System/Kernel
PS C:\windows\system32\inetsrv> cmd /c ver
Microsoft Windows [Version 10.0.17763.1637]
PS C:\windows\system32\inetsrv> systeminfo ; Get-ComputerInfo
Host Name: HUTCHDC
OS Name: Microsoft Windows Server 2019 Standard
OS Version: 10.0.17763 N/A Build 17763
OS Manufacturer: Microsoft Corporation
OS Configuration: Primary Domain Controller
OS Build Type: Multiprocessor Free
Registered Owner: Windows User
Registered Organization:
Product ID: 00429-70000-00000-AA801
Original Install Date: 11/4/2020, 4:06:43 AM
System Boot Time: 8/1/2024, 6:27:39 PM
System Manufacturer: VMware, Inc.
System Model: VMware7,1
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 25 Model 1 Stepping 1 AuthenticAMD ~2650 Mhz
BIOS Version: VMware, Inc. VMW71.00V.21100432.B64.2301110304, 1/11/2023
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume2
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 2,047 MB
Available Physical Memory: 705 MB
Virtual Memory: Max Size: 3,199 MB
Virtual Memory: Available: 1,935 MB
Virtual Memory: In Use: 1,264 MB
Page File Location(s): C:\pagefile.sys
Domain: hutch.offsec
Logon Server: N/A
Hotfix(s): 7 Hotfix(s) Installed.
[01]: KB4580422
[02]: KB4462930
[03]: KB4512577
[04]: KB4577667
[05]: KB4580325
[06]: KB4587735
[07]: KB4592440
Network Card(s): 1 NIC(s) Installed.
[01]: vmxnet3 Ethernet Adapter
Connection Name: Ethernet0
DHCP Enabled: No
IP address(es)
[01]: 192.168.187.122
[02]: fe80::9df9:8e58:4400:9b3a
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
WindowsBuildLabEx : 17763.1.amd64fre.rs5_release.180914-1434
WindowsCurrentVersion : 6.3
WindowsEditionId : ServerStandard
WindowsInstallationType : Server
WindowsInstallDateFromRegistry : 11/4/2020 12:06:43 PM
WindowsProductId : 00429-70000-00000-AA801
WindowsProductName : Windows Server 2019 Standard
WindowsRegisteredOrganization :
WindowsRegisteredOwner : Windows User
WindowsSystemRoot : C:\Windows
WindowsVersion : 1809
OsServerLevel : FullServer
KeyboardLayout :
TimeZone : (UTC-08:00) Pacific Time (US & Canada)
LogonServer :
PowerPlatformRole : Desktop
DeviceGuardSmartStatus : OffMicrosoft Windows [Version 10.0.17763.1637]OS Name: Microsoft Windows Server 2019 StandardSystem Type: x64-based PCProcessor(s): 1 Processor(s) Installed.Hotfix(s): 7 Hotfix(s) Installed.[01]: KB4580422[02]: KB4462930[03]: KB4512577[04]: KB4577667[05]: KB4580325[06]: KB4587735[07]: KB4592440
Networks
PS C:\windows\system32\inetsrv> ipconfig /all ; arp -a ; print route
Windows IP Configuration
Host Name . . . . . . . . . . . . : hutchdc
Primary Dns Suffix . . . . . . . : hutch.offsec
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hutch.offsec
Ethernet adapter Ethernet0:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-9E-BC-21
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9df9:8e58:4400:9b3a%3(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.187.122(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.187.254
DHCPv6 IAID . . . . . . . . . . . : 218124374
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2E-3D-FC-7C-00-50-56-9E-A6-DF
DNS Servers . . . . . . . . . . . : 192.168.187.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Interface: 192.168.187.122 --- 0x3
Internet Address Physical Address Type
192.168.187.254 00-50-56-9e-ad-80 dynamic
192.168.187.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
255.255.255.255 ff-ff-ff-ff-ff-ff static
Unable to initialize device PRNPS C:\windows\system32\inetsrv> netstat -ano | Select-String LIST
