System/Kernel
PS C:\Users\arthur> cmd /c ver
Microsoft Windows [Version 10.0.19042.1288]
PS C:\Users\arthur> systeminfo ; Get-ComputerInfo
Host Name: FISHYYY OS Name: Microsoft Windows 10 Pro OS Version: 10.0.19042 N/A Build 19042
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: admin
Registered Organization:
Product ID: 00331-10000-00001-AA693
Original Install Date: 6/18/2021, 5:06:17 AM
System Boot Time: 8/25/2024, 7:28:14 PM
System Manufacturer: VMware, Inc.
System Model: VMware7,1
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 25 Model 17 Stepping 1 AuthenticAMD ~3000 Mhz
BIOS Version: VMware, Inc. VMW71.00V.21100432.B64.2301110304, 1/11/2023
Windows Directory: C:\WINDOWS
System Directory: C:\WINDOWS\system32
Boot Device: \Device\HarddiskVolume2
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 2,047 MB
Available Physical Memory: 372 MB
Virtual Memory: Max Size: 3,901 MB
Virtual Memory: Available: 514 MB
Virtual Memory: In Use: 3,387 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\FISHYYY
Hotfix(s): 5 Hotfix(s) Installed.
[01]: KB5009467
[02]: KB4562830
[03]: KB4580325
[04]: KB5006670
[05]: KB5005699
Network Card(s): 1 NIC(s) Installed.
[01]: vmxnet3 Ethernet Adapter
Connection Name: Ethernet0 2
DHCP Enabled: No
IP address(es)
[01]: 192.168.219.168
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
WindowsBuildLabEx : 19041.1.amd64fre.vb_release.191206-1406
WindowsCurrentVersion : 6.3
WindowsEditionId : Professional
WindowsInstallationType : Client
WindowsInstallDateFromRegistry : 6/18/2021 12:06:17 PM
WindowsProductId : 00331-10000-00001-AA693
WindowsProductName : Windows 10 Pro
WindowsRegisteredOrganization :
WindowsRegisteredOwner : admin
WindowsSystemRoot : C:\WINDOWS
WindowsVersion : 2009
BiosCharacteristics : {4, 7, 9, 11...}
BiosBIOSVersion : {INTEL - 6040000, VMW71.00V.21100432.B64.2301110304, VMware, Inc. - 10000}
BiosBuildNumber :
BiosCaption : VMW71.00V.21100432.B64.2301110304
BiosCodeSet :
BiosCurrentLanguage :
BiosDescription : VMW71.00V.21100432.B64.2301110304
BiosEmbeddedControllerMajorVersion : 255
BiosEmbeddedControllerMinorVersion : 255
BiosFirmwareType : Uefi
BiosIdentificationCode :
BiosInstallableLanguages :
BiosInstallDate :
BiosLanguageEdition :
BiosListOfLanguages :
BiosManufacturer : VMware, Inc.
BiosName : VMW71.00V.21100432.B64.2301110304
BiosOtherTargetOS :
BiosPrimaryBIOS : True
BiosReleaseDate : 1/10/2023 4:00:00 PM
BiosSeralNumber : VMware-42 1e 9c 98 1a 76 c7 ff-b7 65 ae bc 5e 6c d0 09
BiosSMBIOSBIOSVersion : VMW71.00V.21100432.B64.2301110304
BiosSMBIOSMajorVersion : 2
BiosSMBIOSMinorVersion : 7
BiosSMBIOSPresent : True
BiosSoftwareElementState : Running
BiosStatus : OK
BiosSystemBiosMajorVersion : 255
BiosSystemBiosMinorVersion : 255
BiosTargetOperatingSystem : 0
BiosVersion : INTEL - 6040000
CsAdminPasswordStatus : Enabled
CsAutomaticManagedPagefile : True
CsAutomaticResetBootOption : True
CsAutomaticResetCapability : True
CsBootOptionOnLimit : DoNotReboot
CsBootOptionOnWatchDog : DoNotReboot
CsBootROMSupported : True
CsBootStatus : {0, 0, 0, 33...}
CsBootupState : Normal boot
CsCaption : FISHYYY
CsChassisBootupState : Safe
CsChassisSKUNumber :
CsCurrentTimeZone : -420
CsDaylightInEffect : True
CsDescription : AT/AT COMPATIBLE
CsDNSHostName : Fishyyy
CsDomain : WORKGROUP
CsDomainRole : StandaloneWorkstation
CsEnableDaylightSavingsTime : True
CsFrontPanelResetStatus : Unknown
CsHypervisorPresent : True
CsInfraredSupported : False
CsInitialLoadInfo :
CsInstallDate :
CsKeyboardPasswordStatus : Unknown
CsLastLoadInfo :
CsManufacturer : VMware, Inc.
