System/Kernel
PS C:\Users\molly.smith> cmd /c ver
Microsoft Windows [Version 10.0.20348.2113]
PS C:\Users\molly.smith> systeminfo ; Get-ComputerInfo
Host Name: DC
OS Name: Microsoft Windows Server 2022 Standard Evaluation
OS Version: 10.0.20348 N/A Build 20348
OS Manufacturer: Microsoft Corporation
OS Configuration: Primary Domain Controller
OS Build Type: Multiprocessor Free
Registered Owner: Windows User
Registered Organization:
Product ID: 00454-40000-00001-AA457
Original Install Date: 11/25/2023, 4:12:25 AM
System Boot Time: 8/1/2024, 6:28:16 PM
System Manufacturer: VMware, Inc.
System Model: VMware7,1
System Type: x64-based PC
Processor(s): 2 Processor(s) Installed.
[01]: AMD64 Family 25 Model 1 Stepping 1 AuthenticAMD ~2650 Mhz
[02]: AMD64 Family 25 Model 1 Stepping 1 AuthenticAMD ~2650 Mhz BIOS Version: VMware, Inc. VMW71.00V.21100432.B64.2301110304, 1/11/2023 Windows Directory: C:\Windows System Directory: C:\Windows\system32 Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 8,191 MB
Available Physical Memory: 5,118 MB
Virtual Memory: Max Size: 10,111 MB
Virtual Memory: Available: 6,804 MB
Virtual Memory: In Use: 3,307 MB
Page File Location(s): C:\pagefile.sys
Domain: hokkaido-aerospace.com
Logon Server: \\DC
Hotfix(s): 3 Hotfix(s) Installed.
[01]: KB5031993
[02]: KB5032198
[03]: KB5032310
Network Card(s): 1 NIC(s) Installed.
[01]: vmxnet3 Ethernet Adapter
Connection Name: Ethernet0 2
DHCP Enabled: No
IP address(es)
[01]: 192.168.119.40
[02]: fe80::bb75:ad7a:4485:c27f
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
WindowsBuildLabEx : 20348.1.amd64fre.fe_release.210507-1500
WindowsCurrentVersion : 6.3
WindowsEditionId : ServerStandardEval
WindowsInstallationType : Server
WindowsInstallDateFromRegistry : 11/25/2023 12:12:25 PM
WindowsProductId : 00454-40000-00001-AA457
WindowsProductName : Windows Server 2022 Standard Evaluation
WindowsRegisteredOrganization :
WindowsRegisteredOwner : Windows User
WindowsSystemRoot : C:\Windows
WindowsVersion : 2009
OSDisplayVersion : 21H2
BiosCharacteristics : {4, 7, 9, 11...}
BiosBIOSVersion : {INTEL - 6040000, VMW71.00V.21100432.B64.2301110304, VMware, Inc. - 10000}
BiosBuildNumber :
BiosCaption : VMW71.00V.21100432.B64.2301110304
BiosCodeSet :
BiosCurrentLanguage :
BiosDescription : VMW71.00V.21100432.B64.2301110304
BiosEmbeddedControllerMajorVersion : 255
BiosEmbeddedControllerMinorVersion : 255
BiosFirmwareType : Uefi
BiosIdentificationCode :
BiosInstallableLanguages :
BiosInstallDate :
BiosLanguageEdition :
BiosListOfLanguages :
BiosManufacturer : VMware, Inc.
BiosName : VMW71.00V.21100432.B64.2301110304
BiosOtherTargetOS :
BiosPrimaryBIOS : True
BiosReleaseDate : 1/10/2023 4:00:00 PM
BiosSeralNumber : VMware-42 1e 3a 01 a6 c8 b1 bc-6e 50 d1 10 1b f4 11 0a
BiosSMBIOSBIOSVersion : VMW71.00V.21100432.B64.2301110304
BiosSMBIOSMajorVersion : 2
BiosSMBIOSMinorVersion : 7
BiosSMBIOSPresent : True
BiosSoftwareElementState : Running
BiosStatus : OK
BiosSystemBiosMajorVersion : 255
BiosSystemBiosMinorVersion : 255
BiosTargetOperatingSystem : 0
BiosVersion : INTEL - 6040000
CsAdminPasswordStatus : Enabled
CsAutomaticManagedPagefile : True
CsAutomaticResetBootOption : True
CsAutomaticResetCapability : True
CsBootOptionOnLimit : DoNotReboot
CsBootOptionOnWatchDog : DoNotReboot
CsBootROMSupported : True
CsBootStatus : {0, 0, 0, 33...}
CsBootupState : Normal boot
CsCaption : DC
CsChassisBootupState : Safe
CsChassisSKUNumber :
CsCurrentTimeZone : -420
CsDaylightInEffect : True
CsDescription : AT/AT COMPATIBLE
CsDNSHostName : dc
CsDomain : hokkaido-aerospace.com
CsDomainRole : PrimaryDomainController
CsEnableDaylightSavingsTime : True
CsFrontPanelResetStatus : Unknown
CsHypervisorPresent : True
CsInfraredSupported : False
CsInitialLoadInfo :
CsInstallDate :
CsKeyboardPasswordStatus : Unknown
CsLastLoadInfo :
CsManufacturer : VMware, Inc.
