System/Kernel
PS C:\xampp\htdocs\site> cmd /c ver
Microsoft Windows [Version 10.0.19042.1387]
PS C:\xampp\htdocs\site> systeminfo ; Get-ComputerInfo
Host Name: SLORT
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19042 N/A Build 19042
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: Admin
Registered Organization:
Product ID: 00331-10000-00001-AA635
Original Install Date: 12/3/2021, 8:37:40 AM
System Boot Time: 1/30/2025, 12:48:57 AM
System Manufacturer: VMware, Inc.
System Model: VMware7,1
System Type: x64-based PC
Processor(s): 2 Processor(s) Installed.
[01]: AMD64 Family 25 Model 1 Stepping 1 AuthenticAMD ~2650 Mhz
[02]: AMD64 Family 25 Model 1 Stepping 1 AuthenticAMD ~2650 Mhz
BIOS Version: VMware, Inc. VMW71.00V.21100432.B64.2301110304, 1/11/2023
Windows Directory: C:\WINDOWS
System Directory: C:\WINDOWS\system32
Boot Device: \Device\HarddiskVolume2
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 4,095 MB
Available Physical Memory: 2,539 MB
Virtual Memory: Max Size: 4,799 MB
Virtual Memory: Available: 2,758 MB
Virtual Memory: In Use: 2,041 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\SLORT
Hotfix(s): 5 Hotfix(s) Installed.
[01]: KB5009467
[02]: KB4562830
[03]: KB5007253
[04]: KB5006753
[05]: KB5007273
Network Card(s): 1 NIC(s) Installed.
[01]: vmxnet3 Ethernet Adapter
Connection Name: Ethernet0
DHCP Enabled: No
IP address(es)
[01]: 192.168.134.53
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
WindowsBuildLabEx : 19041.1.amd64fre.vb_release.191206-1406
WindowsCurrentVersion : 6.3
WindowsEditionId : Professional
WindowsInstallationType : Client
WindowsInstallDateFromRegistry : 12/3/2021 4:37:40 PM
WindowsProductId : 00331-10000-00001-AA635
WindowsProductName : Windows 10 Pro
WindowsRegisteredOrganization :
WindowsRegisteredOwner : Admin
WindowsSystemRoot : C:\WINDOWS
WindowsVersion : 2009
BiosCharacteristics : {4, 7, 9, 11...}
BiosBIOSVersion : {INTEL - 6040000, VMW71.00V.21100432.B64.2301110304,
VMware, Inc. - 10000}
BiosBuildNumber :
BiosCaption : VMW71.00V.21100432.B64.2301110304
BiosCodeSet :
BiosCurrentLanguage :
BiosDescription : VMW71.00V.21100432.B64.2301110304
BiosEmbeddedControllerMajorVersion : 255
BiosEmbeddedControllerMinorVersion : 255
BiosFirmwareType : Uefi
BiosIdentificationCode :
BiosInstallableLanguages :
BiosInstallDate :
BiosLanguageEdition :
BiosListOfLanguages :
BiosManufacturer : VMware, Inc.
BiosName : VMW71.00V.21100432.B64.2301110304
BiosOtherTargetOS :
BiosPrimaryBIOS : True
BiosReleaseDate : 1/10/2023 4:00:00 PM
BiosSeralNumber : VMware-42 1e c4 a7 34 14 ef 33-06 1b 13 3b 81 f1 be 41
BiosSMBIOSBIOSVersion : VMW71.00V.21100432.B64.2301110304
BiosSMBIOSMajorVersion : 2
BiosSMBIOSMinorVersion : 7
BiosSMBIOSPresent : True
BiosSoftwareElementState : Running
BiosStatus : OK
BiosSystemBiosMajorVersion : 255
BiosSystemBiosMinorVersion : 255
BiosTargetOperatingSystem : 0
6040000sion : INTEL -
CsAdminPasswordStatus : Enabled
CsAutomaticManagedPagefile : True
CsAutomaticResetBootOption : True
CsAutomaticResetCapability : True
CsBootOptionOnLimit : DoNotReboot
CsBootOptionOnWatchDog : DoNotReboot
CsBootROMSupported : True
CsBootStatus : {0, 0, 0, 33...}
CsBootupState : Normal boot
CsCaption : SLORT
CsChassisBootupState : Safe
CsChassisSKUNumber :
CsCurrentTimeZone : -480
CsDaylightInEffect : False
CsDescription : AT/AT COMPATIBLE
CsDNSHostName : slort
CsDomain : WORKGROUP
CsDomainRole : StandaloneWorkstation
CsEnableDaylightSavingsTime : True
CsFrontPanelResetStatus : Unknown
CsHypervisorPresent : True
CsInfraredSupported : False
CsInitialLoadInfo :
CsInstallDate :
CsKeyboardPasswordStatus : Unknown
CsLastLoadInfo :
CsManufacturer : VMware, Inc.