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:88 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 784
TCP 0.0.0.0:389 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:464 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:593 0.0.0.0:0 LISTENING 784
TCP 0.0.0.0:636 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:9389 0.0.0.0:0 LISTENING 1584
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 484
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 896
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 1072
TCP 0.0.0.0:49673 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:49674 0.0.0.0:0 LISTENING 568
TCP 0.0.0.0:49679 0.0.0.0:0 LISTENING 560
TCP 0.0.0.0:49692 0.0.0.0:0 LISTENING 8
TCP 0.0.0.0:49756 0.0.0.0:0 LISTENING 764
TCP 0.0.0.0:50917 0.0.0.0:0 LISTENING 3640
TCP 127.0.0.1:53 0.0.0.0:0 LISTENING 8
TCP 192.168.187.122:53 0.0.0.0:0 LISTENING 8
TCP 192.168.187.122:139 0.0.0.0:0 LISTENING 4
TCP [::]:80 [::]:0 LISTENING 4
TCP [::]:88 [::]:0 LISTENING 568
TCP [::]:135 [::]:0 LISTENING 784
TCP [::]:389 [::]:0 LISTENING 568
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:464 [::]:0 LISTENING 568
TCP [::]:593 [::]:0 LISTENING 784
TCP [::]:636 [::]:0 LISTENING 568
TCP [::]:3268 [::]:0 LISTENING 568
TCP [::]:3269 [::]:0 LISTENING 568
TCP [::]:5985 [::]:0 LISTENING 4
TCP [::]:9389 [::]:0 LISTENING 1584
TCP [::]:47001 [::]:0 LISTENING 4
TCP [::]:49664 [::]:0 LISTENING 484
TCP [::]:49665 [::]:0 LISTENING 896
TCP [::]:49666 [::]:0 LISTENING 568
TCP [::]:49668 [::]:0 LISTENING 1072
TCP [::]:49673 [::]:0 LISTENING 568
TCP [::]:49674 [::]:0 LISTENING 568
TCP [::]:49679 [::]:0 LISTENING 560
TCP [::]:49692 [::]:0 LISTENING 8
TCP [::]:49756 [::]:0 LISTENING 764
TCP [::]:50917 [::]:0 LISTENING 3640
TCP [::1]:53 [::]:0 LISTENING 8
TCP [fe80::9df9:8e58:4400:9b3a%3]:53 [::]:0 LISTENING 8Users & Groups
PS C:\windows\system32\inetsrv> net users ; ls C:\Users
User accounts for \\HUTCHDC
-------------------------------------------------------------------------------
acostello Administrator agitthouse
avictoria cluddy domainadmin
eaburrow fmcsorley Guest
jfrarey jmckendry jsparwell
krbtgt ltaunton oknee
opatry rplacidi
The command completed successfully.
Directory: C:\Users
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 11/3/2020 9:37 PM .NET v2.0
d----- 11/3/2020 9:37 PM .NET v2.0 Classic
d----- 11/3/2020 9:39 PM .NET v4.5
d----- 11/3/2020 9:39 PM .NET v4.5 Classic
d----- 11/4/2020 4:07 AM Administrator
d----- 11/3/2020 9:37 PM Classic .NET AppPool
d----- 11/3/2020 10:09 PM domainadmin
d----- 11/3/2020 10:19 PM fmcsorley
d-r--- 11/4/2020 4:07 AM PublicPS C:\windows\system32\inetsrv> net localgroup ; net group /DOMAIN
Aliases for \\HUTCHDC
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Account Operators
*Administrators
*Allowed RODC Password Replication Group
*Backup Operators
*Cert Publishers
*Certificate Service DCOM Access
*Cryptographic Operators
*Denied RODC Password Replication Group
*Distributed COM Users
*DnsAdmins
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Incoming Forest Trust Builders
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Pre-Windows 2000 Compatible Access
*Print Operators
*RAS and IAS Servers
*RDS Endpoint Servers
*RDS Management Servers
*RDS Remote Access Servers
*Remote Desktop Users
*Remote Management Users
*Replicator
*Server Operators
*Storage Replica Administrators
*Terminal Server License Servers
*Users
*Windows Authorization Access Group
The command completed successfully.