CsModel : VMware7,1
CsName : DC
CsNetworkAdapters : {Ethernet0 2}
CsNetworkServerModeEnabled : True
CsNumberOfLogicalProcessors : 2
CsNumberOfProcessors : 2
CsProcessors : {AMD EPYC 7413 24-Core Processor , AMD EPYC 7413 24-Core
Processor }
CsOEMStringArray : {[MS_VM_CERT/SHA1/27d66596a61c48dd3dc7216fd715126e33f59ae7], Welcome to the
Virtual Machine}
CsPartOfDomain : True
CsPauseAfterReset : 3932100000
CsPCSystemType : Desktop
CsPCSystemTypeEx : Desktop
CsPowerManagementCapabilities :
CsPowerManagementSupported :
CsPowerOnPasswordStatus : Disabled
CsPowerState : Unknown
CsPowerSupplyState : Safe
CsPrimaryOwnerContact :
CsPrimaryOwnerName : Windows User
CsResetCapability : Other
CsResetCount : -1
CsResetLimit : -1
CsRoles : {LM_Workstation, LM_Server, SQLServer, Primary_Domain_Controller...}
CsStatus : OK
CsSupportContactDescription :
CsSystemFamily :
CsSystemSKUNumber :
CsSystemType : x64-based PC
CsThermalState : Safe
CsTotalPhysicalMemory : 8588898304
CsPhyicallyInstalledMemory : 8388608
CsUserName :
CsWakeUpType : PowerSwitch
CsWorkgroup :
OsName : Microsoft Windows Server 2022 Standard Evaluation
OsType : WINNT
OsOperatingSystemSKU : 79
OsVersion : 10.0.20348
OsCSDVersion :
OsBuildNumber : 20348
OsHotFixes : {KB5031993, KB5032198, KB5032310}
OsBootDevice : \Device\HarddiskVolume1
OsSystemDevice : \Device\HarddiskVolume3
OsSystemDirectory : C:\Windows\system32
OsSystemDrive : C:
OsWindowsDirectory : C:\Windows
OsCountryCode : 1
OsCurrentTimeZone : -420
OsLocaleID : 0409
OsLocale : en-US
OsLocalDateTime : 4/25/2025 9:20:58 AM
OsLastBootUpTime : 8/1/2024 7:28:16 PM
OsUptime : 266.13:52:42.0712241
OsBuildType : Multiprocessor Free
OsCodeSet : 1252
OsDataExecutionPreventionAvailable : True
OsDataExecutionPrevention32BitApplications : True
OsDataExecutionPreventionDrivers : True
OsDataExecutionPreventionSupportPolicy : OptOut
OsDebug : False
OsDistributed : False
OsEncryptionLevel : 256
OsForegroundApplicationBoost : Maximum
OsTotalVisibleMemorySize : 8387596
OsFreePhysicalMemory : 5205416
OsTotalVirtualMemorySize : 10353676
OsFreeVirtualMemory : 6932532
OsInUseVirtualMemory : 3421144
OsTotalSwapSpaceSize :
OsSizeStoredInPagingFiles : 1966080
OsFreeSpaceInPagingFiles : 1966080
OsPagingFiles : {C:\pagefile.sys}
OsHardwareAbstractionLayer : 10.0.20348.2031
OsInstallDate : 11/25/2023 4:12:25 AM
OsManufacturer : Microsoft Corporation
OsMaxNumberOfProcesses : 4294967295
OsMaxProcessMemorySize : 137438953344
OsMuiLanguages : {en-US}
OsNumberOfLicensedUsers :
OsNumberOfProcesses : 147
OsNumberOfUsers : 16
OsOrganization :
OsArchitecture : 64-bit
OsLanguage : en-US
OsProductSuites : {TerminalServices, TerminalServicesSingleSession}
OsOtherTypeDescription :
OsPAEEnabled :
OsPortableOperatingSystem : False
OsPrimary : True
OsProductType : DomainController
OsRegisteredUser : Windows User
OsSerialNumber : 00454-40000-00001-AA457
OsServicePackMajorVersion : 0
OsServicePackMinorVersion : 0
OsStatus : OK
OsSuites : {TerminalServices, TerminalServicesSingleSession}
OsServerLevel : FullServer
KeyboardLayout : en-US
TimeZone : (UTC-08:00) Pacific Time (US & Canada)
LogonServer : \\DC
PowerPlatformRole : Desktop
HyperVisorPresent : True
HyperVRequirementDataExecutionPreventionAvailable :
HyperVRequirementSecondLevelAddressTranslation :
HyperVRequirementVirtualizationFirmwareEnabled :
HyperVRequirementVMMonitorModeExtensions :
DeviceGuardSmartStatus : Off
DeviceGuardRequiredSecurityProperties :
DeviceGuardAvailableSecurityProperties :
DeviceGuardSecurityServicesConfigured :
DeviceGuardSecurityServicesRunning :
DeviceGuardCodeIntegrityPolicyEnforcementStatus :
DeviceGuardUserModeCodeIntegrityPolicyEnforcementStatus :Microsoft Windows [Version 10.0.20348.2113]OS Name: Microsoft Windows Server 2022 Standard EvaluationSystem Type: x64-based PCProcessor(s): 2 Processor(s) Installed.Hotfix(s): 3 Hotfix(s) Installed.[01]: KB5031993[02]: KB5032198[03]: KB5032310
Networks
PS C:\Users\molly.smith> ipconfig /all ; arp -a ; print route
Windows IP Configuration
Host Name . . . . . . . . . . . . : dc
Primary Dns Suffix . . . . . . . : hokkaido-aerospace.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hokkaido-aerospace.com
Ethernet adapter Ethernet0 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-9E-AF-50
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::bb75:ad7a:4485:c27f%6(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.119.40(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.119.254
DHCPv6 IAID . . . . . . . . . . . : 117461078
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2D-03-89-05-00-50-56-95-86-84
DNS Servers . . . . . . . . . . . : 192.168.119.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Interface: 192.168.119.40 --- 0x6
Internet Address Physical Address Type
192.168.119.254 00-50-56-9e-b9-f7 dynamic
192.168.119.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
Unable to initialize device PRNPS C:\Users\molly.smith> netstat -ano | Select-String LIST
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:88 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 924
TCP 0.0.0.0:389 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:464 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:593 0.0.0.0:0 LISTENING 924
TCP 0.0.0.0:636 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING 5212
TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 808
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:8530 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:8531 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:9389 0.0.0.0:0 LISTENING 2656
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 532
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1216
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 1648
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING 2300
TCP 0.0.0.0:49675 0.0.0.0:0 LISTENING 2216
TCP 0.0.0.0:49684 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:49685 0.0.0.0:0 LISTENING 3064
TCP 0.0.0.0:49693 0.0.0.0:0 LISTENING 688
TCP 0.0.0.0:49700 0.0.0.0:0 LISTENING 2580
TCP 0.0.0.0:49701 0.0.0.0:0 LISTENING 672
TCP 0.0.0.0:49712 0.0.0.0:0 LISTENING 2844
TCP 0.0.0.0:49787 0.0.0.0:0 LISTENING 2120
TCP 0.0.0.0:58538 0.0.0.0:0 LISTENING 5212
TCP 127.0.0.1:53 0.0.0.0:0 LISTENING 2844
TCP 192.168.119.40:53 0.0.0.0:0 LISTENING 2844
TCP 192.168.119.40:139 0.0.0.0:0 LISTENING 4
TCP [::]:80 [::]:0 LISTENING 4
TCP [::]:88 [::]:0 LISTENING 688
TCP [::]:135 [::]:0 LISTENING 924
TCP [::]:389 [::]:0 LISTENING 688
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:464 [::]:0 LISTENING 688
TCP [::]:593 [::]:0 LISTENING 924
TCP [::]:636 [::]:0 LISTENING 688
TCP [::]:1433 [::]:0 LISTENING 5212
TCP [::]:3268 [::]:0 LISTENING 688
TCP [::]:3269 [::]:0 LISTENING 688
TCP [::]:3389 [::]:0 LISTENING 808
TCP [::]:5985 [::]:0 LISTENING 4
TCP [::]:8530 [::]:0 LISTENING 4
TCP [::]:8531 [::]:0 LISTENING 4
TCP [::]:9389 [::]:0 LISTENING 2656
TCP [::]:47001 [::]:0 LISTENING 4
TCP [::]:49664 [::]:0 LISTENING 688
TCP [::]:49665 [::]:0 LISTENING 532
TCP [::]:49666 [::]:0 LISTENING 1216
TCP [::]:49667 [::]:0 LISTENING 1648
TCP [::]:49668 [::]:0 LISTENING 688
TCP [::]:49670 [::]:0 LISTENING 2300
TCP [::]:49675 [::]:0 LISTENING 2216
TCP [::]:49684 [::]:0 LISTENING 688
TCP [::]:49685 [::]:0 LISTENING 3064
