Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ############################################################
- ## J.A.W.S. (Just Another Windows Enum Script) ##
- ## ##
- ## https://github.com/411Hall/JAWS ##
- ## ##
- ############################################################
- Windows Version: Microsoft Windows 7 Enterprise
- Architecture: x86
- Hostname: DEVEL
- Current User: Web
- Current Time\Date: 11/30/2017 21:06:09
- -----------------------------------------------------------
- Users
- -----------------------------------------------------------
- ----------
- Username: Administrator
- Groups: Administrators
- ----------
- Username: babis
- Groups: Users
- ----------
- Username: Guest
- Groups: Guests
- -----------------------------------------------------------
- Network Information
- -----------------------------------------------------------
- Windows IP Configuration
- Ethernet adapter Local Area Connection:
- Connection-specific DNS Suffix . :
- IPv4 Address. . . . . . . . . . . : 10.10.10.5
- Subnet Mask . . . . . . . . . . . : 255.255.255.0
- Default Gateway . . . . . . . . . : 10.10.10.2
- Tunnel adapter isatap.{024DBC4C-1BA9-4DFC-8341-2C35AB1DF869}:
- Media State . . . . . . . . . . . : Media disconnected
- Connection-specific DNS Suffix . :
- Tunnel adapter Local Area Connection* 9:
- Media State . . . . . . . . . . . : Media disconnected
- Connection-specific DNS Suffix . :
- -----------------------------------------------------------
- Arp
- -----------------------------------------------------------
- Interface: 10.10.10.5 --- 0xb
- Internet Address Physical Address Type
- 10.10.10.2 00-50-56-aa-a9-cd dynamic
- 10.10.10.255 ff-ff-ff-ff-ff-ff static
- 224.0.0.22 01-00-5e-00-00-16 static
- 224.0.0.252 01-00-5e-00-00-fc static
- -----------------------------------------------------------
- NetStat
- -----------------------------------------------------------
- Active Connections
- Proto Local Address Foreign Address State PID
- TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 1368
- TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
- TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 636
- TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
- TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4
- TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 356
- TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 688
- TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 840
- TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING 452
- TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING 460
- TCP 10.10.10.5:80 10.10.14.22:42624 CLOSE_WAIT 4
- TCP 10.10.10.5:80 10.10.14.22:42916 ESTABLISHED 4
- TCP 10.10.10.5:139 0.0.0.0:0 LISTENING 4
- TCP 10.10.10.5:49187 10.10.14.22:443 CLOSE_WAIT 3024
- TCP 10.10.10.5:49189 10.10.14.22:443 ESTABLISHED 3436
- TCP [::]:21 [::]:0 LISTENING 1368
- TCP [::]:80 [::]:0 LISTENING 4
- TCP [::]:135 [::]:0 LISTENING 636
- TCP [::]:445 [::]:0 LISTENING 4
- TCP [::]:5357 [::]:0 LISTENING 4
- TCP [::]:49152 [::]:0 LISTENING 356
- TCP [::]:49153 [::]:0 LISTENING 688
- TCP [::]:49154 [::]:0 LISTENING 840
- TCP [::]:49155 [::]:0 LISTENING 452
- TCP [::]:49156 [::]:0 LISTENING 460
- UDP 0.0.0.0:3702 *:* 1340
- UDP 0.0.0.0:3702 *:* 1340
- UDP 0.0.0.0:5355 *:* 1052
- UDP 0.0.0.0:54376 *:* 1340
- UDP 10.10.10.5:137 *:* 4
- UDP 10.10.10.5:138 *:* 4
- UDP [::]:3702 *:* 1340
- UDP [::]:3702 *:* 1340
- UDP [::]:54377 *:* 1340
- -----------------------------------------------------------
- Firewall Status
- -----------------------------------------------------------
- Firwall is Enabled
- -----------------------------------------------------------
- FireWall Rules
- -----------------------------------------------------------
- Name LocalPorts ApplicationName
- ---- ---------- ---------------
- File and Printer Sharin...
- PING
- Remote Assistance (TCP-In) * C:\Windows\system32\ms...
- Remote Assistance (RA S... * C:\Windows\system32\ra...