CsModel : VMware7,1
CsName : SLORT
CsNetworkAdapters : {Ethernet0}
CsNetworkServerModeEnabled : True
CsNumberOfLogicalProcessors : 2
CsNumberOfProcessors : 2
CsProcessors : {AMD EPYC 7413 24-Core Processor , AMD EPYC
7413 24-Core Processor }
CsOEMStringArray : {[MS_VM_CERT/SHA1/27d66596a61c48dd3dc7216fd715126e33f59ae7],
Welcome to the Virtual Machine}
CsPartOfDomain : False
CsPauseAfterReset : 3932100000
CsPCSystemType : Desktop
CsPCSystemTypeEx : Desktop
CsPowerManagementCapabilities :
CsPowerManagementSupported :
CsPowerOnPasswordStatus : Disabled
ate : Unknown
CsPowerSupplyState : Safe
CsPrimaryOwnerContact :
CsPrimaryOwnerName : Admin
CsResetCapability : Other
CsResetCount : -1
CsResetLimit : -1
CsRoles : {LM_Workstation, LM_Server, NT}
CsStatus : OK
CsSupportContactDescription :
CsSystemFamily :
CsSystemSKUNumber :
CsSystemType : x64-based PC
CsThermalState : Safe
CsTotalPhysicalMemory : 4293943296
CsPhyicallyInstalledMemory : 4194304
: SLORT\rupert
CsWakeUpType : PowerSwitch
CsWorkgroup : WORKGROUP
OsName : Microsoft Windows 10 Pro
OsType : WINNT
OsOperatingSystemSKU : 48
OsVersion : 10.0.19042
OsCSDVersion :
OsBuildNumber : 19042
OsHotFixes : {KB5009467, KB4562830, KB5007253, KB5006753...}
OsBootDevice : \Device\HarddiskVolume2
OsSystemDevice : \Device\HarddiskVolume4
OsSystemDirectory : C:\WINDOWS\system32
OsSystemDrive : C:
OsWindowsDirectory : C:\WINDOWS
OsCountryCode : 1
OsCurrentTimeZone : -480
OsLocaleID : 0409
OsLocale : en-US
OsLocalDateTime : 2/7/2025 2:19:46 PM
OsLastBootUpTime : 1/30/2025 12:48:57 AM
OsUptime : 8.13:30:49.4052719
OsBuildType : Multiprocessor Free
OsCodeSet : 1252
OsDataExecutionPreventionAvailable : True
OsDataExecutionPrevention32BitApplications : True
OsDataExecutionPreventionDrivers : True
OsDataExecutionPreventionSupportPolicy : OptIn
OsDebug : False
OsDistributed : False
OsEncryptionLevel : 256
OsForegroundApplicationBoost : Maximum
OsTotalVisibleMemorySize : 4193304
OsFreePhysicalMemory : 2590132
OsTotalVirtualMemorySize : 4914200
OsFreeVirtualMemory : 2817016
OsInUseVirtualMemory : 2097184
OsTotalSwapSpaceSize :
OsSizeStoredInPagingFiles : 720896
OsFreeSpaceInPagingFiles : 706752
OsPagingFiles : {C:\pagefile.sys}
OsHardwareAbstractionLayer : 10.0.19041.1151
OsInstallDate : 12/3/2021 8:37:40 AM
OsManufacturer : Microsoft Corporation
OsMaxNumberOfProcesses : 4294967295
OsMaxProcessMemorySize : 137438953344
OsMuiLanguages : {en-US}
OsNumberOfLicensedUsers :
OsNumberOfProcesses : 130
OsNumberOfUsers : 5
OsOrganization :
OsArchitecture : 64-bit
OsLanguage : en-US
OsProductSuites : {TerminalServicesSingleSession}
OsOtherTypeDescription :
OsPAEEnabled :
OsPortableOperatingSystem : False
OsPrimary : True
OsProductType : WorkStation
: AdminedUser
: 00331-10000-00001-AA635
OsServicePackMajorVersion : 0
OsServicePackMinorVersion : 0
OsStatus : OK
OsSuites : {TerminalServices, TerminalServicesSingleSession}
OsServerLevel :
KeyboardLayout : en-US
TimeZone : (UTC-08:00) Pacific Time (US & Canada)
LogonServer : \\SLORT
PowerPlatformRole : Desktop
HyperVisorPresent : True
HyperVRequirementDataExecutionPreventionAvailable :
HyperVRequirementSecondLevelAddressTranslation :
HyperVRequirementVirtualizationFirmwareEnabled :
HyperVRequirementVMMonitorModeExtensions :
DeviceGuardSmartStatus : Off
DeviceGuardRequiredSecurityProperties :
DeviceGuardAvailableSecurityProperties :
DeviceGuardSecurityServicesConfigured :
DeviceGuardSecurityServicesRunning :
DeviceGuardCodeIntegrityPolicyEnforcementStatus :
DeviceGuardUserModeCodeIntegrityPolicyEnforcementStatus : 10.0.19042.1387
Microsoft Windows 10 Pro
x64-based
2 Processor(s)
5 Hotfix(s)
[01]: KB5009467
[02]: KB4562830
[03]: KB5007253
[04]: KB5006753
[05]: KB5007273
