System/Kernel
PS C:\wamp\www> cmd /c ver
Microsoft Windows [Version 10.0.17763.2300]
PS C:\wamp\www> systeminfo ; Get-ComputerInfo
Host Name: SQUID
OS Name: Microsoft Windows Server 2019 Standard
OS Version: 10.0.17763 N/A Build 17763
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Server
OS Build Type: Multiprocessor Free
Registered Owner: Windows User
Registered Organization:
Product ID: 00429-70000-00000-AA061
Original Install Date: 5/28/2021, 2:52:51 AM
System Boot Time: 8/1/2024, 7:01:42 PM
System Manufacturer: VMware, Inc.
System Model: VMware7,1
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 25 Model 1 Stepping 1 AuthenticAMD ~2650 Mhz
BIOS Version: VMware, Inc. VMW71.00V.21100432.B64.2301110304, 1/11/2023
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume2
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 2,047 MB
Available Physical Memory: 255 MB
Virtual Memory: Max Size: 2,431 MB
Virtual Memory: Available: 438 MB
Virtual Memory: In Use: 1,993 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: N/A
Hotfix(s): 11 Hotfix(s) Installed.
[01]: KB5007295
[02]: KB4512577
[03]: KB4535680
[04]: KB4577586
[05]: KB4589208
[06]: KB5003243
[07]: KB5003711
[08]: KB5005112
[09]: KB5007206
[10]: KB5006754
[11]: KB5005701
Network Card(s): 1 NIC(s) Installed.
[01]: vmxnet3 Ethernet Adapter
Connection Name: Ethernet0 2
DHCP Enabled: No
IP address(es)
[01]: 192.168.135.189
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
WindowsBuildLabEx : 17763.1.amd64fre.rs5_release.180914-1434
WindowsCurrentVersion : 6.3
WindowsEditionId : ServerStandard
WindowsInstallationType : Server
WindowsInstallDateFromRegistry : 5/28/2021 10:52:51 AM
WindowsProductId : 00429-70000-00000-AA061
WindowsProductName : Windows Server 2019 Standard
WindowsRegisteredOwner : Windows User
WindowsSystemRoot : C:\Windows
WindowsVersion : 1809
OsServerLevel : FullServer
TimeZone : (UTC-08:00) Pacific Time (US & Canada)
PowerPlatformRole : Desktop
DeviceGuardSmartStatus : OffMicrosoft Windows [Version 10.0.17763.2300]OS Name: Microsoft Windows Server 2019 StandardSystem Type: x64-based PCProcessor(s): 1 Processor(s) Installed.Hotfix(s): 11 Hotfix(s) Installed.[01]: KB5007295[02]: KB4512577[03]: KB4535680[04]: KB4577586[05]: KB4589208[06]: KB5003243[07]: KB5003711[08]: KB5005112[09]: KB5007206[10]: KB5006754[11]: KB5005701
Networks
PS C:\wamp\www> ipconfig /all ; arp -a ; print route
Windows IP Configuration
Host Name . . . . . . . . . . . . : SQUID
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet0 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-9E-8A-31
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.135.189(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.135.254
DNS Servers . . . . . . . . . . . : 192.168.135.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Interface: 192.168.135.189 --- 0x10
Internet Address Physical Address Type
192.168.135.254 00-50-56-9e-59-95 dynamic
192.168.135.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
Unable to initialize device PRNPS C:\wamp\www> netstat -ano | Select-String LIST
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 884
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:3128 0.0.0.0:0 LISTENING 3368
TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING 1900
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 1720
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 528
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 1012
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1100
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 1652
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 648
TCP 0.0.0.0:49672 0.0.0.0:0 LISTENING 656
TCP 192.168.135.189:139 0.0.0.0:0 LISTENING 4
TCP [::]:135 [::]:0 LISTENING 884
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:3128 [::]:0 LISTENING 3368
TCP [::]:3306 [::]:0 LISTENING 1900
TCP [::]:5985 [::]:0 LISTENING 4
TCP [::]:8080 [::]:0 LISTENING 1720
TCP [::]:47001 [::]:0 LISTENING 4
TCP [::]:49664 [::]:0 LISTENING 528
TCP [::]:49665 [::]:0 LISTENING 1012
TCP [::]:49666 [::]:0 LISTENING 1100
TCP [::]:49667 [::]:0 LISTENING 1652
TCP [::]:49668 [::]:0 LISTENING 648
TCP [::]:49672 [::]:0 LISTENING 656 TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4
Users & Groups
PS C:\wamp\www> net users ; ls C:\Users
User accounts for \\
-------------------------------------------------------------------------------
Administrator DefaultAccount Guest
WDAGUtilityAccount
The command completed with one or more errors.
