API tools faq
paste
Advertisement
Guest User

JAWS Enumeration Output

a guest
Nov 27th, 2017
2,861
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 43.10 KB | None | 0 0
raw download clone embed print report
  1. ############################################################
  2. ## J.A.W.S. (Just Another Windows Enum Script) ##
  3. ## ##
  4. ## https://github.com/411Hall/JAWS ##
  5. ## ##
  6. ############################################################
  7.  
  8. Windows Version: Microsoft Windows 7 Enterprise
  9. Architecture: x86
  10. Hostname: DEVEL
  11. Current User: Web
  12. Current Time\Date: 11/30/2017 21:06:09
  13.  
  14. -----------------------------------------------------------
  15. Users
  16. -----------------------------------------------------------
  17. ----------
  18. Username: Administrator
  19. Groups: Administrators
  20. ----------
  21. Username: babis
  22. Groups: Users
  23. ----------
  24. Username: Guest
  25. Groups: Guests
  26.  
  27. -----------------------------------------------------------
  28. Network Information
  29. -----------------------------------------------------------
  30.  
  31. Windows IP Configuration
  32.  
  33.  
  34. Ethernet adapter Local Area Connection:
  35.  
  36. Connection-specific DNS Suffix . :
  37. IPv4 Address. . . . . . . . . . . : 10.10.10.5
  38. Subnet Mask . . . . . . . . . . . : 255.255.255.0
  39. Default Gateway . . . . . . . . . : 10.10.10.2
  40.  
  41. Tunnel adapter isatap.{024DBC4C-1BA9-4DFC-8341-2C35AB1DF869}:
  42.  
  43. Media State . . . . . . . . . . . : Media disconnected
  44. Connection-specific DNS Suffix . :
  45.  
  46. Tunnel adapter Local Area Connection* 9:
  47.  
  48. Media State . . . . . . . . . . . : Media disconnected
  49. Connection-specific DNS Suffix . :
  50.  
  51. -----------------------------------------------------------
  52. Arp
  53. -----------------------------------------------------------
  54.  
  55. Interface: 10.10.10.5 --- 0xb
  56. Internet Address Physical Address Type
  57. 10.10.10.2 00-50-56-aa-a9-cd dynamic
  58. 10.10.10.255 ff-ff-ff-ff-ff-ff static
  59. 224.0.0.22 01-00-5e-00-00-16 static
  60. 224.0.0.252 01-00-5e-00-00-fc static
  61.  
  62.  
  63. -----------------------------------------------------------
  64. NetStat
  65. -----------------------------------------------------------
  66.  
  67. Active Connections
  68.  
  69. Proto Local Address Foreign Address State PID
  70. TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 1368
  71. TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
  72. TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 636
  73. TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
  74. TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4
  75. TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 356
  76. TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 688
  77. TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 840
  78. TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING 452
  79. TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING 460
  80. TCP 10.10.10.5:80 10.10.14.22:42624 CLOSE_WAIT 4
  81. TCP 10.10.10.5:80 10.10.14.22:42916 ESTABLISHED 4
  82. TCP 10.10.10.5:139 0.0.0.0:0 LISTENING 4
  83. TCP 10.10.10.5:49187 10.10.14.22:443 CLOSE_WAIT 3024
  84. TCP 10.10.10.5:49189 10.10.14.22:443 ESTABLISHED 3436
  85. TCP [::]:21 [::]:0 LISTENING 1368
  86. TCP [::]:80 [::]:0 LISTENING 4
  87. TCP [::]:135 [::]:0 LISTENING 636
  88. TCP [::]:445 [::]:0 LISTENING 4
  89. TCP [::]:5357 [::]:0 LISTENING 4
  90. TCP [::]:49152 [::]:0 LISTENING 356
  91. TCP [::]:49153 [::]:0 LISTENING 688
  92. TCP [::]:49154 [::]:0 LISTENING 840
  93. TCP [::]:49155 [::]:0 LISTENING 452
  94. TCP [::]:49156 [::]:0 LISTENING 460
  95. UDP 0.0.0.0:3702 *:* 1340
  96. UDP 0.0.0.0:3702 *:* 1340
  97. UDP 0.0.0.0:5355 *:* 1052
  98. UDP 0.0.0.0:54376 *:* 1340
  99. UDP 10.10.10.5:137 *:* 4
  100. UDP 10.10.10.5:138 *:* 4
  101. UDP [::]:3702 *:* 1340
  102. UDP [::]:3702 *:* 1340
  103. UDP [::]:54377 *:* 1340
  104.  
  105.  