- Core Networking - Dynam... 68 C:\Windows\system32\sv...
- Core Networking - Dynam... 546 C:\Windows\system32\sv...
- Core Networking - Tered... Teredo C:\Windows\system32\sv...
- FTP Server (FTP Traffic... 21 C:\Windows\system32\sv...
- FTP Server Passive (FTP... 1024-65535 C:\Windows\system32\sv...
- FTP Server Secure (FTP ... 990 C:\Windows\system32\sv...
- Network Discovery (LLMN... 5355 C:\Windows\system32\sv...
- Network Discovery (Pub-... 3702 C:\Windows\system32\sv...
- Network Discovery (SSDP... 1900 C:\Windows\system32\sv...
- Network Discovery (WSD-In) 3702 C:\Windows\system32\sv...
- Remote Assistance (DCOM... 135 C:\Windows\system32\sv...
- Remote Assistance (PNRP... 3540 C:\Windows\system32\sv...
- Remote Assistance (SSDP... 2869 C:\Windows\system32\sv...
- Remote Assistance (SSDP... 1900 C:\Windows\system32\sv...
- Core Networking - Desti... System
- Core Networking - Desti... System
- Core Networking - Inter... System
- Core Networking - IPHTT... IPHTTPS System
- Core Networking - IPv6 ... System
- Core Networking - Multi... System
- Core Networking - Multi... System
- Core Networking - Multi... System
- Core Networking - Multi... System
- Core Networking - Neigh... System
- Core Networking - Neigh... System
- Core Networking - Packe... System
- Core Networking - Param... System
- Core Networking - Route... System
- Core Networking - Route... System
- Core Networking - Time ... System
- Network Discovery (NB-D... 138 System
- Network Discovery (NB-N... 137 System
- Network Discovery (UPnP... 2869 System
- Network Discovery (WSD ... 5357 System
- Network Discovery (WSD ... 5358 System
- World Wide Web Services... 80 System
- Core Networking - Multi...
- Core Networking - Multi...
- Core Networking - Multi...
- Core Networking - Multi...
- Core Networking - Neigh...
- Core Networking - Neigh...
- Core Networking - Packe...
- Core Networking - Param...
- Core Networking - Route...
- Core Networking - Route...
- Core Networking - Time ...
- Core Networking - Group... * C:\Windows\system32\ls...
- Remote Assistance (TCP-... * C:\Windows\system32\ms...
- Remote Assistance (RA S... * C:\Windows\system32\ra...
- Core Networking - DNS (... * C:\Windows\system32\sv...
- Core Networking - Dynam... 68 C:\Windows\system32\sv...
- Core Networking - Dynam... 546 C:\Windows\system32\sv...
- Core Networking - Group... * C:\Windows\system32\sv...
- Core Networking - IPHTT... * C:\Windows\system32\sv...
- Core Networking - Tered... * C:\Windows\system32\sv...
- FTP Server (FTP Traffic... 20 C:\Windows\system32\sv...
- FTP Server Secure (FTP ... 989 C:\Windows\system32\sv...
- Network Discovery (LLMN... * C:\Windows\system32\sv...
- Network Discovery (Pub ... * C:\Windows\system32\sv...
- Network Discovery (SSDP... * C:\Windows\system32\sv...
- Network Discovery (UPnP... * C:\Windows\system32\sv...
- Network Discovery (WSD-... * C:\Windows\system32\sv...
- Remote Assistance (PNRP... * C:\Windows\system32\sv...
- Remote Assistance (SSDP... * C:\Windows\system32\sv...
- Remote Assistance (SSDP... * C:\Windows\system32\sv...
- Core Networking - Group... * System
- Core Networking - Inter... System
- Core Networking - IPv6 ... System
- Network Discovery (NB-D... * System
- Network Discovery (NB-N... * System
- Network Discovery (UPnP... * System
- Network Discovery (WSD ... * System
- Network Discovery (WSD ... * System
- -----------------------------------------------------------
- Hosts File Content
- -----------------------------------------------------------
- # Copyright (c) 1993-2009 Microsoft Corp.