Directory: C:\Users
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 5/28/2021 3:53 AM Administrator
d-r--- 5/28/2021 3:53 AM Public PS C:\wamp\www> net localgroup ; net group /DOMAIN
Aliases for \\SQUID
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Administrators
*Backup Operators
*Certificate Service DCOM Access
*Cryptographic Operators
*Device Owners
*Distributed COM Users
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Print Operators
*RDS Endpoint Servers
*RDS Management Servers
*RDS Remote Access Servers
*Remote Desktop Users
*Remote Management Users
*Replicator
*Storage Replica Administrators
*System Managed Accounts Group
*Users
The command completed successfully.
The request will be processed at a domain controller for domain WORKGROUP.
System error 1355 has occurred.
The specified domain either does not exist or could not be contacted.Processes
PS C:\wamp\www> cmd /c tasklist /svc ; ps
Image Name PID Services
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
Registry 88 N/A
smss.exe 284 N/A
csrss.exe 404 N/A
csrss.exe 508 N/A
wininit.exe 528 N/A
winlogon.exe 564 N/A
services.exe 648 N/A
lsass.exe 656 KeyIso, SamSs
svchost.exe 768 BrokerInfrastructure, DcomLaunch, LSM,
PlugPlay, Power, SystemEventsBroker
fontdrvhost.exe 796 N/A
fontdrvhost.exe 800 N/A
svchost.exe 884 RpcEptMapper, RpcSs
dwm.exe 952 N/A
svchost.exe 1012 Dhcp, EventLog, lmhosts, TimeBrokerSvc,
WinHttpAutoProxySvc
svchost.exe 332 DsSvc, NcbService, Netman, SysMain, TrkWks,
UALSVC
svchost.exe 504 CoreMessagingRegistrar, DPS
svchost.exe 1092 CDPSvc, EventSystem, FontCache, netprofm,
nsi, SstpSvc
svchost.exe 1100 BITS, DsmSvc, gpsvc, iphlpsvc, ProfSvc,
Schedule, SENS, ShellHWDetection, Themes,
UserManager, UsoSvc, Winmgmt, wlidsvc,
WpnService
svchost.exe 1196 CryptSvc, Dnscache, LanmanWorkstation,
NlaSvc, WinRM
svchost.exe 1228 Wcmsvc
svchost.exe 1368 BFE, mpssvc
spoolsv.exe 1652 Spooler
svchost.exe 1704 DiagTrack
httpd.exe 1720 ApacheHTTPServer
Diladele.Squid.Service.ex 1816 squidsrv
svchost.exe 1836 W32Time
svchost.exe 1864 LanmanServer
vm3dservice.exe 1872 VM3DService
MsMpEng.exe 1880 WinDefend
mysqld.exe 1900 MySQL
vmtoolsd.exe 1924 VMTools
VGAuthService.exe 1952 VGAuthService
svchost.exe 1604 RasMan
vm3dservice.exe 2104 N/A
svchost.exe 2512 PolicyAgent
dllhost.exe 2720 COMSysApp
svchost.exe 2900 StateRepository
WmiPrvSE.exe 2248 N/A
httpd.exe 1896 N/A
msdtc.exe 2760 MSDTC
squid.exe 3368 N/A
conhost.exe 3376 N/A
conhost.exe 3768 N/A
log_file_daemon.exe 3812 N/A
LogonUI.exe 3684 N/A
SecurityHealthService.exe 4120 SecurityHealthService
WmiPrvSE.exe 4404 N/A
WmiPrvSE.exe 1856 N/A
TrustedInstaller.exe 4732 TrustedInstaller
TiWorker.exe 524 N/A
CompatTelRunner.exe 816 N/A
conhost.exe 1944 N/A
taskhostw.exe 4316 N/A
CompatTelRunner.exe 4192 N/A
conhost.exe 4304 N/A
cmd.exe 2240 N/A
conhost.exe 1588 N/A
nc64.exe 4880 N/A
powershell.exe 4160 N/A
svchost.exe 3856 ClipSVC
WmiApSrv.exe 4632 wmiApSrv
cmd.exe 4356 N/A
tasklist.exe 1048 N/A
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
78 5 3520 3964 0.00 2240 0 cmd
81 5 844 100 816 0 CompatTelRunner
84 5 844 3772 4192 0 CompatTelRunner
123 8 6456 10892 0.05 1588 0 conhost
154 9 6608 2036 1944 0 conhost
154 9 6640 11480 3376 0 conhost
154 9 6600 13044 3768 0 conhost
154 9 6640 12788 4304 0 conhost
495 15 2276 3132 404 0 csrss
164 9 1644 3012 508 1 csrss
604 20 27624 33776 1816 0 Diladele.Squid.Service
259 14 3936 12972 2720 0 dllhost
542 22 25192 48900 952 1 dwm
48 6 1508 3596 796 0 fontdrvhost
48 6 1656 3760 800 1 fontdrvhost
199 29 9780 21572 0.28 1720 0 httpd
392 42 21588 45116 9.25 1896 0 httpd
0 0 56 8 0 0 Idle
112 6 4968 4208 0.02 3812 0 log_file_daemon
