0% found this document useful (0 votes)

16 views56 pages

Day2 2

The document contains the transcript of a PowerShell session. It shows the user clearing the console, listing aliases, and attempting to get processes using more than 500 handles using the Get-Process and Where-Object commands. It outputs the processes matching that criteria.

Uploaded by

Ccloud Ppk

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

16 views56 pages

Day2 2

Uploaded by

Ccloud Ppk

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 56

**********************

Windows PowerShell Transcript Start

Start time: 20170725172555
Username : ASIAPAC\pkumar200
Machine : CSCINDAH504608 (Microsoft Windows NT 6.1.7601 Service Pack 1)
**********************
Transcript started, output file is C:\Users\pkumar200\Documents\
PowerShell_transcript.20170725172554.txt
PS C:\Windows\system32> cls
PS C:\Windows\system32> get-alias

CommandType Name Definition

----------- ---- ----------
Alias % ForEach-Object
Alias ? Where-Object
Alias ac Add-Content
Alias asnp Add-PSSnapIn
Alias cat Get-Content
Alias cd Set-Location
Alias chdir Set-Location
Alias clc Clear-Content
Alias clear Clear-Host
Alias clhy Clear-History
Alias cli Clear-Item
Alias clp Clear-
ItemProperty
Alias cls Clear-Host
Alias clv Clear-Variable
Alias compare Compare-Object
Alias copy Copy-Item
Alias cp Copy-Item
Alias cpi Copy-Item
Alias cpp Copy-
ItemProperty
Alias cvpa Convert-Path
Alias dbp Disable-
PSBreakpoint
Alias del Remove-Item
Alias diff Compare-Object
Alias dir Get-ChildItem
Alias ebp Enable-
PSBreakpoint
Alias echo Write-Output
Alias epal Export-Alias
Alias epcsv Export-Csv
Alias epsn Export-
PSSession
Alias erase Remove-Item
Alias etsn Enter-PSSession
Alias exsn Exit-PSSession
Alias fc Format-Custom
Alias fl Format-List
Alias foreach ForEach-Object
Alias ft Format-Table
Alias fw Format-Wide
Alias gal Get-Alias
Alias gbp Get-
PSBreakpoint
Alias gc Get-Content
Alias gci Get-ChildItem
Alias gcm Get-Command
Alias gcs Get-PSCallStack
Alias gdr Get-PSDrive
Alias ghy Get-History
Alias gi Get-Item
Alias gjb Get-Job
Alias gl Get-Location
Alias gm Get-Member
Alias gmo Get-Module
Alias gp Get-
ItemProperty
Alias gps Get-Process
Alias group Group-Object
Alias gsn Get-PSSession
Alias gsnp Get-PSSnapIn
Alias gsv Get-Service
Alias gu Get-Unique
Alias gv Get-Variable
Alias gwmi Get-WmiObject
Alias h Get-History
Alias history Get-History
Alias icm Invoke-Command
Alias iex Invoke-
Expression
Alias ihy Invoke-History
Alias ii Invoke-Item
Alias ipal Import-Alias
Alias ipcsv Import-Csv
Alias ipmo Import-Module
Alias ipsn Import-
PSSession
Alias ise
powershell_ise.exe
Alias iwmi Invoke-
WMIMethod
Alias kill Stop-Process
Alias lp Out-Printer
Alias ls Get-ChildItem
Alias man help
Alias md mkdir
Alias measure Measure-Object
Alias mi Move-Item
Alias mount New-PSDrive
Alias move Move-Item
Alias mp Move-
ItemProperty
Alias mv Move-Item
Alias nal New-Alias
Alias ndr New-PSDrive
Alias ni New-Item
Alias nmo New-Module
Alias nsn New-PSSession
Alias nv New-Variable
Alias ogv Out-GridView
Alias oh Out-Host
Alias popd Pop-Location
Alias ps Get-Process
Alias pushd Push-Location
Alias pwd Get-Location
Alias r Invoke-History
Alias rbp Remove-
PSBreakpoint
Alias rcjb Receive-Job
Alias rd Remove-Item
Alias rdr Remove-PSDrive
Alias ren Rename-Item
Alias ri Remove-Item
Alias rjb Remove-Job
Alias rm Remove-Item
Alias rmdir Remove-Item
Alias rmo Remove-Module
Alias rni Rename-Item
Alias rnp Rename-
ItemProperty
Alias rp Remove-
ItemProperty
Alias rsn Remove-
PSSession
Alias rsnp Remove-PSSnapin
Alias rv Remove-Variable
Alias rvpa Resolve-Path
Alias rwmi Remove-
WMIObject
Alias sajb Start-Job
Alias sal Set-Alias
Alias saps Start-Process
Alias sasv Start-Service
Alias sbp Set-
PSBreakpoint
Alias sc Set-Content
Alias select Select-Object
Alias set Set-Variable
Alias si Set-Item
Alias sl Set-Location
Alias sleep Start-Sleep
Alias sort Sort-Object
Alias sp Set-
ItemProperty
Alias spjb Stop-Job
Alias spps Stop-Process
Alias spsv Stop-Service
Alias start Start-Process
Alias sv Set-Variable
Alias swmi Set-WMIInstance
Alias tee Tee-Object
Alias type Get-Content
Alias where Where-Object
Alias wjb Wait-Job
Alias write Write-Output

PS C:\Windows\system32> help Get-Process

PS C:\Windows\system32> get-process | where-object {$_.handles gt >50get-process |

where-object {$_.handles -gt 500}
Unexpected token 'gt' in expression or statement.
At line:1 char:42
+ get-process | where-object {$_.handles gt <<<< >50get-process | where-object
{$_.handles -gt 500}
+ CategoryInfo : ParserError: (gt:String) [],
ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnexpectedToken

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500}

Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName

------- ------ ----- ----- ----- ------ -- -----------
935 53 66248 112932 450 44.23 8804 chrome
511 36 10628 21844 182 8.19 2356 ClearPassOnGuard
533 37 13180 12236 177 19.56 6176 ClearPassOnGuard
1069 17 4388 3268 50 8.44 632 csrss
1097 24 17620 12356 213 162.62 712 csrss
1425 90 105116 118800 675 1,004.46 4900 excel
1557 129 158632 108648 497 384.71 5364 explorer
515 33 34980 8348 140 89.03 2212 FireSvc
778 45 19492 24520 289 17.57 6428 GROOVE
1176 35 10056 14360 51 132.68 776 lsass
5093 93 240608 220464 931 989.70 5928 lync
623 35 158012 65236 282 597.16 3680 mcshield
532 70 101836 81940 590 36.89 5868 notes2
3698 44 57508 54656 195 129.01 1824 officeclicktorun
9573 141 268572 252548 982 1,224.26 7316 outlook
1200 72 47720 31296 230 90.11 7376 SearchIndexer
943 38 212028 212024 366 434.79 256 svchost
532 18 10528 11212 59 12.39 424 svchost
575 28 25096 17476 106 20.33 880 svchost
1877 94 46188 48604 462 96.16 1060 svchost
509 34 10328 12432 55 6.12 1400 svchost
627 44 20148 16220 146 42.28 1572 svchost
547 14 10824 10568 97 1,340.02 5668 SynTPEnh
758 0 200 1528 7 4 System
1185 36 16196 24124 360 10.78 6896 ucmapi
842 52 59848 43928 524 23.21 7216 winword
523 42 29004 25600 193 62.98 1228 wmplayer

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | Export-

Csv c:\export.csv
PS C:\Windows\system32> help *alias*
PS C:\Windows\system32> help New-Alias
PS C:\Windows\system32> help New-Alias - examples
help : A positional parameter cannot be found that accepts argument '-'.
At line:1 char:5
+ help <<<< New-Alias - examples
+ CategoryInfo : InvalidArgument: (:) [help],
ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,help

PS C:\Windows\system32> help New-Alias -Examples

PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32> new-alias mydir Get-ChildItem
PS C:\Windows\system32> mydir