- #
- # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
- #
- # This file contains the mappings of IP addresses to host names. Each
- # entry should be kept on an individual line. The IP address should
- # be placed in the first column followed by the corresponding host name.
- # The IP address and the host name should be separated by at least one
- # space.
- #
- # Additionally, comments (such as these) may be inserted on individual
- # lines or following the machine name denoted by a '#' symbol.
- #
- # For example:
- #
- # 102.54.94.97 rhino.acme.com # source server
- # 38.25.63.10 x.acme.com # x client host
- # localhost name resolution is handled within DNS itself.
- # 127.0.0.1 localhost
- # ::1 localhost
- -----------------------------------------------------------
- Processes
- -----------------------------------------------------------
- Name ProcessID Owner CommandLine
- ---- --------- ----- -----------
- 443_shell.exe 3436 Web C:\inetpub\wwwroot\shell\443_shell.exe
- 443_shell.exe 3024 Web C:\inetpub\wwwroot\shell\443_shell.exe
- cmd.exe 3000 Web "cmd.exe" /c C:\inetpub\wwwroot\shell\443_s
- hell.exe
- cmd.exe 2396 Web C:\Windows\system32\cmd.exe
- cmd.exe 2308 Web "cmd.exe" /c C:\inetpub\wwwroot\shell\443_s
- hell.exe
- conhost.exe 2360 Web \??\C:\Windows\system32\conhost.exe
- conhost.exe 3008 Web \??\C:\Windows\system32\conhost.exe
- conhost.exe 2424 Web \??\C:\Windows\system32\conhost.exe
- csrss.exe 368
- csrss.exe 320
- LogonUI.exe 756
- lsass.exe 460
- lsm.exe 468
- powershell.exe 2596 Web powershell.exe -ExecutionPolicy Bypass -Fi
- le .\jaws-enum.ps1 -OutputFilename JAWS-Enu
- m.txt
- SearchIndexer.exe 304
- services.exe 452
- smss.exe 252
- spoolsv.exe 1144
- sppsvc.exe 352
- svchost.exe 688
- svchost.exe 812
- svchost.exe 840
- svchost.exe 964
- svchost.exe 572
- svchost.exe 636
- svchost.exe 664
- svchost.exe 1340
- svchost.exe 1264
- svchost.exe 1180
- svchost.exe 1052
- svchost.exe 1456
- svchost.exe 1368
- System 4
- System Idle Process 0
- w3wp.exe 1428 Web c:\windows\system32\inetsrv\w3wp.exe -ap "W
- eb" -v "v2.0" -l "webengine4.dll" -a \\.\pi
- pe\iisipm7ac81382-8fa6-4c45-861c-0e80b56f8e
- 28 -h "C:\inetpub\temp\apppools\Web.config"
- -w "" -m 0 -t 20
- wininit.exe 356
- winlogon.exe 408
- WmiPrvSE.exe 3988
- -----------------------------------------------------------
- Scheduled Tasks
- -----------------------------------------------------------
- Current System Time: 11/30/2017 21:06:18
- TaskName : \Microsoft\Windows\Active Directory Rights Management Services Cl
- ient\AD RMS Rights Policy Template Management (Automated)
- Run As User : Everyone
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Active Directory Rights Management Services Cl
- ient\AD RMS Rights Policy Template Management (Automated)
- Run As User : Everyone
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Active Directory Rights Management Services Cl
- ient\AD RMS Rights Policy Template Management (Manual)
- Run As User : Everyone
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Autochk\Proxy
- Run As User : LOCAL SERVICE
- Task To Run : %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOpera
- tions
- TaskName : \Microsoft\Windows\Customer Experience Improvement Program\Consol
- idator
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\System32\wsqmcons.exe
- TaskName : \Microsoft\Windows\Customer Experience Improvement Program\Kernel
- CeipTask
- Run As User : LOCAL SERVICE
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Customer Experience Improvement Program\UsbCei
- p
- Run As User : LOCAL SERVICE
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Defrag\ScheduledDefrag
- Run As User : SYSTEM
- Task To Run : %windir%\system32\defrag.exe -c
- TaskName : \Microsoft\Windows\Diagnosis\Scheduled
- Run As User : INTERACTIVE
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosti
- cDataCollector
- Run As User : SYSTEM
- Task To Run : %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSM
- ART
- TaskName : \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosti
- cResolver
- Run As User : Users