CsModel : VMware7,1
CsName : FISHYYY
CsNetworkAdapters : {Ethernet0 2}
CsNetworkServerModeEnabled : True
CsNumberOfLogicalProcessors : 2
CsNumberOfProcessors : 1
CsProcessors : {AMD EPYC 9124 16-Core Processor }
CsOEMStringArray : {[MS_VM_CERT/SHA1/27d66596a61c48dd3dc7216fd715126e33f59ae7], Welcome to the Virtual Machine}
CsPartOfDomain : False
CsPauseAfterReset : 3932100000
CsPCSystemType : Desktop
CsPCSystemTypeEx : Desktop
CsPowerManagementCapabilities :
CsPowerManagementSupported :
CsPowerOnPasswordStatus : Disabled
CsPowerState : Unknown
CsPowerSupplyState : Safe
CsPrimaryOwnerContact :
CsPrimaryOwnerName : admin
CsResetCapability : Other
CsResetCount : -1
CsResetLimit : -1
CsRoles : {LM_Workstation, LM_Server, NT}
CsStatus : OK
CsSupportContactDescription :
CsSystemFamily :
CsSystemSKUNumber :
CsSystemType : x64-based PC
CsThermalState : Safe
CsTotalPhysicalMemory : 2146459648
CsPhyicallyInstalledMemory : 2097152
CsUserName :
CsWakeUpType : PowerSwitch
CsWorkgroup : WORKGROUP
OsName : Microsoft Windows 10 Pro
OsType : WINNT
OsOperatingSystemSKU : 48
OsVersion : 10.0.19042
OsCSDVersion :
OsBuildNumber : 19042
OsHotFixes : {KB5009467, KB4562830, KB4580325, KB5006670...}
OsBootDevice : \Device\HarddiskVolume2
OsSystemDevice : \Device\HarddiskVolume4
OsSystemDirectory : C:\WINDOWS\system32
OsSystemDrive : C:
OsWindowsDirectory : C:\WINDOWS
OsCountryCode : 1
OsCurrentTimeZone : -420
OsLocaleID : 0409
OsLocale : en-US
OsLocalDateTime : 10/31/2021 7:39:12 AM
OsLastBootUpTime : 8/25/2024 8:28:14 PM
OsUptime : -1029.12:49:02.4502776
OsBuildType : Multiprocessor Free
OsCodeSet : 1252
OsDataExecutionPreventionAvailable : True
OsDataExecutionPrevention32BitApplications : True
OsDataExecutionPreventionDrivers : True
OsDataExecutionPreventionSupportPolicy : OptIn
OsDebug : False
OsDistributed : False
OsEncryptionLevel : 256
OsForegroundApplicationBoost : Maximum
OsTotalVisibleMemorySize : 2096152
OsFreePhysicalMemory : 413628
OsTotalVirtualMemorySize : 3994256
OsFreeVirtualMemory : 525400
OsInUseVirtualMemory : 3468856
OsTotalSwapSpaceSize :
OsSizeStoredInPagingFiles : 1898104
OsFreeSpaceInPagingFiles : 1357876
OsPagingFiles : {C:\pagefile.sys}
OsHardwareAbstractionLayer : 10.0.19041.1151
OsInstallDate : 6/18/2021 5:06:17 AM
OsManufacturer : Microsoft Corporation
OsMaxNumberOfProcesses : 4294967295
OsMaxProcessMemorySize : 137438953344
OsMuiLanguages : {en-US}
OsNumberOfLicensedUsers :
OsNumberOfProcesses : 95
OsNumberOfUsers : 2
OsOrganization :
OsArchitecture : 64-bit
OsLanguage : en-US
OsProductSuites : {TerminalServicesSingleSession}
OsOtherTypeDescription :
OsPAEEnabled :
OsPortableOperatingSystem : False
OsPrimary : True
OsProductType : WorkStation
OsRegisteredUser : admin
OsSerialNumber : 00331-10000-00001-AA693
OsServicePackMajorVersion : 0
OsServicePackMinorVersion : 0
OsStatus : OK
OsSuites : {TerminalServices, TerminalServicesSingleSession}
OsServerLevel :
KeyboardLayout : en-US
TimeZone : (UTC-08:00) Pacific Time (US & Canada)
LogonServer : \\FISHYYY
PowerPlatformRole : Desktop
HyperVisorPresent : True
HyperVRequirementDataExecutionPreventionAvailable :
HyperVRequirementSecondLevelAddressTranslation :
HyperVRequirementVirtualizationFirmwareEnabled :
HyperVRequirementVMMonitorModeExtensions :
DeviceGuardSmartStatus : Off
DeviceGuardRequiredSecurityProperties :
DeviceGuardAvailableSecurityProperties :
DeviceGuardSecurityServicesConfigured :
DeviceGuardSecurityServicesRunning :
DeviceGuardCodeIntegrityPolicyEnforcementStatus :
DeviceGuardUserModeCodeIntegrityPolicyEnforcementStatus :Microsoft Windows [Version 10.0.19042.1288]OS Name: Microsoft Windows 10 ProSystem Type: x64-based PCProcessor(s): 1 Processor(s) Installed.Hotfix(s): 5 Hotfix(s) Installed.[01]: KB5009467[02]: KB4562830[03]: KB4580325[04]: KB5006670[05]: KB5005699
Networks
PS C:\Users\arthur> ipconfig /all ; arp -a ; print route
Windows IP Configuration
Host Name . . . . . . . . . . . . : Fishyyy
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet0 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-9E-17-8D
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.219.168(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.219.254
DNS Servers . . . . . . . . . . . : 192.168.219.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Interface: 192.168.219.168 --- 0x7
Internet Address Physical Address Type
192.168.219.254 00-50-56-9e-b9-f7 dynamic
192.168.219.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
255.255.255.255 ff-ff-ff-ff-ff-ff static
Unable to initialize device PRNPS C:\Users\arthur> netstat -ano | Select-String LIST
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 936
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 412
TCP 0.0.0.0:3700 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:3820 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:3920 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:4848 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING 1228
TCP 0.0.0.0:6060 0.0.0.0:0 LISTENING 2268
TCP 0.0.0.0:7676 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:7776 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:8181 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:8686 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 704
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 560
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1220
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 416
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 1212
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:49722 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:49724 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:49725 0.0.0.0:0 LISTENING 3400
TCP 0.0.0.0:49726 0.0.0.0:0 LISTENING 3400
TCP 127.0.0.1:8865 0.0.0.0:0 LISTENING 2268
TCP 127.0.0.1:55222 0.0.0.0:0 LISTENING 2268
TCP 192.168.219.168:139 0.0.0.0:0 LISTENING 4
TCP 192.168.219.168:49775 0.0.0.0:0 LISTENING 2268
TCP [::]:135 [::]:0 LISTENING 936
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:3389 [::]:0 LISTENING 412
TCP [::]:3700 [::]:0 LISTENING 3400
TCP [::]:3820 [::]:0 LISTENING 3400
TCP [::]:3920 [::]:0 LISTENING 3400
TCP [::]:4848 [::]:0 LISTENING 3400
TCP [::]:6060 [::]:0 LISTENING 2268
TCP [::]:7676 [::]:0 LISTENING 3400
TCP [::]:7776 [::]:0 LISTENING 3400
TCP [::]:8080 [::]:0 LISTENING 3400
TCP [::]:8181 [::]:0 LISTENING 3400
TCP [::]:8686 [::]:0 LISTENING 3400
TCP [::]:49664 [::]:0 LISTENING 704
TCP [::]:49665 [::]:0 LISTENING 560
TCP [::]:49666 [::]:0 LISTENING 1220
TCP [::]:49667 [::]:0 LISTENING 416
TCP [::]:49668 [::]:0 LISTENING 1212
TCP [::]:49669 [::]:0 LISTENING 688
TCP [::]:49722 [::]:0 LISTENING 3400
TCP [::]:49724 [::]:0 LISTENING 3400
TCP [::]:49725 [::]:0 LISTENING 3400
TCP [::]:49726 [::]:0 LISTENING 3400TCP 127.0.0.1:8865 0.0.0.0:0 LISTENING 2268TCP 127.0.0.1:55222 0.0.0.0:0 LISTENING 2268
Users & Groups
PS C:\Users\arthur> net users ; ls C:\Users
User accounts for \\FISHYYY
-------------------------------------------------------------------------------
Administrator arthur DefaultAccount