  106. -----------------------------------------------------------
  107. Firewall Status
  108. -----------------------------------------------------------
  109.  
  110. Firwall is Enabled
  111.  
  112. -----------------------------------------------------------
  113. FireWall Rules
  114. -----------------------------------------------------------
  115.  
  116. Name LocalPorts ApplicationName
  117. ---- ---------- ---------------
  118. File and Printer Sharin...
  119. PING
  120. Remote Assistance (TCP-In) * C:\Windows\system32\ms...
  121. Remote Assistance (RA S... * C:\Windows\system32\ra...
  122. Core Networking - Dynam... 68 C:\Windows\system32\sv...
  123. Core Networking - Dynam... 546 C:\Windows\system32\sv...
  124. Core Networking - Tered... Teredo C:\Windows\system32\sv...
  125. FTP Server (FTP Traffic... 21 C:\Windows\system32\sv...
  126. FTP Server Passive (FTP... 1024-65535 C:\Windows\system32\sv...
  127. FTP Server Secure (FTP ... 990 C:\Windows\system32\sv...
  128. Network Discovery (LLMN... 5355 C:\Windows\system32\sv...
  129. Network Discovery (Pub-... 3702 C:\Windows\system32\sv...
  130. Network Discovery (SSDP... 1900 C:\Windows\system32\sv...
  131. Network Discovery (WSD-In) 3702 C:\Windows\system32\sv...
  132. Remote Assistance (DCOM... 135 C:\Windows\system32\sv...
  133. Remote Assistance (PNRP... 3540 C:\Windows\system32\sv...
  134. Remote Assistance (SSDP... 2869 C:\Windows\system32\sv...
  135. Remote Assistance (SSDP... 1900 C:\Windows\system32\sv...
  136. Core Networking - Desti... System
  137. Core Networking - Desti... System
  138. Core Networking - Inter... System
  139. Core Networking - IPHTT... IPHTTPS System
  140. Core Networking - IPv6 ... System
  141. Core Networking - Multi... System
  142. Core Networking - Multi... System
  143. Core Networking - Multi... System
  144. Core Networking - Multi... System
  145. Core Networking - Neigh... System
  146. Core Networking - Neigh... System
  147. Core Networking - Packe... System
  148. Core Networking - Param... System
  149. Core Networking - Route... System
  150. Core Networking - Route... System
  151. Core Networking - Time ... System
  152. Network Discovery (NB-D... 138 System
  153. Network Discovery (NB-N... 137 System
  154. Network Discovery (UPnP... 2869 System
  155. Network Discovery (WSD ... 5357 System
  156. Network Discovery (WSD ... 5358 System
  157. World Wide Web Services... 80 System
  158. Core Networking - Multi...
  159. Core Networking - Multi...
  160. Core Networking - Multi...
  161. Core Networking - Multi...
  162. Core Networking - Neigh...
  163. Core Networking - Neigh...
  164. Core Networking - Packe...
  165. Core Networking - Param...
  166. Core Networking - Route...
  167. Core Networking - Route...
  168. Core Networking - Time ...
  169. Core Networking - Group... * C:\Windows\system32\ls...
  170. Remote Assistance (TCP-... * C:\Windows\system32\ms...
  171. Remote Assistance (RA S... * C:\Windows\system32\ra...
  172. Core Networking - DNS (... * C:\Windows\system32\sv...
  173. Core Networking - Dynam... 68 C:\Windows\system32\sv...
  174. Core Networking - Dynam... 546 C:\Windows\system32\sv...
  175. Core Networking - Group... * C:\Windows\system32\sv...
  176. Core Networking - IPHTT... * C:\Windows\system32\sv...
  177. Core Networking - Tered... * C:\Windows\system32\sv...
  178. FTP Server (FTP Traffic... 20 C:\Windows\system32\sv...
  179. FTP Server Secure (FTP ... 989 C:\Windows\system32\sv...
  180. Network Discovery (LLMN... * C:\Windows\system32\sv...
  181. Network Discovery (Pub ... * C:\Windows\system32\sv...
  182. Network Discovery (SSDP... * C:\Windows\system32\sv...
  183. Network Discovery (UPnP... * C:\Windows\system32\sv...
  184. Network Discovery (WSD-... * C:\Windows\system32\sv...
  185. Remote Assistance (PNRP... * C:\Windows\system32\sv...
  186. Remote Assistance (SSDP... * C:\Windows\system32\sv...
  187. Remote Assistance (SSDP... * C:\Windows\system32\sv...
  188. Core Networking - Group... * System
  189. Core Networking - Inter... System
  190. Core Networking - IPv6 ... System
  191. Network Discovery (NB-D... * System
  192. Network Discovery (NB-N... * System
  193. Network Discovery (UPnP... * System
  194. Network Discovery (WSD ... * System
  195. Network Discovery (WSD ... * System
  196.  