TCP [::]:49693 [::]:0 LISTENING 688
TCP [::]:49700 [::]:0 LISTENING 2580
TCP [::]:49701 [::]:0 LISTENING 672
TCP [::]:49712 [::]:0 LISTENING 2844
TCP [::]:49787 [::]:0 LISTENING 2120
TCP [::]:58538 [::]:0 LISTENING 5212
TCP [::1]:53 [::]:0 LISTENING 2844
TCP [fe80::bb75:ad7a:4485:c27f%6]:53 [::]:0 LISTENING 2844Users & Groups
PS C:\Users\molly.smith> net users ; ls C:\Users
User accounts for \\DC
-------------------------------------------------------------------------------
Administrator Angela.Davies krbtgt
maintenance Molly.Smith
The command completed successfully.
Directory: C:\Users
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 11/25/2023 4:12 AM Administrator
d----- 4/25/2025 9:17 AM molly.smith
d-r--- 11/25/2023 4:12 AM PublicAngela.Daviesmaintenance
PS C:\Users\molly.smith> net localgroup ; net group /DOMAIN
Aliases for \\DC
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Account Operators
*Administrators
*Allowed RODC Password Replication Group
*Backup Operators
*Cert Publishers
*Certificate Service DCOM Access
*Cryptographic Operators
*Denied RODC Password Replication Group
*Distributed COM Users
*DnsAdmins
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Incoming Forest Trust Builders
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Pre-Windows 2000 Compatible Access
*Print Operators
*RAS and IAS Servers
*RDS Endpoint Servers
*RDS Management Servers
*RDS Remote Access Servers
*Remote Desktop Users
*Remote Management Users
*Replicator
*Server Operators
*SQLServer2005SQLBrowserUser$DC
*Storage Replica Administrators
*Terminal Server License Servers
*Users
*Windows Authorization Access Group
*WSUS Administrators
*WSUS Reporters
The command completed successfully.
Group Accounts for \\DC
-------------------------------------------------------------------------------
*Cloneable Domain Controllers
*DnsUpdateProxy
*Domain Admins
*Domain Computers
*Domain Controllers
*Domain Guests
*Domain Users
*Enterprise Admins
*Enterprise Key Admins
*Enterprise Read-only Domain Controllers
*Group Policy Creator Owners
*it
*Key Admins
*management
*Protected Users
*Read-only Domain Controllers
*Schema Admins
*services
*staff
*Tier0-Admins
*Tier1-Admins
*Tier2-Admins
The command completed successfully.Processes
PS C:\Users\molly.smith> Get-WmiObject Win32_Process | % { $s = (Get-CimInstance Win32_Service | ? { $_.ProcessId -eq $_.ProcessId }).Name -join ", "; $u = $_.GetOwner(); [PSCustomObject]@{ Name = $_.Name; PID = $_.ProcessId; User = "$($u.Domain)$($u.User)"; Services = $s } } | ft -AutoSize
Name PID User Services
---- --- ---- --------
System Idle Process 0 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
System 4 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
Registry 100 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
smss.exe 336 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
csrss.exe 424 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
wininit.exe 532 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
csrss.exe 540 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
winlogon.exe 600 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
services.exe 672 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
lsass.exe 688 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 888 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 924 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 988 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
dwm.exe 368 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 408 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 808 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1044 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1056 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1096 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1116 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1140 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1204 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1216 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1356 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1428 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1472 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1532 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1540 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1552 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1576 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1648 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1672 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1788 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1824 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1844 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2008 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2024 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1608 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2060 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2180 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2200 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2208 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2216 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2300 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2500 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2976 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
spoolsv.exe 3064 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1820 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2524 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2544 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
certsrv.exe 2580 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
Microsoft.ActiveDirectory.WebServices.exe 2656 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2592 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
dfsrs.exe 2120 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
dns.exe 2844 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
inetinfo.exe 2824 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
ismserv.exe 2812 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
sqlwriter.exe 2932 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
sqlwriter.exe 2960 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 3104 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
VGAuthService.exe 3140 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
vm3dservice.exe 3164 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
vmtoolsd.exe 3176 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 3192 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 3232 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 3240 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
wlms.exe 3256 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
MsMpEng.exe 3292 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 3320 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
dfssvc.exe 3364 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
vm3dservice.exe 3536 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
sppsvc.exe 3720 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
vds.exe 3948 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