Group Accounts for \\HUTCHDC
-------------------------------------------------------------------------------
*Cloneable Domain Controllers
*DnsUpdateProxy
*Domain Admins
*Domain Computers
*Domain Controllers
*Domain Guests
*Domain Users
*Enterprise Admins
*Enterprise Key Admins
*Enterprise Read-only Domain Controllers
*Group Policy Creator Owners
*Key Admins
*Protected Users
*Read-only Domain Controllers
*Schema Admins
The command completed successfully.Processes
PS C:\windows\system32\inetsrv> Get-WmiObject Win32_Process | % { $s = (Get-CimInstance Win32_Service | ? { $_.ProcessId -eq $_.ProcessId }).Name -join ", "; $u = $_.GetOwner(); [PSCustomObject]@{ Name = $_.Name; PID = $_.ProcessId; User = "$($u.Domain)$($u.User)"; Services = $s } } | ft -AutoSize
Name PID User Services
---- --- ---- --------
System Idle Process 0 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
System 4 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
Registry 68 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
smss.exe 264 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
csrss.exe 368 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
csrss.exe 440 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
wininit.exe 484 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
winlogon.exe 492 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
services.exe 560 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
lsass.exe 568 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 748 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 784 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
dwm.exe 860 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 896 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 928 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 944 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 960 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1004 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 832 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1052 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1072 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1152 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1612 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
WmiPrvSE.exe 1816 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1912 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1164 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1440 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
Microsoft.ActiveDirectory.WebServices.exe 1584 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 1752 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
dfsrs.exe 764 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
dns.exe 8 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
ismserv.exe 716 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
dfssvc.exe 2056 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
vmtoolsd.exe 2068 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 2076 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
VGAuthService.exe 2092 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
MsMpEng.exe 2108 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 2212 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
vds.exe 2580 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
dllhost.exe 2844 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
msdtc.exe 2988 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
fontdrvhost.exe 2700 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
fontdrvhost.exe 2880 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
LogonUI.exe 3740 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
svchost.exe 2772 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
rVOrQqEi.exe 4828 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
cmd.exe 1160 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
conhost.exe 4120 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
spoolsv.exe 3640 ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
w3wp.exe 3204 IIS APPPOOLDefaultAppPool ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
cmd.exe 3508 IIS APPPOOLDefaultAppPool ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
conhost.exe 4104 IIS APPPOOLDefaultAppPool ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...
powershell.exe 1620 IIS APPPOOLDefaultAppPool ADWS, AJRouter, ALG, AppHostSvc, AppIDSvc, ...spoolsv.exe
Tasks
PS C:\windows\system32\inetsrv> Get-ScheduledTask | where {$_.TaskPath -notlike "\Microsoft*" } | ft TaskName,TaskPath,State
PS C:\windows\system32\inetsrv> cmd /c schtasks /QUERY /FO TABLE
Folder: \
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows
TaskName Next Run Time Status
======================================== ====================== ===============
Server Initial Configuration Task N/A Disabled
Folder: \Microsoft\Windows\.NET Framework
TaskName Next Run Time Status
======================================== ====================== ===============
.NET Framework NGEN v4.0.30319 N/A Ready
.NET Framework NGEN v4.0.30319 64 N/A Ready
.NET Framework NGEN v4.0.30319 64 Critic N/A Disabled
.NET Framework NGEN v4.0.30319 Critical N/A Disabled