  197.  
  198. -----------------------------------------------------------
  199. Hosts File Content
  200. -----------------------------------------------------------
  201.  
  202. # Copyright (c) 1993-2009 Microsoft Corp.
  203. #
  204. # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
  205. #
  206. # This file contains the mappings of IP addresses to host names. Each
  207. # entry should be kept on an individual line. The IP address should
  208. # be placed in the first column followed by the corresponding host name.
  209. # The IP address and the host name should be separated by at least one
  210. # space.
  211. #
  212. # Additionally, comments (such as these) may be inserted on individual
  213. # lines or following the machine name denoted by a '#' symbol.
  214. #
  215. # For example:
  216. #
  217. # 102.54.94.97 rhino.acme.com # source server
  218. # 38.25.63.10 x.acme.com # x client host
  219.  
  220. # localhost name resolution is handled within DNS itself.
  221. # 127.0.0.1 localhost
  222. # ::1 localhost
  223.  
  224.  
  225. -----------------------------------------------------------
  226. Processes
  227. -----------------------------------------------------------
  228.  
  229. Name ProcessID Owner CommandLine
  230. ---- --------- ----- -----------
  231. 443_shell.exe 3436 Web C:\inetpub\wwwroot\shell\443_shell.exe
  232. 443_shell.exe 3024 Web C:\inetpub\wwwroot\shell\443_shell.exe
  233. cmd.exe 3000 Web "cmd.exe" /c C:\inetpub\wwwroot\shell\443_s
  234. hell.exe
  235. cmd.exe 2396 Web C:\Windows\system32\cmd.exe
  236. cmd.exe 2308 Web "cmd.exe" /c C:\inetpub\wwwroot\shell\443_s
  237. hell.exe
  238. conhost.exe 2360 Web \??\C:\Windows\system32\conhost.exe
  239. conhost.exe 3008 Web \??\C:\Windows\system32\conhost.exe
  240. conhost.exe 2424 Web \??\C:\Windows\system32\conhost.exe
  241. csrss.exe 368
  242. csrss.exe 320
  243. LogonUI.exe 756
  244. lsass.exe 460
  245. lsm.exe 468
  246. powershell.exe 2596 Web powershell.exe -ExecutionPolicy Bypass -Fi
  247. le .\jaws-enum.ps1 -OutputFilename JAWS-Enu
  248. m.txt
  249. SearchIndexer.exe 304
  250. services.exe 452
  251. smss.exe 252
  252. spoolsv.exe 1144
  253. sppsvc.exe 352
  254. svchost.exe 688
  255. svchost.exe 812
  256. svchost.exe 840
  257. svchost.exe 964
  258. svchost.exe 572
  259. svchost.exe 636
  260. svchost.exe 664
  261. svchost.exe 1340
  262. svchost.exe 1264
  263. svchost.exe 1180
  264. svchost.exe 1052
  265. svchost.exe 1456
  266. svchost.exe 1368
  267. System 4
  268. System Idle Process 0
  269. w3wp.exe 1428 Web c:\windows\system32\inetsrv\w3wp.exe -ap "W
  270. eb" -v "v2.0" -l "webengine4.dll" -a \\.\pi
  271. pe\iisipm7ac81382-8fa6-4c45-861c-0e80b56f8e
  272. 28 -h "C:\inetpub\temp\apppools\Web.config"
  273. -w "" -m 0 -t 20
  274. wininit.exe 356
  275. winlogon.exe 408
  276. WmiPrvSE.exe 3988
  277.  
  278.  
  279.  
  280. -----------------------------------------------------------
  281. Scheduled Tasks
  282. -----------------------------------------------------------
  283. Current System Time: 11/30/2017 21:06:18
  284.  
  285. TaskName : \Microsoft\Windows\Active Directory Rights Management Services Cl
  286. ient\AD RMS Rights Policy Template Management (Automated)
  287. Run As User : Everyone
  288. Task To Run : COM handler
  289.  
  290. TaskName : \Microsoft\Windows\Active Directory Rights Management Services Cl
  291. ient\AD RMS Rights Policy Template Management (Automated)
  292. Run As User : Everyone
  293. Task To Run : COM handler
  294.  
  295. TaskName : \Microsoft\Windows\Active Directory Rights Management Services Cl
  296. ient\AD RMS Rights Policy Template Management (Manual)
  297. Run As User : Everyone
  298. Task To Run : COM handler
  299.  