Directory: C:\Windows\system32

Mode LastWriteTime Length Name

---- ------------- ------ ----
d---- 11/21/2010 11:54 AM 0409
d---- 11/21/2010 9:00 AM AdvancedInstallers
d---- 5/10/2017 5:58 PM appmgmt
d---- 7/14/2009 8:50 AM ar-SA
d---- 7/14/2009 8:50 AM bg-BG
d---- 7/23/2017 5:25 PM Boot
d---- 3/11/2017 12:46 PM catroot
d---- 7/23/2017 5:23 PM catroot2
d---- 2/28/2017 1:25 PM CodeIntegrity
d---- 11/21/2010 11:54 AM com
d---- 7/25/2017 1:14 PM config
d---- 11/21/2010 9:00 AM cs-CZ
d---- 11/21/2010 9:00 AM da-DK
d---- 7/14/2009 8:50 AM de-DE
d---- 3/11/2017 7:17 PM Dism
d---- 7/23/2017 5:25 PM drivers
d---- 5/10/2017 5:51 PM DriverStore
d---- 7/14/2009 8:50 AM el-GR
d---- 11/21/2010 11:54 AM en
d---- 7/23/2017 5:25 PM en-US
d---- 11/21/2010 9:00 AM es-ES
d---- 7/14/2009 8:50 AM et-EE
d---- 7/14/2009 8:50 AM fi-FI
d---- 7/14/2009 8:50 AM fr-FR
d---- 7/14/2009 10:39 AM FxsTmp
d---- 2/25/2017 12:18 AM GroupPolicy
d---- 7/14/2009 8:04 AM GroupPolicyUsers
d---- 2/25/2017 12:18 AM GroupPolicy_Backup-2017224-134818
d---- 2/25/2017 12:18 AM GroupPolicy_Backup-2017224-134825
d---- 7/14/2009 8:50 AM he-IL
d---- 7/14/2009 8:50 AM hr-HR
d---- 7/14/2009 8:50 AM hu-HU
d---- 7/14/2009 8:50 AM ias
d---- 7/14/2009 8:50 AM icsxml
d---- 7/14/2009 8:50 AM IME
d---- 7/14/2009 8:06 AM inetsrv
d---- 7/14/2009 8:50 AM it-IT
d---- 7/14/2009 8:50 AM ja-JP
d---- 7/14/2009 8:50 AM ko-KR
d---- 3/7/2017 3:20 PM LogFiles
d---- 7/14/2009 8:50 AM lt-LT
d---- 7/14/2009 8:50 AM lv-LV
d---- 11/17/2013 12:01 AM Macromed
d---- 11/21/2010 9:00 AM manifeststore
d---s 7/14/2009 10:15 AM Microsoft
d---- 7/23/2017 5:25 PM migration
d---- 7/23/2017 5:25 PM migwiz
d---- 5/18/2017 10:39 PM MRT
d---- 7/14/2009 8:50 AM Msdtc
d---- 11/21/2010 11:54 AM MUI
d---- 7/14/2009 8:50 AM nb-NO
d---- 7/10/2017 1:10 PM NDF
d---- 7/14/2009 8:50 AM NetworkList
d---- 7/14/2009 8:50 AM nl-NL
d---- 11/21/2010 11:54 AM oobe
d---- 7/14/2009 8:50 AM pl-PL
d---- 11/21/2010 11:54 AM Printing_Admin_Scripts
d---- 7/14/2009 8:50 AM pt-BR
d---- 7/14/2009 8:50 AM pt-PT
d---- 7/14/2009 8:50 AM ras
d---- 2/25/2017 12:04 AM Recovery
d---- 2/24/2017 1:58 PM restore
d---- 7/14/2009 8:50 AM ro-RO
d---- 7/14/2009 8:50 AM ru-RU
d---- 11/21/2010 11:54 AM Setup
d---- 7/14/2009 8:50 AM sk-SK
d---- 7/14/2009 8:50 AM sl-SI
d---- 11/21/2010 11:54 AM slmgr
d---- 7/14/2009 8:50 AM SMI
d---- 7/14/2009 11:02 AM Speech
d---- 3/1/2017 1:52 PM spool
d---- 7/14/2009 8:50 AM spp
d---- 11/21/2010 9:00 AM sppui
d---- 7/14/2009 8:50 AM sr-Latn-CS
d---- 7/14/2009 8:50 AM sv-SE
d---- 11/17/2013 3:32 AM sysprep
d---- 5/27/2017 12:35 PM Tasks
d---- 7/14/2009 8:50 AM th-TH
d---- 7/14/2009 8:50 AM tr-TR
d---- 7/14/2009 8:50 AM uk-UA
d---- 11/17/2013 2:51 AM Wat
d---- 11/17/2013 3:01 AM wbem
d---- 11/21/2010 11:54 AM WCN
d---- 6/19/2017 10:25 PM wdi
d---- 7/14/2009 10:39 AM wfp
d---- 2/25/2017 12:13 AM WinBioDatabase
d---- 2/25/2017 12:08 AM WinBioPlugIns
d---- 7/14/2009 11:02 AM WindowsPowerShell
d---- 7/14/2009 8:50 AM winevt
d---- 11/21/2010 11:54 AM winrm
d---- 7/14/2009 8:50 AM zh-CN
d---- 7/14/2009 8:50 AM zh-HK
d---- 7/14/2009 8:50 AM zh-TW
-a--- 7/10/2015 11:21 PM 158720 aaclient.dll
-a--- 11/21/2010 8:54 AM 3745792 accessibilitycpl.dll
-a--- 7/14/2009 6:54 AM 39424 ACCTRES.dll
-a--- 7/14/2009 7:10 AM 9216 acledit.dll
-a--- 7/14/2009 7:10 AM 154112 aclui.dll
-a--- 11/21/2010 8:54 AM 53248 acppage.dll
-a--- 7/14/2009 7:10 AM 11264 acproxy.dll
-a--- 11/21/2010 8:54 AM 780800 ActionCenter.dll
-a--- 11/21/2010 8:54 AM 549888 ActionCenterCPL.dll
-a--- 11/21/2010 8:54 AM 213504 ActionQueue.dll
-a--- 7/14/2009 7:10 AM 267776 activeds.dll
-a--- 7/14/2009 5:23 AM 111616 activeds.tlb
-a--- 11/21/2010 8:53 AM 958464 actxprxy.dll
-a--- 7/14/2009 7:08 AM 40448 AdapterTroubleshooter.exe
-a--- 7/14/2009 7:10 AM 90112 admparse.dll
-a--- 11/21/2010 8:54 AM 577024 AdmTmpl.dll
-a--- 7/14/2009 7:10 AM 56832 adprovider.dll
-a--- 7/14/2009 7:10 AM 239104 adsldp.dll
-a--- 7/14/2009 7:10 AM 236544 adsldpc.dll
-a--- 9/13/2016 2:38 AM 107520 adsmsext.dll
-a--- 7/14/2009 7:10 AM 326144 adsnt.dll
-a--- 5/21/2017 9:54 AM 690688 adtschema.dll
-a--- 5/12/2017 11:52 PM 880640 advapi32.dll
-a--- 7/14/2009 7:10 AM 160256 advpack.dll
-a--- 7/14/2009 7:10 AM 8704 aecache.dll
-a--- 7/14/2009 6:54 AM 23040 aeevts.dll
-a--- 11/21/2010 8:54 AM 424448 aeinv.dll
-a--- 7/14/2009 7:10 AM 72192 aelupsvc.dll
-a--- 11/21/2010 8:54 AM 412160 aepdu.dll
-a--- 7/14/2009 7:10 AM 59904 aepic.dll
-a--- 6/5/2013 9:42 PM 208072 AERTAC64.dll
-a--- 3/8/2012 11:47 AM 108640 AERTAR64.dll
-a--- 11/21/2010 8:54 AM 122880 aitagent.exe
-a--- 7/14/2009 7:08 AM 79360 alg.exe
-a--- 7/14/2009 7:10 AM 53248 AltTab.dll
-a--- 7/14/2009 2:19 AM 18432 amcompat.tlb
-a--- 11/21/2010 8:54 AM 89088 amstream.dll
-a--- 7/14/2009 7:10 AM 25600 amxread.dll
-a--- 9/15/2016 4:52 AM 95224 ancred.dll
-a--- 7/14/2009 7:10 AM 2134528 apds.dll
-a--- 1/18/2017 9:06 PM 11608 api-ms-win-core-file-l1-2-0.dll
-a--- 1/18/2017 9:06 PM 11616 api-ms-win-core-file-l2-1-0.dll
-a--- 1/18/2017 9:06 PM 14176 api-ms-win-core-localization-l1-2-
0.dll
-a--- 1/18/2017 9:06 PM 12128 api-ms-win-core-processthreads-l1-1-
1.dll
-a--- 1/18/2017 9:06 PM 12128 api-ms-win-core-synch-l1-2-0.dll
-a--- 1/18/2017 9:06 PM 11616 api-ms-win-core-timezone-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 11616 api-ms-win-core-xstate-l2-1-0.dll
-a--- 1/18/2017 9:06 PM 12640 api-ms-win-crt-conio-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 15712 api-ms-win-crt-convert-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 12128 api-ms-win-crt-environment-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 13664 api-ms-win-crt-filesystem-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 12640 api-ms-win-crt-heap-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 12128 api-ms-win-crt-locale-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 20832 api-ms-win-crt-math-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 19808 api-ms-win-crt-multibyte-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 63840 api-ms-win-crt-private-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 12640 api-ms-win-crt-process-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 16224 api-ms-win-crt-runtime-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 17760 api-ms-win-crt-stdio-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 17760 api-ms-win-crt-string-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 14176 api-ms-win-crt-time-l1-1-0.dll
-a--- 1/18/2017 9:06 PM 12128 api-ms-win-crt-utility-l1-1-0.dll
-a--- 7/14/2009 7:10 AM 17920 apilogen.dll
-a--- 7/14/2009 7:10 AM 273920 apircl.dll
-a--- 5/12/2017 11:52 PM 6656 apisetschema.dll
-a--- 11/21/2010 8:54 AM 342016 apphelp.dll
-a--- 7/14/2009 7:10 AM 33792 Apphlpdm.dll
-a--- 5/12/2017 11:52 PM 59904 appidapi.dll
-a--- 5/12/2017 11:24 PM 17920 appidcertstorecheck.exe
-a--- 5/12/2017 11:25 PM 148480 appidpolicyconverter.exe
-a--- 7/14/2009 7:10 AM 312320 AppIdPolicyEngineApi.dll
-a--- 5/12/2017 11:52 PM 34816 appidsvc.dll
-a--- 11/9/2016 10:03 PM 70144 appinfo.dll
-a--- 7/14/2009 7:10 AM 193536 appmgmts.dll
-a--- 11/21/2010 8:54 AM 479232 appmgr.dll
-a--- 11/21/2010 8:54 AM 726528 appwiz.cpl
-a--- 7/14/2009 7:10 AM 243200 apss.dll
-a--- 7/14/2009 7:08 AM 24064 ARP.EXE
-a--- 7/14/2009 6:54 AM 2048 asferror.dll
-a--- 3/19/2010 3:53 AM 20832 aspnet_counters.dll
-a--- 3/7/2017 10:00 PM 85504 asycfilt.dll
-a--- 7/14/2009 7:08 AM 28672 at.exe
-a--- 7/14/2009 7:08 AM 35328 AtBroker.exe
-a--- 7/14/2009 7:10 AM 90624 atl.dll
-a--- 6/11/2011 11:45 AM 158536 atl100.dll
-a--- 5/12/2017 11:56 PM 382696 atmfd.dll
-a--- 5/12/2017 11:52 PM 46080 atmlib.dll
-a--- 7/14/2009 7:08 AM 18432 attrib.exe
-a--- 6/14/2016 8:45 PM 125952 audiodg.exe
-a--- 6/14/2016 10:46 PM 440320 AudioEng.dll
-a--- 6/14/2016 10:46 PM 499712 AUDIOKSE.dll
-a--- 6/14/2016 10:46 PM 295936 AudioSes.dll
-a--- 6/14/2016 10:46 PM 680448 audiosrv.dll
-a--- 7/14/2009 7:10 AM 194048 auditcse.dll
-a--- 7/14/2009 7:10 AM 220672 AuditNativeSnapIn.dll
-a--- 5/21/2017 9:25 AM 64000 auditpol.exe
-a--- 7/14/2009 7:10 AM 75264 AuditPolicyGPInterop.dll
-a--- 7/14/2009 6:55 AM 95232 auditpolmsg.dll
-a--- 7/14/2009 7:10 AM 491520 authfwcfg.dll
-a--- 7/14/2009 7:10 AM 304128 AuthFWGP.dll
-a--- 11/21/2010 8:54 AM 5066752 AuthFWSnapin.dll
-a--- 7/14/2009 7:24 AM 126976 AuthFWWizFwk.dll
-a--- 11/9/2016 10:03 PM 1941504 authui.dll
-a--- 7/14/2009 7:10 AM 177664 authz.dll
-a--- 11/21/2010 8:54 AM 777728 autochk.exe
-a--- 11/21/2010 8:54 AM 793088 autoconv.exe
-a--- 11/21/2010 8:54 AM 763904 autofmt.exe
-a--- 11/21/2010 8:53 AM 155136 autoplay.dll
-a--- 7/14/2009 7:10 AM 164352 AuxiliaryDisplayApi.dll
-a--- 7/14/2009 7:10 AM 136192 AuxiliaryDisplayClassInstaller.dll
-a--- 11/21/2010 8:55 AM 726528 AuxiliaryDisplayCpl.dll
-a--- 7/14/2009 7:10 AM 189440 AuxiliaryDisplayDriverLib.dll
-a--- 11/21/2010 8:55 AM 135680 AuxiliaryDisplayServices.dll
-a--- 7/14/2009 7:10 AM 76800 avicap32.dll
-a--- 7/14/2009 7:10 AM 108544 avifil32.dll
-a--- 7/14/2009 7:10 AM 18432 avrt.dll
-a--- 11/21/2010 8:54 AM 114688 AxInstSv.dll
-a--- 7/14/2009 7:08 AM 58880 AxInstUI.exe
-a--- 6/11/2009 2:08 AM 41587 azman.msc
-a--- 11/21/2010 8:54 AM 897536 azroles.dll
-a--- 11/21/2010 8:53 AM 472064 azroleui.dll
-a--- 11/21/2010 8:54 AM 31744 AzSqlExt.dll
-a--- 7/14/2009 7:08 AM 110592 baaupdate.exe
-a--- 11/21/2010 8:54 AM 166784 basecsp.dll
-a--- 7/15/2015 8:49 AM 52736 basesrv.dll
-a--- 11/21/2010 8:54 AM 749568 batmeter.dll
-a--- 7/14/2009 7:10 AM 103424 batt.dll
-a--- 11/21/2010 8:54 AM 175616 bcdboot.exe
-a--- 10/11/2016 8:25 PM 346112 bcdedit.exe
-a--- 7/14/2009 7:10 AM 77824 bcdprov.dll
-a--- 11/21/2010 8:54 AM 168448 bcdsrv.dll
-a--- 5/21/2017 9:54 AM 123904 bcrypt.dll
-a--- 5/12/2016 6:35 PM 297984 bcryptprimitives.dll
-a--- 7/14/2009 7:08 AM 104448 bdaplgin.ax
-a--- 11/21/2010 8:54 AM 130560 BdeHdCfg.exe
-a--- 7/14/2009 7:10 AM 105472 BdeHdCfgLib.dll
-a--- 7/14/2009 7:10 AM 62976 bderepair.dll
-a--- 7/14/2009 7:10 AM 100864 bdesvc.dll
-a--- 7/14/2009 7:10 AM 28160 bdeui.dll
-a--- 7/14/2009 7:08 AM 48640 BdeUISrv.exe
-a--- 7/14/2009 7:08 AM 98304 BdeUnlockWizard.exe
-a--- 11/21/2010 8:54 AM 705024 BFE.DLL
-a--- 7/14/2009 7:10 AM 43008 bidispl.dll
-a--- 11/21/2010 8:54 AM 504320 biocpl.dll
-a--- 7/14/2009 7:10 AM 190976 BioCredProv.dll
-a--- 7/14/2009 7:08 AM 100352 BitLockerWizard.exe
-a--- 7/14/2009 7:08 AM 100352 BitLockerWizardElev.exe
-a--- 11/21/2010 8:53 AM 232448 bitsadmin.exe
-a--- 7/14/2009 7:10 AM 56832 bitsigd.dll
-a--- 11/21/2010 8:53 AM 24576 bitsperf.dll
-a--- 7/14/2009 7:10 AM 12800 bitsprx2.dll
-a--- 7/14/2009 7:10 AM 13312 bitsprx3.dll
-a--- 7/14/2009 7:10 AM 12288 bitsprx4.dll
-a--- 7/14/2009 7:10 AM 33280 bitsprx5.dll
-a--- 7/14/2009 7:10 AM 13312 bitsprx6.dll
-a--- 6/14/2016 10:46 PM 842240 blackbox.dll
-a--- 11/21/2010 8:55 AM 52736 BlbEvents.dll
-a--- 7/14/2009 6:55 AM 2048 blbres.dll
-a--- 7/14/2009 7:10 AM 28672 blb_ps.dll
-a--- 6/11/2009 2:36 AM 3170304 boot.sdi
-a--- 7/14/2009 7:08 AM 94720 bootcfg.exe
-a--- 11/21/2010 8:54 AM 2217856 bootres.dll
-a--- 7/14/2009 6:55 AM 2560 bootstr.dll
-a--- 7/14/2009 7:22 AM 23120 BOOTVID.DLL
-a--- 6/11/2009 2:18 AM 22984 bopomofo.uce
-a--- 7/14/2009 7:10 AM 19456 brcoinst.dll
-a--- 7/14/2009 7:10 AM 27648 brdgcfg.dll
-a--- 7/14/2009 6:55 AM 2048 bridgeres.dll
-a--- 7/14/2009 7:08 AM 20992 bridgeunattend.exe
-a--- 11/17/2013 2:50 AM 59392 browcli.dll
-a--- 11/17/2013 2:50 AM 136704 browser.dll
-a--- 11/21/2010 8:54 AM 14336 browseui.dll
-a--- 7/14/2009 7:10 AM 42496 bthci.dll
-a--- 7/14/2009 7:10 AM 30720 BthMtpContextHandler.dll
-a--- 7/14/2009 7:10 AM 30720 bthpanapi.dll
-a--- 7/14/2009 7:10 AM 93696 BthpanContextHandler.dll
-a--- 11/21/2010 8:54 AM 721408 bthprops.cpl
-a--- 7/14/2009 7:10 AM 83968 bthserv.dll
-a--- 7/14/2009 7:08 AM 36864 bthudtask.exe
-a--- 7/14/2009 7:10 AM 74240 btpanui.dll
-a--- 11/21/2010 8:54 AM 899584 Bubbles.scr
-a--- 7/14/2009 7:10 AM 69120 BWContextHandler.dll
-a--- 11/21/2010 8:54 AM 14848 BWUnpairElevated.dll
-a--- 11/21/2010 8:54 AM 94720 cabinet.dll
-a--- 11/21/2010 8:54 AM 139264 cabview.dll
-a--- 7/14/2009 7:08 AM 31232 cacls.exe
-a--- 7/14/2009 7:08 AM 918528 calc.exe
-a--- 10/9/2012 8:09 PM 466944 capicom.dll
-a--- 7/14/2009 7:10 AM 53760 capiprovider.dll
-a--- 7/14/2009 7:10 AM 25088 capisp.dll
-a--- 7/14/2009 7:10 AM 472576 catsrv.dll
-a--- 7/14/2009 7:10 AM 56320 catsrvps.dll
-a--- 11/12/2015 12:23 AM 525312 catsrvut.dll
-a--- 11/21/2010 8:54 AM 95232 cca.dll
-a--- 4/7/2017 9:00 PM 144384 cdd.dll
-a--- 4/21/2017 9:04 PM 1133568 cdosys.dll
-a--- 7/14/2009 5:25 AM 55296 cero.rs
-a--- 5/21/2017 9:54 AM 463872 certcli.dll
-a--- 7/14/2009 7:10 AM 129024 certCredProvider.dll
-a--- 5/13/2013 11:20 AM 52224 certenc.dll
-a--- 11/21/2010 8:54 AM 1975296 CertEnroll.dll
-a--- 7/14/2009 7:08 AM 70144 CertEnrollCtrl.exe
-a--- 7/14/2009 7:10 AM 297984 CertEnrollUI.dll
-a--- 11/21/2010 8:54 AM 1796096 certmgr.dll
-a--- 6/11/2009 2:26 AM 63070 certmgr.msc
-a--- 11/21/2010 8:54 AM 71680 CertPolEng.dll
-a--- 11/21/2010 8:54 AM 80384 certprop.dll
-a--- 7/14/2009 7:08 AM 326144 certreq.exe
-a--- 5/13/2013 9:13 AM 1192448 certutil.exe
-a--- 6/2/2015 5:37 AM 254976 cewmdm.dll
-a--- 7/14/2009 7:10 AM 57344 cfgbkend.dll
-a--- 11/21/2010 8:54 AM 207872 cfgmgr32.dll
-a--- 10/11/2016 9:01 PM 175104 chajei.ime
-a--- 11/21/2010 8:54 AM 16896 change.exe
-a--- 7/14/2009 7:08 AM 165888 charmap.exe
-a--- 7/14/2009 4:55 AM 12800 chcp.com
-a--- 11/21/2010 8:54 AM 22528 chglogon.exe
-a--- 11/21/2010 8:54 AM 24064 chgport.exe
-a--- 11/21/2010 8:54 AM 21504 chgusr.exe
-a--- 7/14/2009 7:08 AM 36864 chkdsk.exe
-a--- 7/14/2009 7:08 AM 18944 chkntfs.exe
-a--- 7/14/2009 7:10 AM 22528 chkwudrv.dll
-a--- 11/21/2010 8:54 AM 36864 choice.exe
-a--- 7/14/2009 7:11 AM 1675776 chsbrkr.dll
-a--- 7/14/2009 7:11 AM 6100480 chtbrkr.dll
-a--- 7/14/2009 7:10 AM 12800 CHxReadingStringIME.dll
-a--- 6/28/2014 5:51 AM 457400 ci.dll
-a--- 7/14/2009 7:10 AM 211968 cic.dll
-a--- 10/11/2016 9:01 PM 175104 cintlgnt.ime
-a--- 7/14/2009 7:08 AM 43008 cipher.exe
-a--- 7/14/2009 7:10 AM 9728 CIRCoInst.dll
-a--- 7/14/2009 7:10 AM 17408 clb.dll
-a--- 7/14/2009 7:10 AM 607744 clbcatq.dll
-a--- 7/14/2009 7:08 AM 216064 cleanmgr.exe
-a--- 11/17/2016 10:11 PM 370920 clfs.sys
-a--- 3/4/2015 10:11 AM 79360 clfsw32.dll
-a--- 7/14/2009 7:10 AM 102400 cliconfg.dll
-a--- 7/14/2009 7:08 AM 49152 cliconfg.exe
-a--- 7/14/2009 5:58 AM 40960 cliconfg.rll
-a--- 7/14/2009 7:08 AM 32256 clip.exe
-a--- 11/21/2010 8:54 AM 314368 clusapi.dll
-a--- 7/14/2009 7:10 AM 37376 cmcfg32.dll
-a--- 11/21/2010 8:53 AM 345088 cmd.exe
-a--- 7/14/2009 7:10 AM 525312 cmdial32.dll
-a--- 7/14/2009 7:09 AM 16384 cmdkey.exe
-a--- 7/14/2009 7:09 AM 80384 cmdl32.exe
-a--- 7/14/2009 7:10 AM 82944 cmicryptinstall.dll
-a--- 7/14/2009 7:10 AM 80384 cmifw.dll
-a--- 7/14/2009 7:10 AM 472064 cmipnpinstall.dll
-a--- 7/14/2009 7:10 AM 41984 cmlua.dll
-a--- 7/14/2009 7:09 AM 45056 cmmon32.exe
-a--- 7/14/2009 7:10 AM 28672 cmpbk32.dll
-a--- 11/21/2010 8:54 AM 92160 cmstp.exe
-a--- 7/14/2009 7:10 AM 18432 cmstplua.dll
-a--- 7/14/2009 7:10 AM 58880 cmutil.dll
-a--- 7/14/2009 7:10 AM 18944 cngaudit.dll
-a--- 7/14/2009 7:10 AM 57344 cngprovider.dll
-a--- 7/14/2009 7:10 AM 38400 cnvfat.dll
-a--- 7/14/2009 7:09 AM 22528 cofire.exe
-a--- 7/14/2009 7:10 AM 32256 cofiredm.dll
-a--- 3/13/2013 7:03 PM 265592 CoInstaller_x64.dll
-a--- 7/14/2009 7:10 AM 80384 colbact.dll
-a--- 7/14/2009 7:08 AM 85504 collab.cpl
-a--- 12/9/2015 12:37 AM 189952 COLORCNV.DLL
-a--- 7/14/2009 7:09 AM 86528 colorcpl.exe
-a--- 7/14/2009 7:10 AM 624640 colorui.dll
-a--- 4/17/2017 9:07 PM 8704 comcat.dll
-a--- 4/24/2015 11:47 PM 633856 comctl32.dll
-a--- 10/9/2012 8:09 PM 1351392 COMCTL32.OCX
-a--- 11/21/2010 8:54 AM 594432 comdlg32.dll
-a--- 6/11/2009 2:04 AM 124118 comexp.msc
-a--- 7/14/2009 7:09 AM 24064 comp.exe
-a--- 7/14/2009 7:09 AM 19968 compact.exe
-a--- 6/11/2009 2:08 AM 113256 compmgmt.msc
-a--- 7/14/2009 7:09 AM 145920 CompMgmtLauncher.exe
-a--- 7/14/2009 7:10 AM 302080 compstui.dll
-a--- 7/14/2009 7:09 AM 37376 ComputerDefaults.exe
-a--- 7/14/2009 7:10 AM 147456 comrepl.dll
-a--- 7/14/2009 6:56 AM 1297408 comres.dll
-a--- 7/14/2009 7:10 AM 303616 comsnap.dll
-a--- 11/12/2015 12:23 AM 1735680 comsvcs.dll
-a--- 7/14/2009 7:10 AM 897024 comuid.dll
-a--- 3/17/2016 10:54 PM 334656 concrt140.dll
-a--- 8/7/2013 5:41 PM 113576 CONEQMSAPOGUILibrary.dll
-a--- 5/12/2017 11:21 PM 338432 conhost.exe
-a--- 7/14/2009 7:10 AM 1393152 connect.dll
-a--- 11/9/2016 10:11 PM 114408 consent.exe
-a--- 7/14/2009 7:10 AM 80896 console.dll
-a--- 7/14/2009 7:09 AM 114688 control.exe
-a--- 7/14/2009 7:09 AM 20480 convert.exe
-a--- 7/14/2009 7:10 AM 22016 corpol.dll
-a--- 7/14/2009 7:10 AM 87040 correngine.dll
-a--- 1/22/2016 11:48 AM 961024 CPFilters.dll
-a--- 5/21/2017 9:54 AM 22016 credssp.dll
-a--- 11/21/2010 8:54 AM 197120 credui.dll
-a--- 7/14/2009 7:09 AM 34304 credwiz.exe
-a--- 7/14/2009 7:10 AM 66560 CRPPresentation.dll
-a--- 4/12/2017 9:02 PM 1483776 crypt32.dll
-a--- 5/21/2017 9:54 AM 43520 cryptbase.dll
-a--- 7/14/2009 7:10 AM 30720 cryptdlg.dll
-a--- 7/14/2009 7:10 AM 66048 cryptdll.dll
-a--- 7/14/2009 7:10 AM 66560 cryptext.dll
-a--- 4/12/2017 9:02 PM 141824 cryptnet.dll
-a--- 6/14/2016 10:46 PM 81920 cryptsp.dll
-a--- 4/12/2017 9:02 PM 190976 cryptsvc.dll
-a--- 6/14/2016 10:46 PM 1068544 cryptui.dll
-a--- 7/14/2009 7:10 AM 130560 cryptxml.dll
-a--- 11/21/2010 8:53 AM 46080 cscapi.dll
-a--- 11/21/2010 8:53 AM 30208 cscdll.dll
-a--- 11/21/2010 8:54 AM 137216 CscMig.dll
-a--- 11/21/2010 8:54 AM 240640 cscobj.dll
-a--- 10/12/2013 7:03 AM 156160 cscript.exe
-a--- 11/21/2010 8:54 AM 692224 cscsvc.dll
PS C:\Windows\system32>

