20221215_howards_surfacepro

1. C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib>c:\Windows\System32\certutil.exe -dump cacerts.pem
2. X509 Certificate:
3. Version: 1
4. Serial Number: 01a5
5. Signature Algorithm:
6. Algorithm ObjectId: 1.2.840.113549.1.1.4 md5RSA
7. Algorithm Parameters:
8. 05 00
9. Issuer:
10. CN=GTE CyberTrust Global Root
11. OU=GTE CyberTrust Solutions, Inc.
12. O=GTE Corporation
13. C=US
14. Name Hash(sha1): 697bb4081898dfa9c6208c0fa897e2f60ee66c7e
15. Name Hash(md5): 1d4d654df8262fc7e8be90f155a00b29
16.  
17. NotBefore: 8/12/1998 4:29 PM
18. NotAfter: 8/13/2018 3:59 PM
19.  
20. Subject:
21. CN=GTE CyberTrust Global Root
22. OU=GTE CyberTrust Solutions, Inc.
23. O=GTE Corporation
24. C=US
25. Name Hash(sha1): 697bb4081898dfa9c6208c0fa897e2f60ee66c7e
26. Name Hash(md5): 1d4d654df8262fc7e8be90f155a00b29
27.  
28. Public Key Algorithm:
29. Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
30. Algorithm Parameters:
31. 05 00
32. Public Key Length: 1024 bits
33. Public Key: UnusedBits = 0
34. 0000 30 81 89 02 81 81 00 95 0f a0 b6 f0 50 9c e8 7a
35. 0010 c7 88 cd dd 17 0e 2e b0 94 d0 1b 3d 0e f6 94 c0
36. 0020 8a 94 c7 06 c8 90 97 c8 b8 64 1a 7a 7e 6c 3c 53
37. 0030 e1 37 28 73 60 7f b2 97 53 07 9f 53 f9 6d 58 94
38. 0040 d2 af 8d 6d 88 67 80 e6 ed b2 95 cf 72 31 ca a5
39. 0050 1c 72 ba 5c 02 e7 64 42 e7 f9 a9 2c d6 3a 0d ac
40. 0060 8d 42 aa 24 01 39 e6 9c 3f 01 85 57 0d 58 87 45
41. 0070 f8 d3 85 aa 93 69 26 85 70 48 80 3f 12 15 c7 79
42. 0080 b4 1f 05 2f 3b 62 99 02 03 01 00 01
43. Certificate Extensions: 0
44. Signature Algorithm:
45. Algorithm ObjectId: 1.2.840.113549.1.1.4 md5RSA
46. Algorithm Parameters:
47. 05 00
48. Signature: UnusedBits=0
49. 0000 7f 7a 0b ab f9 cc a7 ba ad 95 cd b5 22 1f 4f ae
50. 0010 aa c7 6d 85 5c 9d 1f 9e d8 94 cb ef 93 95 0f 0d
51. 0020 a7 24 c4 34 85 a3 d7 b0 5b 5f 97 05 ec 8e bf 61
52. 0030 68 f5 7c e2 d5 fa ba 4e 95 c0 b9 1e 42 8b d9 b1
53. 0040 5c f3 ea f0 e9 18 54 63 9b 7d 55 76 f4 dc 7d b9
54. 0050 d7 74 c8 40 df 4e 34 7b 9e 08 13 81 33 16 83 c5
55. 0060 30 0e ab fb 3d 85 03 14 a2 73 de a6 7c a0 e3 77
56. 0070 48 3c 2a a4 61 22 67 db 51 d9 5e e9 09 1b eb 6d
57. Signature matches Public Key
58. Root Certificate: Subject matches Issuer
59. Key Id Hash(rfc-sha1): a60c1d9f61ff0717b5bf3846db4330d58eb05206
60. Key Id Hash(sha1): 597912de6175d66fc423b7771374c796de6f8872
61. Key Id Hash(bcrypt-sha1): d96f7667462f547917c58db4d86ad42368234265
62. Key Id Hash(bcrypt-sha256): 6d715d0d3a76b9f0e8350632c8c98e16fb749fda8366939c7346a6e3f893ba0b
63. Key Id Hash(md5): b9632f69390c2f2d6b23e01fec8c7389
64. Key Id Hash(sha256): f5821f4358e777462928058e50f3c699e617c8baf1e68a945c5aa4bf7f337d95
65. Key Id Hash(pin-sha256): EGn6R6CqT4z3ERscrqNl7q7RC//zJmDe9uBhS/rnCHU=
66. Key Id Hash(pin-sha256-hex): 1069fa47a0aa4f8cf7111b1caea365eeaed10bfff32660def6e0614bfae70875
67. Cert Hash(md5): ca3dd368f1035cd032fab82b59e85adb
68. Cert Hash(sha1): 97817950d81c9670cc34d809cf794431367ef474
69. Cert Hash(sha256): a53125188d2110aa964b02c7b7c6da3203170894e5fb71fffb6667d5e6810a36
70. Signature Hash: e1b34a19374fc710c61667b82e8f1c2c
71. CertUtil: -dump command completed successfully.
72.  
73. C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib>dir *
74. Volume in drive C is Local Disk
75. Volume Serial Number is CE99-32AA
76.  
77. Directory of C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib
78.  
79. 01/18/2022 06:20 PM <DIR> .
80. 01/18/2022 06:20 PM <DIR> ..