Networks
PS C:\xampp\htdocs\site> ipconfig /all ; arp -a ; print route
Windows IP Configuration
Host Name . . . . . . . . . . . . : slort
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet0:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-9E-EE-2F
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.134.53(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.134.254
DNS Servers . . . . . . . . . . . : 192.168.134.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Interface: 192.168.134.53 --- 0x7
Internet Address Physical Address Type
192.168.134.254 00-50-56-9e-b8-c6 dynamic
192.168.134.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
255.255.255.255 ff-ff-ff-ff-ff-ff static
Unable to initialize device PRNPS C:\xampp\htdocs\site> netstat -ano | Select-String LIST
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 2720
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 868
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING 3384
TCP 0.0.0.0:4443 0.0.0.0:0 LISTENING 3952
TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING 4700
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 3952
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 644
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 496
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1176
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 884
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 628
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 2436
TCP 127.0.0.1:14147 0.0.0.0:0 LISTENING 2720
TCP 192.168.134.53:139 0.0.0.0:0 LISTENING 4
TCP [::]:21 [::]:0 LISTENING 2720
TCP [::]:135 [::]:0 LISTENING 868
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:3306 [::]:0 LISTENING 3384
TCP [::]:4443 [::]:0 LISTENING 3952
TCP [::]:8080 [::]:0 LISTENING 3952
TCP [::]:49664 [::]:0 LISTENING 644
TCP [::]:49665 [::]:0 LISTENING 496
TCP [::]:49666 [::]:0 LISTENING 1176
TCP [::]:49667 [::]:0 LISTENING 884
TCP [::]:49668 [::]:0 LISTENING 628
TCP [::]:49669 [::]:0 LISTENING 2436
TCP [::1]:14147 [::]:0 LISTENING 2720Users & Groups
PS C:\xampp\htdocs\site> net users ; ls C:\Users
User accounts for \\SLORT
-------------------------------------------------------------------------------
Administrator DefaultAccount Guest
rupert WDAGUtilityAccount
The command completed successfully.
Directory: C:\Users
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 12/3/2021 8:32 AM Admin
d----- 12/3/2021 8:40 AM Administrator
d-r--- 12/3/2021 8:26 AM Public
d----- 1/30/2025 12:49 AM rupert Admin
PS C:\xampp\htdocs\site> net localgroup ; net group /DOMAIN
System error 1355 has occurred.
The specified domain either does not exist or could not be contacted.
Aliases for \\SLORT
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Administrators
*Backup Operators
*Cryptographic Operators
*Device Owners
*Distributed COM Users
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Remote Desktop Users
*Remote Management Users
*Replicator
*System Managed Accounts Group
*Users
The command completed successfully.
The request will be processed at a domain controller for domain WORKGROUP.Processes
PS C:\xampp\htdocs\site> cmd /c tasklist /svc ; ps
Image Name PID Services
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
Registry 92 N/A
smss.exe 316 N/A
csrss.exe 424 N/A
wininit.exe 496 N/A
csrss.exe 504 N/A
winlogon.exe 588 N/A
services.exe 628 N/A
lsass.exe 644 KeyIso, SamSs, VaultSvc
svchost.exe 748 BrokerInfrastructure, DcomLaunch, PlugPlay,
Power, SystemEventsBroker
fontdrvhost.exe 768 N/A
fontdrvhost.exe 776 N/A
svchost.exe 868 RpcEptMapper, RpcSs
svchost.exe 916 LSM
dwm.exe 992 N/A
svchost.exe 444 DsmSvc
svchost.exe 884 Schedule
svchost.exe 1040 NcbService