  300. TaskName : \Microsoft\Windows\Autochk\Proxy
  301. Run As User : LOCAL SERVICE
  302. Task To Run : %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOpera
  303. tions
  304.  
  305. TaskName : \Microsoft\Windows\Customer Experience Improvement Program\Consol
  306. idator
  307. Run As User : SYSTEM
  308. Task To Run : %SystemRoot%\System32\wsqmcons.exe
  309.  
  310. TaskName : \Microsoft\Windows\Customer Experience Improvement Program\Kernel
  311. CeipTask
  312. Run As User : LOCAL SERVICE
  313. Task To Run : COM handler
  314.  
  315. TaskName : \Microsoft\Windows\Customer Experience Improvement Program\UsbCei
  316. p
  317. Run As User : LOCAL SERVICE
  318. Task To Run : COM handler
  319.  
  320. TaskName : \Microsoft\Windows\Defrag\ScheduledDefrag
  321. Run As User : SYSTEM
  322. Task To Run : %windir%\system32\defrag.exe -c
  323.  
  324. TaskName : \Microsoft\Windows\Diagnosis\Scheduled
  325. Run As User : INTERACTIVE
  326. Task To Run : COM handler
  327.  
  328. TaskName : \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosti
  329. cDataCollector
  330. Run As User : SYSTEM
  331. Task To Run : %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSM
  332. ART
  333.  
  334. TaskName : \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosti
  335. cResolver
  336. Run As User : Users
  337. Task To Run : %windir%\system32\DFDWiz.exe
  338.  
  339. TaskName : \Microsoft\Windows\Location\Notifications
  340. Run As User : Authenticated Users
  341. Task To Run : %windir%\System32\LocationNotifications.exe
  342.  
  343. TaskName : \Microsoft\Windows\Maintenance\WinSAT
  344. Run As User : Administrators
  345. Task To Run : COM handler
  346.  
  347. TaskName : \Microsoft\Windows\Media Center\ActivateWindowsSearch
  348. Run As User : SYSTEM
  349. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
  350.  
  351. TaskName : \Microsoft\Windows\Media Center\ConfigureInternetTimeService
  352. Run As User : SYSTEM
  353. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
  354.  
  355. TaskName : \Microsoft\Windows\Media Center\DispatchRecoveryTasks
  356. Run As User : SYSTEM
  357. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
  358.  
  359. TaskName : \Microsoft\Windows\Media Center\ehDRMInit
  360. Run As User : LOCAL SERVICE
  361. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
  362.  
  363. TaskName : \Microsoft\Windows\Media Center\InstallPlayReady
  364. Run As User : SYSTEM
  365. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
  366.  
  367. TaskName : \Microsoft\Windows\Media Center\mcupdate
  368. Run As User : NETWORK SERVICE
  369. Task To Run : %SystemRoot%\ehome\mcupdate $(Arg0)
  370.  
  371. TaskName : \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
  372. Run As User : SYSTEM
  373. Task To Run : Multiple actions
  374.  
  375. TaskName : \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
  376. Run As User : NETWORK SERVICE
  377. Task To Run : Multiple actions
  378.  
  379. TaskName : \Microsoft\Windows\Media Center\OCURActivate
  380. Run As User : SYSTEM
  381. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
  382.  
  383. TaskName : \Microsoft\Windows\Media Center\OCURDiscovery
  384. Run As User : SYSTEM
  385. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
  386.  
  387. TaskName : \Microsoft\Windows\Media Center\PBDADiscovery
  388. Run As User : SYSTEM
  389. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
  390.  
  391. TaskName : \Microsoft\Windows\Media Center\PBDADiscoveryW1
  392. Run As User : SYSTEM
  393. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
  394.  
  395. TaskName : \Microsoft\Windows\Media Center\PBDADiscoveryW2
  396. Run As User : SYSTEM
  397. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
  398.  
  399. TaskName : \Microsoft\Windows\Media Center\PeriodicScanRetry
  400. Run As User : NETWORK SERVICE
  401. Task To Run : %windir%\ehome\MCUpdate.exe -pscn 0
  402.  
  403. TaskName : \Microsoft\Windows\Media Center\PvrRecoveryTask
  404. Run As User : NETWORK SERVICE
  405. Task To Run : Multiple actions
  406.  
  407. TaskName : \Microsoft\Windows\Media Center\PvrScheduleTask
  408. Run As User : NETWORK SERVICE
  409. Task To Run : Multiple actions
  410.  