478 27 12788 50824 3684 1 LogonUI
921 23 5244 14064 656 0 lsass
225 13 2748 9844 2760 0 msdtc
741 89 210520 173988 1880 0 MsMpEng
674 20 339128 153808 1900 0 mysqld
104 34 948 3928 0.00 4880 0 nc64
1216 30 75144 87780 0.73 4160 0 powershell
0 27 4708 123456 88 0 Registry
242 12 2548 11252 4120 0 SecurityHealthService
330 11 3580 7588 648 0 services
53 3 484 244 284 0 smss
476 23 5836 16228 1652 0 spoolsv
364 21 15872 23268 3368 0 squid
481 29 9852 19052 332 0 svchost
336 16 9216 11276 504 0 svchost
654 17 4540 13860 768 0 svchost
647 16 3768 10024 884 0 svchost
555 17 13252 18808 1012 0 svchost
825 29 8000 19152 1092 0 svchost
1569 57 29300 52860 1100 0 svchost
683 37 8008 21904 1196 0 svchost
314 11 2032 7760 1228 0 svchost
406 32 7636 16024 1368 0 svchost
396 24 3384 11692 1604 0 svchost
487 21 15280 28532 1704 0 svchost
217 12 1696 6824 1836 0 svchost
209 11 2180 7312 1864 0 svchost
164 10 1920 7228 2512 0 svchost
186 12 4584 13020 2900 0 svchost
127 7 1568 6352 3856 0 svchost
1449 0 192 144 4 0 System
293 16 12092 15688 4316 0 taskhostw
184 57 543888 522548 524 0 TiWorker
146 8 2108 7360 4732 0 TrustedInstaller
171 12 3252 8520 1952 0 VGAuthService
144 8 1668 5352 1872 0 vm3dservice
137 9 1756 6068 2104 1 vm3dservice
376 22 9956 20692 1924 0 vmtoolsd
173 11 1344 4768 528 0 wininit
254 12 2644 20384 564 1 winlogon
191 12 2064 9052 4632 0 WmiApSrv
270 11 5252 12772 1856 0 WmiPrvSE
386 17 8740 19132 2248 0 WmiPrvSE
445 23 27576 36416 4404 0 WmiPrvSE spoolsv.exeDiladele.Squid.Service.exe
Tasks
PS C:\wamp\www> Get-ScheduledTask | where {$_.TaskPath -notlike "\Microsoft*" } | ft TaskName,TaskPath,State
TaskName TaskPath State
-------- -------- -----
PermTask \ Ready
SomeTask \ ReadyServices
PS C:\wamp\www> wmic service where "State='Running'" get Name,PathName,StartName | Out-String -Stream | Where-Object { $_ -match 'S' -and $_ -notmatch 'C:\Windows\System32' } | Select-Object -First 100
Name PathName StartName
ApacheHTTPServer "C:\wamp\bin\apache\apache2.4.46\bin\httpd.exe" -k runservice NT AUTHORITY\Local Service
BFE C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p NT AUTHORITY\LocalService
BITS C:\Windows\System32\svchost.exe -k netsvcs -p LocalSystem
BrokerInfrastructure C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
CDPSvc C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
ClipSVC C:\Windows\System32\svchost.exe -k wsappx -p LocalSystem
COMSysApp C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} LocalSystem
CoreMessagingRegistrar C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p NT AUTHORITY\LocalService
CryptSvc C:\Windows\system32\svchost.exe -k NetworkService -p NT Authority\NetworkService
DcomLaunch C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
Dhcp C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
DiagTrack C:\Windows\System32\svchost.exe -k utcsvc -p LocalSystem
Dnscache C:\Windows\system32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
DPS C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p NT AUTHORITY\LocalService
DsmSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
DsSvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
EventLog C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
EventSystem C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
FontCache C:\Windows\system32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
gpsvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
iphlpsvc C:\Windows\System32\svchost.exe -k NetSvcs -p LocalSystem
KeyIso C:\Windows\system32\lsass.exe LocalSystem
LanmanServer C:\Windows\System32\svchost.exe -k smbsvcs LocalSystem
LanmanWorkstation C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