svchost.exe 1048 ProfSvc
svchost.exe 1132 UserManager
svchost.exe 1160 CoreMessagingRegistrar
svchost.exe 1176 EventLog
svchost.exe 1184 TimeBrokerSvc
svchost.exe 1328 nsi
svchost.exe 1380 Dhcp
svchost.exe 1392 DispBrokerDesktopSvc
svchost.exe 1528 NlaSvc
svchost.exe 1568 EventSystem
svchost.exe 1576 SysMain
svchost.exe 1588 Themes
Memory Compression 1660 N/A
svchost.exe 1696 SENS
svchost.exe 1716 netprofm
svchost.exe 1808 AudioEndpointBuilder
svchost.exe 1820 FontCache
svchost.exe 1908 Audiosrv
svchost.exe 1992 WinHttpAutoProxySvc
svchost.exe 2020 SEMgrSvc
svchost.exe 1420 Wcmsvc
svchost.exe 1624 Dnscache
svchost.exe 1736 DusmSvc
svchost.exe 2156 ShellHWDetection
svchost.exe 2204 BFE, mpssvc
svchost.exe 2256 LanmanWorkstation
svchost.exe 2428 IKEEXT
svchost.exe 2436 PolicyAgent
svchost.exe 2508 CryptSvc
svchost.exe 2516 DiagTrack
svchost.exe 2528 DPS
svchost.exe 2544 Winmgmt
svchost.exe 2616 SstpSvc
svchost.exe 2624 LanmanServer
svchost.exe 2636 TrkWks
VGAuthService.exe 2648 VGAuthService
svchost.exe 2664 WpnService
vmtoolsd.exe 2672 VMTools
svchost.exe 2824 iphlpsvc
svchost.exe 2852 WdiServiceHost
svchost.exe 3036 RasMan
dllhost.exe 3212 COMSysApp
WmiPrvSE.exe 3408 N/A
svchost.exe 3656 RmSvc
msdtc.exe 3772 MSDTC
sihost.exe 4188 N/A
svchost.exe 4208 CDPUserSvc_46cf2
svchost.exe 4256 WpnUserService_46cf2
taskhostw.exe 4344 N/A
MicrosoftEdgeUpdate.exe 4372 N/A
svchost.exe 4412 TokenBroker
svchost.exe 4536 TabletInputService
svchost.exe 4584 StateRepository
ctfmon.exe 4608 N/A
svchost.exe 4700 CDPSvc
explorer.exe 5040 N/A
svchost.exe 4292 cbdhsvc_46cf2
StartMenuExperienceHost.e 4520 N/A
RuntimeBroker.exe 5156 N/A
SearchApp.exe 5260 N/A
SearchIndexer.exe 5272 WSearch
RuntimeBroker.exe 5396 N/A
svchost.exe 5580 LicenseManager
RuntimeBroker.exe 6068 N/A
RuntimeBroker.exe 3684 N/A
SecurityHealthSystray.exe 5860 N/A
SecurityHealthService.exe 5760 SecurityHealthService
vmtoolsd.exe 4840 N/A
xampp-control.exe 5288 N/A
httpd.exe 3952 N/A
mysqld.exe 3384 N/A
FileZillaServer.exe 2720 N/A
conhost.exe 4076 N/A
svchost.exe 3348 BITS
svchost.exe 3016 SSDPSRV
httpd.exe 376 N/A
YourPhone.exe 4892 N/A
SystemSettings.exe 6904 N/A
ApplicationFrameHost.exe 6908 N/A
svchost.exe 7160 UsoSvc
svchost.exe 1208 PcaSvc
SgrmBroker.exe 7708 SgrmBroker
svchost.exe 7788 StorSvc
svchost.exe 7924 W32Time
svchost.exe 7960 wscsvc
svchost.exe 8032 OneSyncSvc_46cf2
svchost.exe 7396 InstallService
ShellExperienceHost.exe 2612 N/A
RuntimeBroker.exe 7568 N/A
UserOOBEBroker.exe 4360 N/A
svchost.exe 5228 DsSvc
taskhostw.exe 3252 N/A
svchost.exe 2372 WbioSrvc
svchost.exe 7256 Netman
svchost.exe 4112 wuauserv
svchost.exe 4712 lmhosts
Microsoft.Photos.exe 4740 N/A
RuntimeBroker.exe 7500 N/A
svchost.exe 4276 ClipSVC
svchost.exe 7832 wlidsvc
cmd.exe 5036 N/A
conhost.exe 4308 N/A
cmd.exe 7804 N/A
powershell.exe 2592 N/A
cmd.exe 7228 N/A
tasklist.exe 2988 N/A
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
323 19 7516 25476 0.08 6908 1 ApplicationFrameHost
73 5 4260 3948 0.00 5036 1 cmd
79 5 4312 4176 0.00 7804 1 cmd
125 10 7216 14348 0.03 4076 1 conhost
104 8 6380 10556 0.02 4308 1 conhost
490 19 1724 5200 424 0 csrss
432 16 1780 5112 504 1 csrss
387 15 3560 14388 0.09 4608 1 ctfmon
260 14 3800 13652 3212 0 dllhost
827 35 25700 48948 992 1 dwm
1713 92 26352 92148 1.75 5040 1 explorer
129 16 1856 6884 0.33 2720 1 FileZillaServer
37 6 1540 4112 768 0 fontdrvhost
37 6 1924 5580 776 1 fontdrvhost
939 92 501992 195392 4,862.70 376 1 httpd
154 28 9456 18916 0.30 3952 1 httpd
0 0 60 8 0 0 Idle
1237 27 7268 19992 644 0 lsass
0 0 120 1432 1660 0 Memory Compression
685 42 41240 1744 0.55 4740 1 Microsoft.Photos
212 13 1928 236 4372 0 MicrosoftEdgeUpdate
224 13 3096 10412 3772 0 msdtc