PS C:\Windows\system32> mydir

Directory: C:\Windows\system32

Mode LastWriteTime Length Name

Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName

------- ------ ----- ----- ----- ------ -- -----------
993 74 66640 114156 440 47.03 8804 chrome
516 37 10940 22188 183 13.23 2356 ClearPassOnGuard
522 36 13288 12368 176 25.40 6176 ClearPassOnGuard
1060 17 4388 3264 50 8.67 632 csrss
1134 25 17620 12476 213 165.41 712 csrss
1459 94 138864 138320 724 1,012.52 4900 excel
1703 144 174424 125392 519 410.19 5364 explorer
506 33 34984 9456 139 90.39 2212 FireSvc
776 45 19488 24536 289 17.85 6428 GROOVE
1194 35 10056 14808 51 134.35 776 lsass
5089 92 239716 212920 931 1,004.68 5928 lync
623 35 157984 77132 282 600.46 3680 mcshield
533 70 101888 82144 591 37.83 5868 notes2
3696 44 57484 54848 194 129.11 1824 officeclicktorun
9571 141 242316 244308 958 1,240.54 7316 outlook
1209 72 52896 33576 242 90.73 7376 SearchIndexer
944 38 212704 212836 366 449.33 256 svchost
535 18 10568 11492 59 13.18 424 svchost
566 27 24176 16936 105 20.70 880 svchost
1869 93 45940 48696 460 99.19 1060 svchost
562 38 12896 18156 74 6.80 1400 svchost
629 44 20060 16052 146 42.62 1572 svchost
547 14 10824 10928 97 1,374.26 5668 SynTPEnh
768 0 200 1696 7 4 System
1189 36 16200 24876 360 10.90 6896 ucmapi
842 52 59848 43940 524 23.32 7216 winword
523 42 29004 25596 193 63.41 1228 wmplayer

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | format-

list

Id : 8804
Handles : 989
CPU : 47.0343015
Name : chrome

Id : 2356
Handles : 512
CPU : 13.3068853
Name : ClearPassOnGuard

Id : 6176
Handles : 534
CPU : 25.4125629
Name : ClearPassOnGuard

Id : 632
Handles : 1058
CPU : 8.6736556
Name : csrss

Id : 712
Handles : 1130
CPU : 165.4546606
Name : csrss

Id : 4900
Handles : 1459
CPU : 1012.5244905
Name : excel

Id : 5364
Handles : 1703
CPU : 410.1890294
Name : explorer

Id : 2212
Handles : 513
CPU : 90.3869794
Name : FireSvc

Id : 6428
Handles : 776
CPU : 17.8465144
Name : GROOVE

Id : 776
Handles : 1194
CPU : 134.3480612
Name : lsass

Id : 5928
Handles : 5089
CPU : 1004.7244405
Name : lync

Id : 3680
Handles : 623
CPU : 600.4790492
Name : mcshield

Id : 5868
Handles : 533
CPU : 37.8302425
Name : notes2

Id : 1824
Handles : 3696
CPU : 129.1064276
Name : officeclicktorun

Id : 7316
Handles : 9607
CPU : 1240.6915531
Name : outlook

Id : 7376
Handles : 1209
CPU : 90.7301816
Name : SearchIndexer

Id : 256
Handles : 944
CPU : 449.4076808
Name : svchost

Id : 424
Handles : 535
CPU : 13.1976846
Name : svchost

Id : 880
Handles : 565
CPU : 20.7013327
Name : svchost

Id : 1060
Handles : 1866
CPU : 99.2010359
Name : svchost

Id : 1400
Handles : 562
CPU : 6.8016436
Name : svchost

Id : 1572
Handles : 628
CPU : 42.6350733
Name : svchost

Id : 5668
Handles : 547
CPU : 1374.2596093
Name : SynTPEnh

Id : 4
Handles : 768
CPU :
Name : System

Id : 6896
Handles : 1189
CPU : 10.9044699
Name : ucmapi

Id : 7216
Handles : 842
CPU : 23.3221495
Name : winword
Id : 1228
Handles : 523
CPU : 63.4144065
Name : wmplayer

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | Format-

Table

Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName

------- ------ ----- ----- ----- ------ -- -----------
976 60 66696 114220 444 48.69 8804 chrome
512 36 10932 22188 182 13.79 2356 ClearPassOnGuard
534 37 13356 12444 177 25.99 6176 ClearPassOnGuard
1056 17 4388 3264 50 8.67 632 csrss
1145 25 17620 12644 214 165.70 712 csrss
1459 94 138864 138400 724 1,012.57 4900 excel
1725 147 176980 127188 527 411.44 5364 explorer
515 33 35008 9472 140 90.40 2212 FireSvc
779 45 19488 24564 289 17.85 6428 GROOVE
1193 35 10056 14808 51 134.39 776 lsass
5087 92 239660 213128 930 1,004.77 5928 lync
621 35 157960 77128 281 600.59 3680 mcshield
533 70 101888 82176 591 37.92 5868 notes2
3696 44 57484 54848 194 129.11 1824 officeclicktorun
9603 142 265568 244920 985 1,243.66 7316 outlook
1209 72 52896 33576 242 90.75 7376 SearchIndexer
944 38 212712 212860 366 450.58 256 svchost
534 18 10568 11488 59 13.24 424 svchost
567 27 24176 16940 105 20.72 880 svchost
1864 93 45888 48680 460 99.62 1060 svchost
562 38 12896 18156 74 6.80 1400 svchost
623 44 20060 16052 146 42.67 1572 svchost
547 14 10824 10928 97 1,381.22 5668 SynTPEnh
767 0 200 1708 7 4 System
1189 36 16200 24876 360 10.90 6896 ucmapi
842 52 59848 43944 524 23.35 7216 winword
523 42 29004 25596 193 63.43 1228 wmplayer

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500}

Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName

------- ------ ----- ----- ----- ------ -- -----------
976 60 66696 114220 444 48.69 8804 chrome
512 36 10932 22188 182 13.81 2356 ClearPassOnGuard
534 37 13356 12444 177 26.04 6176 ClearPassOnGuard
1060 17 4388 3268 50 8.67 632 csrss
1143 25 17620 12644 214 165.75 712 csrss
1459 94 138864 138400 724 1,012.57 4900 excel
1725 147 176980 127188 527 411.44 5364 explorer
508 33 35008 9472 140 90.40 2212 FireSvc
778 45 19488 24564 289 17.85 6428 GROOVE
1194 35 10056 14808 51 134.41 776 lsass
5087 92 239660 213128 930 1,004.77 5928 lync
621 35 157528 76828 281 600.59 3680 mcshield
533 70 101888 82176 591 37.92 5868 notes2
3696 44 57484 54848 194 129.11 1824 officeclicktorun
9591 142 265516 244888 983 1,243.73 7316 outlook
1209 72 52896 33576 242 90.75 7376 SearchIndexer
944 38 212712 212860 366 450.67 256 svchost
537 18 10568 11492 59 13.24 424 svchost
568 27 24176 16940 105 20.72 880 svchost
1864 93 45888 48680 460 99.62 1060 svchost
562 38 12896 18156 74 6.80 1400 svchost
622 44 20060 16052 146 42.67 1572 svchost
547 14 10824 10928 97 1,381.22 5668 SynTPEnh
769 0 200 1708 7 4 System
1189 36 16200 24876 360 10.90 6896 ucmapi
842 52 59848 43944 524 23.35 7216 winword
523 42 29004 25596 193 63.43 1228 wmplayer

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | Format-

Wide

chrome ClearPassOnGuard
ClearPassOnGuard csrss
csrss excel
explorer FireSvc
GROOVE lsass
lync mcshield
notes2 officeclicktorun
outlook powershell
SearchIndexer svchost
svchost svchost
svchost svchost
svchost SynTPEnh
System ucmapi
winword wmplayer

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | format-

custom

class Process
{
Id = 8804
Handles = 998
CPU = 49.7487189
Name = chrome
}

class Process
{
Id = 2356
Handles = 512
CPU = 14.1648908
Name = ClearPassOnGuard
}

class Process
{
Id = 6176
Handles = 534
CPU = 26.5045699
Name = ClearPassOnGuard
}

class Process
{
Id = 632
Handles = 1059
CPU = 8.6736556
Name = csrss
}

class Process
{
Id = 712
Handles = 1153
CPU = 166.0318643
Name = csrss
}

class Process
{
Id = 4900
Handles = 1459
CPU = 1012.5868909
Name = excel
}

class Process
{
Id = 5364
Handles = 1725
CPU = 411.4994378
Name = explorer
}

class Process
{
Id = 2212
Handles = 515
CPU = 90.4961801
Name = FireSvc
}

class Process
{
Id = 6428
Handles = 778
CPU = 17.8777146
Name = GROOVE
}

class Process
{
Id = 776
Handles = 1207
CPU = 134.5040622
Name = lsass
}
class Process
{
Id = 5928
Handles = 5129
CPU = 1005.1300431
Name = lync
}

class Process
{
Id = 3680
Handles = 623
CPU = 600.8690517
Name = mcshield
}

class Process
{
Id = 5868
Handles = 532
CPU = 37.9706434
Name = notes2
}

class Process
{
Id = 1824
Handles = 3698
CPU = 129.1220277
Name = officeclicktorun
}