Guest WDAGUtilityAccount
The command completed successfully.
Directory: C:\Users
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 6/21/2021 3:48 AM Administrator
d----- 10/28/2021 4:50 AM arthur
d-r--- 6/18/2021 5:55 AM PublicPS C:\Users\arthur> net localgroup ; net group /DOMAIN
Aliases for \\FISHYYY
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Administrators
*Backup Operators
*Cryptographic Operators
*Device Owners
*Distributed COM Users
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Remote Desktop Users
*Remote Management Users
*Replicator
*System Managed Accounts Group
*Users
The command completed successfully.
The request will be processed at a domain controller for domain WORKGROUP.
System error 1355 has occurred.
The specified domain either does not exist or could not be contacted.Processes
PS C:\Users\arthur> Get-WmiObject Win32_Process | % { $s = (Get-CimInstance Win32_Service | ? { $_.ProcessId -eq $_.ProcessId }).Name -join ", "; $u = $_.GetOwner(); [PSCustomObject]@{ Name = $_.Name; PID = $_.ProcessId; User = "$($u.Domain)\$($u.User)"; Services = $s } } | ft -AutoSize
Name PID User Services
---- --- ---- --------
System Idle Process 0 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
System 4 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
Registry 92 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
smss.exe 352 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
csrss.exe 460 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
wininit.exe 560 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
csrss.exe 568 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
winlogon.exe 656 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
services.exe 688 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
lsass.exe 704 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 820 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
fontdrvhost.exe 832 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
fontdrvhost.exe 828 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 936 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 416 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 412 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 952 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
Memory Compression 1168 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1220 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1228 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
dwm.exe 1252 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1412 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1568 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1580 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1624 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1788 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1796 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1908 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 1212 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 2100 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
domain1Service.exe 2120 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
SecurityService.exe 2260 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
SynaMan.exe 2268 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
VGAuthService.exe 2292 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
vmtoolsd.exe 2316 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
vm3dservice.exe 2324 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
MsMpEng.exe 2372 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
vm3dservice.exe 2540 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
cmd.exe 2548 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
conhost.exe 2584 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
dllhost.exe 2912 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
java.exe 2920 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
WmiPrvSE.exe 2828 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
java.exe 3400 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
conhost.exe 3420 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
LogonUI.exe 3128 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
msdtc.exe 3308 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 3352 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 4240 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 2664 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
SgrmBroker.exe 4768 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 848 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
SearchIndexer.exe 1316 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
WmiApSrv.exe 1120 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
csrss.exe 3360 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
winlogon.exe 4344 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
fontdrvhost.exe 5188 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
WUDFHost.exe 3924 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
dwm.exe 5216 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 4560 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
rdpclip.exe 1156 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
sihost.exe 4552 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 5316 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
taskhostw.exe 3084 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
ctfmon.exe 4004 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
explorer.exe 2536 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 3972 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
StartMenuExperienceHost.exe 5092 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
RuntimeBroker.exe 32 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
SearchApp.exe 452 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
RuntimeBroker.exe 5968 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
RuntimeBroker.exe 6524 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
SecurityHealthSystray.exe 6636 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
SecurityHealthService.exe 6664 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
vmtoolsd.exe 6764 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
TotalAV.exe 6780 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
OneDrive.exe 6852 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
YourPhone.exe 4512 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
RuntimeBroker.exe 7512 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
svchost.exe 7548 \ AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
TextInputHost.exe 6384 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
dllhost.exe 4740 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
powershell.exe 7348 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
conhost.exe 7504 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
ShellExperienceHost.exe 5132 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...