162 15 209896 28496 0.52 3384 1 mysqld
531 28 64936 72804 0.50 2592 1 powershell
0 20 4040 16812 92 0 Registry
218 12 2256 12820 0.25 3684 1 RuntimeBroker
267 16 5404 22644 0.72 5156 1 RuntimeBroker
320 17 6732 24892 0.58 5396 1 RuntimeBroker
218 13 2688 14060 0.05 6068 1 RuntimeBroker
275 17 4976 18108 0.14 7500 1 RuntimeBroker
211 11 2536 16540 0.06 7568 1 RuntimeBroker
1031 63 46640 105436 1.98 5260 1 SearchApp
755 37 17628 25580 5272 0 SearchIndexer
420 17 4132 15240 5760 0 SecurityHealthService
160 10 1656 8928 0.03 5860 1 SecurityHealthSystray
611 11 5016 10008 628 0 services
105 8 3784 7048 7708 0 SgrmBroker
541 25 9684 41444 0.13 2612 1 ShellExperienceHost
498 17 5572 24840 1.23 4188 1 sihost
53 3 1056 1168 316 0 smss
605 28 16624 56272 0.36 4520 1 StartMenuExperienceHost
351 16 4420 13596 444 0 svchost
1695 21 11056 27720 748 0 svchost
1081 17 7044 14324 868 0 svchost
404 19 6136 15512 884 0 svchost
258 11 2220 7912 916 0 svchost
213 12 2100 9848 1040 0 svchost
257 14 3344 13524 1048 0 svchost
309 13 3180 18288 1132 0 svchost
147 7 1380 5952 1160 0 svchost
416 13 13772 17072 1176 0 svchost
322 9 1920 12076 1184 0 svchost
241 12 4176 9436 1208 0 svchost
129 18 4084 8260 1328 0 svchost
215 9 1936 7260 1380 0 svchost
123 8 1384 7208 1392 0 svchost
364 12 2204 9644 1420 0 svchost
400 14 4264 12228 1528 0 svchost
434 9 2864 8856 1568 0 svchost
238 15 52788 55620 1576 0 svchost
172 7 1276 5804 1588 0 svchost
263 12 2636 8016 1624 0 svchost
175 10 1836 8248 1696 0 svchost
383 12 2704 9212 1716 0 svchost
127 9 1520 6404 1736 0 svchost
142 9 1488 7248 1808 0 svchost
166 10 2032 8124 1820 0 svchost
206 10 1976 8660 1908 0 svchost
171 9 1832 7404 1992 0 svchost
233 12 2268 11324 2020 0 svchost
195 12 2020 12460 2156 0 svchost
423 32 9292 18404 2204 0 svchost
185 11 1980 7964 2256 0 svchost
219 13 2876 11600 2372 0 svchost
264 13 2592 8096 2428 0 svchost
167 12 1696 7460 2436 0 svchost
279 27 4292 14352 2508 0 svchost
514 25 17984 34156 2516 0 svchost
318 18 26300 31356 2528 0 svchost
431 16 11632 21412 2544 0 svchost
130 9 1524 6716 2616 0 svchost
213 12 2404 9260 2624 0 svchost
125 7 1236 5628 2636 0 svchost
308 15 3820 18772 2664 0 svchost
369 15 2800 10960 2824 0 svchost
103 7 1228 5436 2852 0 svchost
217 13 2028 7548 3016 0 svchost
384 24 3340 12768 3036 0 svchost
461 27 9076 18832 3348 0 svchost
200 11 1888 8408 3656 0 svchost
521 69 15572 21200 4112 0 svchost
297 14 3684 16364 0.05 4208 1 svchost
414 21 7396 31596 0.66 4256 1 svchost
122 8 2504 7644 4276 0 svchost
233 12 2976 16488 0.33 4292 1 svchost
308 12 3160 14460 4412 0 svchost
168 9 1776 8072 4536 0 svchost
168 9 5620 13812 4584 0 svchost
456 118 5188 16508 4700 0 svchost
109 7 1320 5548 4712 0 svchost
202 15 6128 9704 5228 0 svchost
202 12 2908 15620 5580 0 svchost
197 11 2328 9324 7160 0 svchost
197 12 2172 10700 7256 0 svchost
360 19 5588 25084 7396 0 svchost
218 12 2496 11268 7788 0 svchost
333 16 3664 14660 7832 0 svchost
205 12 1724 7588 7924 0 svchost
215 12 2432 9648 7960 0 svchost
250 14 2736 11960 0.06 8032 1 svchost
2193 0 196 144 4 0 System
812 38 19420 2224 0.41 6904 1 SystemSettings
376 21 7816 22200 0.09 3252 1 taskhostw
255 28 5516 14648 0.20 4344 1 taskhostw
136 10 1868 9180 0.03 4360 1 UserOOBEBroker
173 11 3140 10380 2648 0 VGAuthService
391 21 9644 22416 2672 0 vmtoolsd
260 18 3956 16020 19.98 4840 1 vmtoolsd
162 11 1340 6988 496 0 wininit
263 12 2584 11360 588 1 winlogon
362 17 8424 18896 3408 0 WmiPrvSE
236 18 6244 17992 2.36 5288 1 xampp-control
529 39 17708 9036 0.20 4892 1 YourPhone xampp-control.exe
httpd.exe
mysqld.exe
FileZillaServer.exe
YourPhone.exe
SystemSettings.exe
Microsoft.Photos.exe
Tasks
PS C:\xampp\htdocs\site> Get-ScheduledTask