class Process
{
Id = 7316
Handles = 9596
CPU = 1244.9347803
Name = outlook
}

class Process
{
Id = 8620
Handles = 542
CPU = 16.224104
Name = powershell
}

class Process
{
Id = 7376
Handles = 1205
CPU = 90.7613818
Name = SearchIndexer
}

class Process
{
Id = 256
Handles = 945
CPU = 451.6384951
Name = svchost
}

class Process
{
Id = 424
Handles = 534
CPU = 13.2912852
Name = svchost
}

class Process
{
Id = 880
Handles = 566
CPU = 20.7637331
Name = svchost
}

class Process
{
Id = 1060
Handles = 1864
CPU = 99.9186405
Name = svchost
}

class Process
{
Id = 1400
Handles = 562
CPU = 6.8016436
Name = svchost
}

class Process
{
Id = 1572
Handles = 627
CPU = 42.7286739
Name = svchost
}

class Process
{
Id = 5668
Handles = 547
CPU = 1384.040872
Name = SynTPEnh
}

class Process
{
Id = 4
Handles = 768
CPU =
Name = System
}

class Process
{
Id = 6896
Handles = 1188
CPU = 10.92007
Name = ucmapi
}

class Process
{
Id = 7216
Handles = 842
CPU = 23.3533497
Name = winword
}

class Process
{
Id = 1228
Handles = 523
CPU = 63.4456067
Name = wmplayer
}

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} |

ConvertTo-Html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>HTML TABLE</title>
</head><body>
<table>
<colgroup>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
<col/>
</colgroup>
<tr><th>__NounName</th><th>Name</th><th>Handles</th><th>VM</th><th>WS</th><th>PM</
th><th>NPM</th><th>Path</th><th>Compa
ny</th><th>CPU</th><th>FileVersion</th><th>ProductVersion</th><th>Description</
th><th>Product</th><th>Id</th><th>Priori
tyClass</th><th>HandleCount</th><th>WorkingSet</th><th>PagedMemorySize</
th><th>PrivateMemorySize</th><th>VirtualMemoryS
ize</th><th>TotalProcessorTime</th><th>BasePriority</th><th>ExitCode</
th><th>HasExited</th><th>ExitTime</th><th>Handle<
/th><th>MachineName</th><th>MainWindowHandle</th><th>MainWindowTitle</
th><th>MainModule</th><th>MaxWorkingSet</th><th>M
inWorkingSet</th><th>Modules</th><th>NonpagedSystemMemorySize</
th><th>NonpagedSystemMemorySize64</th><th>PagedMemorySiz
e64</th><th>PagedSystemMemorySize</th><th>PagedSystemMemorySize64</
th><th>PeakPagedMemorySize</th><th>PeakPagedMemorySi
ze64</th><th>PeakWorkingSet</th><th>PeakWorkingSet64</
th><th>PeakVirtualMemorySize</th><th>PeakVirtualMemorySize64</th>
<th>PriorityBoostEnabled</th><th>PrivateMemorySize64</
th><th>PrivilegedProcessorTime</th><th>ProcessName</th><th>Proces
sorAffinity</th><th>Responding</th><th>SessionId</th><th>StartInfo</
th><th>StartTime</th><th>SynchronizingObject</th><t
h>Threads</th><th>UserProcessorTime</th><th>VirtualMemorySize64</
th><th>EnableRaisingEvents</th><th>StandardInput</th><
th>StandardOutput</th><th>StandardError</th><th>WorkingSet64</th><th>Site</
th><th>Container</th></tr>
<tr><td>Process</td><td>chrome</td><td>999</td><td>471900160</td><td>117112832</
td><td>68870144</td><td>64496</td><td>C
:\Program Files (x86)\Google\Chrome\Application\chrome.exe</td><td>Google
Inc.</td><td>49.7487189</td><td>59.0.3071.115
</td><td>59.0.3071.115</td><td>Google Chrome</td><td>Google
Chrome</td><td>8804</td><td>Normal</td><td>999</td><td>1171
12832</td><td>68870144</td><td>68870144</td><td>471900160</
td><td>00:00:49.7487189</td><td>8</td><td></td><td>False</td
><td></td><td>2180</td><td>.</td><td>339790</td><td>Google - Google
Chrome</td><td>System.Diagnostics.ProcessModule (ch
rome.exe)</td><td>1413120</td><td>204800</
td><td>System.Diagnostics.ProcessModuleCollection</td><td>64496</td><td>64496
</td><td>68870144</td><td>674184</td><td>674184</td><td>70033408</
td><td>70033408</td><td>119697408</td><td>119697408</
td><td>498241536</td><td>498241536</td><td>True</td><td>68870144</
td><td>00:00:15.6157001</td><td>chrome</td><td>15</td
><td>True</td><td>1</td><td>System.Diagnostics.ProcessStartInfo</td><td>7/25/2017
5:06:44 PM</td><td></td><td>System.Di
agnostics.ProcessThreadCollection</td><td>00:00:34.1330188</td><td>471900160</
td><td>False</td><td></td><td></td><td></
td><td>117112832</td><td></td><td></td></tr>
<tr><td>Process</td><td>ClearPassOnGuard</td><td>517</td><td>191459328</
td><td>22745088</td><td>11227136</td><td>37536<
/td><td>C:\Program Files\Aruba
Networks\ClearPassOnGuard\ClearPassOnGuard.exe</td><td>Aruba
Networks</td><td>14.2740915
</td><td>6.6.2.86786</td><td>6.6.2.86786</td><td>ClearPass
OnGuard</td><td>ClearPassOnGuard</td><td>2356</td><td>Normal
</td><td>517</td><td>22745088</td><td>11227136</td><td>11227136</
td><td>191459328</td><td>00:00:14.2740915</td><td>8</t
d><td></td><td>False</td><td></td><td>1656</td><td>.</td><td>0</td><td></
td><td>System.Diagnostics.ProcessModule (Clear
PassOnGuard.exe)</td><td>1413120</td><td>204800</
td><td>System.Diagnostics.ProcessModuleCollection</td><td>37536</td><t
d>37536</td><td>11227136</td><td>350256</td><td>350256</td><td>11243520</
td><td>11243520</td><td>25358336</td><td>25358
336</td><td>193556480</td><td>193556480</td><td>True</td><td>11227136</
td><td>00:00:06.3180405</td><td>ClearPassOnGuard
</td><td>1</td><td>True</td><td>1</td><td>System.Diagnostics.ProcessStartInfo</
td><td>7/25/2017 5:09:43 PM</td><td></td
><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:07.9560510</
td><td>191459328</td><td>False</td><td></td><
td></td><td></td><td>22745088</td><td></td><td></td></tr>
<tr><td>Process</td><td>ClearPassOnGuard</td><td>533</td><td>184946688</
td><td>12767232</td><td>13692928</td><td>36920<
/td><td>C:\Program Files\Aruba
Networks\ClearPassOnGuard\ClearPassOnGuard.exe</td><td>Aruba
Networks</td><td>26.6293707
</td><td>6.6.2.86786</td><td>6.6.2.86786</td><td>ClearPass
OnGuard</td><td>ClearPassOnGuard</td><td>6176</td><td>Normal
</td><td>533</td><td>12767232</td><td>13692928</td><td>13692928</
td><td>184946688</td><td>00:00:26.6293707</td><td>8</t
d><td></td><td>False</td><td></td><td>1952</td><td>.</td><td>0</td><td></
td><td>System.Diagnostics.ProcessModule (Clear
PassOnGuard.exe)</td><td>1413120</td><td>204800</
td><td>System.Diagnostics.ProcessModuleCollection</td><td>36920</td><t
d>36920</td><td>13692928</td><td>338936</td><td>338936</td><td>13733888</
td><td>13733888</td><td>26947584</td><td>26947
584</td><td>188092416</td><td>188092416</td><td>True</td><td>13692928</
td><td>00:00:13.2912852</td><td>ClearPassOnGuard
</td><td>1</td><td>True</td><td>1</td><td>System.Diagnostics.ProcessStartInfo</
td><td>7/24/2017 1:01:05 PM</td><td></td
><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:13.3380855</
td><td>184946688</td><td>False</td><td></td><
td></td><td></td><td>12767232</td><td></td><td></td></tr>
<tr><td>Process</td><td>csrss</td><td>1060</td><td>52797440</td><td>3342336</
td><td>4493312</td><td>17048</td><td>C:\Wi
ndows\system32\csrss.exe</td><td>Microsoft
Corporation</td><td>8.6736556</td><td>6.1.7600.16385 (win7_rtm.090713-1255)<
/td><td>6.1.7600.16385</td><td>Client Server Runtime
Process</td><td>Microsoft® Windows® Operating System</td
><td>632</td><td>Normal</td><td>1060</td><td>3342336</td><td>4493312</
td><td>4493312</td><td>52797440</td><td>00:00:08.
6736556</td><td>13</td><td></td><td>False</td><td></td><td>2044</td><td>.</
td><td>0</td><td></td><td>System.Diagnostics
.ProcessModule
(csrss.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModule
Collection</td><td>17
048</td><td>17048</td><td>4493312</td><td>166584</td><td>166584</td><td>4919296</
td><td>4919296</td><td>36175872</td><t
d>36175872</td><td>63127552</td><td>63127552</td><td>True</td><td>4493312</
td><td>00:00:06.9888448</td><td>csrss</td><t
d>15</td><td>True</td><td>0</td><td>System.Diagnostics.ProcessStartInfo</
td><td>7/24/2017 12:59:35 PM</td><td></td><td>
System.Diagnostics.ProcessThreadCollection</td><td>00:00:01.6848108</
td><td>52797440</td><td>False</td><td></td><td></t
d><td></td><td>3342336</td><td></td><td></td></tr>
<tr><td>Process</td><td>csrss</td><td>1139</td><td>224038912</td><td>12947456</
td><td>18042880</td><td>25408</td><td>C:
\Windows\system32\csrss.exe</td><td>Microsoft
Corporation</td><td>166.3282662</td><td>6.1.7600.16385 (win7_rtm.090713-1
255)</td><td>6.1.7600.16385</td><td>Client Server Runtime
Process</td><td>Microsoft® Windows® Operating Syste
m</td><td>712</td><td>Normal</td><td>1139</td><td>12947456</td><td>18042880</
td><td>18042880</td><td>224038912</td><td>
00:02:46.3282662</td><td>13</td><td></td><td>False</td><td></td><td>1560</
td><td>.</td><td>0</td><td></td><td>System.Di
agnostics.ProcessModule
(csrss.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModule
Collection</
td><td>25408</td><td>25408</td><td>18042880</td><td>496872</td><td>496872</
td><td>18137088</td><td>18137088</td><td>362
29120</td><td>36229120</td><td>365305856</td><td>365305856</td><td>True</
td><td>18042880</td><td>00:02:43.9102507</td><
td>csrss</td><td>15</td><td>True</td><td>1</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 12:59:39 PM</t
d><td></td><td>System.Diagnostics.ProcessThreadCollection</
td><td>00:00:02.4180155</td><td>224038912</td><td>False</td>
<td></td><td></td><td></td><td>12947456</td><td></td><td></td></tr>
<tr><td>Process</td><td>excel</td><td>1459</td><td>759095296</td><td>141721600</
td><td>142196736</td><td>96032</td><td>
C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE</td><td>Microsoft
Corporation</td><td>1012.5868909</td><td
>15.0.4937.1000</td><td>15.0.4937.1000</td><td>Microsoft Excel</td><td>Microsoft
Office 2013</td><td>4900</td><td>Norma
l</td><td>1459</td><td>141721600</td><td>142196736</td><td>142196736</
td><td>759095296</td><td>00:16:52.5868909</td><td
>8</td><td></td><td>False</td><td></td><td>1392</td><td>.</td><td>536044</
td><td>emea-ap15a.xlsx - Excel</td><td>System
.Diagnostics.ProcessModule
(EXCEL.EXE)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModule
Collectio
n</td><td>96032</td><td>96032</td><td>142196736</td><td>1049352</td><td>1049352</
td><td>301858816</td><td>301858816</td
><td>338706432</td><td>338706432</td><td>895610880</td><td>895610880</
td><td>True</td><td>142196736</td><td>00:07:11.67
03671</td><td>excel</td><td>15</td><td>True</td><td>1</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/25/2017 2:0
7:00
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:09:40.916
5238</td><td>759095296</td><td>
False</td><td></td><td></td><td></td><td>141721600</td><td></td><td></td></tr>
<tr><td>Process</td><td>explorer</td><td>1701</td><td>545382400</
td><td>129875968</td><td>180101120</td><td>147152</td>
<td>C:\Windows\Explorer.EXE</td><td>Microsoft
Corporation</td><td>411.5150379</td><td>6.1.7600.16385 (win7_rtm.090713-1
255)</td><td>6.1.7600.16385</td><td>Windows Explorer</td><td>Microsoft®
Windows® Operating System</td><td>536
4</td><td>Normal</td><td>1701</td><td>129875968</td><td>180101120</
td><td>180101120</td><td>545382400</td><td>00:06:51.
5150379</td><td>8</td><td></td><td>False</td><td></td><td>1488</td><td>.</
td><td>262386</td><td></td><td>System.Diagnos
tics.ProcessModule
(Explorer.EXE)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessMod
uleCollection</td
><td>147152</td><td>147152</td><td>180101120</td><td>750200</td><td>750200</
td><td>185188352</td><td>185188352</td><td>
140111872</td><td>140111872</td><td>691605504</td><td>691605504</td><td>True</
td><td>180101120</td><td>00:04:37.9157815
</td><td>explorer</td><td>15</td><td>True</td><td>1</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 1:00:
53
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:02:13.599
2564</td><td>545382400</td><td>Fa
lse</td><td></td><td></td><td></td><td>129875968</td><td></td><td></td></tr>
<tr><td>Process</td><td>FireSvc</td><td>515</td><td>146804736</td><td>9699328</
td><td>35848192</td><td>33560</td><td>C:
\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe</td><td>McAfee,
Inc.</td><td>90.4961801</td><td>8.0.0.3624<
/td><td>8.0.0.3624</td><td>McAfee HIP Main Service</td><td>McAfee Host Intrusion
Prevention</td><td>2212</td><td>Normal
</td><td>515</td><td>9699328</td><td>35848192</td><td>35848192</td><td>146804736</
td><td>00:01:30.4961801</td><td>8</td
><td></td><td>False</td><td></td><td>2152</td><td>.</td><td>0</td><td></
td><td>System.Diagnostics.ProcessModule (FireSv
c.exe)</td><td>1413120</td><td>204800</
td><td>System.Diagnostics.ProcessModuleCollection</td><td>33560</td><td>33560</t
d><td>35848192</td><td>151080</td><td>151080</td><td>47173632</td><td>47173632</
td><td>39727104</td><td>39727104</td><t
d>165679104</td><td>165679104</td><td>True</td><td>35848192</
td><td>00:00:28.2829813</td><td>FireSvc</td><td>15</td><td
>True</td><td>0</td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017
1:00:04 PM</td><td></td><td>System.Diagno
stics.ProcessThreadCollection</td><td>00:01:02.2131988</td><td>146804736</
td><td>False</td><td></td><td></td><td></td><
td>9699328</td><td></td><td></td></tr>
<tr><td>Process</td><td>GROOVE</td><td>778</td><td>303173632</td><td>25153536</
td><td>19955712</td><td>45600</td><td>C:
\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE</td><td>Microsoft
Corporation</td><td>17.8933147</td><td>14.0
.7011.1000</td><td>14.0.7011.1000</td><td>Microsoft SharePoint
Workspace</td><td>Microsoft Office 2010</td><td>6428</td
><td>Normal</td><td>778</td><td>25153536</td><td>19955712</td><td>19955712</
td><td>303173632</td><td>00:00:17.8933147</
td><td>8</td><td></td><td>False</td><td></td><td>2164</td><td>.</td><td>0</
td><td></td><td>System.Diagnostics.ProcessMo
dule
(GROOVE.EXE)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModul
eCollection</td><td>45600</td><
td>45600</td><td>19955712</td><td>516368</td><td>516368</td><td>20119552</
td><td>20119552</td><td>45355008</td><td>4535
5008</td><td>315879424</td><td>315879424</td><td>True</td><td>19955712</
td><td>00:00:06.5520420</td><td>GROOVE</td><td>
15</td><td>True</td><td>1</td><td>System.Diagnostics.ProcessStartInfo</
td><td>7/24/2017 1:01:07 PM</td><td></td><td>Sys
tem.Diagnostics.ProcessThreadCollection</td><td>00:00:11.3412727</
td><td>303173632</td><td>False</td><td></td><td></td>
<td></td><td>25153536</td><td></td><td></td></tr>
<tr><td>Process</td><td>lsass</td><td>1198</td><td>53252096</td><td>15163392</
td><td>10297344</td><td>35584</td><td>C:\
Windows\system32\lsass.exe</td><td>Microsoft
Corporation</td><td>134.5352624</td><td>6.1.7601.23816 (win7sp1_ldr.170520
-1855)</td><td>6.1.7601.23816</td><td>Local Security Authority
Process</td><td>Microsoft® Windows® Operating
System</td><td>776</td><td>Normal</td><td>1198</td><td>15163392</td><td>10297344</
td><td>10297344</td><td>53252096</td>
<td>00:02:14.5352624</td><td>9</td><td></td><td>False</td><td></td><td>976</
td><td>.</td><td>0</td><td></td><td>System.
Diagnostics.ProcessModule
(lsass.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModule
Collection
</td><td>35584</td><td>35584</td><td>10297344</td><td>122968</td><td>122968</
td><td>10530816</td><td>10530816</td><td>1
8989056</td><td>18989056</td><td>55648256</td><td>55648256</td><td>True</
td><td>10297344</td><td>00:00:56.6283630</td><
td>lsass</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 12:59:41 PM</t
d><td></td><td>System.Diagnostics.ProcessThreadCollection</
td><td>00:01:17.9068994</td><td>53252096</td><td>False</td><
td></td><td></td><td></td><td>15163392</td><td></td><td></td></tr>
<tr><td>Process</td><td>lync</td><td>5117</td><td>979173376</td><td>218542080</
td><td>245702656</td><td>97256</td><td>C
:\Program Files\Microsoft Office 15\root\office15\lync.exe</td><td>Microsoft
Corporation</td><td>1005.1768434</td><td>1
5.0.4933.1000</td><td>15.0.4933.1000</td><td>Skype for Business</td><td>Microsoft
Office 2013</td><td>5928</td><td>Norm
al</td><td>5117</td><td>218542080</td><td>245702656</td><td>245702656</
td><td>979173376</td><td>00:16:45.1768434</td><t
d>8</td><td></td><td>False</td><td></td><td>1160</td><td>.</td><td>396282</
td><td>Shukla, Madhur</td><td>System.Diagnos
tics.ProcessModule
(lync.exe)</td><td>38821888</td><td>38617088</td><td>System.Diagnostics.ProcessModu
leCollection</td>
<td>97256</td><td>97256</td><td>245702656</td><td>1284992</td><td>1284992</
td><td>249802752</td><td>249802752</td><td>2
33082880</td><td>233082880</td><td>990810112</td><td>990810112</td><td>True</
td><td>245702656</td><td>00:06:38.1301521<
/td><td>lync</td><td>15</td><td>True</td><td>1</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 1:01:05 PM
</td><td></td><td>System.Diagnostics.ProcessThreadCollection</
td><td>00:10:07.0466913</td><td>979173376</td><td>False</
td><td></td><td></td><td></td><td>218542080</td><td></td><td></td></tr>
<tr><td>Process</td><td>mcshield</td><td>623</td><td>295952384</td><td>79306752</
td><td>161775616</td><td>36168</td><td
>C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe</td><td>McAfee,
Inc.</td><td>600.915852</td><td>VSCORE.15
.4.0.657.x64</td><td>15.4.0.657</td><td>McAfee On-Access Scanner
service</td><td>VSCORE</td><td>3680</td><td>Normal</td
><td>623</td><td>79306752</td><td>161775616</td><td>161775616</td><td>295952384</
td><td>00:10:00.9158520</td><td>8</td>
<td></td><td>False</td><td></td><td>1444</td><td>.</td><td>0</td><td></
td><td>System.Diagnostics.ProcessModule (mcshiel
d.exe)</td><td>1413120</td><td>204800</
td><td>System.Diagnostics.ProcessModuleCollection</td><td>36168</td><td>36168</t
d><td>161775616</td><td>143408</td><td>143408</td><td>497381376</
td><td>497381376</td><td>341508096</td><td>341508096</
td><td>747458560</td><td>747458560</td><td>True</td><td>161775616</
td><td>00:01:29.9657767</td><td>mcshield</td><td>15<
/td><td>True</td><td>0</td><td>System.Diagnostics.ProcessStartInfo</
td><td>7/24/2017 1:00:14 PM</td><td></td><td>System
.Diagnostics.ProcessThreadCollection</td><td>00:08:30.9500753</td><td>295952384</
td><td>False</td><td></td><td></td><td
></td><td>79306752</td><td></td><td></td></tr>
<tr><td>Process</td><td>notes2</td><td>532</td><td>618307584</td><td>84115456</
td><td>104280064</td><td>71592</td><td>C
:\Program Files (x86)\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\
com.ibm.rcp.base_6.2.2.20100729-1241\win32\x86\note
s2.exe</td><td>IBM</td><td>38.0018436</td><td>3.4.0.0</td><td>3.4.0.0</td><td>Lotus
Notes</td><td>Eclipse 3.4</td><td>5
868</td><td>Normal</td><td>532</td><td>84115456</td><td>104280064</
td><td>104280064</td><td>618307584</td><td>00:00:38.