lmhosts C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
LSM
mpssvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p NT Authority\LocalService
MSDTC C:\Windows\System32\msdtc.exe NT AUTHORITY\NetworkService
MySQL C:\wamp\bin\mysql\mysql5.7.31\bin\mysqld.exe MySQL LocalSystem
NcbService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
Netman C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
netprofm C:\Windows\System32\svchost.exe -k LocalService -p NT AUTHORITY\LocalService
NlaSvc C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
nsi C:\Windows\system32\svchost.exe -k LocalService -p NT Authority\LocalService
PlugPlay C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
PolicyAgent C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p NT Authority\NetworkService
Power C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
ProfSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
RasMan C:\Windows\System32\svchost.exe -k netsvcs localSystem
RpcEptMapper C:\Windows\system32\svchost.exe -k RPCSS -p NT AUTHORITY\NetworkService
RpcSs C:\Windows\system32\svchost.exe -k rpcss -p NT AUTHORITY\NetworkService
SamSs C:\Windows\system32\lsass.exe LocalSystem
Schedule C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
SecurityHealthService C:\Windows\system32\SecurityHealthService.exe LocalSystem
SENS C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
ShellHWDetection C:\Windows\System32\svchost.exe -k netsvcs -p LocalSystem
Spooler C:\Windows\System32\spoolsv.exe LocalSystem
squidsrv C:\Squid\bin\Diladele.Squid.Service.exe LocalSystem
SstpSvc C:\Windows\system32\svchost.exe -k LocalService -p NT Authority\LocalService
StateRepository C:\Windows\system32\svchost.exe -k appmodel -p LocalSystem
SysMain C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
SystemEventsBroker C:\Windows\system32\svchost.exe -k DcomLaunch -p LocalSystem
Themes C:\Windows\System32\svchost.exe -k netsvcs -p LocalSystem
TimeBrokerSvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
TrkWks C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe localSystem
UALSVC C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p LocalSystem
UserManager C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
UsoSvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
VGAuthService "C:\Program Files\VMware\VMware Tools\VMware VGAuth\VGAuthService.exe" LocalSystem
VM3DService C:\Windows\system32\vm3dservice.exe LocalSystem
VMTools "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe" LocalSystem
W32Time C:\Windows\system32\svchost.exe -k LocalService NT AUTHORITY\LocalService
Wcmsvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT Authority\LocalService
WinDefend "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe" LocalSystem
WinHttpAutoProxySvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p NT AUTHORITY\LocalService
Winmgmt C:\Windows\system32\svchost.exe -k netsvcs -p localSystem
WinRM C:\Windows\System32\svchost.exe -k NetworkService -p NT AUTHORITY\NetworkService
wlidsvc C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem
wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe localSystem
WpnService C:\Windows\system32\svchost.exe -k netsvcs -p LocalSystem ApacheHTTPServer "C:\wamp\bin\apache\apache2.4.46\bin\httpd.exe" -k runservice NT AUTHORITY\Local ServiceMySQL C:\wamp\bin\mysql\mysql5.7.31\bin\mysqld.exe MySQL LocalSystemSpooler C:\Windows\System32\spoolsv.exe LocalSystemsquidsrv C:\Squid\bin\Diladele.Squid.Service.exe LocalSystem
Installed Programs
PS C:\wamp\www> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue | Where-Object { $_ } | Sort-Object -Unique