- Task To Run : %windir%\system32\DFDWiz.exe
- TaskName : \Microsoft\Windows\Location\Notifications
- Run As User : Authenticated Users
- Task To Run : %windir%\System32\LocationNotifications.exe
- TaskName : \Microsoft\Windows\Maintenance\WinSAT
- Run As User : Administrators
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Media Center\ActivateWindowsSearch
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
- TaskName : \Microsoft\Windows\Media Center\ConfigureInternetTimeService
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
- TaskName : \Microsoft\Windows\Media Center\DispatchRecoveryTasks
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
- TaskName : \Microsoft\Windows\Media Center\ehDRMInit
- Run As User : LOCAL SERVICE
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
- TaskName : \Microsoft\Windows\Media Center\InstallPlayReady
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
- TaskName : \Microsoft\Windows\Media Center\mcupdate
- Run As User : NETWORK SERVICE
- Task To Run : %SystemRoot%\ehome\mcupdate $(Arg0)
- TaskName : \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
- Run As User : SYSTEM
- Task To Run : Multiple actions
- TaskName : \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
- Run As User : NETWORK SERVICE
- Task To Run : Multiple actions
- TaskName : \Microsoft\Windows\Media Center\OCURActivate
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
- TaskName : \Microsoft\Windows\Media Center\OCURDiscovery
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
- TaskName : \Microsoft\Windows\Media Center\PBDADiscovery
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
- TaskName : \Microsoft\Windows\Media Center\PBDADiscoveryW1
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
- TaskName : \Microsoft\Windows\Media Center\PBDADiscoveryW2
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
- TaskName : \Microsoft\Windows\Media Center\PeriodicScanRetry
- Run As User : NETWORK SERVICE
- Task To Run : %windir%\ehome\MCUpdate.exe -pscn 0
- TaskName : \Microsoft\Windows\Media Center\PvrRecoveryTask
- Run As User : NETWORK SERVICE
- Task To Run : Multiple actions
- TaskName : \Microsoft\Windows\Media Center\PvrScheduleTask
- Run As User : NETWORK SERVICE
- Task To Run : Multiple actions
- TaskName : \Microsoft\Windows\Media Center\RecordingRestart
- Run As User : NETWORK SERVICE
- Task To Run : %SystemRoot%\ehome\ehrec /RestartRecording
- TaskName : \Microsoft\Windows\Media Center\RegisterSearch
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
- TaskName : \Microsoft\Windows\Media Center\ReindexSearchRoot
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
- TaskName : \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
- Run As User : NETWORK SERVICE
- Task To Run : Multiple actions
- TaskName : \Microsoft\Windows\Media Center\UpdateRecordPath
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
- TaskName : \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector
- Run As User : Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector
- Run As User : Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\MobilePC\HotStart
- Run As User : Authenticated Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\MUI\LPRemove
- Run As User : SYSTEM
- Task To Run : %windir%\system32\lpremove.exe
- TaskName : \Microsoft\Windows\Multimedia\SystemSoundsService
- Run As User : Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\NetTrace\GatherNetworkInfo
- Run As User : Users
- Task To Run : %windir%\system32\gatherNetworkInfo.vbs
- TaskName : \Microsoft\Windows\Offline Files\Background Synchronization
- Run As User : Authenticated Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Offline Files\Logon Synchronization
- Run As User : Authenticated Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
- Run As User : SYSTEM
- Task To Run : %SystemRoot%\System32\powercfg.exe -energy -auto
- TaskName : \Microsoft\Windows\RAC\RacTask
- Run As User : LOCAL SERVICE
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\RAC\RacTask
- Run As User : LOCAL SERVICE
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Shell\WindowsParentalControls