0018436</td><td>8</td><td></td><td>False</td><td></td><td>1572</td><td>.</
td><td>984256</td><td>Mail - Inbox - IBM Lotu
s Notes</td><td>System.Diagnostics.ProcessModule
(notes2.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics
.ProcessModuleCollection</td><td>71592</td><td>71592</td><td>104280064</
td><td>515168</td><td>515168</td><td>117780480<
/td><td>117780480</td><td>175992832</td><td>175992832</td><td>643461120</
td><td>643461120</td><td>True</td><td>10428006
4</td><td>00:00:20.4985314</td><td>notes2</td><td>15</td><td>True</td><td>1</
td><td>System.Diagnostics.ProcessStartInfo
</td><td>7/25/2017 12:56:04
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:17.503
3122</td
><td>618307584</td><td>False</td><td></td><td></td><td></td><td>84115456</
td><td></td><td></td></tr>
<tr><td>Process</td><td>officeclicktorun</td><td>3698</td><td>204713984</
td><td>56184832</td><td>58892288</td><td>45464
</td><td>C:\Program Files\Microsoft Office
15\ClientX64\OfficeClickToRun.exe</td><td>Microsoft Corporation</td><td>129.
1220277</td><td>15.0.4919.1000</td><td>15.0.4919.1000</td><td>Microsoft Office
Click-to-Run</td><td>Microsoft Office</t
d><td>1824</td><td>Normal</td><td>3698</td><td>56184832</td><td>58892288</
td><td>58892288</td><td>204713984</td><td>00:
02:09.1220277</td><td>8</td><td></td><td>False</td><td></td><td>1308</td><td>.</
td><td>0</td><td></td><td>System.Diagno
stics.ProcessModule
(OfficeClickToRun.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.Pr
ocessModuleColle
ction</td><td>45464</td><td>45464</td><td>58892288</td><td>268040</td><td>268040</
td><td>154517504</td><td>154517504</t
d><td>172994560</td><td>172994560</td><td>349044736</td><td>349044736</
td><td>True</td><td>58892288</td><td>00:01:37.68
78262</td><td>officeclicktorun</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/
24/2017 1:00:04
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:31.434
2015</td><td>2047139
84</td><td>False</td><td></td><td></td><td></td><td>56184832</td><td></td><td></
td></tr>
<tr><td>Process</td><td>outlook</td><td>9597</td><td>1029496832</
td><td>250724352</td><td>271831040</td><td>144208</td>
<td>C:\Program Files\Microsoft Office
15\root\office15\outlook.exe</td><td>Microsoft Corporation</td><td>1245.3403829</
td><td>15.0.4937.1000</td><td>15.0.4937.1000</td><td>Microsoft
Outlook</td><td>Microsoft Outlook</td><td>7316</td><td>N
ormal</td><td>9597</td><td>250724352</td><td>271831040</td><td>271831040</
td><td>1029496832</td><td>00:20:45.3403829</t
d><td>8</td><td></td><td>False</td><td></td><td>1956</td><td>.</td><td>66922</
td><td>Inbox - [email protected] - Outloo
k</td><td>System.Diagnostics.ProcessModule
(outlook.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.Proc
essModuleCollection</td><td>144208</td><td>144208</td><td>271831040</
td><td>1525680</td><td>1525680</td><td>285376512</
td><td>285376512</td><td>304070656</td><td>304070656</td><td>1098174464</
td><td>1098174464</td><td>True</td><td>2718310
40</td><td>00:06:24.8700671</td><td>outlook</td><td>15</td><td>True</td><td>1</
td><td>System.Diagnostics.ProcessStartIn
fo</td><td>7/24/2017 1:02:13
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:14:20.470
3158</t
d><td>1029496832</td><td>False</td><td></td><td></td><td></td><td>250724352</
td><td></td><td></td></tr>
<tr><td>Process</td><td>SearchIndexer</td><td>1204</td><td>236466176</
td><td>33214464</td><td>53473280</td><td>73512</t
d><td>C:\Windows\system32\SearchIndexer.exe</td><td>Microsoft
Corporation</td><td>90.7613818</td><td>7.00.7600.16385 (w
in7_rtm.090713-1255)</td><td>7.00.7600.16385</td><td>Microsoft Windows Search
Indexer</td><td>Windows® Search</td>
<td>7376</td><td>Normal</td><td>1204</td><td>33214464</td><td>53473280</
td><td>53473280</td><td>236466176</td><td>00:01
:30.7613818</td><td>8</td><td></td><td>False</td><td></td><td>2172</td><td>.</
td><td>0</td><td></td><td>System.Diagnost
ics.ProcessModule
(SearchIndexer.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.Proce
ssModuleCollection
</td><td>73512</td><td>73512</td><td>53473280</td><td>205664</td><td>205664</
td><td>67706880</td><td>67706880</td><td>7
6779520</td><td>76779520</td><td>383393792</td><td>383393792</td><td>True</
td><td>53473280</td><td>00:00:32.5106084</td
><td>SearchIndexer</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 1:04
:46
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:58.250
7734</td><td>236466176</td><td>F
alse</td><td></td><td></td><td></td><td>33214464</td><td></td><td></td></tr>
<tr><td>Process</td><td>svchost</td><td>951</td><td>383377408</td><td>218005504</
td><td>217849856</td><td>38520</td><td
>C:\Windows\System32\svchost.exe</td><td>Microsoft
Corporation</td><td>451.9036968</td><td>6.1.7600.16385 (win7_rtm.090
713-1255)</td><td>6.1.7600.16385</td><td>Host Process for Windows
Services</td><td>Microsoft® Windows® Operat
ing
System</td><td>256</td><td>Normal</td><td>951</td><td>218005504</td><td>217849856</
td><td>217849856</td><td>3833774
08</td><td>00:07:31.9192969</td><td>8</td><td></td><td>False</td><td></
td><td>2192</td><td>.</td><td>0</td><td></td><td
>System.Diagnostics.ProcessModule
(svchost.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModu
le
Collection</td><td>38520</td><td>38520</td><td>217849856</td><td>184040</
td><td>184040</td><td>305569792</td><td>305569
792</td><td>308183040</td><td>308183040</td><td>435568640</td><td>435568640</
td><td>True</td><td>217849856</td><td>00:0
2:32.1165751</td><td>svchost</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24
/2017 12:59:53
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:04:59.802
7218</td><td>38337740
8</td><td>False</td><td></td><td></td><td></td><td>218005504</td><td></td><td></
td></tr>
<tr><td>Process</td><td>svchost</td><td>534</td><td>62369792</td><td>11763712</
td><td>10821632</td><td>18752</td><td>C:
\Windows\system32\svchost.exe</td><td>Microsoft
Corporation</td><td>13.3536856</td><td>6.1.7600.16385 (win7_rtm.090713-
1255)</td><td>6.1.7600.16385</td><td>Host Process for Windows
Services</td><td>Microsoft® Windows® Operating
System</td><td>424</td><td>Normal</td><td>534</td><td>11763712</td><td>10821632</
td><td>10821632</td><td>62369792</td><
td>00:00:13.3536856</td><td>8</td><td></td><td>False</td><td></td><td>1912</
td><td>.</td><td>0</td><td></td><td>System.
Diagnostics.ProcessModule
(svchost.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModu
leCollecti
on</td><td>18752</td><td>18752</td><td>10821632</td><td>141272</td><td>141272</
td><td>10944512</td><td>10944512</td><td
>13606912</td><td>13606912</td><td>87097344</td><td>87097344</td><td>True</
td><td>10821632</td><td>00:00:04.2276271</td
><td>svchost</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 12:59:53 P
M</td><td></td><td>System.Diagnostics.ProcessThreadCollection</
td><td>00:00:09.1260585</td><td>62369792</td><td>False</
td><td></td><td></td><td></td><td>11763712</td><td></td><td></td></tr>
<tr><td>Process</td><td>svchost</td><td>566</td><td>110239744</td><td>17346560</
td><td>24756224</td><td>27784</td><td>C
:\Windows\System32\svchost.exe</td><td>Microsoft
Corporation</td><td>20.7637331</td><td>6.1.7600.16385 (win7_rtm.090713
-1255)</td><td>6.1.7600.16385</td><td>Host Process for Windows
Services</td><td>Microsoft® Windows® Operating
System</td><td>880</td><td>Normal</td><td>566</td><td>17346560</td><td>24756224</
td><td>24756224</td><td>110239744</td
><td>00:00:20.7637331</td><td>8</td><td></td><td>False</td><td></td><td>1916</
td><td>.</td><td>0</td><td></td><td>Syste
m.Diagnostics.ProcessModule
(svchost.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModu
leCollec
tion</td><td>27784</td><td>27784</td><td>24756224</td><td>158424</td><td>158424</
td><td>26157056</td><td>26157056</td><
td>23080960</td><td>23080960</td><td>114769920</td><td>114769920</td><td>True</
td><td>24756224</td><td>00:00:12.2616786
</td><td>svchost</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 12:59:
53
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:08.502
0545</td><td>110239744</td><td>Fa
lse</td><td></td><td></td><td></td><td>17346560</td><td></td><td></td></tr>
<tr><td>Process</td><td>svchost</td><td>1864</td><td>482160640</td><td>49848320</
td><td>46989312</td><td>94960</td><td>
C:\Windows\system32\svchost.exe</td><td>Microsoft
Corporation</td><td>99.9498407</td><td>6.1.7600.16385 (win7_rtm.09071
3-1255)</td><td>6.1.7600.16385</td><td>Host Process for Windows
Services</td><td>Microsoft® Windows® Operatin
g System</td><td>1060</td><td>Normal</td><td>1864</td><td>49848320</
td><td>46989312</td><td>46989312</td><td>482160640<
/td><td>00:01:39.9498407</td><td>8</td><td></td><td>False</td><td></td><td>1316</
td><td>.</td><td>0</td><td></td><td>Sy
stem.Diagnostics.ProcessModule
(svchost.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModu
leCol
lection</td><td>94960</td><td>94960</td><td>46989312</td><td>323016</
td><td>323016</td><td>263454720</td><td>263454720<
/td><td>225382400</td><td>225382400</td><td>-1726418944</td><td>2568548352</
td><td>True</td><td>46989312</td><td>00:00:
50.1231213</td><td>svchost</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2
017 12:59:53
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:49.826
7194</td><td>482160640<
/td><td>False</td><td></td><td></td><td></td><td>49848320</td><td></td><td></td></
tr>
<tr><td>Process</td><td>svchost</td><td>562</td><td>77283328</td><td>18591744</
td><td>13205504</td><td>38768</td><td>C:
\Windows\system32\svchost.exe</td><td>Microsoft
Corporation</td><td>6.8016436</td><td>6.1.7600.16385 (win7_rtm.090713-1
255)</td><td>6.1.7600.16385</td><td>Host Process for Windows
Services</td><td>Microsoft® Windows® Operating S
ystem</td><td>1400</td><td>Normal</td><td>562</td><td>18591744</td><td>13205504</
td><td>13205504</td><td>77283328</td><
td>00:00:06.8016436</td><td>8</td><td></td><td>False</td><td></td><td>988</
td><td>.</td><td>0</td><td></td><td>System.D
iagnostics.ProcessModule
(svchost.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModu
leCollectio
n</td><td>38768</td><td>38768</td><td>13205504</td><td>136696</td><td>136696</
td><td>16420864</td><td>16420864</td><td>
20004864</td><td>20004864</td><td>97738752</td><td>97738752</td><td>True</
td><td>13205504</td><td>00:00:04.6020295</td>
<td>svchost</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 12:59:58 PM
</td><td></td><td>System.Diagnostics.ProcessThreadCollection</
td><td>00:00:02.1996141</td><td>77283328</td><td>False</t
d><td></td><td></td><td></td><td>18591744</td><td></td><td></td></tr>
<tr><td>Process</td><td>svchost</td><td>627</td><td>153481216</td><td>16539648</
td><td>20631552</td><td>45112</td><td>C
:\Windows\System32\svchost.exe</td><td>Microsoft
Corporation</td><td>42.744274</td><td>6.1.7600.16385 (win7_rtm.090713-
1255)</td><td>6.1.7600.16385</td><td>Host Process for Windows
Services</td><td>Microsoft® Windows® Operating
System</td><td>1572</td><td>Normal</td><td>627</td><td>16539648</td><td>20631552</
td><td>20631552</td><td>153481216</td
><td>00:00:42.7442740</td><td>8</td><td></td><td>False</td><td></td><td>2188</
td><td>.</td><td>0</td><td></td><td>Syste
m.Diagnostics.ProcessModule
(svchost.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModu
leCollec
tion</td><td>45112</td><td>45112</td><td>20631552</td><td>133984</td><td>133984</
td><td>21463040</td><td>21463040</td><
td>21856256</td><td>21856256</td><td>158724096</td><td>158724096</td><td>True</
td><td>20631552</td><td>00:00:31.0441990
</td><td>svchost</td><td>15</td><td>True</td><td>0</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 1:00:0
0
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:11.700
0750</td><td>153481216</td><td>Fal
se</td><td></td><td></td><td></td><td>16539648</td><td></td><td></td></tr>
<tr><td>Process</td><td>SynTPEnh</td><td>547</td><td>101199872</td><td>11190272</
td><td>11083776</td><td>13888</td><td>
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</td><td>Synaptics
Incorporated</td><td>1384.040872</td><td>17.0.12.3 06Se
p13</td><td>17.0.12.3 06Sep13</td><td>Synaptics TouchPad 64-bit
Enhancements</td><td>Synaptics Pointing Device Driver</
td><td>5668</td><td>AboveNormal</td><td>547</td><td>11190272</td><td>11083776</
td><td>11083776</td><td>101199872</td><t
d>00:23:04.0408720</td><td>10</td><td></td><td>False</td><td></td><td>1420</
td><td>.</td><td>0</td><td></td><td>System.
Diagnostics.ProcessModule
(SynTPEnh.exe)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessMod
uleCollect
ion</td><td>13888</td><td>13888</td><td>11083776</td><td>225496</td><td>225496</
td><td>11333632</td><td>11333632</td><t
d>19955712</td><td>19955712</td><td>104624128</td><td>104624128</td><td>True</
td><td>11083776</td><td>00:19:02.5045237<
/td><td>SynTPEnh</td><td>15</td><td>True</td><td>1</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 1:01:0
4
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:04:01.536
3483</td><td>101199872</td><td>Fal
se</td><td></td><td></td><td></td><td>11190272</td><td></td><td></td></tr>
<tr><td>Process</td><td>System</td><td>768</td><td>7069696</td><td>1753088</
td><td>204800</td><td>0</td><td></td><td></
td><td></td><td></td><td></td><td></td><td></td><td>4</td><td></td><td>768</
td><td>1753088</td><td>204800</td><td>20480
0</td><td>7069696</td><td></td><td>8</td><td></td><td></td><td></td><td></
td><td>.</td><td>0</td><td></td><td></td><td>
</td><td></td><td></td><td>0</td><td>0</td><td>204800</td><td>0</td><td>0</
td><td>4628480</td><td>4628480</td><td>86343
68</td><td>8634368</td><td>12775424</td><td>12775424</td><td></td><td>204800</
td><td></td><td>System</td><td></td><td>T
rue</td><td>0</td><td>System.Diagnostics.ProcessStartInfo</td><td></td><td></
td><td>System.Diagnostics.ProcessThreadCol
lection</td><td></td><td>7069696</td><td>False</td><td></td><td></td><td></
td><td>1753088</td><td></td><td></td></tr>
<tr><td>Process</td><td>ucmapi</td><td>1189</td><td>377765888</td><td>26513408</
td><td>16588800</td><td>36792</td><td>C
:\Program Files\Microsoft Office 15\Root\Office15\UcMapi.exe</td><td>Microsoft
Corporation</td><td>10.92007</td><td>15.
0.4933.1000</td><td>15.0.4933.1000</td><td>Skype for Business</td><td>Microsoft
Office 2013</td><td>6896</td><td>Normal
</td><td>1189</td><td>26513408</td><td>16588800</td><td>16588800</
td><td>377765888</td><td>00:00:10.9200700</td><td>8</
td><td></td><td>False</td><td></td><td>1768</td><td>.</td><td>0</td><td></
td><td>System.Diagnostics.ProcessModule (UcMa
pi.exe)</td><td>1413120</td><td>204800</
td><td>System.Diagnostics.ProcessModuleCollection</td><td>36792</td><td>36792</
td><td>16588800</td><td>693568</td><td>693568</td><td>16773120</td><td>16773120</
td><td>45838336</td><td>45838336</td><
td>394543104</td><td>394543104</td><td>True</td><td>16588800</
td><td>00:00:04.5864294</td><td>ucmapi</td><td>15</td><td
>True</td><td>1</td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017
1:03:49 PM</td><td></td><td>System.Diagno
stics.ProcessThreadCollection</td><td>00:00:06.3336406</td><td>377765888</
td><td>False</td><td></td><td></td><td></td><
td>26513408</td><td></td><td></td></tr>
<tr><td>Process</td><td>winword</td><td>842</td><td>549761024</td><td>44998656</
td><td>61284352</td><td>53296</td><td>C
:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE</td><td>Microsoft
Corporation</td><td>23.3533497</td><td>
15.0.4927.1000</td><td>15.0.4927.1000</td><td>Microsoft Word</td><td>Microsoft
Office 2013</td><td>7216</td><td>Normal<
/td><td>842</td><td>44998656</td><td>61284352</td><td>61284352</td><td>549761024</
td><td>00:00:23.3533497</td><td>8</td
><td></td><td>False</td><td></td><td>1720</td><td>.</td><td>657202</td><td>POD.docx
- Word</td><td>System.Diagnostics.P
rocessModule
(WINWORD.EXE)</td><td>1413120</td><td>204800</td><td>System.Diagnostics.ProcessModu
leCollection</td><td>53
296</td><td>53296</td><td>61284352</td><td>908368</td><td>908368</
td><td>87371776</td><td>87371776</td><td>119619584</t
d><td>119619584</td><td>600064000</td><td>600064000</td><td>True</
td><td>61284352</td><td>00:00:09.8280630</td><td>winw
ord</td><td>15</td><td>True</td><td>1</
td><td>System.Diagnostics.ProcessStartInfo</td><td>7/24/2017 1:03:14 PM</td><td>
</td><td>System.Diagnostics.ProcessThreadCollection</td><td>00:00:13.5252867</
td><td>549761024</td><td>False</td><td></
td><td></td><td></td><td>44998656</td><td></td><td></td></tr>
<tr><td>Process</td><td>wmplayer</td><td>523</td><td>201981952</td><td>26210304</
td><td>29700096</td><td>43304</td><td>
C:\Program Files (x86)\Windows Media Player\wmplayer.exe</td><td>Microsoft
Corporation</td><td>63.4456067</td><td>12.0.
7601.23517 (win7sp1_ldr.160812-0732)</td><td>12.0.7601.23517</td><td>Windows Media
Player</td><td>Microsoft® Windo
ws® Operating
System</td><td>1228</td><td>Normal</td><td>523</td><td>26210304</td><td>29700096</
td><td>29700096</t
d><td>201981952</td><td>00:01:03.4456067</td><td>8</td><td></td><td>False</
td><td></td><td>1832</td><td>.</td><td>33552
2</td><td>Windows Media Player</td><td>System.Diagnostics.ProcessModule
(wmplayer.exe)</td><td>64503808</td><td>6239027
2</td><td>System.Diagnostics.ProcessModuleCollection</td><td>43304</td><td>43304</
td><td>29700096</td><td>326344</td><t
d>326344</td><td>151212032</td><td>151212032</td><td>95617024</td><td>95617024</
td><td>340033536</td><td>340033536</td>
<td>True</td><td>29700096</td><td>00:00:14.5860935</td><td>wmplayer</td><td>15</
td><td>True</td><td>1</td><td>System.Di
agnostics.ProcessStartInfo</td><td>7/24/2017 9:53:36
PM</td><td></td><td>System.Diagnostics.ProcessThreadCollection</td
><td>00:00:48.8595132</td><td>201981952</td><td>False</td><td></td><td></td><td></
td><td>26210304</td><td></td><td></td
></tr>
</table>
</body></html>
PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | format-
csv
The term 'format-csv' is not recognized as the name of a cmdlet, function, script
file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct
and try again.
At line:1 char:61
+ get-process | where-object {$_.handles -gt 500} | format-csv <<<<
+ CategoryInfo : ObjectNotFound: (format-csv:String) [],
CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