Folder: \Microsoft\Windows\Active Directory Rights Management Services Client
TaskName Next Run Time Status
======================================== ====================== ===============
AD RMS Rights Policy Template Management N/A Disabled
AD RMS Rights Policy Template Management N/A Ready
Folder: \Microsoft\Windows\AppID
TaskName Next Run Time Status
======================================== ====================== ===============
PolicyConverter N/A Disabled
VerifiedPublisherCertStoreCheck N/A Disabled
Folder: \Microsoft\Windows\Application Experience
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft Compatibility Appraiser 5/2/2025 4:29:13 AM Ready
ProgramDataUpdater N/A Ready
StartupAppTask N/A Ready
Folder: \Microsoft\Windows\ApplicationData
TaskName Next Run Time Status
======================================== ====================== ===============
appuriverifierdaily N/A Ready
appuriverifierinstall N/A Ready
CleanupTemporaryState N/A Ready
DsSvcCleanup N/A Ready
Folder: \Microsoft\Windows\AppxDeploymentClient
TaskName Next Run Time Status
======================================== ====================== ===============
Pre-staged app cleanup N/A Disabled
Folder: \Microsoft\Windows\Autochk
TaskName Next Run Time Status
======================================== ====================== ===============
Proxy N/A Ready
Folder: \Microsoft\Windows\BitLocker
TaskName Next Run Time Status
======================================== ====================== ===============
BitLocker Encrypt All Drives N/A Ready
BitLocker MDM policy Refresh N/A Ready
Folder: \Microsoft\Windows\Bluetooth
TaskName Next Run Time Status
======================================== ====================== ===============
UninstallDeviceTask N/A Disabled
Folder: \Microsoft\Windows\BrokerInfrastructure
TaskName Next Run Time Status
======================================== ====================== ===============
BgTaskRegistrationMaintenanceTask N/A Ready
Folder: \Microsoft\Windows\Chkdsk
TaskName Next Run Time Status
======================================== ====================== ===============
ProactiveScan N/A Ready
SyspartRepair N/A Ready
Folder: \Microsoft\Windows\Clip
TaskName Next Run Time Status
======================================== ====================== ===============
License Validation N/A Disabled
Folder: \Microsoft\Windows\CloudExperienceHost
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
Folder: \Microsoft\Windows\Customer Experience Improvement Program
TaskName Next Run Time Status
======================================== ====================== ===============
Consolidator 5/1/2025 12:00:00 PM Ready
UsbCeip N/A Ready
Folder: \Microsoft\Windows\Data Integrity Scan
TaskName Next Run Time Status
======================================== ====================== ===============
Data Integrity Scan 5/10/2025 5:42:18 PM Ready
Data Integrity Scan for Crash Recovery N/A Ready
Folder: \Microsoft\Windows\Defrag
TaskName Next Run Time Status
======================================== ====================== ===============
ScheduledDefrag N/A Ready
Folder: \Microsoft\Windows\Device Information
TaskName Next Run Time Status
======================================== ====================== ===============
Device 5/2/2025 3:59:50 AM Ready
Folder: \Microsoft\Windows\Diagnosis
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled N/A Ready
Folder: \Microsoft\Windows\DirectX
TaskName Next Run Time Status
======================================== ====================== ===============
DXGIAdapterCache N/A Ready
Folder: \Microsoft\Windows\DiskCleanup
TaskName Next Run Time Status
======================================== ====================== ===============
SilentCleanup N/A Ready
Folder: \Microsoft\Windows\DiskDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft-Windows-DiskDiagnosticDataColl N/A Ready
Microsoft-Windows-DiskDiagnosticResolver N/A Disabled
Folder: \Microsoft\Windows\DiskFootprint
TaskName Next Run Time Status
======================================== ====================== ===============
Diagnostics N/A Ready
StorageSense N/A Ready
Folder: \Microsoft\Windows\EDP
TaskName Next Run Time Status
======================================== ====================== ===============
EDP App Launch Task N/A Ready
EDP Auth Task N/A Ready
EDP Inaccessible Credentials Task N/A Ready
StorageCardEncryption Task N/A Ready
Folder: \Microsoft\Windows\ExploitGuard
TaskName Next Run Time Status
======================================== ====================== ===============
ExploitGuard MDM policy Refresh N/A Ready
Folder: \Microsoft\Windows\File Classification Infrastructure
TaskName Next Run Time Status
======================================== ====================== ===============
Property Definition Sync N/A Disabled
Folder: \Microsoft\Windows\Flighting
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\Flighting\FeatureConfig
TaskName Next Run Time Status
======================================== ====================== ===============
ReconcileFeatures N/A Ready
Folder: \Microsoft\Windows\Flighting\OneSettings
TaskName Next Run Time Status
======================================== ====================== ===============
RefreshCache 5/2/2025 12:54:55 AM Ready