- Run As User : Authenticated Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Shell\WindowsParentalControlsMigration
- Run As User : SYSTEM
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\SideShow\AutoWake
- Run As User : LOCAL SERVICE
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\SideShow\GadgetManager
- Run As User : Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\SideShow\SessionAgent
- Run As User : Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\SideShow\SystemDataProviders
- Run As User : LOCAL SERVICE
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\SystemRestore\SR
- Run As User : SYSTEM
- Task To Run : %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPC
- reation
- TaskName : \Microsoft\Windows\SystemRestore\SR
- Run As User : SYSTEM
- Task To Run : %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPC
- reation
- TaskName : \Microsoft\Windows\Tcpip\IpAddressConflict1
- Run As User : Users
- Task To Run : %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOff
- endingSystem
- TaskName : \Microsoft\Windows\Tcpip\IpAddressConflict2
- Run As User : Users
- Task To Run : %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDef
- endingSystem
- TaskName : \Microsoft\Windows\TextServicesFramework\MsCtfMonitor
- Run As User : Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\Time Synchronization\SynchronizeTime
- Run As User : LOCAL SERVICE
- Task To Run : %windir%\system32\sc.exe start w32time task_started
- TaskName : \Microsoft\Windows\Windows Error Reporting\QueueReporting
- Run As User : Users
- Task To Run : %windir%\system32\wermgr.exe -queuereporting
- TaskName : \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTy
- peChange
- Run As User : SYSTEM
- Task To Run : %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChang
- e
- TaskName : \Microsoft\Windows\Windows Media Sharing\UpdateLibrary
- Run As User : Authenticated Users
- Task To Run : %ProgramFiles%\Windows Media Player\wmpnscfg.exe" "
- TaskName : \Microsoft\Windows\WindowsBackup\ConfigNotification
- Run As User : LOCAL SERVICE
- Task To Run : %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
- TaskName : \Microsoft\Windows\WindowsColorSystem\Calibration Loader
- Run As User : Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows\WindowsColorSystem\Calibration Loader
- Run As User : Users
- Task To Run : COM handler
- TaskName : \Microsoft\Windows Defender\MP Scheduled Scan
- Run As User : SYSTEM
- Task To Run : c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob
- -WinTask -RestrictPrivilegesScan
- -----------------------------------------------------------
- Services
- -----------------------------------------------------------
- Name DisplayName Status
- ---- ----------- ------
- seclogon Secondary Logon Stopped
- SensrSvc Adaptive Brightness Stopped
- SessionEnv Remote Desktop Configuration Stopped
- SDRSVC Windows Backup Stopped
- RpcLocator Remote Procedure Call (RPC) Locator Stopped
- SCardSvr Smart Card Stopped
- SCPolicySvc Smart Card Removal Policy Stopped
- StiSvc Windows Image Acquisition (WIA) Stopped
- StorSvc Storage Service Stopped
- swprv Microsoft Software Shadow Copy Provider Stopped
- SstpSvc Secure Socket Tunneling Protocol Service Stopped
- SharedAccess Internet Connection Sharing (ICS) Stopped
- ShellHWDetection Shell Hardware Detection Stopped
- SNMPTRAP SNMP Trap Stopped
- RemoteRegistry Remote Registry Stopped
- p2psvc Peer Networking Grouping Stopped
- PcaSvc Program Compatibility Assistant Service Stopped
- PeerDistSvc BranchCache Stopped
- p2pimsvc Peer Networking Identity Manager Stopped
- Netlogon Netlogon Stopped
- Netman Network Connections Stopped
- NetTcpPortSharing Net.Tcp Port Sharing Service Stopped
- RasAuto Remote Access Auto Connection Manager Stopped
- RasMan Remote Access Connection Manager Stopped
- RemoteAccess Routing and Remote Access Stopped
- ProtectedStorage Protected Storage Stopped
- pla Performance Logs & Alerts Stopped
- PNRPsvc Peer Name Resolution Protocol Stopped
- PolicyAgent IPsec Policy Agent Stopped
- WerSvc Windows Error Reporting Service Stopped