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127
Squid
VMware Tools
Wampserver64 3.2.3
Windows 10 Update AssistantFirewall & AV
PS C:\wamp\www> netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Disable
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
3128 TCP Enable Inbound SQUID
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Disable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable Yes Network Discovery
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
3128 TCP Enable Inbound SQUID
Log configuration:
-------------------------------------------------------------------
File location = C:\Windows\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .PS C:\wamp\www> Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property ExclusionPath
AMEngineVersion : 1.1.23080.2005
AMProductVersion : 4.18.23080.2006
AMRunningMode : Normal
AMServiceEnabled : True
AMServiceVersion : 4.18.23080.2006
AntispywareEnabled : True
AntispywareSignatureAge : 574
AntispywareSignatureLastUpdated : 9/13/2023 8:36:16 PM
AntispywareSignatureVersion : 1.397.939.0
AntivirusEnabled : True
AntivirusSignatureAge : 574
AntivirusSignatureLastUpdated : 9/13/2023 8:36:16 PM
AntivirusSignatureVersion : 1.397.939.0
BehaviorMonitorEnabled : False
ComputerID : 6B36948C-4855-7AB7-1F67-B1B49D81D084
ComputerState : 0
DefenderSignaturesOutOfDate : False
DeviceControlDefaultEnforcement : Unknown
DeviceControlPoliciesLastUpdated : 9/14/2023 3:46:42 AM
DeviceControlState : Disabled
FullScanAge : 4294967295
FullScanEndTime :
FullScanOverdue : False
FullScanRequired : False
FullScanSignatureVersion :
FullScanStartTime :
IoavProtectionEnabled : False
IsTamperProtected : False
IsVirtualMachine : True
LastFullScanSource : 0
LastQuickScanSource : 2
NISEnabled : False
NISEngineVersion : 0.0.0.0
NISSignatureAge : 4294967295
NISSignatureLastUpdated :
NISSignatureVersion : 0.0.0.0
OnAccessProtectionEnabled : False
ProductStatus : 524288
QuickScanAge : 0
QuickScanEndTime : 4/10/2025 6:58:52 AM
QuickScanOverdue : False
QuickScanSignatureVersion : 1.397.939.0
QuickScanStartTime : 4/10/2025 6:58:34 AM
RealTimeProtectionEnabled : False
RealTimeScanDirection : 0
RebootRequired : False
SmartAppControlExpiration :
SmartAppControlState : Off
TamperProtectionSource : N/A
TDTMode : N/A
TDTSiloType : N/A
TDTStatus : N/A
TDTTelemetry : N/A
TroubleShootingDailyMaxQuota :
TroubleShootingDailyQuotaLeft :
TroubleShootingEndTime :
TroubleShootingExpirationLeft :
TroubleShootingMode :
TroubleShootingModeSource :
TroubleShootingQuotaResetTime :
TroubleShootingStartTime :
PSComputerName :
ExclusionPath : {N/A: Must be an administrator to view exclusions}Session Architecture
PS C:\wamp\www> [Environment]::Is64BitProcess
TrueInstalled .NET Frameworks
PS C:\wamp\www> cmd /c dir /A:D C:\Windows\Microsoft.NET\Framework ; cmd /c reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP" ; cmd /c reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
cmd /c dir /A:D C:\Windows\Microsoft.NET\Framework ; cmd /c reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP" ; cmd /c reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
Volume in drive C has no label.
Volume Serial Number is 5C30-DCD7
Directory of C:\Windows\Microsoft.NET\Framework
09/15/2018 12:19 AM <DIR> .
09/15/2018 12:19 AM <DIR> ..
09/15/2018 12:19 AM <DIR> v1.0.3705
09/15/2018 12:19 AM <DIR> v1.1.4322
09/15/2018 12:19 AM <DIR> v2.0.50727
04/10/2025 06:58 AM <DIR> v4.0.30319
0 File(s) 0 bytes
6 Dir(s) 7,445,467,136 bytes free
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
SMSvcHostPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.0.NET 4.7.03190