TaskPath TaskName State
-------- -------- -----
\ OneDrive Reporting Task-S-1-5-... Ready
\Microsoft\Windows\.NET Framework\ .NET Framework NGEN v4.0.30319 Ready
\Microsoft\Windows\.NET Framework\ .NET Framework NGEN v4.0.30319 64 Ready
\Microsoft\Windows\.NET Framework\ .NET Framework NGEN v4.0.30319... Disabled
\Microsoft\Windows\.NET Framework\ .NET Framework NGEN v4.0.30319... Disabled
\Microsoft\Windows\Active Directory Rights ... AD RMS Rights Policy Template ... Disabled
\Microsoft\Windows\Active Directory Rights ... AD RMS Rights Policy Template ... Ready
\Microsoft\Windows\AppID\ PolicyConverter Disabled
\Microsoft\Windows\AppID\ VerifiedPublisherCertStoreCheck Disabled
\Microsoft\Windows\Application Experience\ Microsoft Compatibility Appraiser Ready
\Microsoft\Windows\Application Experience\ PcaPatchDbTask Ready
\Microsoft\Windows\Application Experience\ ProgramDataUpdater Ready
\Microsoft\Windows\Application Experience\ StartupAppTask Ready
\Microsoft\Windows\ApplicationData\ appuriverifierdaily Ready
\Microsoft\Windows\ApplicationData\ appuriverifierinstall Ready
\Microsoft\Windows\ApplicationData\ CleanupTemporaryState Ready
\Microsoft\Windows\ApplicationData\ DsSvcCleanup Ready
\Microsoft\Windows\AppxDeploymentClient\ Pre-staged app cleanup Disabled
\Microsoft\Windows\Autochk\ Proxy Ready
\Microsoft\Windows\BitLocker\ BitLocker Encrypt All Drives Ready
\Microsoft\Windows\BitLocker\ BitLocker MDM policy Refresh Ready
\Microsoft\Windows\Bluetooth\ UninstallDeviceTask Ready
\Microsoft\Windows\BrokerInfrastructure\ BgTaskRegistrationMaintenanceTask Ready
\Microsoft\Windows\CertificateServicesClient\ UserTask Ready
\Microsoft\Windows\CertificateServicesClient\ UserTask-Roam Ready
\Microsoft\Windows\Chkdsk\ ProactiveScan Ready
\Microsoft\Windows\Chkdsk\ SyspartRepair Ready
\Microsoft\Windows\CloudExperienceHost\ CreateObjectTask Ready
\Microsoft\Windows\Customer Experience Impr... Consolidator Ready
\Microsoft\Windows\Customer Experience Impr... UsbCeip Ready
\Microsoft\Windows\Data Integrity Scan\ Data Integrity Check And Scan Ready
\Microsoft\Windows\Data Integrity Scan\ Data Integrity Scan Ready
\Microsoft\Windows\Data Integrity Scan\ Data Integrity Scan for Crash ... Ready
\Microsoft\Windows\Defrag\ ScheduledDefrag Ready
\Microsoft\Windows\Device Information\ Device Ready
\Microsoft\Windows\Device Information\ Device User Ready
\Microsoft\Windows\Diagnosis\ RecommendedTroubleshootingScanner Ready
\Microsoft\Windows\Diagnosis\ Scheduled Ready
\Microsoft\Windows\DirectX\ DirectXDatabaseUpdater Ready
\Microsoft\Windows\DirectX\ DXGIAdapterCache Ready
\Microsoft\Windows\DiskCleanup\ SilentCleanup Ready
\Microsoft\Windows\DiskDiagnostic\ Microsoft-Windows-DiskDiagnost... Ready
\Microsoft\Windows\DiskDiagnostic\ Microsoft-Windows-DiskDiagnost... Disabled
\Microsoft\Windows\DiskFootprint\ Diagnostics Ready
\Microsoft\Windows\DiskFootprint\ StorageSense Ready
\Microsoft\Windows\DUSM\ dusmtask Ready
\Microsoft\Windows\EDP\ EDP App Launch Task Ready
\Microsoft\Windows\EDP\ EDP Auth Task Ready
\Microsoft\Windows\EDP\ EDP Inaccessible Credentials Task Ready
\Microsoft\Windows\EDP\ StorageCardEncryption Task Ready
\Microsoft\Windows\ExploitGuard\ ExploitGuard MDM policy Refresh Ready
\Microsoft\Windows\Feedback\Siuf\ DmClient Ready
\Microsoft\Windows\Feedback\Siuf\ DmClientOnScenarioDownload Ready
\Microsoft\Windows\File Classification Infr... Property Definition Sync Disabled
\Microsoft\Windows\FileHistory\ File History (maintenance mode) Ready
\Microsoft\Windows\Flighting\FeatureConfig\ ReconcileFeatures Ready
\Microsoft\Windows\Flighting\FeatureConfig\ UsageDataFlushing Ready
\Microsoft\Windows\Flighting\FeatureConfig\ UsageDataReporting Ready