- WinHttpAutoProxySvc WinHTTP Web Proxy Auto-Discovery Service Stopped
- WinRM Windows Remote Management (WS-Management) Stopped
- wercplsupport Problem Reports and Solutions Control Panel Support Stopped
- WdiSystemHost Diagnostic System Host Stopped
- WebClient WebClient Stopped
- Wecsvc Windows Event Collector Stopped
- WPDBusEnum Portable Device Enumerator Service Stopped
- wudfsvc Windows Driver Foundation - User-mode Driver Framework Stopped
- WwanSvc WWAN AutoConfig Stopped
- WPCSvc Parental Controls Stopped
- Wlansvc WLAN AutoConfig Stopped
- wmiApSrv WMI Performance Adapter Stopped
- WMPNetworkSvc Windows Media Player Network Sharing Service Stopped
- WcsPlugInService Windows Color System Stopped
- THREADORDER Thread Ordering Server Stopped
- TrustedInstaller Windows Modules Installer Stopped
- UI0Detect Interactive Services Detection Stopped
- TermService Remote Desktop Services Stopped
- TabletInputService Tablet PC Input Service Stopped
- TapiSrv Telephony Stopped
- TBS TPM Base Services Stopped
- W32Time Windows Time Stopped
- wbengine Block Level Backup Engine Service Stopped
- WbioSrvc Windows Biometric Service Stopped
- VSS Volume Shadow Copy Stopped
- UmRdpService Remote Desktop Services UserMode Port Redirector Stopped
- VaultSvc Credential Manager Stopped
- vds Virtual Disk Stopped
- napagent Network Access Protection Agent Stopped
- EFS Encrypting File System (EFS) Stopped
- ehRecvr Windows Media Center Receiver Service Stopped
- ehSched Windows Media Center Scheduler Service Stopped
- defragsvc Disk Defragmenter Stopped
- dot3svc Wired AutoConfig Stopped
- EapHost Extensible Authentication Protocol Stopped
- AeLookupSvc Application Experience Stopped
- FontCache3.0.0.0 Windows Presentation Foundation Font Cache 3.0.0.0 Stopped
- hidserv Human Interface Device Access Stopped
- hkmsvc Health Key and Certificate Management Stopped
- Fax Fax Stopped
- fdPHost Function Discovery Provider Host Stopped
- FontCache Windows Font Cache Service Stopped
- AppMgmt Application Management Stopped
- aspnet_state ASP.NET State Service Stopped
- AxInstSV ActiveX Installer (AxInstSV) Stopped
- ALG Application Layer Gateway Service Stopped
- AppIDSvc Application Identity Stopped
- Appinfo Application Information Stopped
- BDESVC BitLocker Drive Encryption Service Stopped
- CertPropSvc Certificate Propagation Stopped
- clr_optimization_v2.0.50727_32 Microsoft .NET Framework NGEN v2.0.50727_X86 Stopped
- COMSysApp COM+ System Application Stopped
- BITS Background Intelligent Transfer Service Stopped
- Browser Computer Browser Stopped
- bthserv Bluetooth Support Service Stopped
- MSDTC Distributed Transaction Coordinator Stopped
- idsvc Windows CardSpace Stopped
- MSiSCSI Microsoft iSCSI Initiator Service Stopped
- lltdsvc Link-Layer Topology Discovery Mapper Stopped
- KeyIso CNG Key Isolation Stopped
- KtmRm KtmRm for Distributed Transaction Coordinator Stopped
- Mcx2Svc Media Center Extender Service Stopped
- MMCSS Multimedia Class Scheduler Stopped
- IKEEXT IKE and AuthIP IPsec Keying Modules Stopped
- msiserver Windows Installer Stopped
- HomeGroupListener HomeGroup Listener Stopped
- HomeGroupProvider HomeGroup Provider Stopped
- BFE Base Filtering Engine Running
- MpsSvc Windows Firewall Running
- W3SVC World Wide Web Publishing Service Running
- PlugPlay Plug and Play Running
- WdiServiceHost Diagnostic Service Host Running
- lmhosts TCP/IP NetBIOS Helper Running
- LanmanWorkstation Workstation Running
- WAS Windows Process Activation Service Running
- nsi Network Store Interface Service Running
- AppHostSvc Application Host Helper Service Running
- netprofm Network List Service Running
- wscsvc Security Center Running
- wuauserv Windows Update Running
- WSearch Windows Search Running
- NlaSvc Network Location Awareness Running
- Audiosrv Windows Audio Running
- WinDefend Windows Defender Running
- eventlog Windows Event Log Running
- AudioEndpointBuilder Windows Audio Endpoint Builder Running
- Winmgmt Windows Management Instrumentation Running
- sppsvc Software Protection Running
- Spooler Print Spooler Running
