windows\WindowsUpdate\RUXIM
TaskName Next Run Time Status
======================================== ====================== ===============
PLUGScheduler 4/17/2025 8:19:18 AM Ready
Folder: \Microsoft\Windows\Wininet
TaskName Next Run Time Status
======================================== ====================== ===============
CacheTask N/A Ready
Folder: \Microsoft\Windows\WlanSvc
TaskName Next Run Time Status
======================================== ====================== ===============
CDSSync N/A Ready
Folder: \Microsoft\Windows\Work Folders
TaskName Next Run Time Status
======================================== ====================== ===============
Work Folders Logon Synchronization N/A Ready
Work Folders Maintenance Work N/A Ready
Folder: \Microsoft\Windows\Workplace Join
TaskName Next Run Time Status
======================================== ====================== ===============
Automatic-Device-Join N/A Disabled
Device-Sync N/A Disabled
Recovery-Check N/A Disabled
Folder: \Microsoft\Windows\WwanSvc
TaskName Next Run Time Status
======================================== ====================== ===============
NotificationTask N/A Ready
OobeDiscovery N/A Ready
Folder: \Microsoft\XblGameSave
TaskName Next Run Time Status
======================================== ====================== ===============
XblGameSaveTask N/A Ready Services
PS C:\Users\viewer> wmic service where "State='Running'" get Name,PathName,StartName | Out-String -Stream | Where-Object { $_ -match 'S' -and $_ -notmatch 'C:\Windows\System32' } | Select-Object -First 100
ERROR:
Description = Access deniedInstalled Programs
PS C:\Users\viewer> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue | Where-Object { $_ } | Sort-Object -Unique
Argus DVR Viewer
Argus Surveillance DVR
Bitvise SSH Server 8.48 (remove only)
Microsoft Edge
Microsoft Edge Update
Microsoft Update Health Tools
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016
Update for Windows 10 for x64-based Systems (KB5001716)
VMware ToolsArgus DVR ViewerArgus Surveillance DVRBitvise SSH Server 8.48 (remove only)
Firewall & AV
PS C:\Users\viewer> netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No Network Discovery
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .PS C:\Users\viewer> Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property ExclusionPath
Get-MpComputerStatus : Cannot connect to CIM server. Access denied
At line:1 char:1
+ Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property Exc ...
+ ~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (MSFT_MpComputerStatus:String) [Get-MpComputerStatus], CimJobException
+ FullyQualifiedErrorId : CimJob_BrokenCimSession,Get-MpComputerStatus
Get-MpPreference : Cannot connect to CIM server. Access denied
At line:1 char:24
+ Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property Exc ...
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (MSFT_MpPreference:String) [Get-MpPreference], CimJobException
+ FullyQualifiedErrorId : CimJob_BrokenCimSession,Get-MpPreferenceSession Architecture
PS C:\Users\viewer> [Environment]::Is64BitProcess
TrueInstalled .NET Frameworks
PS C:\Users\viewer> cmd /c dir /A:D C:\Windows\Microsoft.NET\Framework ; cmd /c reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Fra
mework Setup\NDP" ; cmd /c reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
Volume in drive C has no label.
Volume Serial Number is 08DF-534D
Directory of C:\Windows\Microsoft.NET\Framework
12/07/2019 02:31 AM <DIR> .
12/07/2019 02:31 AM <DIR> ..
06/18/2021 05:57 AM <DIR> v1.0.3705
06/18/2021 05:57 AM <DIR> v1.1.4322
12/07/2019 02:14 AM <DIR> v2.0.50727
04/16/2025 09:53 AM <DIR> v4.0.30319
0 File(s) 0 bytes
6 Dir(s) 7,604,813,824 bytes free
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
SMSvcHostPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.0.NET 4.8.04084