Folder: \Microsoft\Windows\InstallService
TaskName Next Run Time Status
======================================== ====================== ===============
ScanForUpdates N/A Disabled
ScanForUpdatesAsUser N/A Disabled
SmartRetry N/A Disabled
WakeUpAndContinueUpdates N/A Disabled
WakeUpAndScanForUpdates N/A Disabled
Folder: \Microsoft\Windows\License Manager
TaskName Next Run Time Status
======================================== ====================== ===============
TempSignedLicenseExchange N/A Ready
Folder: \Microsoft\Windows\Location
TaskName Next Run Time Status
======================================== ====================== ===============
Notifications N/A Ready
WindowsActionDialog N/A Ready
Folder: \Microsoft\Windows\Maintenance
TaskName Next Run Time Status
======================================== ====================== ===============
WinSAT N/A Ready
Folder: \Microsoft\Windows\Maps
TaskName Next Run Time Status
======================================== ====================== ===============
MapsToastTask N/A Disabled
MapsUpdateTask N/A Disabled
Folder: \Microsoft\Windows\MemoryDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
ProcessMemoryDiagnosticEvents N/A Disabled
RunFullMemoryDiagnostic N/A Disabled
Folder: \Microsoft\Windows\Mobile Broadband Accounts
TaskName Next Run Time Status
======================================== ====================== ===============
MNO Metadata Parser N/A Ready
Folder: \Microsoft\Windows\MUI
TaskName Next Run Time Status
======================================== ====================== ===============
LPRemove N/A Ready
Folder: \Microsoft\Windows\Multimedia
TaskName Next Run Time Status
======================================== ====================== ===============
SystemSoundsService N/A Disabled
Folder: \Microsoft\Windows\NetTrace
TaskName Next Run Time Status
======================================== ====================== ===============
GatherNetworkInfo N/A Ready
Folder: \Microsoft\Windows\Offline Files
TaskName Next Run Time Status
======================================== ====================== ===============
Background Synchronization N/A Disabled
Logon Synchronization N/A Disabled
Folder: \Microsoft\Windows\PLA
TaskName Next Run Time Status
======================================== ====================== ===============
Server Manager Performance Monitor N/A Disabled
Folder: \Microsoft\Windows\Plug and Play
TaskName Next Run Time Status
======================================== ====================== ===============
Device Install Group Policy N/A Ready
Device Install Reboot Required N/A Ready
Sysprep Generalize Drivers N/A Ready
Folder: \Microsoft\Windows\Power Efficiency Diagnostics
TaskName Next Run Time Status
======================================== ====================== ===============
AnalyzeSystem N/A Ready
Folder: \Microsoft\Windows\PushToInstall
TaskName Next Run Time Status
======================================== ====================== ===============
LoginCheck N/A Disabled
Registration N/A Disabled
Folder: \Microsoft\Windows\RecoveryEnvironment
TaskName Next Run Time Status
======================================== ====================== ===============
VerifyWinRE N/A Disabled
Folder: \Microsoft\Windows\Server Manager
TaskName Next Run Time Status
======================================== ====================== ===============
CleanupOldPerfLogs N/A Ready
ServerManager N/A Ready
Folder: \Microsoft\Windows\Servicing
TaskName Next Run Time Status
======================================== ====================== ===============
StartComponentCleanup N/A Ready
Folder: \Microsoft\Windows\SharedPC
TaskName Next Run Time Status
======================================== ====================== ===============
Account Cleanup N/A Disabled
Folder: \Microsoft\Windows\Shell
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
IndexerAutomaticMaintenance N/A Ready
Folder: \Microsoft\Windows\Software Inventory Logging
TaskName Next Run Time Status
======================================== ====================== ===============
Collection N/A Disabled
Configuration N/A Ready
Folder: \Microsoft\Windows\SpacePort
TaskName Next Run Time Status
======================================== ====================== ===============
SpaceAgentTask N/A Ready
SpaceManagerTask N/A Ready
Folder: \Microsoft\Windows\Speech
TaskName Next Run Time Status
======================================== ====================== ===============
HeadsetButtonPress N/A Ready
Folder: \Microsoft\Windows\Storage Tiers Management
TaskName Next Run Time Status
======================================== ====================== ===============
Storage Tiers Management Initialization N/A Ready
Storage Tiers Optimization N/A Disabled
Folder: \Microsoft\Windows\termsrv
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: \Microsoft\Windows\termsrv\RemoteFX
TaskName Next Run Time Status
======================================== ====================== ===============
RemoteFXvGPUDisableTask N/A Ready
RemoteFXWarningTask 5/3/2025 1:00:00 PM Ready
Folder: \Microsoft\Windows\TextServicesFramework
TaskName Next Run Time Status
======================================== ====================== ===============