  411. TaskName : \Microsoft\Windows\Media Center\RecordingRestart
  412. Run As User : NETWORK SERVICE
  413. Task To Run : %SystemRoot%\ehome\ehrec /RestartRecording
  414.  
  415. TaskName : \Microsoft\Windows\Media Center\RegisterSearch
  416. Run As User : SYSTEM
  417. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
  418.  
  419. TaskName : \Microsoft\Windows\Media Center\ReindexSearchRoot
  420. Run As User : SYSTEM
  421. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
  422.  
  423. TaskName : \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
  424. Run As User : NETWORK SERVICE
  425. Task To Run : Multiple actions
  426.  
  427. TaskName : \Microsoft\Windows\Media Center\UpdateRecordPath
  428. Run As User : SYSTEM
  429. Task To Run : %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
  430.  
  431. TaskName : \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector
  432. Run As User : Users
  433. Task To Run : COM handler
  434.  
  435. TaskName : \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector
  436. Run As User : Users
  437. Task To Run : COM handler
  438.  
  439. TaskName : \Microsoft\Windows\MobilePC\HotStart
  440. Run As User : Authenticated Users
  441. Task To Run : COM handler
  442.  
  443. TaskName : \Microsoft\Windows\MUI\LPRemove
  444. Run As User : SYSTEM
  445. Task To Run : %windir%\system32\lpremove.exe
  446.  
  447. TaskName : \Microsoft\Windows\Multimedia\SystemSoundsService
  448. Run As User : Users
  449. Task To Run : COM handler
  450.  
  451. TaskName : \Microsoft\Windows\NetTrace\GatherNetworkInfo
  452. Run As User : Users
  453. Task To Run : %windir%\system32\gatherNetworkInfo.vbs
  454.  
  455. TaskName : \Microsoft\Windows\Offline Files\Background Synchronization
  456. Run As User : Authenticated Users
  457. Task To Run : COM handler
  458.  
  459. TaskName : \Microsoft\Windows\Offline Files\Logon Synchronization
  460. Run As User : Authenticated Users
  461. Task To Run : COM handler
  462.  
  463. TaskName : \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
  464. Run As User : SYSTEM
  465. Task To Run : %SystemRoot%\System32\powercfg.exe -energy -auto
  466.  
  467. TaskName : \Microsoft\Windows\RAC\RacTask
  468. Run As User : LOCAL SERVICE
  469. Task To Run : COM handler
  470.  
  471. TaskName : \Microsoft\Windows\RAC\RacTask
  472. Run As User : LOCAL SERVICE
  473. Task To Run : COM handler
  474.  
  475. TaskName : \Microsoft\Windows\Shell\WindowsParentalControls
  476. Run As User : Authenticated Users
  477. Task To Run : COM handler
  478.  
  479. TaskName : \Microsoft\Windows\Shell\WindowsParentalControlsMigration
  480. Run As User : SYSTEM
  481. Task To Run : COM handler
  482.  
  483. TaskName : \Microsoft\Windows\SideShow\AutoWake
  484. Run As User : LOCAL SERVICE
  485. Task To Run : COM handler
  486.  
  487. TaskName : \Microsoft\Windows\SideShow\GadgetManager
  488. Run As User : Users
  489. Task To Run : COM handler
  490.  
  491. TaskName : \Microsoft\Windows\SideShow\SessionAgent
  492. Run As User : Users
  493. Task To Run : COM handler
  494.  
  495. TaskName : \Microsoft\Windows\SideShow\SystemDataProviders
  496. Run As User : LOCAL SERVICE
  497. Task To Run : COM handler
  498.  
  499. TaskName : \Microsoft\Windows\SystemRestore\SR
  500. Run As User : SYSTEM
  501. Task To Run : %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPC
  502. reation
  503.  
  504. TaskName : \Microsoft\Windows\SystemRestore\SR
  505. Run As User : SYSTEM
  506. Task To Run : %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPC
  507. reation
  508.  
  509. TaskName : \Microsoft\Windows\Tcpip\IpAddressConflict1
  510. Run As User : Users
  511. Task To Run : %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOff
  512. endingSystem
  513.  
  514. TaskName : \Microsoft\Windows\Tcpip\IpAddressConflict2
  515. Run As User : Users
  516. Task To Run : %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDef
  517. endingSystem
  518.  
  519. TaskName : \Microsoft\Windows\TextServicesFramework\MsCtfMonitor
  520. Run As User : Users
  521. Task To Run : COM handler
  522.  
  523. TaskName : \Microsoft\Windows\Time Synchronization\SynchronizeTime
  524. Run As User : LOCAL SERVICE
  525. Task To Run : %windir%\system32\sc.exe start w32time task_started
  526.  