PS C:\Windows\system32> $home
C:\Users\pkumar200
PS C:\Windows\system32> $PSHOME
C:\Windows\System32\WindowsPowerShell\v1.0
PS C:\Windows\system32> $PROFILE
C:\Users\pkumar200\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1
PS C:\Windows\system32> $a = 5
PS C:\Windows\system32> $a.GetType()

IsPublic IsSerial Name BaseType

-------- -------- ---- --------
True True Int32 System.ValueType

PS C:\Windows\system32> $b = india
The term 'india' is not recognized as the name of a cmdlet, function, script file,
or operable program. Check the spell
ing of the name, or if a path was included, verify that the path is correct and try
again.
At line:1 char:11
+ $b = india <<<<
+ CategoryInfo : ObjectNotFound: (india:String) [],
CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

PS C:\Windows\system32> $b = "india"
PS C:\Windows\system32> $b.GetType()

IsPublic IsSerial Name BaseType

-------- -------- ---- --------
True True String System.Object

PS C:\Windows\system32> $c = 'ram'
PS C:\Windows\system32> $c.GetType()

IsPublic IsSerial Name BaseType

-------- -------- ---- --------
True True String System.Object

PS C:\Windows\system32> help psre

PS C:\Windows\system32> $env
PS C:\Windows\system32> cls
PS C:\Windows\system32> ipconfig
PS C:\Windows\system32> ipconfig = $ipc
PS C:\Windows\system32> $ipc = {ipconfig}
PS C:\Windows\system32> $pc
PS C:\Windows\system32> $ipc
ipconfig
PS C:\Windows\system32> ipconfig
PS C:\Windows\system32> $ipc = ipconfig
PS C:\Windows\system32> $ipc

Windows IP Configuration

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

IPv4 Address. . . . . . . . . . . : 20.198.137.154
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 20.198.137.1

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : asiapac.globalcsc.net
PS C:\Windows\system32> cls
PS C:\Windows\system32> $ipc

Windows IP Configuration

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

IPv4 Address. . . . . . . . . . . : 20.198.137.154
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 20.198.137.1

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : asiapac.globalcsc.net
PS C:\Windows\system32> help *content*
PS C:\Windows\system32> help Get-Content -examples
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32> help Get-Content -examples
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32> help *search*
PS C:\Windows\system32> cls
PS C:\Windows\system32> help *string*
PS C:\Windows\system32> help select-string -examples
PS C:\Windows\system32>

PS C:\Windows\system32> get-childitem d:\ -include *.txt -Recurse | Select-String -

Pattern "prem"

D:\NGDATASUNNYTIKOO\Reports\Intrenetaddress.txt:700:[email protected]
D:\powershellcsctraining\day1_2.txt:2241:-a--- 7/14/2009 7:09 AM
71168 lpremove.exe

D:\powershellcsctraining\day1_2.txt:4053:-a--s 11/21/2010 1:07 AM

7394 Microsoft-Windows-HomePremiumEdit
i
D:\powershellcsctraining\day1_2.txt:4175:
Premium-Package~31bf3856ad364e35~
a
D:\powershellcsctraining\day1_2.txt:4178:
Premium-Package~31bf3856ad364e35~
a
D:\powershellcsctraining\day1_2.txt:4268:-a--s 11/21/2010 2:59 AM
11800 Microsoft-Windows-Printing-Premiu
m
D:\powershellcsctraining\day1_2.txt:4271:-a--s 11/21/2010 1:07 AM
14732 Microsoft-Windows-Printing-Premiu
m
D:\powershellcsctraining\day1_2.txt:4377:-a--s 11/21/2010 2:56 AM
9440 Microsoft-Windows-Shell-PremiumIn
b
D:\powershellcsctraining\day1_2.txt:4380:-a--s 11/21/2010 1:06 AM
11196 Microsoft-Windows-Shell-PremiumIn
b
D:\powershellcsctraining\day1_2.txt:17297:d---- 7/14/2017 10:03 PM
prembackup

D:\powershellcsctraining\day1_2.txt:17402:-a--- 4/3/2017 5:01 PM

154146 Prem-Paramount Health Services (
TP
D:\powershellcsctraining\day1_2.txt:17467:d---- 7/14/2017 10:03 PM
prembackup

D:\powershellcsctraining\day1_2.txt:17572:-a--- 4/3/2017 5:01 PM

154146 Prem-Paramount Health Services (
TP
D:\powershellcsctraining\day1_2.txt:17628: Directory: D:\prembackup\premdata\
ddrive
D:\powershellcsctraining\day1_2.txt:17637: Directory: D:\prembackup\premdata\
ddrive\kflute
D:\powershellcsctraining\day1_2.txt:17647: Directory: D:\prembackup\premdata\
ddrive\meditation
D:\powershellcsctraining\day1_2.txt:17663: Directory: D:\prembackup\premdata\
ddrive\premHYDdata
D:\powershellcsctraining\day1_2.txt:17671: Directory: D:\prembackup\premdata\
desktop-27-06-16
D:\powershellcsctraining\day1_2.txt:17680: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders
D:\powershellcsctraining\day1_2.txt:17690: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\form31a
nd
D:\powershellcsctraining\day1_2.txt:17699: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\osho
D:\powershellcsctraining\day1_2.txt:17712: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_2.txt:17748: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_2.txt:17768: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_2.txt:17777: Directory: D:\prembackup\premdata\
desktop-27-06-16\print
D:\powershellcsctraining\day1_2.txt:17787: Directory: D:\prembackup\premdata\
desktop12-3-2014
D:\powershellcsctraining\day1_2.txt:17795: Directory: D:\prembackup\premdata\
mahavirvani
D:\powershellcsctraining\day1_2.txt:17804: Directory: D:\prembackup\premdata\
motorolabackup\Media\WhatsApp Audio
D:\powershellcsctraining\day1_2.txt:17813: Directory: D:\prembackup\premdata\
Prembackup\loosefiles
D:\powershellcsctraining\day1_2.txt:17829: Directory: D:\prembackup\premdata\
premcdrive\desktopnew\csc-internal\awar
en
D:\powershellcsctraining\day1_2.txt:18162: Directory: D:\prembackup\premdata\
prempersonal\gita
D:\powershellcsctraining\day1_2.txt:18173: Directory: D:\prembackup\premdata\
prempersonal\Rajeev Dixit\2. New Lectur
es
D:\powershellcsctraining\day1_2.txt:18193: Directory: D:\prembackup\premdata\
prempersonal\Rajeev Dixit\3. Swadeshi S
e
D:\powershellcsctraining\day1_2.txt:18202: Directory: D:\prembackup\premdata\rr\
01. Soz
D:\powershellcsctraining\day1_2.txt:18218: Directory: D:\prembackup\premdata\rr\
O.P. Nayyar\01. Kashmir Ki Kali
D:\powershellcsctraining\day1_2.txt:18226: Directory: D:\prembackup\premdata\rr\
O.P. Nayyar\02. Naya Daur
D:\powershellcsctraining\day1_2.txt:18234: Directory: D:\prembackup\sharednew\
exchange\Content files\01.Course Scena
ri
D:\powershellcsctraining\day1_2.txt:18243: Directory: D:\prembackup\sharednew\
exchange\Content files\02.An Overview
of
D:\powershellcsctraining\day1_2.txt:18252: Directory: D:\prembackup\sharednew\
exchange\Content files\03.An Understan
di
D:\powershellcsctraining\day1_2.txt:18262: Directory: D:\prembackup\sharednew\
exchange\Content files\04.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18272: Directory: D:\prembackup\sharednew\
exchange\Content files\05.Installation
o
D:\powershellcsctraining\day1_2.txt:18281: Directory: D:\prembackup\sharednew\
exchange\Content files\06.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18290: Directory: D:\prembackup\sharednew\
exchange\Content files\07.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18300: Directory: D:\prembackup\sharednew\
exchange\Content files\08.Creating Rec
ip
D:\powershellcsctraining\day1_2.txt:18309: Directory: D:\prembackup\sharednew\
exchange\Content files\09.Managing Dat
ab
D:\powershellcsctraining\day1_2.txt:18318: Directory: D:\prembackup\sharednew\
exchange\Content files\10.Mailbox Conf
ig
D:\powershellcsctraining\day1_2.txt:18327: Directory: D:\prembackup\sharednew\
exchange\Content files\11.Mail Flow Co
nf
D:\powershellcsctraining\day1_2.txt:18336: Directory: D:\prembackup\sharednew\
exchange\Content files\12.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18345: Directory: D:\prembackup\sharednew\
exchange\Content files\13.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18355: Directory: D:\prembackup\sharednew\
exchange\Content files\14.Collaboratio
n
D:\powershellcsctraining\day1_2.txt:18364: Directory: D:\prembackup\sharednew\
exchange\Content files\15.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18373: Directory: D:\prembackup\sharednew\
exchange\Content files\16.Compliance M
an
D:\powershellcsctraining\day1_2.txt:18383: Directory: D:\prembackup\sharednew\
exchange\Content files\17.Working with
T
D:\powershellcsctraining\day1_2.txt:18393: Directory: D:\prembackup\sharednew\
exchange\Content files\18.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18403: Directory: D:\prembackup\sharednew\
exchange\Content files\19.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18413: Directory: D:\prembackup\sharednew\
exchange\Content files\20.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18423: Directory: D:\prembackup\sharednew\
exchange\Content files\21.Exchange 201
3
D:\powershellcsctraining\day1_2.txt:18433: Directory: D:\prembackup\sharednew\
exchange\Content files\22.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:2241:-a--- 7/14/2009 7:09 AM
71168 lpremove.exe

D:\powershellcsctraining\day1_3.txt:4053:-a--s 11/21/2010 1:07 AM

7394 Microsoft-Windows-HomePremiumEdit
i
D:\powershellcsctraining\day1_3.txt:4175:
Premium-Package~31bf3856ad364e35~
a
D:\powershellcsctraining\day1_3.txt:4178:
Premium-Package~31bf3856ad364e35~
a
D:\powershellcsctraining\day1_3.txt:4268:-a--s 11/21/2010 2:59 AM
11800 Microsoft-Windows-Printing-Premiu
m
D:\powershellcsctraining\day1_3.txt:4271:-a--s 11/21/2010 1:07 AM
14732 Microsoft-Windows-Printing-Premiu
m
D:\powershellcsctraining\day1_3.txt:4377:-a--s 11/21/2010 2:56 AM
9440 Microsoft-Windows-Shell-PremiumIn
b
D:\powershellcsctraining\day1_3.txt:4380:-a--s 11/21/2010 1:06 AM
11196 Microsoft-Windows-Shell-PremiumIn
b
D:\powershellcsctraining\day1_3.txt:17297:d---- 7/14/2017 10:03 PM
prembackup

D:\powershellcsctraining\day1_3.txt:17402:-a--- 4/3/2017 5:01 PM

154146 Prem-Paramount Health Services (
TP
D:\powershellcsctraining\day1_3.txt:17467:d---- 7/14/2017 10:03 PM
prembackup

D:\powershellcsctraining\day1_3.txt:17572:-a--- 4/3/2017 5:01 PM

154146 Prem-Paramount Health Services (
TP
D:\powershellcsctraining\day1_3.txt:17628: Directory: D:\prembackup\premdata\
ddrive
D:\powershellcsctraining\day1_3.txt:17637: Directory: D:\prembackup\premdata\
ddrive\kflute
D:\powershellcsctraining\day1_3.txt:17647: Directory: D:\prembackup\premdata\
ddrive\meditation
D:\powershellcsctraining\day1_3.txt:17663: Directory: D:\prembackup\premdata\
ddrive\premHYDdata
D:\powershellcsctraining\day1_3.txt:17671: Directory: D:\prembackup\premdata\
desktop-27-06-16
D:\powershellcsctraining\day1_3.txt:17680: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders
D:\powershellcsctraining\day1_3.txt:17690: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\form31a
nd
D:\powershellcsctraining\day1_3.txt:17699: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\osho
D:\powershellcsctraining\day1_3.txt:17712: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_3.txt:17748: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_3.txt:17768: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_3.txt:17777: Directory: D:\prembackup\premdata\
desktop-27-06-16\print
D:\powershellcsctraining\day1_3.txt:17787: Directory: D:\prembackup\premdata\
desktop12-3-2014
D:\powershellcsctraining\day1_3.txt:17795: Directory: D:\prembackup\premdata\
mahavirvani
D:\powershellcsctraining\day1_3.txt:17804: Directory: D:\prembackup\premdata\
motorolabackup\Media\WhatsApp Audio
D:\powershellcsctraining\day1_3.txt:17813: Directory: D:\prembackup\premdata\
Prembackup\loosefiles
D:\powershellcsctraining\day1_3.txt:17829: Directory: D:\prembackup\premdata\
premcdrive\desktopnew\csc-internal\awar
en
D:\powershellcsctraining\day1_3.txt:18162: Directory: D:\prembackup\premdata\
prempersonal\gita
D:\powershellcsctraining\day1_3.txt:18173: Directory: D:\prembackup\premdata\
prempersonal\Rajeev Dixit\2. New Lectur
es
D:\powershellcsctraining\day1_3.txt:18193: Directory: D:\prembackup\premdata\
prempersonal\Rajeev Dixit\3. Swadeshi S
e
D:\powershellcsctraining\day1_3.txt:18202: Directory: D:\prembackup\premdata\rr\
01. Soz
D:\powershellcsctraining\day1_3.txt:18218: Directory: D:\prembackup\premdata\rr\
O.P. Nayyar\01. Kashmir Ki Kali
D:\powershellcsctraining\day1_3.txt:18226: Directory: D:\prembackup\premdata\rr\
O.P. Nayyar\02. Naya Daur
D:\powershellcsctraining\day1_3.txt:18234: Directory: D:\prembackup\sharednew\
exchange\Content files\01.Course Scena
ri
D:\powershellcsctraining\day1_3.txt:18243: Directory: D:\prembackup\sharednew\
exchange\Content files\02.An Overview
of
D:\powershellcsctraining\day1_3.txt:18252: Directory: D:\prembackup\sharednew\
exchange\Content files\03.An Understan
di
D:\powershellcsctraining\day1_3.txt:18262: Directory: D:\prembackup\sharednew\
exchange\Content files\04.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18272: Directory: D:\prembackup\sharednew\
exchange\Content files\05.Installation
o
D:\powershellcsctraining\day1_3.txt:18281: Directory: D:\prembackup\sharednew\
exchange\Content files\06.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18290: Directory: D:\prembackup\sharednew\
exchange\Content files\07.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18300: Directory: D:\prembackup\sharednew\
exchange\Content files\08.Creating Rec
ip
D:\powershellcsctraining\day1_3.txt:18309: Directory: D:\prembackup\sharednew\
exchange\Content files\09.Managing Dat
ab
D:\powershellcsctraining\day1_3.txt:18318: Directory: D:\prembackup\sharednew\
exchange\Content files\10.Mailbox Conf
ig
D:\powershellcsctraining\day1_3.txt:18327: Directory: D:\prembackup\sharednew\
exchange\Content files\11.Mail Flow Co
nf
D:\powershellcsctraining\day1_3.txt:18336: Directory: D:\prembackup\sharednew\
exchange\Content files\12.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18345: Directory: D:\prembackup\sharednew\
exchange\Content files\13.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18355: Directory: D:\prembackup\sharednew\
exchange\Content files\14.Collaboratio
n
D:\powershellcsctraining\day1_3.txt:18364: Directory: D:\prembackup\sharednew\
exchange\Content files\15.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18373: Directory: D:\prembackup\sharednew\
exchange\Content files\16.Compliance M
an
D:\powershellcsctraining\day1_3.txt:18383: Directory: D:\prembackup\sharednew\
exchange\Content files\17.Working with
T
D:\powershellcsctraining\day1_3.txt:18393: Directory: D:\prembackup\sharednew\
exchange\Content files\18.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18403: Directory: D:\prembackup\sharednew\
exchange\Content files\19.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18413: Directory: D:\prembackup\sharednew\
exchange\Content files\20.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18423: Directory: D:\prembackup\sharednew\
exchange\Content files\21.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18433: Directory: D:\prembackup\sharednew\
exchange\Content files\22.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:18458: Directory: D:\prembackup\premdata\
ddrive
D:\powershellcsctraining\day1_3.txt:18467: Directory: D:\prembackup\premdata\
ddrive\kflute
D:\powershellcsctraining\day1_3.txt:18477: Directory: D:\prembackup\premdata\
ddrive\meditation
D:\powershellcsctraining\day1_3.txt:18493: Directory: D:\prembackup\premdata\
ddrive\premHYDdata
D:\powershellcsctraining\day1_3.txt:18501: Directory: D:\prembackup\premdata\
desktop-27-06-16
D:\powershellcsctraining\day1_3.txt:18510: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders
D:\powershellcsctraining\day1_3.txt:18520: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\form31a
nd
D:\powershellcsctraining\day1_3.txt:18529: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\osho
D:\powershellcsctraining\day1_3.txt:18542: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_3.txt:18578: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_3.txt:18598: Directory: D:\prembackup\premdata\
desktop-27-06-16\desktopfolders\Rajeev
Di
D:\powershellcsctraining\day1_3.txt:18607: Directory: D:\prembackup\premdata\
desktop-27-06-16\print
D:\powershellcsctraining\day1_3.txt:18617: Directory: D:\prembackup\premdata\
desktop12-3-2014
D:\powershellcsctraining\day1_3.txt:18625: Directory: D:\prembackup\premdata\
mahavirvani
D:\powershellcsctraining\day1_3.txt:18634: Directory: D:\prembackup\premdata\
motorolabackup\Media\WhatsApp Audio
D:\powershellcsctraining\day1_3.txt:18643: Directory: D:\prembackup\premdata\
Prembackup\loosefiles
D:\powershellcsctraining\day1_3.txt:18659: Directory: D:\prembackup\premdata\
premcdrive\desktopnew\csc-internal\awar
en
D:\powershellcsctraining\day1_3.txt:18992: Directory: D:\prembackup\premdata\
prempersonal\gita
D:\powershellcsctraining\day1_3.txt:19003: Directory: D:\prembackup\premdata\
prempersonal\Rajeev Dixit\2. New Lectur
es
D:\powershellcsctraining\day1_3.txt:19023: Directory: D:\prembackup\premdata\
prempersonal\Rajeev Dixit\3. Swadeshi S
e
D:\powershellcsctraining\day1_3.txt:19032: Directory: D:\prembackup\premdata\rr\
01. Soz
D:\powershellcsctraining\day1_3.txt:19048: Directory: D:\prembackup\premdata\rr\
O.P. Nayyar\01. Kashmir Ki Kali
D:\powershellcsctraining\day1_3.txt:19056: Directory: D:\prembackup\premdata\rr\
O.P. Nayyar\02. Naya Daur
D:\powershellcsctraining\day1_3.txt:19064: Directory: D:\prembackup\sharednew\
exchange\Content files\01.Course Scena
ri
D:\powershellcsctraining\day1_3.txt:19073: Directory: D:\prembackup\sharednew\
exchange\Content files\02.An Overview
of
D:\powershellcsctraining\day1_3.txt:19082: Directory: D:\prembackup\sharednew\
exchange\Content files\03.An Understan
di
D:\powershellcsctraining\day1_3.txt:19092: Directory: D:\prembackup\sharednew\
exchange\Content files\04.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19102: Directory: D:\prembackup\sharednew\
exchange\Content files\05.Installation
o
D:\powershellcsctraining\day1_3.txt:19111: Directory: D:\prembackup\sharednew\
exchange\Content files\06.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19120: Directory: D:\prembackup\sharednew\
exchange\Content files\07.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19130: Directory: D:\prembackup\sharednew\
exchange\Content files\08.Creating Rec
ip
D:\powershellcsctraining\day1_3.txt:19139: Directory: D:\prembackup\sharednew\
exchange\Content files\09.Managing Dat
ab
D:\powershellcsctraining\day1_3.txt:19148: Directory: D:\prembackup\sharednew\
exchange\Content files\10.Mailbox Conf
ig
D:\powershellcsctraining\day1_3.txt:19157: Directory: D:\prembackup\sharednew\
exchange\Content files\11.Mail Flow Co
nf
D:\powershellcsctraining\day1_3.txt:19166: Directory: D:\prembackup\sharednew\
exchange\Content files\12.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19175: Directory: D:\prembackup\sharednew\
exchange\Content files\13.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19185: Directory: D:\prembackup\sharednew\
exchange\Content files\14.Collaboratio
n
D:\powershellcsctraining\day1_3.txt:19194: Directory: D:\prembackup\sharednew\
exchange\Content files\15.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19203: Directory: D:\prembackup\sharednew\
exchange\Content files\16.Compliance M
an
D:\powershellcsctraining\day1_3.txt:19213: Directory: D:\prembackup\sharednew\
exchange\Content files\17.Working with
T
D:\powershellcsctraining\day1_3.txt:19223: Directory: D:\prembackup\sharednew\
exchange\Content files\18.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19233: Directory: D:\prembackup\sharednew\
exchange\Content files\19.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19243: Directory: D:\prembackup\sharednew\
exchange\Content files\20.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19253: Directory: D:\prembackup\sharednew\
exchange\Content files\21.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19263: Directory: D:\prembackup\sharednew\
exchange\Content files\22.Exchange 201
3
D:\powershellcsctraining\day1_3.txt:19281:PS D:\> path d:\prem
D:\powershellcsctraining\day1_3.txt:19286:+ path <<<< d:\prem
D:\powershellcsctraining\day1_3.txt:19504:PS C:\> New-Item -type diretory -path c:\
temp\prem
D:\powershellcsctraining\day1_3.txt:19508:+ New-Item <<<< -type diretory -path c:\
temp\prem
D:\powershellcsctraining\day1_3.txt:19514:PS C:\> New-Item -type directory -path
c:\temp\prem
D:\powershellcsctraining\day1_3.txt:19522:d---- 7/24/2017 7:49 PM
prem

D:\powershellcsctraining\day1_3.txt:19698:PS C:\> new-item -path c:\temp\prem -name

testfile1.txt -type "file"
D:\powershellcsctraining\day1_3.txt:19701: Directory: C:\temp\prem
D:\powershellcsctraining\day1_3.txt:19836:PS C:\> set-item -path c:\temp\prem\
testfile1.txt value "hello"
D:\powershellcsctraining\day1_3.txt:19839:+ set-item <<<< -path c:\temp\prem\
testfile1.txt value "hello"
D:\powershellcsctraining\day1_3.txt:19844:PS C:\> set-item -path c:\temp\prem\
testfile1.txt -type "file" -value "hello
"
D:\powershellcsctraining\day1_3.txt:19847:+ set-item -path c:\temp\prem\
testfile1.txt -type <<<< "file" -value "hello
"
D:\powershellcsctraining\day1_3.txt:19854:PS C:\> set-item -path c:\temp\prem\
testfile1.txt -value "hello"
D:\powershellcsctraining\day1_3.txt:19857:+ set-item <<<< -path c:\temp\prem\
testfile1.txt -value "hello"
D:\powershellcsctraining\day1_3.txt:19861:PS C:\> set-item -path c:\temp\prem\
testfile1.txt -value c:\windows\notepad.e
xe
D:\powershellcsctraining\day1_3.txt:19864:+ set-item <<<< -path c:\temp\prem\
testfile1.txt -value c:\windows\notepad.e
xe
D:\powershellcsctraining\day1_3.txt:19883:PS C:\> Add-Content -path c:\temp\prem\
testfile1.txt -value "hello"
D:\powershellcsctraining\day1_3.txt:19894:PS C:\> test-path -path "c:\temp\prem"
PS C:\Windows\system32> get-childitem d:\ -include *.txt -Recurse | Select-String -
Pattern "hdfc"

D:\powershellcsctraining\day1_2.txt:17354:-a--- 5/31/2017 9:52 PM

35123 hdfcjognas1it_prodBGJOBSOUTFILES
EM
D:\powershellcsctraining\day1_2.txt:17524:-a--- 5/31/2017 9:52 PM
35123 hdfcjognas1it_prodBGJOBSOUTFILES
EM
D:\powershellcsctraining\day1_3.txt:17354:-a--- 5/31/2017 9:52 PM
35123 hdfcjognas1it_prodBGJOBSOUTFILES
EM
D:\powershellcsctraining\day1_3.txt:17524:-a--- 5/31/2017 9:52 PM
35123 hdfcjognas1it_prodBGJOBSOUTFILES
EM
D:\prembackup\premdata\ddrive\premHYDdata\mydoc\INSURANCE..txt:21:hdfc PWD SPACE
last 4 dightCC 5676712 2 HOURS
D:\prembackup\premdata\ddrive\premHYDdata\mydoc\INSURANCE..txt:27:hdfc 166989 otp
248937 application number tran id no
np2901717551
D:\prembackup\premdata\ddrive\kumaranand.txt:1:[email protected]
D:\prembackup\premdata\Prembackup\loosefiles\ack.txt:6:ifsc code hdfc0000393
D:\prembackup\premdata\Prembackup\loosefiles\hd.txt:16:Anuj Kumar Singh It took 4
hrs only in my case as I have account
in Hdfc, I made rtgs and collected stamps in two hours.
D:\prembackup\premdata\Prembackup\loosefiles\hdfcdemand.txt:1:[email protected]
PS C:\Windows\system32> get-childitem d:\ -include *.* -Recurse | Select-String -
Pattern "hdfc"

D:\lotus insallation\lotus_notes852FP4_win.exe:228031:�#�#VcK��#��r��'��KC�#FW�
‫ף‬gw��3��Y��#�;�HdfC�#:�"p�b�‫݌‬F#�#1%
J�cN�Iq N##‫ �ܖ‬C�#�#b�#�R͈m7��A ��ZH��@�‫ �ڊ‬#z&��b#?w!�S #�Al �#b�#鋘
҅ C�S#�zA�,�Ba��F##��#�%2�<�x1��U��h+��,
�H��
��|LRr�#�p�Σ��1]E
D:\lotus insallation\
lotus_notes852FP4_win.exe:377176:ȉVB#��+М��=hi:`3h#�PN�#�PO�#��#�##�� #2�\
#=�_#��##/#,sa��s�K��
]��_��NC#) �̦ W��#n#�C�na�#!#֪ � � � � � 8o9]�z#�Uqi�e��##�
��#��r�q��Je#Ni�]M��6:q#��-�`D�‫�ݵ‬P��$�#X�HDFC��օ�Z��t
##x�#�L��u�‫ݒ‬.��ޯ��)X#߾r��;D��TLՔP�#!
t�k��+�#7�a#��oO.��#�#�S�$��2�f�.��Y�g-�%��#
�UM#5!lk��#�VY�#bL#I i#
#�R��h��
�#ߒ�T*��"��Ì#u‫��|��א‬an~2��#�zO#
J�kAC��HS#C#��"��9##w�E#Ro##��#�}#�j#�lb�k`&�*B��9 ��
‫ډ‬ #=^#�Y��x�v
##��Q��ƞTj$��7&a��l�h$a�v-�#)�6�#j�w�#�^27E�
PS C:\Windows\system32>

PS C:\Windows\system32> cls
PS C:\Windows\system32> $ a = 1,2,3,4,5
The term '$' is not recognized as the name of a cmdlet, function, script file, or
operable program. Check the spelling
of the name, or if a path was included, verify that the path is correct and try
again.
At line:1 char:2
+ $ <<<< a = 1,2,3,4,5
+ CategoryInfo : ObjectNotFound: ($:String) [],
CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

PS C:\Windows\system32> $a = 1,2,3,4,5
PS C:\Windows\system32> $a.GetType()

IsPublic IsSerial Name BaseType

-------- -------- ---- --------
True True Object[] System.Array

PS C:\Windows\system32> $b=1...5
PS C:\Windows\system32> $b.getype()
Method invocation failed because [System.Object[]] doesn't contain a method named
'getype'.
At line:1 char:10
+ $b.getype <<<< ()
+ CategoryInfo : InvalidOperation: (getype:String) [],
RuntimeException
+ FullyQualifiedErrorId : MethodNotFound

PS C:\Windows\system32> $b = 1...5
PS C:\Windows\system32> $b
1
0
PS C:\Windows\system32> $b.GetType()

IsPublic IsSerial Name BaseType

-------- -------- ---- --------
True True Object[] System.Array

PS C:\Windows\system32> $a
1
2
3
4
5
PS C:\Windows\system32> $b
1
0
PS C:\Windows\system32> $b=1..5
PS C:\Windows\system32> $b
1
2
3
4
5
PS C:\Windows\system32> $server = 'pc1','pc2','pc3'
PS C:\Windows\system32> $server
pc1
pc2
pc3
PS C:\Windows\system32> $var1 = 1,'pc1'
PS C:\Windows\system32> $var1
1
pc1
PS C:\Windows\system32> $var2 = 2, "pc2"
PS C:\Windows\system32> $var2
2
pc2
PS C:\Windows\system32> $ipc.GetType()

IsPublic IsSerial Name BaseType

-------- -------- ---- --------
True True Object[] System.Array

PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32> cls
PS C:\Windows\system32> $list = @{Name = "PC01"; IP="10.10.10.10",User="Tobias"}
Missing expression after ','.
At line:1 char:43
+ $list = @{Name = "PC01"; IP="10.10.10.10", <<<< User="Tobias"}
+ CategoryInfo : ParserError: (,:String) [],
ParentContainsErrorRecordException
+ FullyQualifiedErrorId : MissingExpressionAfterToken

PS C:\Windows\system32> $list = @{Name = "PC01"; IP="10.10.10.10";User="Tobias"}

PS C:\Windows\system32> $list

Name Value
---- -----
Name PC01
IP 10.10.10.10
User Tobias

PS C:\Windows\system32> $myvar = @{Name = "ram"; Marks=20; }

PS C:\Windows\system32> $myvar

Name Value
---- -----
Name ram
Marks 20

PS C:\Windows\system32> $temp = Read-Host = "enter temprature"

= enter temprature:
PS C:\Windows\system32> help *greater*
PS C:\Windows\system32> help Where-Object
PS C:\Windows\system32>
PS C:\Windows\system32> cls
PS C:\Windows\system32> help *$_*
PS C:\Windows\system32> cls
PS C:\Windows\system32> $temp = read-host = "Enter temprature";if ($temp -GT 20 )
{write-host = "Too HOT..."};elseif ($temp -eq 20 ) {write-host = "Average
Temprature..."};else {write-host = "Too COLD..."}
= Enter temprature: 20
The term 'elseif' is not recognized as the name of a cmdlet, function, script file,
or operable program. Check the spel
ling of the name, or if a path was included, verify that the path is correct and
try again.
At line:1 char:93
+ $temp = read-host = "Enter temprature";if ($temp -GT 20 ) {write-host = "Too
HOT..."};elseif <<<< ($temp -eq 20 ) {w
rite-host = "Average Temprature..."};else {write-host = "Too COLD..."}
+ CategoryInfo : ObjectNotFound: (elseif:String) [],
CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

The term 'else' is not recognized as the name of a cmdlet, function, script file,
or operable program. Check the spelli
ng of the name, or if a path was included, verify that the path is correct and try
again.
At line:1 char:153
+ $temp = read-host = "Enter temprature";if ($temp -GT 20 ) {write-host = "Too
HOT..."};elseif ($temp -eq 20 ) {write-h
ost = "Average Temprature..."};else <<<< {write-host = "Too COLD..."}
+ CategoryInfo : ObjectNotFound: (else:String) [],
CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