MsCtfMonitor N/A Ready
Folder: \Microsoft\Windows\Time Synchronization
TaskName Next Run Time Status
======================================== ====================== ===============
ForceSynchronizeTime N/A Ready
SynchronizeTime N/A Ready
Folder: \Microsoft\Windows\Time Zone
TaskName Next Run Time Status
======================================== ====================== ===============
SynchronizeTimeZone N/A Ready
Folder: \Microsoft\Windows\UPnP
TaskName Next Run Time Status
======================================== ====================== ===============
UPnPHostConfig N/A Disabled
Folder: \Microsoft\Windows\Windows Defender
TaskName Next Run Time Status
======================================== ====================== ===============
Windows Defender Cache Maintenance N/A Ready
Windows Defender Cleanup N/A Ready
Windows Defender Scheduled Scan 5/2/2025 2:29:55 AM Ready
Windows Defender Verification N/A Ready
Folder: \Microsoft\Windows\Windows Error Reporting
TaskName Next Run Time Status
======================================== ====================== ===============
QueueReporting 5/1/2025 8:47:51 AM Ready
Folder: \Microsoft\Windows\Windows Filtering Platform
TaskName Next Run Time Status
======================================== ====================== ===============
BfeOnServiceStartTypeChange N/A Ready
Folder: \Microsoft\Windows\Windows Media Sharing
TaskName Next Run Time Status
======================================== ====================== ===============
UpdateLibrary N/A Ready
Folder: \Microsoft\Windows\WindowsColorSystem
TaskName Next Run Time Status
======================================== ====================== ===============
Calibration Loader N/A Ready
Folder: \Microsoft\Windows\WindowsUpdate
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled Start N/A Ready
Folder: \Microsoft\Windows\Wininet
TaskName Next Run Time Status
======================================== ====================== ===============
CacheTask N/A Ready
Folder: \Microsoft\Windows\Workplace Join
TaskName Next Run Time Status
======================================== ====================== ===============
Automatic-Device-Join N/A Ready
Recovery-Check N/A Disabled Services
PS C:\windows\system32\inetsrv> wmic service where "State='Running'" get Name,PathName,StartName | Out-String -Stream | Where-Object { $_ -match 'S' -and $_ -notmatch 'C:\Windows\System32' } | Select-Object -First 100
wmic service where "State='Running'" get Name,PathName,StartName | Out-String -Stream | Where-Object { $_ -match 'S' -and $_ -notmatch 'C:\Windows\System32' } | Select-Object -First 100
Name PathName StartName
ADWS C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe LocalSystem
AppHostSvc C:\Windows\system32\svchost.exe -k apphost localSystem
BFE C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p NT AUTHORITY\LocalService
BrokerInfrastructure C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
CDPSvc C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
COMSysApp C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} LocalSystem
CoreMessagingRegistrar C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p NT AUTHORITY\LocalService
CryptSvc C:\Windows\system32\svchost.exe -k NetworkService -p NT Authority\NetworkService
DcomLaunch C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
Dfs C:\Windows\system32\dfssvc.exe LocalSystem
DFSR C:\Windows\system32\DFSRs.exe LocalSystem
Dhcp C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
DiagTrack C:\Windows\System32\svchost.exe -k utcsvc -p LocalSystem
DNS C:\Windows\system32\dns.exe LocalSystem
Dnscache C:\Windows\system32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
DoSvc C:\Windows\System32\svchost.exe -k NetworkService -p NT Authority\NetworkService
DPS C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p NT AUTHORITY\LocalService
DsmSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
DsSvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
EventLog C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
EventSystem C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
FontCache C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
gpsvc C:\Windows\system32\svchost.exe -k GPSvcGroup LocalSystem
IKEEXT C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
iphlpsvc C:\Windows\System32\svchost.exe -k NetSvcs -p LocalSystem
IsmServ C:\Windows\System32\ismserv.exe LocalSystem
Kdc C:\Windows\System32\lsass.exe LocalSystem
KeyIso C:\Windows\system32\lsass.exe LocalSystem
LanmanServer C:\Windows\System32\svchost.exe -k smbsvcs LocalSystem
LanmanWorkstation C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
lmhosts C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
LSM
mpssvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p NT Authority\LocalService
MSDTC C:\Windows\System32\msdtc.exe NT AUTHORITY\NetworkService
NcbService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
Netlogon C:\Windows\system32\lsass.exe LocalSystem
Netman C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
netprofm C:\Windows\System32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
NlaSvc C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
nsi C:\Windows\system32\svchost.exe -k LocalService -p NT Authority\LocalService
PcaSvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
PlugPlay C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
PolicyAgent C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p NT Authority\NetworkService
Power C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
ProfSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
RasMan C:\Windows\System32\svchost.exe -k netsvcs localSystem
RpcEptMapper C:\Windows\system32\svchost.exe -k RPCSS -p NT AUTHORITY\NetworkService
RpcSs C:\Windows\system32\svchost.exe -k rpcss -p NT AUTHORITY\NetworkService
SamSs C:\Windows\system32\lsass.exe LocalSystem
Schedule C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
SENS C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
ShellHWDetection C:\Windows\System32\svchost.exe -k netsvcs -p LocalSystem
Spooler C:\Windows\System32\spoolsv.exe LocalSystem
SstpSvc C:\Windows\system32\svchost.exe -k LocalService -p NT Authority\LocalService
StorSvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
SysMain C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
SystemEventsBroker C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
Themes C:\Windows\System32\svchost.exe -k netsvcs -p LocalSystem
TimeBrokerSvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
UALSVC C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
UserManager C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
UsoSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
vds C:\Windows\System32\vds.exe LocalSystem
VGAuthService "C:\Program Files\VMware\VMware Tools\VMware VGAuth\VGAuthService.exe" LocalSystem
VMTools "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe" LocalSystem
W32Time C:\Windows\system32\svchost.exe -k LocalService NT AUTHORITY\LocalService
W3SVC C:\Windows\system32\svchost.exe -k iissvcs localSystem
WAS C:\Windows\system32\svchost.exe -k iissvcs localSystem
Wcmsvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
WinDefend "C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe" LocalSystem
WinHttpAutoProxySvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
Winmgmt C:\Windows\system32\svchost.exe -k netsvcs -p localSystem
WinRM C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
WpnService C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
wuauserv C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem Spooler C:\Windows\System32\spoolsv.exe LocalSystemvds C:\Windows\System32\vds.exe LocalSystem
Installed Programs
PS C:\windows\system32\inetsrv> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue | Where-Object { $_ } | Sort-Object -Unique
Local Administrator Password Solution
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.20.27508
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.20.27508
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.20.27508
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.20.27508
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.20.27508
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.20.27508
VMware ToolsFirewall & AV
PS C:\windows\system32\inetsrv> netsh firewall show config
netsh firewall show config
Domain profile configuration (current):
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Disable
Service configuration for Domain profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Standard profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Disable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Log configuration:
-------------------------------------------------------------------
File location = C:\Windows\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .PS C:\windows\system32\inetsrv> Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property ExclusionPath
AMEngineVersion : 1.1.17800.5
AMProductVersion : 4.18.2101.9
AMRunningMode : Normal
AMServiceEnabled : True
AMServiceVersion : 4.18.2101.9
AntispywareEnabled : True
AntispywareSignatureAge : 1534
AntispywareSignatureLastUpdated : 2/16/2021 4:48:37 PM
AntispywareSignatureVersion : 1.331.1187.0
AntivirusEnabled : True
AntivirusSignatureAge : 1534
AntivirusSignatureLastUpdated : 2/16/2021 4:48:38 PM
AntivirusSignatureVersion : 1.331.1187.0
BehaviorMonitorEnabled : False
ComputerID : 34693D86-1FA1-4CEC-86FF-5EA8ECFABF44
ComputerState : 0
FullScanAge : 4294967295
FullScanEndTime :
FullScanStartTime :
IoavProtectionEnabled : False
IsTamperProtected : False
IsVirtualMachine : True
LastFullScanSource : 0
LastQuickScanSource : 0
NISEnabled : False
NISEngineVersion : 0.0.0.0
NISSignatureAge : 4294967295
NISSignatureLastUpdated :
NISSignatureVersion : 0.0.0.0
OnAccessProtectionEnabled : False
QuickScanAge : 4294967295
QuickScanEndTime :
QuickScanStartTime :
RealTimeProtectionEnabled : False
RealTimeScanDirection : 0
PSComputerName :
ExclusionPath : {N/A: Must be admin to view exclusions}Session Architecture
PS C:\windows\system32\inetsrv> [Environment]::Is64BitProcess
TrueInstalled .NET Frameworks
PS C:\windows\system32\inetsrv> cmd /c dir /A:D C:\Windows\Microsoft.NET\Framework ; cmd /c reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP" ; cmd /c reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
Volume in drive C has no label.