AggregatorHost.exe 4040 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
dllhost.exe 4196 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
WmiPrvSE.exe 4428 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
msdtc.exe 4484 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
SppExtComObj.Exe 4728 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 4800 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 4896 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 4976 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 5084 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
fontdrvhost.exe 4416 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
fontdrvhost.exe 4912 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
WsusService.exe 5156 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
sqlservr.exe 5172 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
sqlservr.exe 5212 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
sqlceip.exe 5220 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
NisSrv.exe 5848 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 6080 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
LogonUI.exe 2792 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
w3wp.exe 4508 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 7032 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 1812 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2240 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
MicrosoftEdgeUpdate.exe 6728 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 6696 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 6624 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 3568 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 4360 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 6584 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
CompatTelRunner.exe 3276 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
conhost.exe 1484 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 6944 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
csrss.exe 2820 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
winlogon.exe 3524 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
WUDFHost.exe 4744 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
dwm.exe 1244 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
fontdrvhost.exe 2948 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 7096 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2652 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
rdpclip.exe 4928 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 4076 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
sihost.exe 1912 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 528 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
taskhostw.exe 5484 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 7060 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 6964 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
ctfmon.exe 4132 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 3156 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
explorer.exe 1152 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
slui.exe 6912 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
taskhostw.exe 5132 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
slui.exe 3800 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 2108 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
smartscreen.exe 7188 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 7684 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
CompatTelRunner.exe 7756 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
MicrosoftEdgeUpdate.exe 7948 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
TextInputHost.exe 8364 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
StartMenuExperienceHost.exe 8524 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
RuntimeBroker.exe 8584 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
SearchApp.exe 8664 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
RuntimeBroker.exe 8704 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
RuntimeBroker.exe 7812 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
MicrosoftEdgeUpdate.exe 8056 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
AzureArcSysTray.exe 7564 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 4956 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
dllhost.exe 7868 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
powershell.exe 8956 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
conhost.exe 9020 HAEROmolly.smith ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 4356 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 6604 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
WmiPrvSE.exe 7392 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 5488 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...
svchost.exe 8768 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, Appinfo, AppMgmt, AppRea...spoolsv.execertsrv.exewlms.exeWsusService.exe
Tasks
PS C:\Users\molly.smith> Get-ScheduledTask | where {$_.TaskPath -notlike "\Microsoft*" } | ft TaskName,TaskPath,State
PS C:\Users\molly.smith> cmd /c schtasks /QUERY /FO TABLE
Folder: \
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\OneCore
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows
TaskName Next Run Time Status
======================================== ====================== ===============
Server Initial Configuration Task N/A Disabled
Folder: \Microsoft\Windows\.NET Framework
TaskName Next Run Time Status
======================================== ====================== ===============
.NET Framework NGEN v4.0.30319 N/A Ready
.NET Framework NGEN v4.0.30319 64 N/A Ready
.NET Framework NGEN v4.0.30319 64 Critic N/A Disabled
.NET Framework NGEN v4.0.30319 Critical N/A Disabled
Folder: \Microsoft\Windows\Active Directory Rights Management Services Client
TaskName Next Run Time Status
======================================== ====================== ===============
AD RMS Rights Policy Template Management N/A Disabled
AD RMS Rights Policy Template Management N/A Ready
Folder: \Microsoft\Windows\AppID
TaskName Next Run Time Status
======================================== ====================== ===============
PolicyConverter N/A Disabled
VerifiedPublisherCertStoreCheck N/A Disabled
Folder: \Microsoft\Windows\Application Experience
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft Compatibility Appraiser 4/26/2025 4:26:35 AM Ready
PcaPatchDbTask 4/25/2025 3:42:25 PM Ready
ProgramDataUpdater N/A Running
StartupAppTask N/A Ready
Folder: \Microsoft\Windows\ApplicationData
TaskName Next Run Time Status
======================================== ====================== ===============
appuriverifierdaily N/A Ready
appuriverifierinstall N/A Ready
CleanupTemporaryState N/A Ready
DsSvcCleanup N/A Ready
Folder: \Microsoft\Windows\AppxDeploymentClient
TaskName Next Run Time Status
======================================== ====================== ===============
Pre-staged app cleanup N/A Disabled
Folder: \Microsoft\Windows\Autochk
TaskName Next Run Time Status
======================================== ====================== ===============
Proxy N/A Ready