RuntimeBroker.exe 3428 FISHYYY\arthur AJRouter, ALG, AppIDSvc, Appinfo, AppMgmt, AppReadiness, AppVClient, AppXSvc, AssignedAccessM...domain1Service.exeSecurityService.exeSynaMan.exevm3dservice.exejava.exeTotalAV.exe
Tasks
PS C:\Users\arthur> Get-ScheduledTask | where {$_.TaskPath -notlike "\Microsoft*" } | ft TaskName,TaskPath,State
TaskName TaskPath State
-------- -------- -----
OneDrive Standalone Update Task-S-1-5-21-2619112490-2635448554-1147358759-1002 \ Ready
PS C:\Users\arthur> cmd /c schtasks /QUERY /FO TABLE
Folder: \
TaskName Next Run Time Status
======================================== ====================== ===============
OneDrive Standalone Update Task-S-1-5-21 11/1/2021 5:50:43 AM Ready
Folder: \Microsoft
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\OneCore
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\.NET Framework
TaskName Next Run Time Status
======================================== ====================== ===============
.NET Framework NGEN v4.0.30319 N/A Ready
.NET Framework NGEN v4.0.30319 64 N/A Ready
.NET Framework NGEN v4.0.30319 64 Critic N/A Disabled
.NET Framework NGEN v4.0.30319 Critical N/A Disabled
Folder: \Microsoft\Windows\Active Directory Rights Management Services Client
TaskName Next Run Time Status
======================================== ====================== ===============
AD RMS Rights Policy Template Management N/A Disabled
AD RMS Rights Policy Template Management N/A Ready
Folder: \Microsoft\Windows\AppID
TaskName Next Run Time Status
======================================== ====================== ===============
PolicyConverter N/A Disabled
VerifiedPublisherCertStoreCheck N/A Disabled
Folder: \Microsoft\Windows\Application Experience
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft Compatibility Appraiser 11/1/2021 4:02:32 AM Ready
PcaPatchDbTask 10/31/2021 3:02:15 PM Ready
ProgramDataUpdater N/A Ready
StartupAppTask N/A Ready
Folder: \Microsoft\Windows\ApplicationData
TaskName Next Run Time Status
======================================== ====================== ===============
appuriverifierdaily N/A Ready
appuriverifierinstall N/A Ready
CleanupTemporaryState N/A Ready
DsSvcCleanup N/A Ready
Folder: \Microsoft\Windows\AppxDeploymentClient
TaskName Next Run Time Status
======================================== ====================== ===============
Pre-staged app cleanup N/A Disabled
Folder: \Microsoft\Windows\Autochk
TaskName Next Run Time Status
======================================== ====================== ===============
Proxy N/A Ready
Folder: \Microsoft\Windows\BitLocker
TaskName Next Run Time Status
======================================== ====================== ===============
BitLocker Encrypt All Drives N/A Ready
BitLocker MDM policy Refresh N/A Ready
Folder: \Microsoft\Windows\Bluetooth
TaskName Next Run Time Status
======================================== ====================== ===============
UninstallDeviceTask N/A Ready
Folder: \Microsoft\Windows\BrokerInfrastructure
TaskName Next Run Time Status
======================================== ====================== ===============
BgTaskRegistrationMaintenanceTask N/A Ready
Folder: \Microsoft\Windows\CertificateServicesClient
TaskName Next Run Time Status
======================================== ====================== ===============
UserTask N/A Ready
UserTask-Roam N/A Ready
Folder: \Microsoft\Windows\Chkdsk
TaskName Next Run Time Status
======================================== ====================== ===============
ProactiveScan N/A Ready
SyspartRepair N/A Ready
Folder: \Microsoft\Windows\CloudExperienceHost
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
Folder: \Microsoft\Windows\Customer Experience Improvement Program
TaskName Next Run Time Status
======================================== ====================== ===============
Consolidator 10/31/2021 12:00:00 PM Ready
UsbCeip N/A Ready
Folder: \Microsoft\Windows\Data Integrity Scan
TaskName Next Run Time Status
======================================== ====================== ===============
Data Integrity Check And Scan 10/31/2021 11:15:45 PM Ready
Data Integrity Scan N/A Ready
Data Integrity Scan for Crash Recovery N/A Ready
Folder: \Microsoft\Windows\Defrag
TaskName Next Run Time Status
======================================== ====================== ===============
ScheduledDefrag N/A Ready
Folder: \Microsoft\Windows\Device Information
TaskName Next Run Time Status
======================================== ====================== ===============
Device 11/1/2021 3:33:24 AM Ready
Device User N/A Ready
Folder: \Microsoft\Windows\Diagnosis
TaskName Next Run Time Status
======================================== ====================== ===============
RecommendedTroubleshootingScanner N/A Ready
Scheduled N/A Ready
Folder: \Microsoft\Windows\DirectX
TaskName Next Run Time Status
======================================== ====================== ===============
DirectXDatabaseUpdater N/A Ready
DXGIAdapterCache N/A Ready
Folder: \Microsoft\Windows\DiskCleanup
TaskName Next Run Time Status
======================================== ====================== ===============
SilentCleanup N/A Ready
Folder: \Microsoft\Windows\DiskDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft-Windows-DiskDiagnosticDataColl N/A Ready
Microsoft-Windows-DiskDiagnosticResolver N/A Disabled
Folder: \Microsoft\Windows\DiskFootprint
TaskName Next Run Time Status
======================================== ====================== ===============
Diagnostics N/A Ready
StorageSense N/A Ready
Folder: \Microsoft\Windows\DUSM
TaskName Next Run Time Status
======================================== ====================== ===============
dusmtask N/A Ready
Folder: \Microsoft\Windows\EDP
TaskName Next Run Time Status
======================================== ====================== ===============
EDP App Launch Task N/A Ready
EDP Auth Task N/A Ready
EDP Inaccessible Credentials Task N/A Ready
StorageCardEncryption Task N/A Ready
Folder: \Microsoft\Windows\ExploitGuard
TaskName Next Run Time Status
======================================== ====================== ===============
ExploitGuard MDM policy Refresh N/A Ready
Folder: \Microsoft\Windows\Feedback
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Feedback\Siuf
TaskName Next Run Time Status
======================================== ====================== ===============
DmClient N/A Ready
DmClientOnScenarioDownload N/A Ready