Volume Serial Number is 0A26-9DC1
Directory of C:\Windows\Microsoft.NET\Framework
11/03/2020 10:37 PM <DIR> .
11/03/2020 10:37 PM <DIR> ..
09/15/2018 12:19 AM <DIR> v1.0.3705
09/15/2018 12:19 AM <DIR> v1.1.4322
11/03/2020 10:37 PM <DIR> v2.0.50727
11/03/2020 10:37 PM <DIR> v3.0
11/03/2020 10:37 PM <DIR> v3.5
02/16/2021 11:04 PM <DIR> v4.0.30319
0 File(s) 0 bytes
8 Dir(s) 11,136,212,992 bytes free
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
SMSvcHostPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727
CBS REG_DWORD 0x1
Increment REG_SZ 4927
Install REG_DWORD 0x1
OCM REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 2.0.50727.4927
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1028
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1029
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1030
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1031
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1032
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1033
CBS REG_DWORD 0x1
Increment REG_SZ 4927
SP REG_DWORD 0x2
Version REG_SZ 2.0.50727.4927
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1035
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1036
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1038
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1040
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1041
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1042
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1043
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1044
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1045
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1046
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1049
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1053
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1055
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\2052
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\2070
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\3076
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\3082
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0
CBS REG_DWORD 0x1
Increment REG_SZ 4926
Install REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Servicing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Servicing\Windows Workflow Foundation
CBS REG_DWORD 0x1
Hotfix REG_SZ
Install REG_DWORD 0x1
SP REG_DWORD 0x2
SPIndex REG_DWORD 0x0
SPName REG_SZ SP2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup
InstallSuccess REG_DWORD 0x1
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\1033
CBS REG_DWORD 0x1
Increment REG_SZ 4926
Install REG_DWORD 0x1
InstallSuccess REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Communication Foundation
InstallSuccess REG_DWORD 0x1
ReferenceInstallPath REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
RuntimeInstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\
Version REG_SZ 3.0.4506.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Presentation Foundation
(Default) REG_SZ WPF v3.0.6920.4902
InstallRoot REG_SZ C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\
InstallSuccess REG_DWORD 0x1
ProductVersion REG_SZ 3.0.6920.4902
Version REG_SZ 3.0.6920.4902
WPFCommonAssembliesPathx64 REG_SZ C:\Windows\System32\
WPFNonReferenceAssembliesPathx64 REG_SZ C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\
WPFReferenceAssembliesPathx64 REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Workflow Foundation
(Default) REG_SZ Windows Workflow Foundation
FileVersion REG_SZ 3.0.4203.4926
InstallDir REG_SZ C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
InstallSuccess REG_DWORD 0x1
MajorBuildNum REG_SZ 4203
ProductVersion REG_SZ 3.0.0.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.5
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v3.5\
SP REG_DWORD 0x1
Version REG_SZ 3.5.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.5\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
SP REG_DWORD 0x1
Version REG_SZ 3.5.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.0.NET 4.7.03190