Folder: \Microsoft\Windows\BitLocker
TaskName Next Run Time Status
======================================== ====================== ===============
BitLocker Encrypt All Drives N/A Ready
BitLocker MDM policy Refresh N/A Ready
Folder: \Microsoft\Windows\Bluetooth
TaskName Next Run Time Status
======================================== ====================== ===============
UninstallDeviceTask N/A Disabled
Folder: \Microsoft\Windows\BrokerInfrastructure
TaskName Next Run Time Status
======================================== ====================== ===============
BgTaskRegistrationMaintenanceTask N/A Ready
Folder: \Microsoft\Windows\CertificateServicesClient
TaskName Next Run Time Status
======================================== ====================== ===============
UserTask N/A Ready
UserTask-Roam N/A Ready
Folder: \Microsoft\Windows\Chkdsk
TaskName Next Run Time Status
======================================== ====================== ===============
ProactiveScan N/A Ready
SyspartRepair N/A Ready
Folder: \Microsoft\Windows\CloudExperienceHost
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
Folder: \Microsoft\Windows\Customer Experience Improvement Program
TaskName Next Run Time Status
======================================== ====================== ===============
Consolidator 4/25/2025 12:00:00 PM Ready
UsbCeip N/A Ready
Folder: \Microsoft\Windows\Data Integrity Scan
TaskName Next Run Time Status
======================================== ====================== ===============
Data Integrity Check And Scan 4/25/2025 11:21:46 PM Ready
Data Integrity Scan N/A Ready
Data Integrity Scan for Crash Recovery N/A Ready
Folder: \Microsoft\Windows\Defrag
TaskName Next Run Time Status
======================================== ====================== ===============
ScheduledDefrag N/A Ready
Folder: \Microsoft\Windows\Device Information
TaskName Next Run Time Status
======================================== ====================== ===============
Device 4/26/2025 4:51:18 AM Ready
Device User N/A Ready
Folder: \Microsoft\Windows\Diagnosis
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled N/A Ready
Folder: \Microsoft\Windows\DirectX
TaskName Next Run Time Status
======================================== ====================== ===============
DirectXDatabaseUpdater N/A Ready
DXGIAdapterCache N/A Ready
Folder: \Microsoft\Windows\DiskCleanup
TaskName Next Run Time Status
======================================== ====================== ===============
SilentCleanup N/A Ready
Folder: \Microsoft\Windows\DiskDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft-Windows-DiskDiagnosticDataColl N/A Ready
Microsoft-Windows-DiskDiagnosticResolver N/A Disabled
Folder: \Microsoft\Windows\DiskFootprint
TaskName Next Run Time Status
======================================== ====================== ===============
Diagnostics N/A Ready
StorageSense N/A Ready
Folder: \Microsoft\Windows\EDP
TaskName Next Run Time Status
======================================== ====================== ===============
EDP App Launch Task N/A Ready
EDP Auth Task N/A Ready
EDP Inaccessible Credentials Task N/A Ready
StorageCardEncryption Task N/A Ready
Folder: \Microsoft\Windows\ExploitGuard
TaskName Next Run Time Status
======================================== ====================== ===============
ExploitGuard MDM policy Refresh N/A Ready
Folder: \Microsoft\Windows\File Classification Infrastructure
TaskName Next Run Time Status
======================================== ====================== ===============
Property Definition Sync N/A Disabled
Folder: \Microsoft\Windows\Flighting
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Flighting\FeatureConfig
TaskName Next Run Time Status
======================================== ====================== ===============
ReconcileFeatures N/A Ready
UsageDataFlushing N/A Ready
UsageDataReporting N/A Ready
Folder: \Microsoft\Windows\Flighting\OneSettings
TaskName Next Run Time Status
======================================== ====================== ===============
RefreshCache 4/25/2025 12:42:56 PM Ready
Folder: \Microsoft\Windows\Input
TaskName Next Run Time Status
======================================== ====================== ===============
LocalUserSyncDataAvailable N/A Running
MouseSyncDataAvailable N/A Ready
PenSyncDataAvailable N/A Ready
TouchpadSyncDataAvailable N/A Ready
Folder: \Microsoft\Windows\InstallService
TaskName Next Run Time Status
======================================== ====================== ===============
ScanForUpdates N/A Disabled
ScanForUpdatesAsUser N/A Disabled
WakeUpAndContinueUpdates N/A Disabled
WakeUpAndScanForUpdates N/A Disabled
Folder: \Microsoft\Windows\International
TaskName Next Run Time Status
======================================== ====================== ===============
Synchronize Language Settings N/A Ready
Folder: \Microsoft\Windows\LanguageComponentsInstaller
TaskName Next Run Time Status
======================================== ====================== ===============
Installation N/A Ready
Folder: \Microsoft\Windows\Location
TaskName Next Run Time Status
======================================== ====================== ===============
Notifications N/A Ready
WindowsActionDialog N/A Ready
Folder: \Microsoft\Windows\Maintenance
TaskName Next Run Time Status
======================================== ====================== ===============
WinSAT N/A Ready
Folder: \Microsoft\Windows\Maps
TaskName Next Run Time Status
======================================== ====================== ===============
MapsToastTask N/A Disabled
MapsUpdateTask N/A Disabled
Folder: \Microsoft\Windows\MemoryDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
ProcessMemoryDiagnosticEvents N/A Disabled
RunFullMemoryDiagnostic N/A Disabled
Folder: \Microsoft\Windows\MUI
TaskName Next Run Time Status
======================================== ====================== ===============
LPRemove N/A Ready
Folder: \Microsoft\Windows\Multimedia
TaskName Next Run Time Status
======================================== ====================== ===============
SystemSoundsService N/A Disabled
Folder: \Microsoft\Windows\NetTrace
TaskName Next Run Time Status
======================================== ====================== ===============
GatherNetworkInfo N/A Ready
Folder: \Microsoft\Windows\Offline Files
TaskName Next Run Time Status
======================================== ====================== ===============
Background Synchronization N/A Disabled
Logon Synchronization N/A Disabled
Folder: \Microsoft\Windows\PI
TaskName Next Run Time Status
======================================== ====================== ===============
SecureBootEncodeUEFI N/A Ready
Folder: \Microsoft\Windows\PLA
TaskName Next Run Time Status
======================================== ====================== ===============
Server Manager Performance Monitor N/A Disabled
Folder: \Microsoft\Windows\Plug and Play
TaskName Next Run Time Status
======================================== ====================== ===============
Device Install Group Policy N/A Ready
Device Install Reboot Required N/A Ready
Sysprep Generalize Drivers N/A Ready
Folder: \Microsoft\Windows\Power Efficiency Diagnostics
TaskName Next Run Time Status
======================================== ====================== ===============
AnalyzeSystem N/A Queued
Folder: \Microsoft\Windows\RecoveryEnvironment
TaskName Next Run Time Status
======================================== ====================== ===============
VerifyWinRE N/A Ready
Folder: \Microsoft\Windows\Registry
TaskName Next Run Time Status
======================================== ====================== ===============
RegIdleBackup N/A Ready
Folder: \Microsoft\Windows\Server Manager
TaskName Next Run Time Status
======================================== ====================== ===============
CleanupOldPerfLogs N/A Ready
ServerManager N/A Ready
Folder: \Microsoft\Windows\Servicing
TaskName Next Run Time Status
======================================== ====================== ===============
StartComponentCleanup N/A Ready
Folder: \Microsoft\Windows\SharedPC
TaskName Next Run Time Status
======================================== ====================== ===============
Account Cleanup N/A Disabled
Folder: \Microsoft\Windows\Shell
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
IndexerAutomaticMaintenance N/A Ready
Folder: \Microsoft\Windows\Software Inventory Logging
TaskName Next Run Time Status
======================================== ====================== ===============
Collection N/A Disabled
Configuration N/A Ready
Folder: \Microsoft\Windows\SoftwareProtectionPlatform
TaskName Next Run Time Status
======================================== ====================== ===============
SvcRestartTaskLogon N/A Ready
Folder: \Microsoft\Windows\SpacePort
TaskName Next Run Time Status
======================================== ====================== ===============
SpaceAgentTask N/A Ready
SpaceManagerTask N/A Ready
Folder: \Microsoft\Windows\StateRepository
TaskName Next Run Time Status
======================================== ====================== ===============
MaintenanceTasks N/A Ready
Folder: \Microsoft\Windows\Storage Tiers Management
TaskName Next Run Time Status
======================================== ====================== ===============
Storage Tiers Management Initialization N/A Ready
Storage Tiers Optimization N/A Disabled
Folder: \Microsoft\Windows\Task Manager
TaskName Next Run Time Status
======================================== ====================== ===============
Interactive N/A Ready
Folder: \Microsoft\Windows\TextServicesFramework
TaskName Next Run Time Status
======================================== ====================== ===============
MsCtfMonitor N/A Ready
Folder: \Microsoft\Windows\Time Synchronization
TaskName Next Run Time Status
======================================== ====================== ===============
ForceSynchronizeTime N/A Ready
SynchronizeTime N/A Ready
Folder: \Microsoft\Windows\Time Zone
TaskName Next Run Time Status
======================================== ====================== ===============
SynchronizeTimeZone N/A Ready
Folder: \Microsoft\Windows\UPnP
TaskName Next Run Time Status
======================================== ====================== ===============
UPnPHostConfig N/A Disabled
Folder: \Microsoft\Windows\WDI
TaskName Next Run Time Status
======================================== ====================== ===============
ResolutionHost N/A Ready
Folder: \Microsoft\Windows\Windows Defender
TaskName Next Run Time Status
======================================== ====================== ===============
Windows Defender Cache Maintenance N/A Ready
Windows Defender Cleanup N/A Ready
Windows Defender Scheduled Scan 4/26/2025 4:12:43 AM Ready
Windows Defender Verification N/A Ready
Folder: \Microsoft\Windows\Windows Error Reporting
TaskName Next Run Time Status
======================================== ====================== ===============
QueueReporting 4/25/2025 1:03:15 PM Ready
Folder: \Microsoft\Windows\Windows Filtering Platform
TaskName Next Run Time Status
======================================== ====================== ===============
BfeOnServiceStartTypeChange N/A Ready
Folder: \Microsoft\Windows\Windows Media Sharing
TaskName Next Run Time Status
======================================== ====================== ===============
UpdateLibrary N/A Ready
Folder: \Microsoft\Windows\WindowsColorSystem
TaskName Next Run Time Status
======================================== ====================== ===============
Calibration Loader N/A Ready
Folder: \Microsoft\Windows\WindowsUpdate
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled Start N/A Ready
Folder: \Microsoft\Windows\Wininet
TaskName Next Run Time Status
======================================== ====================== ===============
CacheTask N/A Running
Folder: \Microsoft\Windows\Workplace Join
TaskName Next Run Time Status
======================================== ====================== ===============
Automatic-Device-Join N/A Ready
Device-Sync N/A Disabled
Recovery-Check N/A Disabled
Folder: \Microsoft\Windows\WwanSvc
TaskName Next Run Time Status
======================================== ====================== ===============
OobeDiscovery N/A ReadyServices
PS C:\Users\molly.smith> wmic service where "State='Running'" get Name,PathName,StartName | Out-String -Stream | Where-Object { $_ -match 'S' -and $_ -notmatch 'C:\Windows\System32' } | Select-Object -First 100
Name PathName StartName
ADWS C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe LocalSystem
AppHostSvc C:\Windows\system32\svchost.exe -k apphost localSystem
AppReadiness C:\Windows\System32\svchost.exe -k AppReadiness -p LocalSystem
AzureAttestService C:\Windows\system32\svchost.exe -k AzureAttestService LocalSystem
BFE C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p NT AUTHORITY\LocalService
BITS C:\Windows\System32\svchost.exe -k netsvcs -p LocalSystem
BrokerInfrastructure C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
camsvc C:\Windows\system32\svchost.exe -k appmodel -p LocalSystem
CDPSvc C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
CertPropSvc C:\Windows\system32\svchost.exe -k netsvcs LocalSystem
CertSvc C:\Windows\system32\certsrv.exe localSystem
ClipSVC C:\Windows\System32\svchost.exe -k wsappx -p LocalSystem
COMSysApp C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} LocalSystem
CoreMessagingRegistrar C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p NT AUTHORITY\LocalService
CryptSvc C:\Windows\system32\svchost.exe -k NetworkService -p NT Authority\NetworkService
DcomLaunch C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
Dfs C:\Windows\system32\dfssvc.exe LocalSystem
DFSR C:\Windows\system32\DFSRs.exe LocalSystem
Dhcp C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
DiagTrack C:\Windows\System32\svchost.exe -k utcsvc -p LocalSystem
DispBrokerDesktopSvc C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
DNS C:\Windows\system32\dns.exe LocalSystem
Dnscache C:\Windows\system32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
DoSvc C:\Windows\System32\svchost.exe -k NetworkService -p NT Authority\NetworkService
DPS C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p NT AUTHORITY\LocalService
DsmSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
DsSvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
edgeupdate "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc LocalSystem
EventLog C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