Folder: \Microsoft\Windows\File Classification Infrastructure
TaskName Next Run Time Status
======================================== ====================== ===============
Property Definition Sync N/A Disabled
Folder: \Microsoft\Windows\FileHistory
TaskName Next Run Time Status
======================================== ====================== ===============
File History (maintenance mode) N/A Ready
Folder: \Microsoft\Windows\Flighting
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Flighting\FeatureConfig
TaskName Next Run Time Status
======================================== ====================== ===============
ReconcileFeatures N/A Ready
UsageDataFlushing N/A Ready
UsageDataReporting N/A Ready
Folder: \Microsoft\Windows\Flighting\OneSettings
TaskName Next Run Time Status
======================================== ====================== ===============
RefreshCache 10/31/2021 11:31:33 AM Ready
Folder: \Microsoft\Windows\Input
TaskName Next Run Time Status
======================================== ====================== ===============
LocalUserSyncDataAvailable N/A Ready
MouseSyncDataAvailable N/A Ready
PenSyncDataAvailable N/A Ready
TouchpadSyncDataAvailable N/A Ready
Folder: \Microsoft\Windows\InstallService
TaskName Next Run Time Status
======================================== ====================== ===============
ScanForUpdates 11/1/2021 8:28:35 AM Ready
ScanForUpdatesAsUser N/A Ready
WakeUpAndContinueUpdates N/A Disabled
WakeUpAndScanForUpdates N/A Disabled
Folder: \Microsoft\Windows\International
TaskName Next Run Time Status
======================================== ====================== ===============
Synchronize Language Settings N/A Ready
Folder: \Microsoft\Windows\LanguageComponentsInstaller
TaskName Next Run Time Status
======================================== ====================== ===============
Installation N/A Ready
ReconcileLanguageResources N/A Ready
Folder: \Microsoft\Windows\Live
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Location
TaskName Next Run Time Status
======================================== ====================== ===============
Notifications N/A Ready
WindowsActionDialog N/A Ready
Folder: \Microsoft\Windows\Maintenance
TaskName Next Run Time Status
======================================== ====================== ===============
WinSAT N/A Ready
Folder: \Microsoft\Windows\Management
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Management\Provisioning
TaskName Next Run Time Status
======================================== ====================== ===============
Cellular N/A Ready
Logon N/A Ready
Retry N/A Disabled
RunOnReboot N/A Disabled
Folder: \Microsoft\Windows\Maps
TaskName Next Run Time Status
======================================== ====================== ===============
MapsToastTask N/A Ready
MapsUpdateTask N/A Disabled
Folder: \Microsoft\Windows\MemoryDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
ProcessMemoryDiagnosticEvents N/A Ready
RunFullMemoryDiagnostic N/A Ready
Folder: \Microsoft\Windows\Mobile Broadband Accounts
TaskName Next Run Time Status
======================================== ====================== ===============
MNO Metadata Parser N/A Ready
Folder: \Microsoft\Windows\MUI
TaskName Next Run Time Status
======================================== ====================== ===============
LPRemove N/A Ready
Folder: \Microsoft\Windows\Multimedia
TaskName Next Run Time Status
======================================== ====================== ===============
SystemSoundsService N/A Running
Folder: \Microsoft\Windows\NetTrace
TaskName Next Run Time Status
======================================== ====================== ===============
GatherNetworkInfo N/A Ready
Folder: \Microsoft\Windows\NlaSvc
TaskName Next Run Time Status
======================================== ====================== ===============
WiFiTask N/A Ready
Folder: \Microsoft\Windows\Offline Files
TaskName Next Run Time Status
======================================== ====================== ===============
Background Synchronization N/A Disabled
Logon Synchronization N/A Disabled
Folder: \Microsoft\Windows\PLA
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Plug and Play
TaskName Next Run Time Status
======================================== ====================== ===============
Device Install Group Policy N/A Ready
Device Install Reboot Required N/A Ready
Sysprep Generalize Drivers N/A Ready
Folder: \Microsoft\Windows\Power Efficiency Diagnostics
TaskName Next Run Time Status
======================================== ====================== ===============
AnalyzeSystem N/A Ready
Folder: \Microsoft\Windows\Printing
TaskName Next Run Time Status
======================================== ====================== ===============
EduPrintProv N/A Ready
Folder: \Microsoft\Windows\RecoveryEnvironment
TaskName Next Run Time Status
======================================== ====================== ===============
VerifyWinRE N/A Disabled
Folder: \Microsoft\Windows\Registry
TaskName Next Run Time Status
======================================== ====================== ===============
RegIdleBackup N/A Ready
Folder: \Microsoft\Windows\Servicing
TaskName Next Run Time Status
======================================== ====================== ===============
StartComponentCleanup N/A Ready
Folder: \Microsoft\Windows\SettingSync
TaskName Next Run Time Status
======================================== ====================== ===============
BackgroundUploadTask N/A Ready
NetworkStateChangeTask N/A Ready
Folder: \Microsoft\Windows\SharedPC
TaskName Next Run Time Status
======================================== ====================== ===============
Account Cleanup N/A Disabled
Folder: \Microsoft\Windows\Shell
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
FamilySafetyMonitor N/A Ready
FamilySafetyRefreshTask N/A Ready
IndexerAutomaticMaintenance N/A Ready
Folder: \Microsoft\Windows\SoftwareProtectionPlatform
TaskName Next Run Time Status
======================================== ====================== ===============
SvcRestartTaskLogon N/A Ready
Folder: \Microsoft\Windows\SpacePort
TaskName Next Run Time Status
======================================== ====================== ===============
SpaceAgentTask N/A Ready
SpaceManagerTask N/A Ready
Folder: \Microsoft\Windows\Speech
TaskName Next Run Time Status
======================================== ====================== ===============
HeadsetButtonPress N/A Ready
Folder: \Microsoft\Windows\StateRepository
TaskName Next Run Time Status
======================================== ====================== ===============
MaintenanceTasks N/A Ready
Folder: \Microsoft\Windows\Storage Tiers Management
TaskName Next Run Time Status
======================================== ====================== ===============
Storage Tiers Management Initialization N/A Ready
Storage Tiers Optimization N/A Disabled
Folder: \Microsoft\Windows\Subscription
TaskName Next Run Time Status
======================================== ====================== ===============
EnableLicenseAcquisition N/A Ready
LicenseAcquisition N/A Disabled
Folder: \Microsoft\Windows\Sysmain
TaskName Next Run Time Status
======================================== ====================== ===============
HybridDriveCachePrepopulate N/A Disabled
HybridDriveCacheRebalance N/A Disabled
ResPriStaticDbSync N/A Ready
WsSwapAssessmentTask N/A Ready
Folder: \Microsoft\Windows\SystemRestore
TaskName Next Run Time Status
======================================== ====================== ===============
SR N/A Ready
Folder: \Microsoft\Windows\Task Manager
TaskName Next Run Time Status
======================================== ====================== ===============
Interactive N/A Ready
Folder: \Microsoft\Windows\TextServicesFramework
TaskName Next Run Time Status
======================================== ====================== ===============
MsCtfMonitor N/A Ready
Folder: \Microsoft\Windows\Time Synchronization
TaskName Next Run Time Status
======================================== ====================== ===============
ForceSynchronizeTime N/A Ready
SynchronizeTime N/A Ready
Folder: \Microsoft\Windows\Time Zone
TaskName Next Run Time Status
======================================== ====================== ===============
SynchronizeTimeZone N/A Ready
Folder: \Microsoft\Windows\UNP
TaskName Next Run Time Status
======================================== ====================== ===============
RunUpdateNotificationMgr N/A Disabled
Folder: \Microsoft\Windows\UPnP
TaskName Next Run Time Status
======================================== ====================== ===============
UPnPHostConfig N/A Ready
Folder: \Microsoft\Windows\USB
TaskName Next Run Time Status
======================================== ====================== ===============
Usb-Notifications N/A Ready
Folder: \Microsoft\Windows\WCM
TaskName Next Run Time Status
======================================== ====================== ===============
WiFiTask N/A Ready
Folder: \Microsoft\Windows\WDI
TaskName Next Run Time Status
======================================== ====================== ===============
ResolutionHost N/A Ready
Folder: \Microsoft\Windows\Windows Defender
TaskName Next Run Time Status
======================================== ====================== ===============
Windows Defender Cache Maintenance N/A Ready
Windows Defender Cleanup N/A Ready
Windows Defender Scheduled Scan N/A Ready
Windows Defender Verification N/A Ready
Folder: \Microsoft\Windows\Windows Error Reporting
TaskName Next Run Time Status
======================================== ====================== ===============
QueueReporting 10/31/2021 9:00:02 AM Ready
Folder: \Microsoft\Windows\Windows Filtering Platform
TaskName Next Run Time Status
======================================== ====================== ===============
BfeOnServiceStartTypeChange N/A Ready
Folder: \Microsoft\Windows\Windows Media Sharing
TaskName Next Run Time Status
======================================== ====================== ===============
UpdateLibrary N/A Ready
Folder: \Microsoft\Windows\WindowsColorSystem
TaskName Next Run Time Status
======================================== ====================== ===============
Calibration Loader N/A Ready
Folder: \Microsoft\Windows\WindowsUpdate
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled Start 4/11/2022 1:43:06 AM Ready
Folder: \Microsoft\Windows\Wininet
TaskName Next Run Time Status
======================================== ====================== ===============
CacheTask N/A Running
Folder: \Microsoft\Windows\WlanSvc
TaskName Next Run Time Status
======================================== ====================== ===============
CDSSync N/A Ready
Folder: \Microsoft\Windows\Work Folders
TaskName Next Run Time Status
======================================== ====================== ===============
Work Folders Logon Synchronization N/A Ready
Work Folders Maintenance Work N/A Ready
Folder: \Microsoft\Windows\Workplace Join
TaskName Next Run Time Status
======================================== ====================== ===============
Automatic-Device-Join N/A Disabled
Device-Sync N/A Disabled
Recovery-Check N/A Disabled
Folder: \Microsoft\Windows\WwanSvc
TaskName Next Run Time Status
======================================== ====================== ===============
NotificationTask N/A Ready
OobeDiscovery N/A Ready
Folder: \Microsoft\XblGameSave
TaskName Next Run Time Status
======================================== ====================== ===============
XblGameSaveTask N/A ReadyServices
PS C:\Users\arthur> wmic service where "State='Running'" get Name,PathName,StartName | Out-String -Stream | Where-Object { $_ -match 'S' -and $_ -notmatch 'C:\Windows\System32' } | Select-Object -First 100
Name PathName StartName
AppXSvc C:\WINDOWS\system32\svchost.exe -k wsappx -p LocalSystem
AudioEndpointBuilder C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
Audiosrv C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
BFE C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p NT AUTHORITY\LocalService
BITS C:\WINDOWS\System32\svchost.exe -k netsvcs -p LocalSystem
BrokerInfrastructure C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p LocalSystem
CDPSvc C:\WINDOWS\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
CertPropSvc C:\WINDOWS\system32\svchost.exe -k netsvcs LocalSystem
ClipSVC C:\WINDOWS\System32\svchost.exe -k wsappx -p LocalSystem
COMSysApp C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} LocalSystem
CoreMessagingRegistrar C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p NT AUTHORITY\LocalService
CryptSvc C:\WINDOWS\system32\svchost.exe -k NetworkService -p NT Authority\NetworkService
DcomLaunch C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p LocalSystem
Dhcp C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
DiagTrack C:\WINDOWS\System32\svchost.exe -k utcsvc -p LocalSystem
DispBrokerDesktopSvc C:\WINDOWS\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
Dnscache C:\WINDOWS\system32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
domain1 C:\glassfish4\glassfish\domains\domain1\bin\domain1Service.exe LocalSystem
DPS C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p NT AUTHORITY\LocalService
DsmSvc C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
DusmSvc C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
EventLog C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
EventSystem C:\WINDOWS\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
FontCache C:\WINDOWS\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
IKEEXT C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
InstallService C:\WINDOWS\System32\svchost.exe -k netsvcs -p LocalSystem
iphlpsvc C:\WINDOWS\System32\svchost.exe -k NetSvcs -p LocalSystem
KeyIso C:\WINDOWS\system32\lsass.exe LocalSystem
LanmanServer C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
LanmanWorkstation C:\WINDOWS\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
lfsvc C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
LicenseManager C:\WINDOWS\System32\svchost.exe -k LocalService -p NT Authority\LocalService
lmhosts C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
LSM
mpssvc C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p NT Authority\LocalService
MSDTC C:\WINDOWS\System32\msdtc.exe NT AUTHORITY\NetworkService
NcbService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
Netman C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
netprofm C:\WINDOWS\System32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
NlaSvc C:\WINDOWS\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
nsi C:\WINDOWS\system32\svchost.exe -k LocalService -p NT Authority\LocalService
PcaSvc C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
PlugPlay C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p LocalSystem
PolicyAgent C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p NT Authority\NetworkService
Power C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p LocalSystem
ProfSvc C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
RmSvc C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted NT AUTHORITY\LocalService
RpcEptMapper C:\WINDOWS\system32\svchost.exe -k RPCSS -p NT AUTHORITY\NetworkService
RpcSs C:\WINDOWS\system32\svchost.exe -k rpcss -p NT AUTHORITY\NetworkService
SamSs C:\WINDOWS\system32\lsass.exe LocalSystem
Schedule C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe LocalSystem
SecurityService "C:\Program Files (x86)\TotalAV\SecurityService.exe" LocalSystem
SENS C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
SessionEnv C:\WINDOWS\System32\svchost.exe -k netsvcs -p localSystem
SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe LocalSystem
ShellHWDetection C:\WINDOWS\System32\svchost.exe -k netsvcs -p LocalSystem
SSDPSRV C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p NT AUTHORITY\LocalService
StateRepository C:\WINDOWS\system32\svchost.exe -k appmodel -p LocalSystem
StorSvc C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
SynaMan C:\SynaMan\SynaMan.exe //RS//SynaMan LocalSystem
SysMain C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
SystemEventsBroker C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p LocalSystem
TabletInputService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
TermService C:\WINDOWS\System32\svchost.exe -k NetworkService NT Authority\NetworkService
Themes C:\WINDOWS\System32\svchost.exe -k netsvcs -p LocalSystem
TimeBrokerSvc C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
TokenBroker C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
TrkWks C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
UmRdpService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p localSystem
UserManager C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
UsoSvc C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
VaultSvc C:\WINDOWS\system32\lsass.exe LocalSystem
VGAuthService "C:\Program Files\VMware\VMware Tools\VMware VGAuth\VGAuthService.exe" LocalSystem
VM3DService C:\WINDOWS\system32\vm3dservice.exe LocalSystem
VMTools "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe" LocalSystem
WaaSMedicSvc C:\WINDOWS\system32\svchost.exe -k wusvcs -p LocalSystem
Wcmsvc C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
WdiServiceHost C:\WINDOWS\System32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
WdiSystemHost C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
WinDefend "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe" LocalSystem
WinHttpAutoProxySvc C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
Winmgmt C:\WINDOWS\system32\svchost.exe -k netsvcs -p localSystem
wlidsvc C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe localSystem
WpnService C:\WINDOWS\system32\svchost.exe -k netsvcs -p LocalSystem
wscsvc C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
WSearch C:\WINDOWS\system32\SearchIndexer.exe /Embedding LocalSystem
cbdhsvc_8abea0 C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p
CDPUserSvc_8abea0 C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
OneSyncSvc_8abea0 C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
PimIndexMaintenanceSvc_8abea0 C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
UnistoreSvc_8abea0 C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
UserDataSvc_8abea0 C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
WpnUserService_8abea0 C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroupdomain1 C:\glassfish4\glassfish\domains\domain1\bin\domain1Service.exe LocalSystemSecurityService "C:\Program Files (x86)\TotalAV\SecurityService.exe" LocalSystem
Installed Programs
PS C:\Users\arthur> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue | Where-Object { $_ } | Sort-Object -Unique
AdoptOpenJDK JDK with Hotspot 8u292-b10 (x64)
Microsoft Edge
Microsoft Edge Update
Microsoft OneDrive
Microsoft Update Health Tools
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127
SynaMan version 4.0
TotalAV
VMware ToolsAdoptOpenJDK JDK with Hotspot 8u292-b10 (x64)SynaMan version 4.0TotalAV
Firewall & AV
PS C:\Users\arthur> netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Domain profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No Remote Desktop
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No Network Discovery
Enable No Remote Desktop
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Enable Inbound OpenJDK Platform binary / C:\program files\adoptopenjdk\jdk-8.0.292.10-hotspot\bin\java.exe
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .PS C:\Users\arthur> Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property ExclusionPath
AMEngineVersion : 1.1.19300.2
AMProductVersion : 4.18.2203.5
AMRunningMode : Normal
AMServiceEnabled : True
AMServiceVersion : 4.18.2203.5
AntispywareEnabled : True
AntispywareSignatureAge : 0
AntispywareSignatureLastUpdated : 6/20/2022 11:05:25 PM
AntispywareSignatureVersion : 1.369.18.0
AntivirusEnabled : True
AntivirusSignatureAge : 0
AntivirusSignatureLastUpdated : 6/20/2022 11:05:25 PM
AntivirusSignatureVersion : 1.369.18.0
BehaviorMonitorEnabled : False
ComputerID : E8DBB1B1-1B19-4662-90CA-21BF56C4B4DC
ComputerState : 0
DefenderSignaturesOutOfDate : True
DeviceControlDefaultEnforcement : Unknown
DeviceControlPoliciesLastUpdated : 10/29/2021 8:38:35 PM
DeviceControlState : Disabled
FullScanAge : 4294967295
FullScanEndTime :
FullScanOverdue : False
FullScanRequired : False
FullScanSignatureVersion :
FullScanStartTime :
IoavProtectionEnabled : False
IsTamperProtected : False
IsVirtualMachine : True
LastFullScanSource : 0
LastQuickScanSource : 2
NISEnabled : False
NISEngineVersion : 0.0.0.0
NISSignatureAge : 4294967295
NISSignatureLastUpdated :
NISSignatureVersion : 0.0.0.0
OnAccessProtectionEnabled : False
ProductStatus : 524384
QuickScanAge : 0
QuickScanEndTime : 4/11/2022 12:22:52 AM
QuickScanOverdue : False
QuickScanSignatureVersion : 1.363.182.0
QuickScanStartTime : 4/11/2022 12:21:05 AM
RealTimeProtectionEnabled : False
RealTimeScanDirection : 0
RebootRequired : False
TamperProtectionSource : UI
TDTMode : N/A
TDTStatus : N/A
TDTTelemetry : N/A
PSComputerName :
ExclusionPath : {N/A: Must be and administrator to view exclusions}Session Architecture
PS C:\Users\arthur> [Environment]::Is64BitProcess
TrueInstalled .NET Frameworks
PS C:\Users\arthur> cmd /c dir /A:D C:\Windows\Microsoft.NET\Framework ; cmd /c reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP" ; cmd /c reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
Volume in drive C has no label.
Volume Serial Number is 08DF-534D
Directory of C:\Windows\Microsoft.NET\Framework
10/28/2021 04:12 AM <DIR> .
10/28/2021 04:12 AM <DIR> ..
06/18/2021 05:57 AM <DIR> v1.0.3705
06/18/2021 05:57 AM <DIR> v1.1.4322
04/11/2022 12:29 AM <DIR> v2.0.50727
10/28/2021 04:12 AM <DIR> v3.0
10/28/2021 04:12 AM <DIR> v3.5
10/29/2021 12:33 AM <DIR> v4.0.30319
0 File(s) 0 bytes
8 Dir(s) 2,059,399,168 bytes free
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
SMSvcHostPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727
CBS REG_DWORD 0x1
Increment REG_SZ 4927
Install REG_DWORD 0x1
OCM REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 2.0.50727.4927
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1028
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1029
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1030
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1031
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1032
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1033
CBS REG_DWORD 0x1
Increment REG_SZ 4927
SP REG_DWORD 0x2
Version REG_SZ 2.0.50727.4927
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1035
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1036
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1038
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1040
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1041
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1042
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1043
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1044
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1045
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1046
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1049
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1053
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1055
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\2052
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\2070
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\3076
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\3082
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0
CBS REG_DWORD 0x1
Increment REG_SZ 4926
Install REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Servicing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Servicing\Windows Workflow Foundation
CBS REG_DWORD 0x1
Hotfix REG_SZ
Install REG_DWORD 0x1
SP REG_DWORD 0x2
SPIndex REG_DWORD 0x0
SPName REG_SZ SP2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup
InstallSuccess REG_DWORD 0x1
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\1033
CBS REG_DWORD 0x1
Increment REG_SZ 4926
Install REG_DWORD 0x1
InstallSuccess REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Communication Foundation
InstallSuccess REG_DWORD 0x1
ReferenceInstallPath REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
RuntimeInstallPath REG_SZ C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\
Version REG_SZ 3.0.4506.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Presentation Foundation
(Default) REG_SZ WPF v3.0.6920.4902
InstallRoot REG_SZ C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\
InstallSuccess REG_DWORD 0x1
ProductVersion REG_SZ 3.0.6920.4902
Version REG_SZ 3.0.6920.4902
WPFCommonAssembliesPathx64 REG_SZ C:\WINDOWS\System32\
WPFNonReferenceAssembliesPathx64 REG_SZ C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\
WPFReferenceAssembliesPathx64 REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Workflow Foundation
(Default) REG_SZ Windows Workflow Foundation
FileVersion REG_SZ 3.0.4203.4926
InstallDir REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
InstallSuccess REG_DWORD 0x1
MajorBuildNum REG_SZ 4203
ProductVersion REG_SZ 3.0.0.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.5
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\WINDOWS\Microsoft.NET\Framework64\v3.5\
SP REG_DWORD 0x1
Version REG_SZ 3.5.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.5\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
SP REG_DWORD 0x1
Version REG_SZ 3.5.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.0.NET 4.8.04084