PS C:\Windows\system32> $temp = read-host = "Enter temprature";if ($temp -GT 20 )

{write-host = "Too HOT..."}; elseif ($temp -eq 20 ) {write-host = "Average
Temprature..."}; else {write-host = "Too COLD..."}
= Enter temprature: 50
= Too HOT...
The term 'elseif' is not recognized as the name of a cmdlet, function, script file,
or operable program. Check the spel
ling of the name, or if a path was included, verify that the path is correct and
try again.
At line:1 char:94
+ $temp = read-host = "Enter temprature";if ($temp -GT 20 ) {write-host = "Too
HOT..."}; elseif <<<< ($temp -eq 20 ) {
write-host = "Average Temprature..."}; else {write-host = "Too COLD..."}
+ CategoryInfo : ObjectNotFound: (elseif:String) [],
CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

The term 'else' is not recognized as the name of a cmdlet, function, script file,
or operable program. Check the spelli
ng of the name, or if a path was included, verify that the path is correct and try
again.
At line:1 char:155
+ $temp = read-host = "Enter temprature";if ($temp -GT 20 ) {write-host = "Too
HOT..."}; elseif ($temp -eq 20 ) {write-
host = "Average Temprature..."}; else <<<< {write-host = "Too COLD..."}
+ CategoryInfo : ObjectNotFound: (else:String) [],
CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

PS C:\Windows\system32> help service

PS C:\Windows\system32> help Start-Service -example
PS C:\Windows\system32> cls
PS C:\Windows\system32> get-service -name spooler

Status Name DisplayName

------ ---- -----------
Running spooler Print Spooler

PS C:\Windows\system32> help Stop-Service | gm

TypeName: System.String

Name MemberType Definition

---- ---------- ----------
Clone Method System.Object Clone()
CompareTo Method int CompareTo(System.Object value), int
CompareTo(string strB)
Contains Method bool Contains(string value)
CopyTo Method System.Void CopyTo(int sourceIndex, char[]
destination, int destinationIndex,...
EndsWith Method bool EndsWith(string value), bool
EndsWith(string value, System.StringCompari...
Equals Method bool Equals(System.Object obj), bool
Equals(string value), bool Equals(string...
GetEnumerator Method System.CharEnumerator GetEnumerator()
GetHashCode Method int GetHashCode()
GetType Method type GetType()
GetTypeCode Method System.TypeCode GetTypeCode()
IndexOf Method int IndexOf(char value), int IndexOf(char
value, int startIndex), int IndexOf...
IndexOfAny Method int IndexOfAny(char[] anyOf), int
IndexOfAny(char[] anyOf, int startIndex), i...
Insert Method string Insert(int startIndex, string value)
IsNormalized Method bool IsNormalized(), bool
IsNormalized(System.Text.NormalizationForm normaliz...
LastIndexOf Method int LastIndexOf(char value), int
LastIndexOf(char value, int startIndex), int...
LastIndexOfAny Method int LastIndexOfAny(char[] anyOf), int
LastIndexOfAny(char[] anyOf, int startI...
Normalize Method string Normalize(), string
Normalize(System.Text.NormalizationForm normalizat...
PadLeft Method string PadLeft(int totalWidth), string
PadLeft(int totalWidth, char paddingChar)
PadRight Method string PadRight(int totalWidth), string
PadRight(int totalWidth, char padding...
Remove Method string Remove(int startIndex, int count),
string Remove(int startIndex)
Replace Method string Replace(char oldChar, char newChar),
string Replace(string oldValue, s...
Split Method string[] Split(Params char[] separator),
string[] Split(char[] separator, int...
StartsWith Method bool StartsWith(string value), bool
StartsWith(string value, System.StringCom...
Substring Method string Substring(int startIndex), string
Substring(int startIndex, int length)
ToCharArray Method char[] ToCharArray(), char[] ToCharArray(int
startIndex, int length)
ToLower Method string ToLower(), string
ToLower(System.Globalization.CultureInfo culture)
ToLowerInvariant Method string ToLowerInvariant()
ToString Method string ToString(), string
ToString(System.IFormatProvider provider)
ToUpper Method string ToUpper(), string
ToUpper(System.Globalization.CultureInfo culture)
ToUpperInvariant Method string ToUpperInvariant()
Trim Method string Trim(Params char[] trimChars), string
Trim()
TrimEnd Method string TrimEnd(Params char[] trimChars)
TrimStart Method string TrimStart(Params char[] trimChars)
Chars ParameterizedProperty char Chars(int index) {get;}
Length Property System.Int32 Length {get;}

PS C:\Windows\system32> help Stop-Service

PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32> help Stop-Service -examples
PS C:\Windows\system32> Stop-Service spooler
Stop-Service : Cannot stop service 'Print Spooler (spooler)' because it has
dependent services. It can only be stopped
if the Force flag is set.
At line:1 char:13
+ Stop-Service <<<< spooler
+ CategoryInfo : InvalidOperation:
(System.ServiceProcess.ServiceController:ServiceController) [Stop-Serv
ice], ServiceCommandException
+ FullyQualifiedErrorId :
ServiceHasDependentServices,Microsoft.PowerShell.Commands.StopServiceCommand

PS C:\Windows\system32> (get-service spooler).stop()

PS C:\Windows\system32> get-service -name spooler

Status Name DisplayName

------ ---- -----------
Stopped spooler Print Spooler
PS C:\Windows\system32> get-service -name spooler

Status Name DisplayName

------ ---- -----------
Stopped spooler Print Spooler

PS C:\Windows\system32> get-service -name spooler

Status Name DisplayName

------ ---- -----------
Stopped spooler Print Spooler

PS C:\Windows\system32> get-service -name spooler

Status Name DisplayName

------ ---- -----------
Stopped spooler Print Spooler

PS C:\Windows\system32> Start-Service -name spooler

PS C:\Windows\system32>

PS C:\Windows\system32> cls
PS C:\Windows\system32> help Get-ChildItem -examples
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32> cls
PS C:\Windows\system32> help *size*
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32>
PS C:\Windows\system32> cls'
>>
>> cls
>> exit
>> q
>> exit
>> dir
>> cls
>> cls
>>

A S Sandhu Book
No ratings yet
A S Sandhu Book
96 pages
Positioning The Battle For Your Mind
0% (2)
Positioning The Battle For Your Mind
1 page
HRT TIB - Final V1.0 EUI EUP
No ratings yet
HRT TIB - Final V1.0 EUI EUP
11 pages
The Indian Succession Act, - (Z-Library)
No ratings yet
The Indian Succession Act, - (Z-Library)
1,613 pages
Previn Double Concerto PDF
No ratings yet
Previn Double Concerto PDF
172 pages
Haruki Murakami - Pinball 1973
0% (1)
Haruki Murakami - Pinball 1973
1,069 pages
RF Online - Bin-Up
No ratings yet
RF Online - Bin-Up
106 pages
Introduction To Aginet ACS
No ratings yet
Introduction To Aginet ACS
301 pages
Text and Binary File-1
No ratings yet
Text and Binary File-1
10 pages
The Lorax Pages 1-50 - Flip PDF Download - FlipHTML5
No ratings yet
The Lorax Pages 1-50 - Flip PDF Download - FlipHTML5
72 pages
Scanning Report 01 December 2010 00:30:30 - 01:11:02: Result: 36 Malware Found
No ratings yet
Scanning Report 01 December 2010 00:30:30 - 01:11:02: Result: 36 Malware Found
27 pages
Fundamentals
No ratings yet
Fundamentals
104 pages
MD 5 Sum
No ratings yet
MD 5 Sum
124 pages
Texture Packs
No ratings yet
Texture Packs
2 pages
Manifest NonUFSFiles Win64
No ratings yet
Manifest NonUFSFiles Win64
3 pages
Feedj 166
No ratings yet
Feedj 166
183 pages
Free PDF To HPGL Converter
No ratings yet
Free PDF To HPGL Converter
2 pages
Navi-Planner 5.09 Data Export
No ratings yet
Navi-Planner 5.09 Data Export
4 pages
SOURCES
No ratings yet
SOURCES
12 pages
00 Project 2A - Resume
No ratings yet
00 Project 2A - Resume
2 pages
Audio-Video-Tag Css
No ratings yet
Audio-Video-Tag Css
2 pages
Formato PPT Linea de Tiempo
No ratings yet
Formato PPT Linea de Tiempo
10 pages
README Zipped Repo
No ratings yet
README Zipped Repo
2 pages
Sextract
No ratings yet
Sextract
3 pages
74 Big TIFF
No ratings yet
74 Big TIFF
1 page
Tutorial Table Splitting in SPUMG or SPUM4
No ratings yet
Tutorial Table Splitting in SPUMG or SPUM4
2 pages
Tutorial 9: Importing and Exporting Data Into Mathematica
No ratings yet
Tutorial 9: Importing and Exporting Data Into Mathematica
2 pages
Drawingscript
No ratings yet
Drawingscript
7 pages
File Explorer File Computer This PC
No ratings yet
File Explorer File Computer This PC
6 pages
p81 Htmltutorial
No ratings yet
p81 Htmltutorial
2 pages
The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life
From Everand
The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life
Mark Manson
4/5 (6458)
Principles: Life and Work
From Everand
Principles: Life and Work
Ray Dalio
4/5 (648)
Never Split the Difference: Negotiating As If Your Life Depended On It
From Everand
Never Split the Difference: Negotiating As If Your Life Depended On It
Chris Voss
4.5/5 (1005)
The Glass Castle: A Memoir
From Everand
The Glass Castle: A Memoir
Jeannette Walls
4.5/5 (1856)
Grit: The Power of Passion and Perseverance
From Everand
Grit: The Power of Passion and Perseverance
Angela Duckworth
4/5 (650)
Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future
From Everand
Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future
Ashlee Vance
4.5/5 (582)
The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You Are
From Everand
The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You Are
Brené Brown
4/5 (1175)
The Emperor of All Maladies: A Biography of Cancer
From Everand
The Emperor of All Maladies: A Biography of Cancer
Siddhartha Mukherjee
4.5/5 (298)
A Man Called Ove: A Novel
From Everand
A Man Called Ove: A Novel
Fredrik Backman
4.5/5 (5181)
The Perks of Being a Wallflower
From Everand
The Perks of Being a Wallflower
Stephen Chbosky
4.5/5 (4103)
The Little Book of Hygge: Danish Secrets to Happy Living
From Everand
The Little Book of Hygge: Danish Secrets to Happy Living
Meik Wiking
3.5/5 (464)
Steve Jobs
From Everand
Steve Jobs
Walter Isaacson
4.5/5 (1139)
Yes Please
From Everand
Yes Please
Amy Poehler
4/5 (2016)
The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers
From Everand
The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers
Ben Horowitz
4.5/5 (361)
Angela's Ashes: A Memoir
From Everand
Angela's Ashes: A Memoir
Frank McCourt
4.5/5 (943)
The Woman in Cabin 10
From Everand
The Woman in Cabin 10
Ruth Ware
3.5/5 (2814)
The Sympathizer: A Novel (Pulitzer Prize for Fiction)
From Everand
The Sympathizer: A Novel (Pulitzer Prize for Fiction)
Viet Thanh Nguyen
4.5/5 (141)
Shoe Dog: A Memoir by the Creator of Nike
From Everand
Shoe Dog: A Memoir by the Creator of Nike
Phil Knight
4.5/5 (629)
The Outsider: A Novel
From Everand
The Outsider: A Novel
Stephen King
4/5 (2886)
Team of Rivals: The Political Genius of Abraham Lincoln
From Everand
Team of Rivals: The Political Genius of Abraham Lincoln
Doris Kearns Goodwin
4.5/5 (244)
The Light Between Oceans: A Novel
From Everand
The Light Between Oceans: A Novel
M.L. Stedman
4.5/5 (815)
Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space Race
From Everand
Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space Race
Margot Lee Shetterly
4/5 (1022)
The Yellow House: A Memoir (2019 National Book Award Winner)
From Everand
The Yellow House: A Memoir (2019 National Book Award Winner)
Sarah M. Broom
4/5 (100)
Fear: Trump in the White House
From Everand
Fear: Trump in the White House
Bob Woodward
3.5/5 (836)
A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True Story
From Everand
A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True Story
Dave Eggers
3.5/5 (233)
The World Is Flat 3.0: A Brief History of the Twenty-first Century
From Everand
The World Is Flat 3.0: A Brief History of the Twenty-first Century
Thomas L. Friedman
3.5/5 (2289)
The Unwinding: An Inner History of the New America
From Everand
The Unwinding: An Inner History of the New America
George Packer
4/5 (45)
Rise of ISIS: A Threat We Can't Ignore
From Everand
Rise of ISIS: A Threat We Can't Ignore
Jay Sekulow
3.5/5 (144)
Little Women
From Everand
Little Women
Louisa May Alcott
4.5/5 (2369)
The Constant Gardener: A Novel
From Everand
The Constant Gardener: A Novel
John le Carré
4/5 (278)
Sing, Unburied, Sing: A Novel
From Everand
Sing, Unburied, Sing: A Novel
Jesmyn Ward
4/5 (1267)
The Art of Racing in the Rain: A Novel
From Everand
The Art of Racing in the Rain: A Novel
Garth Stein
4/5 (4372)
Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New America
From Everand
Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New America
Gilbert King
4.5/5 (280)
Bad Feminist: Essays
From Everand
Bad Feminist: Essays
Roxane Gay
4/5 (1090)
Wolf Hall: A Novel
From Everand
Wolf Hall: A Novel
Hilary Mantel
4/5 (4135)
Her Body and Other Parties: Stories
From Everand
Her Body and Other Parties: Stories
Carmen Maria Machado
4/5 (903)
A Tree Grows in Brooklyn
From Everand
A Tree Grows in Brooklyn
Betty Smith
4.5/5 (2033)
John Adams
From Everand
John Adams
David McCullough
4.5/5 (2546)
On Fire: The (Burning) Case for a Green New Deal
From Everand
On Fire: The (Burning) Case for a Green New Deal
Naomi Klein
4/5 (78)
Manhattan Beach: A Novel
From Everand
Manhattan Beach: A Novel
Jennifer Egan
3.5/5 (919)
Brooklyn: A Novel
From Everand
Brooklyn: A Novel
Colm Tóibín
3.5/5 (2141)

Day2 2

Uploaded by

Day2 2

Uploaded by

**********************

Windows PowerShell Transcript Start

CommandType Name Definition

PS C:\Windows\system32> help Get-Process

PS C:\Windows\system32> get-process | where-object {$_.handles gt >50get-process |

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500}

Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | Export-

PS C:\Windows\system32> help New-Alias -Examples

Mode LastWriteTime Length Name

Mode LastWriteTime Length Name

Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | format-

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | Format-

Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500}

Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | Format-

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} | format-

PS C:\Windows\system32> get-process | where-object {$_.handles -gt 500} |

IsPublic IsSerial Name BaseType

IsPublic IsSerial Name BaseType

IsPublic IsSerial Name BaseType

PS C:\Windows\system32> help *psre*

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

PS C:\Windows\system32> get-childitem d:\ -include *.txt -Recurse | Select-String -

D:\powershellcsctraining\day1_2.txt:4053:-a--s 11/21/2010 1:07 AM

D:\powershellcsctraining\day1_2.txt:17402:-a--- 4/3/2017 5:01 PM

D:\powershellcsctraining\day1_2.txt:17572:-a--- 4/3/2017 5:01 PM

D:\powershellcsctraining\day1_3.txt:4053:-a--s 11/21/2010 1:07 AM

D:\powershellcsctraining\day1_3.txt:17402:-a--- 4/3/2017 5:01 PM

D:\powershellcsctraining\day1_3.txt:17572:-a--- 4/3/2017 5:01 PM

D:\powershellcsctraining\day1_3.txt:19698:PS C:\> new-item -path c:\temp\prem -name

D:\powershellcsctraining\day1_2.txt:17354:-a--- 5/31/2017 9:52 PM

IsPublic IsSerial Name BaseType

IsPublic IsSerial Name BaseType

IsPublic IsSerial Name BaseType

PS C:\Windows\system32> $list = @{Name = "PC01"; IP="10.10.10.10";User="Tobias"}

PS C:\Windows\system32> $myvar = @{Name = "ram"; Marks=20; }

PS C:\Windows\system32> $temp = Read-Host = "enter temprature"

PS C:\Windows\system32> $temp = read-host = "Enter temprature";if ($temp -GT 20 )

PS C:\Windows\system32> help *service*

Status Name DisplayName

PS C:\Windows\system32> help Stop-Service | gm

Name MemberType Definition

PS C:\Windows\system32> help Stop-Service

PS C:\Windows\system32> (get-service spooler).stop()

Status Name DisplayName

Status Name DisplayName

PS C:\Windows\system32> get-service -name spooler

Status Name DisplayName

PS C:\Windows\system32> get-service -name spooler

Status Name DisplayName

PS C:\Windows\system32> Start-Service -name spooler

You might also like

PS C:\Windows\system32> help psre

PS C:\Windows\system32> help service