\Microsoft\Windows\Flighting\OneSettings\ RefreshCache Ready
\Microsoft\Windows\Input\ LocalUserSyncDataAvailable Ready
\Microsoft\Windows\Input\ MouseSyncDataAvailable Ready
\Microsoft\Windows\Input\ PenSyncDataAvailable Ready
\Microsoft\Windows\Input\ TouchpadSyncDataAvailable Ready
\Microsoft\Windows\InstallService\ ScanForUpdates Ready
\Microsoft\Windows\InstallService\ ScanForUpdatesAsUser Ready
\Microsoft\Windows\InstallService\ WakeUpAndContinueUpdates Disabled
\Microsoft\Windows\InstallService\ WakeUpAndScanForUpdates Disabled
\Microsoft\Windows\International\ Synchronize Language Settings Ready
\Microsoft\Windows\LanguageComponentsInstal... Installation Ready
\Microsoft\Windows\LanguageComponentsInstal... ReconcileLanguageResources Ready
\Microsoft\Windows\Location\ Notifications Ready
\Microsoft\Windows\Location\ WindowsActionDialog Ready
\Microsoft\Windows\Maintenance\ WinSAT Ready
\Microsoft\Windows\Management\Provisioning\ Cellular Ready
\Microsoft\Windows\Management\Provisioning\ Logon Ready
\Microsoft\Windows\Management\Provisioning\ Retry Disabled
\Microsoft\Windows\Management\Provisioning\ RunOnReboot Disabled
\Microsoft\Windows\Maps\ MapsToastTask Ready
\Microsoft\Windows\Maps\ MapsUpdateTask Disabled
\Microsoft\Windows\MemoryDiagnostic\ ProcessMemoryDiagnosticEvents Ready
\Microsoft\Windows\MemoryDiagnostic\ RunFullMemoryDiagnostic Ready
\Microsoft\Windows\Mobile Broadband Accounts\ MNO Metadata Parser Ready
\Microsoft\Windows\MUI\ LPRemove Ready
\Microsoft\Windows\Multimedia\ SystemSoundsService Running
\Microsoft\Windows\NetTrace\ GatherNetworkInfo Ready
\Microsoft\Windows\NlaSvc\ WiFiTask Ready
\Microsoft\Windows\Offline Files\ Background Synchronization Disabled
\Microsoft\Windows\Offline Files\ Logon Synchronization Disabled
\Microsoft\Windows\Plug and Play\ Device Install Group Policy Ready
\Microsoft\Windows\Plug and Play\ Device Install Reboot Required Ready
\Microsoft\Windows\Plug and Play\ Sysprep Generalize Drivers Ready
\Microsoft\Windows\Power Efficiency Diagnos... AnalyzeSystem Ready
\Microsoft\Windows\Printing\ EduPrintProv Ready
\Microsoft\Windows\RecoveryEnvironment\ VerifyWinRE Disabled
\Microsoft\Windows\Registry\ RegIdleBackup Ready
\Microsoft\Windows\Servicing\ StartComponentCleanup Ready
\Microsoft\Windows\SettingSync\ BackgroundUploadTask Ready
\Microsoft\Windows\SettingSync\ NetworkStateChangeTask Ready
\Microsoft\Windows\SharedPC\ Account Cleanup Disabled
\Microsoft\Windows\Shell\ CreateObjectTask Ready
\Microsoft\Windows\Shell\ FamilySafetyMonitor Ready
\Microsoft\Windows\Shell\ FamilySafetyRefreshTask Ready
\Microsoft\Windows\Shell\ IndexerAutomaticMaintenance Ready
\Microsoft\Windows\SoftwareProtectionPlatform\ SvcRestartTaskLogon Ready
\Microsoft\Windows\SpacePort\ SpaceAgentTask Ready
\Microsoft\Windows\SpacePort\ SpaceManagerTask Ready
\Microsoft\Windows\Speech\ HeadsetButtonPress Ready
\Microsoft\Windows\StateRepository\ MaintenanceTasks Ready
\Microsoft\Windows\Storage Tiers Management\ Storage Tiers Management Initi... Ready
\Microsoft\Windows\Storage Tiers Management\ Storage Tiers Optimization Disabled
\Microsoft\Windows\Subscription\ EnableLicenseAcquisition Ready
\Microsoft\Windows\Subscription\ LicenseAcquisition Disabled
\Microsoft\Windows\Sysmain\ HybridDriveCachePrepopulate Disabled
\Microsoft\Windows\Sysmain\ HybridDriveCacheRebalance Disabled
\Microsoft\Windows\Sysmain\ ResPriStaticDbSync Ready
\Microsoft\Windows\Sysmain\ WsSwapAssessmentTask Ready
\Microsoft\Windows\SystemRestore\ SR Ready
\Microsoft\Windows\Task Manager\ Interactive Ready
\Microsoft\Windows\TextServicesFramework\ MsCtfMonitor Ready
\Microsoft\Windows\Time Synchronization\ ForceSynchronizeTime Ready