  527. TaskName : \Microsoft\Windows\Windows Error Reporting\QueueReporting
  528. Run As User : Users
  529. Task To Run : %windir%\system32\wermgr.exe -queuereporting
  530.  
  531. TaskName : \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTy
  532. peChange
  533. Run As User : SYSTEM
  534. Task To Run : %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChang
  535. e
  536.  
  537. TaskName : \Microsoft\Windows\Windows Media Sharing\UpdateLibrary
  538. Run As User : Authenticated Users
  539. Task To Run : %ProgramFiles%\Windows Media Player\wmpnscfg.exe" "
  540.  
  541. TaskName : \Microsoft\Windows\WindowsBackup\ConfigNotification
  542. Run As User : LOCAL SERVICE
  543. Task To Run : %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
  544.  
  545. TaskName : \Microsoft\Windows\WindowsColorSystem\Calibration Loader
  546. Run As User : Users
  547. Task To Run : COM handler
  548.  
  549. TaskName : \Microsoft\Windows\WindowsColorSystem\Calibration Loader
  550. Run As User : Users
  551. Task To Run : COM handler
  552.  
  553. TaskName : \Microsoft\Windows Defender\MP Scheduled Scan
  554. Run As User : SYSTEM
  555. Task To Run : c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob
  556. -WinTask -RestrictPrivilegesScan
  557.  
  558.  
  559.  
  560.  
  561. -----------------------------------------------------------
  562. Services
  563. -----------------------------------------------------------
  564.  
  565. Name DisplayName Status
  566. ---- ----------- ------
  567. seclogon Secondary Logon Stopped
  568. SensrSvc Adaptive Brightness Stopped
  569. SessionEnv Remote Desktop Configuration Stopped
  570. SDRSVC Windows Backup Stopped
  571. RpcLocator Remote Procedure Call (RPC) Locator Stopped
  572. SCardSvr Smart Card Stopped
  573. SCPolicySvc Smart Card Removal Policy Stopped
  574. StiSvc Windows Image Acquisition (WIA) Stopped
  575. StorSvc Storage Service Stopped
  576. swprv Microsoft Software Shadow Copy Provider Stopped
  577. SstpSvc Secure Socket Tunneling Protocol Service Stopped
  578. SharedAccess Internet Connection Sharing (ICS) Stopped
  579. ShellHWDetection Shell Hardware Detection Stopped
  580. SNMPTRAP SNMP Trap Stopped
  581. RemoteRegistry Remote Registry Stopped
  582. p2psvc Peer Networking Grouping Stopped
  583. PcaSvc Program Compatibility Assistant Service Stopped
  584. PeerDistSvc BranchCache Stopped
  585. p2pimsvc Peer Networking Identity Manager Stopped
  586. Netlogon Netlogon Stopped
  587. Netman Network Connections Stopped
  588. NetTcpPortSharing Net.Tcp Port Sharing Service Stopped
  589. RasAuto Remote Access Auto Connection Manager Stopped
  590. RasMan Remote Access Connection Manager Stopped
  591. RemoteAccess Routing and Remote Access Stopped
  592. ProtectedStorage Protected Storage Stopped
  593. pla Performance Logs & Alerts Stopped
  594. PNRPsvc Peer Name Resolution Protocol Stopped
  595. PolicyAgent IPsec Policy Agent Stopped
  596. WerSvc Windows Error Reporting Service Stopped
  597. WinHttpAutoProxySvc WinHTTP Web Proxy Auto-Discovery Service Stopped
  598. WinRM Windows Remote Management (WS-Management) Stopped
  599. wercplsupport Problem Reports and Solutions Control Panel Support Stopped
  600. WdiSystemHost Diagnostic System Host Stopped
  601. WebClient WebClient Stopped
  602. Wecsvc Windows Event Collector Stopped
  603. WPDBusEnum Portable Device Enumerator Service Stopped
  604. wudfsvc Windows Driver Foundation - User-mode Driver Framework Stopped
  605. WwanSvc WWAN AutoConfig Stopped
  606. WPCSvc Parental Controls Stopped
  607. Wlansvc WLAN AutoConfig Stopped
  608. wmiApSrv WMI Performance Adapter Stopped
  609. WMPNetworkSvc Windows Media Player Network Sharing Service Stopped
  610. WcsPlugInService Windows Color System Stopped
  611. THREADORDER Thread Ordering Server Stopped
  612. TrustedInstaller Windows Modules Installer Stopped
  613. UI0Detect Interactive Services Detection Stopped
  614. TermService Remote Desktop Services Stopped
  615. TabletInputService Tablet PC Input Service Stopped
  616. TapiSrv Telephony Stopped
  617. TBS TPM Base Services Stopped
  618. W32Time Windows Time Stopped
  619. wbengine Block Level Backup Engine Service Stopped
  620. WbioSrvc Windows Biometric Service Stopped
  621. VSS Volume Shadow Copy Stopped
  622. UmRdpService Remote Desktop Services UserMode Port Redirector Stopped
  623. VaultSvc Credential Manager Stopped
  624. vds Virtual Disk Stopped
  625. napagent Network Access Protection Agent Stopped
  626. EFS Encrypting File System (EFS) Stopped
  627. ehRecvr Windows Media Center Receiver Service Stopped
  628. ehSched Windows Media Center Scheduler Service Stopped
  629. defragsvc Disk Defragmenter Stopped
  630. dot3svc Wired AutoConfig Stopped
  631. EapHost Extensible Authentication Protocol Stopped
  632. AeLookupSvc Application Experience Stopped
  633. FontCache3.0.0.0 Windows Presentation Foundation Font Cache 3.0.0.0 Stopped
  634. hidserv Human Interface Device Access Stopped
  635. hkmsvc Health Key and Certificate Management Stopped
  636. Fax Fax Stopped
  637. fdPHost Function Discovery Provider Host Stopped
  638. FontCache Windows Font Cache Service Stopped
  639. AppMgmt Application Management Stopped
  640. aspnet_state ASP.NET State Service Stopped
  641. AxInstSV ActiveX Installer (AxInstSV) Stopped
  642. ALG Application Layer Gateway Service Stopped
  643. AppIDSvc Application Identity Stopped
  644. Appinfo Application Information Stopped
  645. BDESVC BitLocker Drive Encryption Service Stopped
  646. CertPropSvc Certificate Propagation Stopped
  647. clr_optimization_v2.0.50727_32 Microsoft .NET Framework NGEN v2.0.50727_X86 Stopped
  648. COMSysApp COM+ System Application Stopped
  649. BITS Background Intelligent Transfer Service Stopped
  650. Browser Computer Browser Stopped
  651. bthserv Bluetooth Support Service Stopped
  652. MSDTC Distributed Transaction Coordinator Stopped
  653. idsvc Windows CardSpace Stopped
  654. MSiSCSI Microsoft iSCSI Initiator Service Stopped
  655. lltdsvc Link-Layer Topology Discovery Mapper Stopped
  656. KeyIso CNG Key Isolation Stopped
  657. KtmRm KtmRm for Distributed Transaction Coordinator Stopped
  658. Mcx2Svc Media Center Extender Service Stopped
  659. MMCSS Multimedia Class Scheduler Stopped
  660. IKEEXT IKE and AuthIP IPsec Keying Modules Stopped
  661. msiserver Windows Installer Stopped
  662. HomeGroupListener HomeGroup Listener Stopped
  663. HomeGroupProvider HomeGroup Provider Stopped
  664. BFE Base Filtering Engine Running
  665. MpsSvc Windows Firewall Running
  666. W3SVC World Wide Web Publishing Service Running
  667. PlugPlay Plug and Play Running
  668. WdiServiceHost Diagnostic Service Host Running
  669. lmhosts TCP/IP NetBIOS Helper Running
  670. LanmanWorkstation Workstation Running
  671. WAS Windows Process Activation Service Running
  672. nsi Network Store Interface Service Running
  673. AppHostSvc Application Host Helper Service Running
  674. netprofm Network List Service Running
  675. wscsvc Security Center Running
  676. wuauserv Windows Update Running
  677. WSearch Windows Search Running
  678. NlaSvc Network Location Awareness Running
  679. Audiosrv Windows Audio Running
  680. WinDefend Windows Defender Running
  681. eventlog Windows Event Log Running
  682. AudioEndpointBuilder Windows Audio Endpoint Builder Running
  683. Winmgmt Windows Management Instrumentation Running
  684. sppsvc Software Protection Running
  685. Spooler Print Spooler Running
  686. RpcEptMapper RPC Endpoint Mapper Running
  687. iphlpsvc IP Helper Running
  688. EventSystem COM+ Event System Running
  689. sppuinotify SPP Notification Service Running
  690. FDResPub Function Discovery Resource Publication Running
  691. gpsvc Group Policy Client Running
  692. SamSs Security Accounts Manager Running
  693. Schedule Task Scheduler Running
  694. RpcSs Remote Procedure Call (RPC) Running
  695. ftpsvc Microsoft FTP Service Running
  696. SENS System Event Notification Service Running
  697. UxSms Desktop Window Manager Session Manager Running
  698. LanmanServer Server Running
  699. Dhcp DHCP Client Running
  700. CryptSvc Cryptographic Services Running
  701. CscService Offline Files Running
  702. DcomLaunch DCOM Server Process Launcher Running
  703. Dnscache DNS Client Running
  704. DPS Diagnostic Policy Service Running
  705. ProfSvc User Profile Service Running
  706. SysMain Superfetch Running
  707. TrkWks Distributed Link Tracking Client Running
  708. Power Power Running
  709. Themes Themes Running
  710.  
  711.  
  712.  
  713.  
  714. -----------------------------------------------------------
  715. Installed Programs
  716. -----------------------------------------------------------
  717.  
  718. -----------------------------------------------------------
  719. Installed Patches
  720. -----------------------------------------------------------
  721.  
  722. -----------------------------------------------------------
  723. Program Folders
  724. -----------------------------------------------------------
  725.  
  726.  
  727. C:\Program Files
  728. -------------
  729. Common Files
  730. DVD Maker
  731. Internet Explorer
  732. MSBuild
  733. Reference Assemblies
  734. Windows Defender
  735. Windows Journal
  736. Windows Mail
  737. Windows Media Player
  738. Windows NT
  739. Windows Photo Viewer
  740. Windows Portable Devices
  741. Windows Sidebar
  742.  
  743.  
  744. C:\Program Files (x86)
  745. -------------------
  746. -----------------------------------------------------------
  747. Files with Full Control and Modify Access
  748. -----------------------------------------------------------
  749.  
  750. Failed to read more files
  751. -----------------------------------------------------------
  752. Folders with Full Control and Modify Access
  753. -----------------------------------------------------------
  754.  
  755. Failed to read more folders
  756.  
  757. Failed to read more folders
  758.  
  759. Failed to read more folders
  760.  
  761. -----------------------------------------------------------
  762. Mapped Drives
  763. -----------------------------------------------------------
  764.  
  765. A:
  766. C:
  767. D:
  768.  
  769.  
  770. -----------------------------------------------------------
  771. Unquoted Service Paths
  772. -----------------------------------------------------------
  773.  
  774. -----------------------------------------------------------
  775. Recent Documents
  776. -----------------------------------------------------------
  777.  
  778. -----------------------------------------------------------
  779. 10 Last Modified Files in C:\User
  780. -----------------------------------------------------------
  781.  
  782.  
  783. Directory: C:\Users\Public\Music\Sample Music
  784.  
  785.  
  786. -a--- 14/7/2009 7:52 πμ 4113874 Maid with the Flaxen Hair.mp3
  787. -a--- 14/7/2009 7:52 πμ 8414449 Kalimba.mp3
  788.  
  789.  
  790. Directory: C:\Users\Public
  791.  
  792.  
  793. d-r-- 14/7/2009 7:53 πμ Documents
  794.  
  795.  
  796. Directory: C:\Users\Public\Recorded TV\Sample Media
  797.  
  798.  
  799. -a--- 14/7/2009 10:20 πμ 9699328 win7_scenic-demoshort_raw.wtv
  800.  
  801.  
  802. Directory: C:\Users
  803.  
  804.  
  805. d-r-- 14/7/2009 10:20 πμ Public
  806.  
  807.  
  808. Directory: C:\Users\Public\Recorded TV
  809.  
  810.  
  811. d-r-- 14/7/2009 10:20 πμ Sample Media
  812.  
  813.  
  814. Directory: C:\Users\Public
  815.  
  816.  
  817. d-r-- 14/7/2009 10:20 πμ Recorded TV
  818.  
  819.  
  820. Directory: C:\Users
  821.  
  822.  
  823. d---- 17/3/2017 4:17 μμ babis
  824. d---- 18/3/2017 1:06 πμ Classic .NET AppPool
  825. d---- 18/3/2017 1:16 πμ Administrator
  826.  
  827.  
  828.  
  829. -----------------------------------------------------------
  830. MUICache Files
  831. -----------------------------------------------------------
  832.  
  833.  
  834. -----------------------------------------------------------
  835. System Files with Passwords
  836. -----------------------------------------------------------
  837.  
  838. -----------------------------------------------------------
  839. AlwaysInstalledElevated Registry Key
  840. -----------------------------------------------------------
  841.  
  842. -----------------------------------------------------------
  843. Stored Credentials
  844. -----------------------------------------------------------
  845.  
  846. Currently stored credentials:
  847.  
  848. * NONE *
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!