When you were asked to collect all Windows system information such as list of users, services, software installed and its version, Windows update history etc, you probably want to see these tools:
System Information Collector
pwdump7* ( v7.1 ) (detected as HackTool/Possible Unwanted Application)
FGDump* (detected as HackTool/Possible Unwanted Application)
Offline NT Password & Registry Editor by Petter Nordahl-Hagen (must be done in offline mode/reboot the system)
Note: If you are familiar with reverse engineering, making those HackTool/PUA undetectable is the best choice ?
Using Metasploit and attack your target system. Meterpreter payload contains a lot of user scripts that can be useful to dig system info. I suggest the attack against Internet Explorer since it may not harm the system/service running.
J. Dravet wrote various techniques in order to retrieve the passwords, and of course it depends on your goal, use it wisely.
Good luck ?