81. 01/18/2022 06:20 PM <DIR> 1033
82. 01/18/2022 06:20 PM <DIR> 1036
83. 01/18/2022 06:20 PM <DIR> 3082
84. 01/18/2022 06:20 PM 255,048 cacerts.pem
85. 01/18/2022 06:20 PM <DIR> LibCurl64.DllA
86. 01/18/2022 06:20 PM <DIR> OpenSSL64.DllA
87. 01/18/2022 06:20 PM 27,109,768 sbicudt58_64.dll
88. 01/18/2022 06:20 PM 2,431,880 sbicuin58_64.dll
89. 01/18/2022 06:20 PM 1,783,688 sbicuuc58_64.dll
90. 01/18/2022 06:20 PM 320 sfodbc.did
91. 01/18/2022 06:20 PM 17,979,800 sfodbc_sb64.dll
92. 01/18/2022 06:19 PM 281,472 zlibwapi.dll
93. 7 File(s) 49,841,976 bytes
94. 7 Dir(s) 91,787,829,248 bytes free
95. Directory of D:\
96.  
97. 06/15/2022 12:24 PM <DIR> Recovery
98. 06/15/2022 04:21 AM <DIR> System Volume Information
99. 0 File(s) 0 bytes
100. 2 Dir(s) 364,052,480 bytes free
101.  
102. D:\Recovery>dir * /ah
103. Volume in drive D is Windows RE tools
104. Volume Serial Number is C69B-563C
105.  
106. Directory of D:\Recovery
107.  
108. 06/15/2022 12:24 PM <DIR> .
109. 06/20/2022 07:13 PM <DIR> ..
110. 06/20/2022 07:13 PM <DIR> Logs
111. 06/15/2022 04:23 AM <DIR> WindowsRE
112. 0 File(s) 0 bytes
113. 4 Dir(s) 364,052,480 bytes free
114.  
115. D:\Recovery\WindowsRE>c:\Windows\System32\certutil -dump Winre.wim
116. Private Key:
117. 0000 4d 53 57 49 MSWI
118. 000000 ...
119. 22b47ce5
120. CertUtil: -dump command completed successfully.
121.  
122. X:\windows\system32>NET STOP Audiosrv
123. The Windows Audio service is stopping.
124. The Windows Audio service was stopped successfully.
125.  
126.  
127. X:\windows\system32>NET STOP AudioEndpointBuilder
128. The Windows Audio Endpoint Builder service is stopping.
129. The Windows Audio Endpoint Builder service was stopped successfully.
130.  
131.  
132. X:\windows\system32>netstat -ano
133.  
134. Active Connections
135.  
136. Proto Local Address Foreign Address State PID
137. TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 980
138. TCP [::]:135 [::]:0 LISTENING 980
139. UDP 0.0.0.0:500 *:* 468
140. UDP 0.0.0.0:4500 *:* 468
141. UDP [::]:500 *:* 468
142. UDP [::]:4500 *:* 468
143.  
144. X:\windows\system32>
145.  
146.  
147. C:\>C:\Windows\System32\certutil -dump "D:\ConnectedDevicesPlatform\Connected Devices Platform certificates.sst"
148. ================ Certificate 0 ================
149. ================ Begin Nesting Level 1 ================
150. Element 0:
151. Serial Number: 6fc1cc52d9d4b48e4d579543f3471ab2
152. Issuer: CN=Microsoft Connected Devices Platform device certificate
153. NotBefore: 6/15/2022 4:23 AM
154. NotAfter: 6/16/2122 4:23 AM
155. Subject: CN=Microsoft Connected Devices Platform device certificate
156. Signature matches Public Key
157. Root Certificate: Subject matches Issuer
158. Cert Hash(sha1): 0e8a2b5060e424cc80a53dfeae28cba618daad83
159. ---------------- End Nesting Level 1 ----------------
160. Key Container = Microsoft Connected Devices Platform device certificate
161. Provider = Microsoft Software Key Storage Provider
162. Missing stored keyset
163. CertUtil: -dump command completed successfully.
164.  
165. C:\>
166.  
167.  
168. D:\>xcopy * /H /S e:\howardssurface\
169. D:CDPGlobalSettings.cdp.txt
170. D:certoutput.txt
171. D:Recovery.txt
172. D:ConnectedDevicesPlatform\CDPGlobalSettings.cdp
173. D:ConnectedDevicesPlatform\Connected Devices Platform certificates.sst
174. D:ConnectedDevicesPlatform\L.defaultuser0.cdp
175. D:ConnectedDevicesPlatform\L.defaultuser0.cdpresource
176. D:pem\cacerts.pem
177. D:pem\cacerts.txt
178. D:pem\driverstore\cacert.pem
179. D:Recovery\Logs\BootUX (1).sqml
180. D:Recovery\Logs\BootUX (2).sqml
181. D:Recovery\Logs\BootUX (3).sqml
182. D:Recovery\Logs\Reload.xml
183. D:Recovery\WindowsRE\boot.sdi
184. D:Recovery\WindowsRE\ReAgent.xml
185. D:Recovery\WindowsRE\Winre.wim
186. D:System Volume Information\tracking.log
187. D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\CDPGlobalSettings.cdp
188. D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\Connected Devices Platform certificates.sst
189. D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\L.defaultuser0.cdp
190. 21 File(s) copied
191.  
192.