\Microsoft\Windows\Time Synchronization\ SynchronizeTime Ready
\Microsoft\Windows\Time Zone\ SynchronizeTimeZone Ready
\Microsoft\Windows\UNP\ RunUpdateNotificationMgr Disabled
\Microsoft\Windows\UPnP\ UPnPHostConfig Ready
\Microsoft\Windows\USB\ Usb-Notifications Ready
\Microsoft\Windows\WCM\ WiFiTask Ready
\Microsoft\Windows\WDI\ ResolutionHost Running
\Microsoft\Windows\Windows Defender\ Windows Defender Cache Mainten... Ready
\Microsoft\Windows\Windows Defender\ Windows Defender Cleanup Ready
\Microsoft\Windows\Windows Defender\ Windows Defender Scheduled Scan Ready
\Microsoft\Windows\Windows Defender\ Windows Defender Verification Ready
\Microsoft\Windows\Windows Error Reporting\ QueueReporting Ready
\Microsoft\Windows\Windows Filtering Platform\ BfeOnServiceStartTypeChange Ready
\Microsoft\Windows\Windows Media Sharing\ UpdateLibrary Ready
\Microsoft\Windows\WindowsColorSystem\ Calibration Loader Ready
\Microsoft\Windows\WindowsUpdate\ Scheduled Start Ready
\Microsoft\Windows\WindowsUpdate\RUXIM\ RUXIMDisplay Ready
\Microsoft\Windows\WindowsUpdate\RUXIM\ RUXIMSync Ready
\Microsoft\Windows\Wininet\ CacheTask Running
\Microsoft\Windows\WlanSvc\ CDSSync Ready
\Microsoft\Windows\Work Folders\ Work Folders Logon Synchroniza... Ready
\Microsoft\Windows\Work Folders\ Work Folders Maintenance Work Ready
\Microsoft\Windows\Workplace Join\ Automatic-Device-Join Disabled
\Microsoft\Windows\Workplace Join\ Device-Sync Disabled
\Microsoft\Windows\Workplace Join\ Recovery-Check Disabled
\Microsoft\Windows\WwanSvc\ NotificationTask Ready
\Microsoft\Windows\WwanSvc\ OobeDiscovery Ready
\Microsoft\XblGameSave\ XblGameSaveTask Ready Installed Programs
PS C:\xampp\htdocs\site> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue | Where-Object { $_ } | Sort-Object -Unique
Microsoft Edge
Microsoft Edge Update
Microsoft Update Health Tools
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.12.25810
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.12.25810
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25810
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25810
Update for Windows 10 for x64-based Systems (KB5001716)
VMware Tools
Windows PC Health Check
XAMPPXAMPP
Firewall & AV
PS C:\xampp\htdocs\site> netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No Network Discovery
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Enable Inbound Apache HTTP Server / C:\xampp\apache\bin\httpd.exe
Enable Inbound mysqld / C:\xampp\mysql\bin\mysqld.exe
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .Enable Inbound Apache HTTP Server / C:\xampp\apache\bin\httpd.exe
Enable Inbound mysqld / C:\xampp\mysql\bin\mysqld.exe
PS C:\xampp\htdocs\site> Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property ExclusionPath
Get-MpComputerStatus : A general error occurred that is not covered by a more specific error code.
At line:1 char:1
+ Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property Exc ...
+ ~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpComputerStatus:ROOT\Microsoft\...pComputerStatus) [Get-MpComputerS
tatus], CimException
+ FullyQualifiedErrorId : HRESULT 0x800106ba,Get-MpComputerStatus
ExclusionPath
-------------Session Architecture
PS C:\xampp\htdocs\site> [Environment]::Is64BitProcess
TrueInstalled .NET Frameworks
12/07/2019 01:31 AM <DIR> .
12/07/2019 01:31 AM <DIR> ..
12/03/2021 08:28 AM <DIR> v1.0.3705
12/03/2021 08:28 AM <DIR> v1.1.4322
12/07/2019 01:14 AM <DIR> v2.0.50727
02/07/2025 10:17 AM <DIR> v4.0.30319
0 File(s) 0 bytes
6 Dir(s) 28,201,615,360 bytes free
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
SMSvcHostPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.0.NET 4.8.04084