EventSystem C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
FontCache C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
gpsvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe localSystem
IKEEXT C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
iphlpsvc C:\Windows\System32\svchost.exe -k NetSvcs -p LocalSystem
IsmServ C:\Windows\System32\ismserv.exe LocalSystem
Kdc C:\Windows\System32\lsass.exe LocalSystem
KeyIso C:\Windows\system32\lsass.exe LocalSystem
LanmanServer C:\Windows\System32\svchost.exe -k smbsvcs LocalSystem
LanmanWorkstation C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
LicenseManager C:\Windows\System32\svchost.exe -k LocalService -p NT Authority\LocalService
lmhosts C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
LSM
mpssvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p NT Authority\LocalService
MSDTC C:\Windows\System32\msdtc.exe NT AUTHORITY\NetworkService
MSSQL$MICROSOFT##WID C:\Windows\WID\Binn\sqlservr.exe -SMSWIN8.SQLWID -sMICROSOFT##WID NT SERVICE\MSSQL$MICROSOFT##WID
MSSQL$SQLEXPRESS "C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS NT Service\MSSQL$SQLEXPRESS
NcbService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
Netlogon C:\Windows\system32\lsass.exe LocalSystem
Netman C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
netprofm C:\Windows\System32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
NlaSvc C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
nsi C:\Windows\system32\svchost.exe -k LocalService -p NT Authority\LocalService
PcaSvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
PlugPlay C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
PolicyAgent C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p NT Authority\NetworkService
Power C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
ProfSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
RpcEptMapper C:\Windows\system32\svchost.exe -k RPCSS -p NT AUTHORITY\NetworkService
RpcSs C:\Windows\system32\svchost.exe -k rpcss -p NT AUTHORITY\NetworkService
SamSs C:\Windows\system32\lsass.exe LocalSystem
Schedule C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
SENS C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
SessionEnv C:\Windows\System32\svchost.exe -k netsvcs -p localSystem
ShellHWDetection C:\Windows\System32\svchost.exe -k netsvcs -p LocalSystem
smphost C:\Windows\System32\svchost.exe -k smphost NT AUTHORITY\NetworkService
Spooler C:\Windows\System32\spoolsv.exe LocalSystem
sppsvc C:\Windows\system32\sppsvc.exe NT AUTHORITY\NetworkService
SQLTELEMETRY$SQLEXPRESS "C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe" -Service SQLEXPRESS NT Service\SQLTELEMETRY$SQLEXPRESS
SQLWriter "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" LocalSystem
StateRepository C:\Windows\system32\svchost.exe -k appmodel -p LocalSystem
StorSvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
SysMain C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
SystemEventsBroker C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
TabletInputService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
TermService C:\Windows\System32\svchost.exe -k termsvcs NT Authority\NetworkService
Themes C:\Windows\System32\svchost.exe -k netsvcs -p LocalSystem
TimeBrokerSvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
TokenBroker C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
UALSVC C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
UmRdpService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p localSystem
UserManager C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
UsoSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
vds C:\Windows\System32\vds.exe LocalSystem
VGAuthService "C:\Program Files\VMware\VMware Tools\VMware VGAuth\VGAuthService.exe" LocalSystem
vm3dservice C:\Windows\system32\vm3dservice.exe LocalSystem
VMTools "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe" LocalSystem
W32Time C:\Windows\system32\svchost.exe -k LocalService NT AUTHORITY\LocalService
W3SVC C:\Windows\system32\svchost.exe -k iissvcs localSystem
WAS C:\Windows\system32\svchost.exe -k iissvcs localSystem
Wcmsvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
WdiSystemHost C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
WdNisSvc "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe" NT AUTHORITY\LocalService
WIDWriter C:\Windows\WID\Binn\sqlwriter.exe -w NT AUTHORITY\LocalService
WinDefend "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe" LocalSystem
WinHttpAutoProxySvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
Winmgmt C:\Windows\system32\svchost.exe -k netsvcs -p localSystem
WinRM C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
wlidsvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystemCertSvc C:\Windows\system32\certsrv.exe localSystemIISADMIN C:\Windows\system32\inetsrv\inetinfo.exe localSystemMSSQL$MICROSOFT##WID C:\Windows\WID\Binn\sqlservr.exe -SMSWIN8.SQLWID -sMICROSOFT##WID NT SERVICE\MSSQL$MICROSOFT##WIDMSSQL$SQLEXPRESS "C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS NT Service\MSSQL$SQLEXPRESSSQLTELEMETRY$SQLEXPRESS "C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe" -Service SQLEXPRESS NT Service\SQLTELEMETRY$SQLEXPRESSSQLWriter "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" LocalSystem
Installed Programs
PS C:\Users\molly.smith> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue | Where-Object { $_ } | Sort-Object -Unique
Azure Data Studio
Browser for SQL Server 2019
Integration Services
Microsoft Analysis Services OLE DB Provider
Microsoft Edge
Microsoft Edge Update
Microsoft Help Viewer 2.3
Microsoft ODBC Driver 17 for SQL Server
Microsoft OLE DB Driver for SQL Server
Microsoft SQL Server 2012 Native Client
Microsoft SQL Server 2019 (64-bit)
Microsoft SQL Server 2019 RsFx Driver
Microsoft SQL Server 2019 Setup (English)
Microsoft SQL Server 2019 T-SQL Language Service
Microsoft SQL Server Management Studio - 19.2
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326
Microsoft Visual Studio Tools for Applications 2019
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support
Microsoft VSS Writer for SQL Server 2019
SQL Server 2019 Batch Parser
SQL Server 2019 Common Files
SQL Server 2019 Connection Info
SQL Server 2019 Database Engine Services
SQL Server 2019 Database Engine Shared
SQL Server 2019 DMF
SQL Server 2019 Shared Management Objects
SQL Server 2019 Shared Management Objects Extensions
SQL Server 2019 SQL Diagnostics
SQL Server 2019 XEvent
SQL Server Management Studio
SQL Server Management Studio Language Pack - English
SSMS Post Install Tasks
Visual Studio 2017 Isolated Shell for SSMS
VMware ToolsFirewall & AV
PS C:\Users\molly.smith> netsh firewall show config
Domain profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Disable
Service configuration for Domain profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Enable No Remote Desktop
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
8531 TCP Enable Inbound WSUS
8530 TCP Enable Inbound WSUS
Standard profile configuration:
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Disable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Enable Yes Network Discovery
Enable No Remote Desktop
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
8531 TCP Enable Inbound WSUS
8530 TCP Enable Inbound WSUS
Log configuration:
-------------------------------------------------------------------
File location = C:\Windows\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .8531 TCP Enable Inbound WSUS8530 TCP Enable Inbound WSUS
PS C:\Users\molly.smith> Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property ExclusionPath
AMEngineVersion : 1.1.23110.2
AMProductVersion : 4.18.23100.2009
AMRunningMode : Normal
AMServiceEnabled : True
AMServiceVersion : 4.18.23100.2009
AntispywareEnabled : True
AntispywareSignatureAge : 500
AntispywareSignatureLastUpdated : 12/11/2023 6:47:18 PM
AntispywareSignatureVersion : 1.403.362.0
AntivirusEnabled : True
AntivirusSignatureAge : 500
AntivirusSignatureLastUpdated : 12/11/2023 6:47:18 PM
AntivirusSignatureVersion : 1.403.362.0
BehaviorMonitorEnabled : True
ComputerID : 3C55ED6A-52AC-4ABA-B276-77A8E0BCFFE3
ComputerState : 0
DefenderSignaturesOutOfDate : False
DeviceControlDefaultEnforcement : Unknown
DeviceControlPoliciesLastUpdated : 12/31/1600 4:00:00 PM
DeviceControlState : Disabled
FullScanAge : 4294967295
FullScanEndTime :
FullScanOverdue : False
FullScanRequired : False
FullScanSignatureVersion :
FullScanStartTime :
IoavProtectionEnabled : True
IsTamperProtected : False
IsVirtualMachine : True
LastFullScanSource : 0
LastQuickScanSource : 2
NISEnabled : True
NISEngineVersion : 1.1.23110.2
NISSignatureAge : 500
NISSignatureLastUpdated : 12/11/2023 6:47:18 PM
NISSignatureVersion : 1.403.362.0
OnAccessProtectionEnabled : True
ProductStatus : 524288
QuickScanAge : 0
QuickScanEndTime : 4/25/2025 9:06:25 AM
QuickScanOverdue : False
QuickScanSignatureVersion : 1.403.362.0
QuickScanStartTime : 4/25/2025 9:06:09 AM
RealTimeProtectionEnabled : True
RealTimeScanDirection : 0
RebootRequired : False
SmartAppControlExpiration :
SmartAppControlState : Off
TamperProtectionSource : Signatures
TDTMode : N/A
TDTSiloType : N/A
TDTStatus : N/A
TDTTelemetry : N/A
TroubleShootingDailyMaxQuota :
TroubleShootingDailyQuotaLeft :
TroubleShootingEndTime :
TroubleShootingExpirationLeft :
TroubleShootingMode :
TroubleShootingModeSource :
TroubleShootingQuotaResetTime :
TroubleShootingStartTime :
PSComputerName :
ExclusionPath : {N/A: Must be an administrator to view exclusions}AV is Enabled
Session Architecture
PS C:\Users\molly.smith> [Environment]::Is64BitProcess
TrueInstalled .NET Frameworks
PS C:\Users\molly.smith> cmd /c dir /A:D C:\Windows\Microsoft.NET\Framework ; cmd /c reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP" ; cmd /c reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
Volume in drive C has no label.
Volume Serial Number is D2B3-5918
Directory of C:\Windows\Microsoft.NET\Framework
11/25/2023 06:01 AM <DIR> .
04/25/2025 09:06 AM <DIR> ..
05/08/2021 01:34 AM <DIR> v1.0.3705
05/08/2021 01:34 AM <DIR> v1.1.4322
11/25/2023 06:45 AM <DIR> v2.0.50727
11/25/2023 06:01 AM <DIR> v3.0
11/25/2023 06:01 AM <DIR> v3.5
04/25/2025 09:06 AM <DIR> v4.0.30319
0 File(s) 0 bytes
8 Dir(s) 7,768,317,952 bytes free
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
SMSvcHostPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727
CBS REG_DWORD 0x1
Increment REG_SZ 4927
Install REG_DWORD 0x1
OCM REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 2.0.50727.4927
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1028
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1029
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1030
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1031
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1032
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1033
CBS REG_DWORD 0x1
Increment REG_SZ 4927
SP REG_DWORD 0x2
Version REG_SZ 2.0.50727.4927
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1035
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1036
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1038
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1040
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1041
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1042
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1043
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1044
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1045
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1046
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1049
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1053
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1055
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\2052
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\2070
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\3076
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\3082
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0
CBS REG_DWORD 0x1
Increment REG_SZ 4926
Install REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Servicing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Servicing\Windows Workflow Foundation
CBS REG_DWORD 0x1
Hotfix REG_SZ
Install REG_DWORD 0x1
SP REG_DWORD 0x2
SPIndex REG_DWORD 0x0
SPName REG_SZ SP2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup
InstallSuccess REG_DWORD 0x1
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\1033
CBS REG_DWORD 0x1
Increment REG_SZ 4926
Install REG_DWORD 0x1
InstallSuccess REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Communication Foundation
InstallSuccess REG_DWORD 0x1
ReferenceInstallPath REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
RuntimeInstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\
Version REG_SZ 3.0.4506.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Presentation Foundation
(Default) REG_SZ WPF v3.0.6920.4902
InstallRoot REG_SZ C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\
InstallSuccess REG_DWORD 0x1
ProductVersion REG_SZ 3.0.6920.4902
Version REG_SZ 3.0.6920.4902
WPFCommonAssembliesPathx64 REG_SZ C:\Windows\System32\
WPFNonReferenceAssembliesPathx64 REG_SZ C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\
WPFReferenceAssembliesPathx64 REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Workflow Foundation
(Default) REG_SZ Windows Workflow Foundation
FileVersion REG_SZ 3.0.4203.4926
InstallDir REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
InstallSuccess REG_DWORD 0x1
MajorBuildNum REG_SZ 4203
ProductVersion REG_SZ 3.0.0.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.5
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v3.5\
SP REG_DWORD 0x1
Version REG_SZ 3.5.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.5\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
SP REG_DWORD 0x1
Version REG_SZ 3.5.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x81041
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04161
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x81041
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04161
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x81041
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04161
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x81041
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04161
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.0