- RpcEptMapper RPC Endpoint Mapper Running
- iphlpsvc IP Helper Running
- EventSystem COM+ Event System Running
- sppuinotify SPP Notification Service Running
- FDResPub Function Discovery Resource Publication Running
- gpsvc Group Policy Client Running
- SamSs Security Accounts Manager Running
- Schedule Task Scheduler Running
- RpcSs Remote Procedure Call (RPC) Running
- ftpsvc Microsoft FTP Service Running
- SENS System Event Notification Service Running
- UxSms Desktop Window Manager Session Manager Running
- LanmanServer Server Running
- Dhcp DHCP Client Running
- CryptSvc Cryptographic Services Running
- CscService Offline Files Running
- DcomLaunch DCOM Server Process Launcher Running
- Dnscache DNS Client Running
- DPS Diagnostic Policy Service Running
- ProfSvc User Profile Service Running
- SysMain Superfetch Running
- TrkWks Distributed Link Tracking Client Running
- Power Power Running
- Themes Themes Running
- -----------------------------------------------------------
- Installed Programs
- -----------------------------------------------------------
- -----------------------------------------------------------
- Installed Patches
- -----------------------------------------------------------
- -----------------------------------------------------------
- Program Folders
- -----------------------------------------------------------
- C:\Program Files
- -------------
- Common Files
- DVD Maker
- Internet Explorer
- MSBuild
- Reference Assemblies
- Windows Defender
- Windows Journal
- Windows Mail
- Windows Media Player
- Windows NT
- Windows Photo Viewer
- Windows Portable Devices
- Windows Sidebar
- C:\Program Files (x86)
- -------------------
- -----------------------------------------------------------
- Files with Full Control and Modify Access
- -----------------------------------------------------------
- Failed to read more files
- -----------------------------------------------------------
- Folders with Full Control and Modify Access
- -----------------------------------------------------------
- Failed to read more folders
- Failed to read more folders
- Failed to read more folders
- -----------------------------------------------------------
- Mapped Drives
- -----------------------------------------------------------
- A:
- C:
- D:
- -----------------------------------------------------------
- Unquoted Service Paths
- -----------------------------------------------------------
- -----------------------------------------------------------
- Recent Documents
- -----------------------------------------------------------
- -----------------------------------------------------------
- 10 Last Modified Files in C:\User
- -----------------------------------------------------------
- Directory: C:\Users\Public\Music\Sample Music
- -a--- 14/7/2009 7:52 πμ 4113874 Maid with the Flaxen Hair.mp3
- -a--- 14/7/2009 7:52 πμ 8414449 Kalimba.mp3
- Directory: C:\Users\Public
- d-r-- 14/7/2009 7:53 πμ Documents
- Directory: C:\Users\Public\Recorded TV\Sample Media
- -a--- 14/7/2009 10:20 πμ 9699328 win7_scenic-demoshort_raw.wtv
- Directory: C:\Users
- d-r-- 14/7/2009 10:20 πμ Public
- Directory: C:\Users\Public\Recorded TV
- d-r-- 14/7/2009 10:20 πμ Sample Media
- Directory: C:\Users\Public
- d-r-- 14/7/2009 10:20 πμ Recorded TV
- Directory: C:\Users
- d---- 17/3/2017 4:17 μμ babis
- d---- 18/3/2017 1:06 πμ Classic .NET AppPool
- d---- 18/3/2017 1:16 πμ Administrator
- -----------------------------------------------------------
- MUICache Files
- -----------------------------------------------------------
- -----------------------------------------------------------
- System Files with Passwords
- -----------------------------------------------------------
- -----------------------------------------------------------
- AlwaysInstalledElevated Registry Key
- -----------------------------------------------------------
- -----------------------------------------------------------
- Stored Credentials
- -----------------------------------------------------------
- Currently stored credentials:
- * NONE *
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement