he.txt
|
[+] Invoke-HostEnum
[+] STARTTIME: 20180923_103343 [+] PID: 6680 [+] Host Summary HOSTNAME : WS16 OS : Microsoft Windows Server 2016 Standard ARCHITECTURE : 64-bit DATE(UTC) : 20180923103343 DATE(LOCAL) : 20180923123343+02 INSTALLDATE : 20180728154236.000000+120 UPTIME : 0 Days, 0 Hours, 32 Minutes, 31 Seconds IPADDRESSES : fe80::a8a4:6d92:2ee2:886f%3, fe80::2003:1255:3f57:fe93%14, 192.168.1.108, 2001:0:5ef5:79fd:2003:1255:3f57:fe93 DOMAIN : WORKGROUP USERNAME : Administrator LOGONSERVER : \\WS16 PSVERSION : 5.1.14393.2485 PSCOMPATIBLEVERSIONS : 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.14393.2485 PSSCRIPTBLOCKLOGGING : Disabled PSTRANSCRIPTION : Disabled PSTRANSCRIPTIONDIR : PSMODULELOGGING : Disabled LSASSPROTECTION : Disabled LAPS : Disabled UAC : Enabled UACTOKENFILTERING : Enabled UACFILTERADMINTOKEN : Disabled HIGHINTEGRITY : True [+] Running Processes Id Name Owner Path -- ---- ----- ---- 0 Idle 4 System 100 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 124 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 340 smss SYSTEM 388 svchost LOCAL SERVICE C:\Windows\system32\svchost.exe 436 vmacthlp SYSTEM C:\Program Files\VMware\VMware Tools\vmacthlp.exe 460 csrss SYSTEM 548 wininit SYSTEM 556 csrss SYSTEM 632 winlogon SYSTEM C:\Windows\system32\winlogon.exe 688 services SYSTEM 696 lsass SYSTEM C:\Windows\system32\lsass.exe 796 svchost SYSTEM C:\Windows\system32\svchost.exe 856 svchost NETWORK SERVICE C:\Windows\system32\svchost.exe 952 dwm DWM-1 C:\Windows\system32\dwm.exe 1012 svchost LOCAL SERVICE C:\Windows\System32\svchost.exe 1020 svchost SYSTEM C:\Windows\System32\svchost.exe 1036 svchost LOCAL SERVICE C:\Windows\system32\svchost.exe 1116 svchost NETWORK SERVICE C:\Windows\System32\svchost.exe 1188 svchost SYSTEM C:\Windows\system32\svchost.exe 1256 MsMpEng SYSTEM 1272 svchost LOCAL SERVICE C:\Windows\system32\svchost.exe 1312 ManagementAgentHost SYSTEM C:\Program Files\VMware\VMware Tools\VMware CAF\pme\bin\ManagementAgentHost.exe 1360 sqlwriter SYSTEM C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 1440 svchost SYSTEM C:\Windows\system32\svchost.exe 1468 svchost LOCAL SERVICE C:\Windows\System32\svchost.exe 1596 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 1624 VGAuthService SYSTEM C:\Program Files\VMware\VMware Tools\VMware VGAuth\VGAuthService.exe 1660 vmtoolsd SYSTEM C:\Program Files\VMware\VMware Tools\vmtoolsd.exe 1884 spoolsv SYSTEM C:\Windows\System32\spoolsv.exe 2008 svchost SYSTEM C:\Windows\System32\svchost.exe 2016 svchost SYSTEM C:\Windows\System32\svchost.exe 2028 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 2172 TeamViewer_Service SYSTEM C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 2592 sqlceip SQLTELEMETRY C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe 2600 sqlservr MSSQLSERVER C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe 2688 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 2736 taskhostw Administrator C:\Windows\system32\taskhostw.exe 2816 dllhost SYSTEM C:\Windows\system32\dllhost.exe 2852 WmiPrvSE NETWORK SERVICE C:\Windows\system32\wbem\wmiprvse.exe 3040 msdtc NETWORK SERVICE C:\Windows\System32\msdtc.exe 3112 RuntimeBroker Administrator C:\Windows\System32\RuntimeBroker.exe 3372 NisSrv LOCAL SERVICE 3892 vmtoolsd Administrator C:\Program Files\VMware\VMware Tools\vmtoolsd.exe 4028 svchost Administrator C:\Windows\system32\svchost.exe 4048 sihost Administrator C:\Windows\system32\sihost.exe 4120 explorer Administrator C:\Windows\Explorer.EXE 4208 tv_x64 SYSTEM C:\Program Files (x86)\TeamViewer\tv_x64.exe 4352 ShellExperienceHost Administrator C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 4432 SearchUI Administrator C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 4524 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 4616 TeamViewer Administrator C:\Program Files (x86)\TeamViewer\TeamViewer.exe 4740 MpCmdRun NETWORK SERVICE C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MpCmdRun.exe 4816 GoogleCrashHandler SYSTEM C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe 4836 GoogleCrashHandler64 SYSTEM C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe 4868 svchost LOCAL SERVICE C:\Windows\system32\svchost.exe 4964 notepad++ Administrator C:\Program Files\Notepad++\notepad++.exe 5080 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 5104 tv_w32 SYSTEM C:\Program Files (x86)\TeamViewer\tv_w32.exe 5836 conhost Administrator C:\Windows\system32\conhost.exe 6420 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 6660 chrome Administrator C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 6680 powershell_ise Administrator C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe [+] Installed AV Product Product GUID : Name : Real-time Protection Status : Unknown Computername : WS16 Product Executable : Reporting Exe : Definition Status : Unknown [+] Potential AV Processes PID ProcessName AVProduct --- ----------- --------- 1256 MsMpEng Windows Defender AV [+] Installed Software: DisplayName InstallDate DisplayVersion Publisher InstallLo cation ----------- ----------- -------------- --------- --------- Tools for .Net 3.5 20180729 3.11.50727 Microsoft Corporation Active Directory Authentication Library for SQL Server 20180729 14.0.1000.169 Microsoft Corporation Browser for SQL Server 2017 20180729 14.0.1000.169 Microsoft Corporation ClickOnce Bootstrapper Package for Microsoft .NET Framework 20180729 4.7.02558 Microsoft Corporation DiagnosticsHub_CollectionService 20180729 15.7.27520 Microsoft Corporation Entity Framework 6.2.0 Tools for Visual Studio 2017 20180729 6.2.61529.0 Microsoft Corporation Google Chrome 20180728 69.0.3497.100 Google Inc. C:\Progra m Files ( x86)\Goog le\Chrome \Applicat ion Google Update Helper 20180728 1.3.33.17 Google Inc. icecap_collection_neutral 20180729 15.6.27413 Microsoft Corporation icecap_collection_x64 20180729 15.6.27413 Microsoft Corporation icecap_collectionresources 20180729 15.6.27406 Microsoft Corporation icecap_collectionresourcesx64 20180729 15.6.27406 Microsoft Corporation IIS 10.0 Express 20180729 10.0.1743 Microsoft Corporation IIS Express Application Compatibility Database for x64 IIS Express Application Compatibility Database for x86 IntelliTraceProfilerProxy 20180729 15.0.17289.01 Microsoft Corporation IntelliTraceProfilerProxy 20180729 15.0.17289.01 Microsoft Corporation Microsoft .NET Core Host - 2.0.9 (x64) 20180729 16.36.26615 Microsoft Corporation Microsoft .NET Core Host - 2.1.2 (x64) 20180729 16.72.26629 Microsoft Corporation Microsoft .NET Core Host - 2.1.3 (x64) 20180903 16.76.26725 Microsoft Corporation Microsoft .NET Core Host FX Resolver - 2.0.9 (x64) 20180729 16.36.26615 Microsoft Corporation Microsoft .NET Core Host FX Resolver - 2.1.2 (x64) 20180729 16.72.26629 Microsoft Corporation Microsoft .NET Core Host FX Resolver - 2.1.3 (x64) 20180903 16.76.26725 Microsoft Corporation Microsoft .NET Core Runtime - 2.0.9 (x64) 20180729 16.36.26615 Microsoft Corporation Microsoft .NET Core Runtime - 2.1.2 (x64) 20180729 16.72.26629 Microsoft Corporation Microsoft .NET Core Runtime - 2.1.3 (x64) 20180903 16.76.26725 Microsoft Corporation Microsoft .NET Core SDK - 2.1.202 (x64) 20180729 8.50.40411 Microsoft Corporation Microsoft .NET Core SDK - 2.1.202 (x64) 2.1.202 Microsoft Corporation Microsoft .NET Core SDK 2.1.302 (x64) 2.1.302 Microsoft Corporation Microsoft .NET Core SDK 2.1.302 (x64) 20180729 8.91.41715 Microsoft Corporation Microsoft .NET Core SDK 2.1.401 (x64) 2.1.401 Microsoft Corporation Microsoft .NET Core SDK 2.1.401 (x64) 20180903 8.116.25613 Microsoft Corporation Microsoft .NET Framework 4 Multi-Targeting Pack 20180729 4.0.30319 Microsoft Corporation Microsoft .NET Framework 4.5 Multi-Targeting Pack 20180729 4.5.50710 Microsoft Corporation Microsoft .NET Framework 4.5.1 Multi-Targeting Pack 20180729 4.5.50932 Microsoft Corporation Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) 20180729 4.5.50932 Microsoft Corporation Microsoft .NET Framework 4.5.1 SDK 20180729 4.5.51641 Microsoft Corporation Microsoft .NET Framework 4.5.2 Multi-Targeting Pack 20180729 4.5.51651 Microsoft Corporation Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) 20180729 4.5.51209 Microsoft Corporation Microsoft .NET Framework 4.6 Targeting Pack 20180729 4.6.00081 Microsoft Corporation Microsoft .NET Framework 4.6.1 SDK 20180729 4.6.01055 Microsoft Corporation Microsoft .NET Framework 4.6.1 Targeting Pack 20180729 4.6.01055 Microsoft Corporation Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (ENU) 20180729 4.7.02558 Microsoft Corporation Microsoft Analysis Services OLE DB Provider 20180729 15.0.600.141 Microsoft Corporation Microsoft Analysis Services OLE DB Provider 20180729 15.0.600.141 Microsoft Corporation Microsoft ASP.NET Core 2.0.9 Runtime Package Store (x64) 20180729 2.0.13103.0 Microsoft Corporation Microsoft ASP.NET Core 2.1.2 Shared Framework (x64) 20180729 2.1.13029.0 Microsoft Corporation Microsoft ASP.NET Core 2.1.3 Shared Framework (x64) 20180903 2.1.13126.0 Microsoft Corporation Microsoft ASP.NET Core Module for IIS Express 20180729 2.1.1991 Microsoft Corporation Microsoft ASP.NET Diagnostic Pack for Visual Studio 20180729 15.0.40625.0 Microsoft Corporation Microsoft ASP.NET Web Tools Packages 15.0 - ENU 20180729 1.0.30615.0 Microsoft Corporation Microsoft Azure Authoring Tools - v2.9.5.3 20180729 2.9.8699.20 Microsoft Corporation Microsoft Azure Compute Emulator - v2.9.5.3 20180729 2.9.8699.20 Microsoft Corporation Microsoft Azure Compute Emulator - v2.9.5.3 7/29/2018 2.9.8699.20 Microsoft Corporation Microsoft Azure Libraries for .NET – v2.9 20180729 3.0.0127.060 Microsoft Corporation Microsoft Azure Storage Emulator - v5.4 20180729 5.4.1811.0037 Microsoft Corporation Microsoft Azure Storage Emulator - v5.4 7/29/2018 5.4.1811.0037 Microsoft Corporation Microsoft Azure Storage Explorer version 1.4.1 20180906 1.4.1 Microsoft Corporation C:\Progra m Files ( x86)\Micr osoft Azure Storage Explorer\ Microsoft Build Tools 14.0 (amd64) 20180729 14.0.23107 Microsoft Corporation Microsoft Build Tools 14.0 (x86) 20180729 14.0.23107 Microsoft Corporation Microsoft Build Tools Language Resources 14.0 (amd64) 20180729 14.0.23107 Microsoft Corporation Microsoft Build Tools Language Resources 14.0 (x86) 20180729 14.0.23107 Microsoft Corporation Microsoft Help Viewer 2.2 20180729 2.2.23107 Microsoft Corporation Microsoft Help Viewer 2.2 2.2.23107 Microsoft Corporation C:\Progra m Files ( x86)\Micr osoft Help View er\v2.2\ Microsoft NetStandard SDK 20180729 15.0.51105 Microsoft Corporation Microsoft ODBC Driver 13 for SQL Server 20180729 14.0.1000.169 Microsoft Corporation Microsoft Portable Library Multi-Targeting Pack 20180729 15.0.26621.02 Microsoft Corporation Microsoft Portable Library Multi-Targeting Pack Language Pack - enu 20180729 15.0.26621.02 Microsoft Corporation Microsoft SQL Server 2012 Command Line Utilities 20180729 11.3.6020.0 Microsoft Corporation Microsoft SQL Server 2012 Native Client 20180729 11.3.6540.0 Microsoft Corporation Microsoft SQL Server 2014 Management Objects 20180729 12.0.2000.8 Microsoft Corporation Microsoft SQL Server 2016 LocalDB 20180729 13.1.4001.0 Microsoft Corporation Microsoft SQL Server 2017 Microsoft SQL Server 2017 Microsoft Corporation Microsoft SQL Server 2017 (64-bit) Microsoft Corporation Microsoft SQL Server 2017 (64-bit) Microsoft SQL Server 2017 Policies 20180729 14.0.1000.169 Microsoft Corporation Microsoft SQL Server 2017 RsFx Driver 20180729 14.0.1000.169 Microsoft Corporation Microsoft SQL Server 2017 Setup (English) 20180729 14.0.1000.169 Microsoft Corporation Microsoft SQL Server 2017 T-SQL Language Service 20180729 14.0.1000.169 Microsoft Corporation Microsoft SQL Server 2017 T-SQL Language Service 20180729 14.0.17277.0 Microsoft Corporation Microsoft SQL Server Data-Tier Application Framework (x86) 20180729 14.0.4079.2 Microsoft Corporation Microsoft SQL Server Management Studio - 17.8.1 14.0.17277.0 Microsoft Corporation Microsoft System CLR Types for SQL Server 2014 20180729 12.0.2402.11 Microsoft Corporation Microsoft System CLR Types for SQL Server 2017 20180729 14.0.3006.16 Microsoft Corporation Microsoft System CLR Types for SQL Server 2017 20180729 14.0.3006.16 Microsoft Corporation Microsoft TestPlatform SDK Local Feed 20180729 15.7.0.1550004 Microsoft Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 20180728 9.0.30729.6161 Microsoft Corporation Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 20180728 9.0.30729.6161 Microsoft Corporation Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 12.0.21005.1 Microsoft Corporation Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 12.0.30501.0 Microsoft Corporation Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 12.0.21005.1 Microsoft Corporation Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 12.0.30501.0 Microsoft Corporation Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 20180729 12.0.21005 Microsoft Corporation Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 20180729 12.0.21005 Microsoft Corporation Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 20180729 12.0.21005 Microsoft Corporation Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 20180729 12.0.21005 Microsoft Corporation Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 20180729 12.0.21005 Microsoft Corporation Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 20180729 12.0.21005 Microsoft Corporation Microsoft Visual C++ 2015 x64 Debug Runtime - 14.0.23026 20180729 14.0.23026 Microsoft Corporation Microsoft Visual C++ 2015 x86 Debug Runtime - 14.0.23026 20180729 14.0.23026 Microsoft Corporation Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26405 14.14.26405.0 Microsoft Corporation Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26405 14.14.26405.0 Microsoft Corporation Microsoft Visual C++ 2017 x64 Additional Runtime - 14.14.26405 20180729 14.14.26405 Microsoft Corporation Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.14.26405 20180729 14.14.26405 Microsoft Corporation Microsoft Visual C++ 2017 x86 Additional Runtime - 14.14.26405 20180729 14.14.26405 Microsoft Corporation Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.14.26405 20180729 14.14.26405 Microsoft Corporation Microsoft Visual Studio 2015 Shell (Isolated) 20180729 14.0.23107 Microsoft Corporation Microsoft Visual Studio 2015 Shell (Isolated) 14.0.23107.10 Microsoft Corporation Microsoft Visual Studio 2015 Shell (Isolated) Resources 20180729 14.0.23107 Microsoft Corporation Microsoft Visual Studio 2015 Shell (Minimum) 20180729 14.0.23107 Microsoft Corporation Microsoft Visual Studio 2015 Shell (Minimum) Interop Assemblies 20180729 14.0.23107 Microsoft Corporation Microsoft Visual Studio 2015 Shell (Minimum) Resources 20180729 14.0.23107 Microsoft Corporation Microsoft Visual Studio 2015 XAML Designer 20180729 14.0.23107 Microsoft Corporation Microsoft Visual Studio 2015 XAML Designer - ENU 20180729 14.0.23107 Microsoft Corporation Microsoft Visual Studio Installer 20180729 1.16.1251.625 Microsoft Corporation "C:\Progr am Files (x86)\Mic rosoft Visual St udio\Inst aller" Microsoft Visual Studio Services Hub 20180729 1.0.23107.00 Microsoft Corporation Microsoft Visual Studio Setup Configuration 20180729 1.16.1163.30317 Microsoft Corporation Microsoft Visual Studio Team Foundation Server 2017 RC Office Integration (x64) 20180729 15.129.27825 Microsoft Corporation Microsoft Visual Studio Team Foundation Server 2017 RC Office Integration Language Pack (x64) - ENU 20180729 15.129.27825 Microsoft Corporation Microsoft Visual Studio Tools for Applications 2015 14.0.23829 Microsoft Corporation Microsoft Visual Studio Tools for Applications 2015 Finalizer 20180729 14.0.23829 Microsoft Corporation Microsoft Visual Studio Tools for Applications 2015 Language Support 14.0.23107.20 Microsoft Corporation Microsoft Visual Studio Tools for Applications 2015 Language Support 20180729 14.0.23107.20 Microsoft Corporation Microsoft Visual Studio Tools for Applications 2015 Language Support - ENU Language Pack 20180729 14.0.23107.20 Microsoft Corporation Microsoft Visual Studio Tools for Applications 2015 Language Support Finalizer 20180729 14.0.23107.20 Microsoft Corporation Microsoft Visual Studio Tools for Applications 2015 x64 Hosting Support 20180729 14.0.23829 Microsoft Corporation Microsoft Visual Studio Tools for Applications 2015 x86 Hosting Support 20180729 14.0.23829 Microsoft Corporation Microsoft VSS Writer for SQL Server 2017 20180729 14.0.1000.169 Microsoft Corporation Microsoft Web Deploy 4.0 20180729 10.0.1992 Microsoft Corporation Microsoft Windows Communication Foundation Diagnostic Pack for x86 20180729 15.0.27005 Microsoft Notepad++ (64-bit x64) 7.5.8 Notepad++ Team Roslyn Language Services - x86 20180729 14.0.23107 Microsoft Corporation Roslyn Language Services - x86 20180729 14.0.23107 Microsoft Corporation SQL Server 2017 Batch Parser 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Client Tools Extensions 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Client Tools Extensions 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Common Files 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Common Files 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Common Files 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Common Files 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Connection Info 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Connection Info 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Database Engine Services 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Database Engine Services 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Database Engine Shared 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Database Engine Shared 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 DMF 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 DMF 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Integration Services Scale Out Management Portal 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Integration Services Scale Out Management Portal 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Management Studio Extensions 20180729 14.0.3026.27 Microsoft Corporation SQL Server 2017 Management Studio Extensions 20180729 14.0.3026.27 Microsoft Corporation SQL Server 2017 Shared Management Objects 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Shared Management Objects 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Shared Management Objects Extensions 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 Shared Management Objects Extensions 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 SQL Diagnostics 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 XEvent 20180729 14.0.1000.169 Microsoft Corporation SQL Server 2017 XEvent 20180729 14.0.1000.169 Microsoft Corporation SQL Server Management Studio 20180729 14.0.17277.0 Microsoft Corporation SQL Server Management Studio 20180729 14.0.17277.0 Microsoft Corporation SQL Server Management Studio for Analysis Services 20180729 14.0.17277.0 Microsoft Corporation SQL Server Management Studio for Reporting Services 20180729 14.0.17277.0 Microsoft Corporation SSMS Post Install Tasks 20180729 14.0.17277.0 Microsoft Corporation TeamViewer 13 13.2.14327 TeamViewer C:\Progra m Files ( x86)\Team Viewer TypeScript SDK 20180729 2.8.4.0 Microsoft Corporation Update for (KB2504637) 1 Microsoft Corporation Update for Microsoft Visual Studio 2015 (KB3095681) 14.0.23317 Microsoft Corporation vcpp_crt.redist.clickonce 20180729 14.14.26405 Microsoft Corporation Visual F# 10.1 SDK 20180729 10.1 Microsoft Corporation Visual Studio 2015 Prerequisites 20180729 14.0.23107 Microsoft Corporation Visual Studio 2015 Prerequisites - ENU Language Pack 20180729 14.0.23107 Microsoft Corporation Visual Studio Enterprise 2017 (2) 20180729 15.7.27703.2042 Microsoft Corporation C:\Progra m Files ( x86)\Micr osoft Visual St udio\2017 \Enterpri se VMware Tools 20180728 10.1.6.5214329 VMware, Inc. C:\Progra m Files\V Mware\VMw are Tools\ VS Script Debugging Common 20180729 16.0.94.0 Microsoft Corporation VS WCF Debugging 20180729 16.0.94.0 Microsoft Corporation vs_clickoncebootstrappermsi 20180729 15.0.27005 Microsoft Corporation vs_clickoncebootstrappermsires 20180729 15.0.27005 Microsoft Corporation vs_clickoncesigntoolmsi 20180729 15.0.27005 Microsoft Corporation vs_codecoveragemsi 20180729 15.0.27005 Microsoft Corporation vs_communitymsi 20180729 15.7.27617 Microsoft Corporation vs_communitymsires 20180729 15.0.26621 Microsoft Corporation vs_devenvmsi 20180729 15.0.26621 Microsoft Corporation vs_enterprisemsi 20180729 15.0.26621 Microsoft Corporation vs_filehandler_amd64 20180729 15.7.27617 Microsoft Corporation vs_filehandler_x86 20180729 15.7.27617 Microsoft Corporation vs_FileTracker_Singleton 20180729 15.6.27309 Microsoft Corporation vs_minshellinteropmsi 20180729 15.7.27604 Microsoft Corporation vs_minshellmsi 20180729 15.7.27617 Microsoft Corporation vs_minshellmsires 20180729 15.0.26621 Microsoft Corporation vs_networkemulationmsi_x64 20180729 15.0.27005 Microsoft Corporation vs_professionalmsi 20180729 15.0.26621 Microsoft Corporation vs_SQLClickOnceBootstrappermsi 20180729 15.0.27005 Microsoft Corporation vs_tipsmsi 20180729 15.0.27005 Microsoft Corporation Windows Phone SDK 8.0 Assemblies for Visual Studio 2017 20180729 15.0.27604 Microsoft Corporation [+] System Drives: Name Root Used Free Description CurrentLocation ---- ---- ---- ---- ----------- --------------- C C:\ 41830752256 172391223296 Users\Administrator\Desktop D D:\ 0 [+] Active TCP Connections: LocalAddress LocalPort RemoteAddress RemotePort State IPVersion ------------ --------- ------------- ---------- ----- --------- 127.0.0.1 5939 127.0.0.1 49682 Established IPv4 127.0.0.1 49682 127.0.0.1 5939 Established IPv4 127.0.0.1 49686 127.0.0.1 49687 Established IPv4 127.0.0.1 49687 127.0.0.1 49686 Established IPv4 192.168.1.108 49673 94.16.6.164 5938 Established IPv4 192.168.1.108 49675 40.67.254.36 443 Established IPv4 192.168.1.108 49680 40.67.252.206 443 Established IPv4 192.168.1.108 49943 151.101.1.69 443 Established IPv4 192.168.1.108 50018 52.21.80.208 443 Established IPv4 192.168.1.108 50042 34.224.141.163 443 Established IPv4 192.168.1.108 50117 172.217.4.3 443 TimeWait IPv4 192.168.1.108 50159 192.30.253.125 443 Established IPv4 192.168.1.108 50176 40.127.195.156 443 TimeWait IPv4 192.168.1.108 50183 54.164.104.182 443 Established IPv4 192.168.1.108 50186 40.127.195.156 443 Established IPv4 [+] Firewall Status: Domain Standard Public ------ -------- ------ Enabled Enabled Enabled [+] Local Users: Name Domain SID AccountType PasswordExpires Disabled Lockout Status Description ---- ------ --- ----------- --------------- -------- ------- ------ ----------- DefaultAccount WS16 S-1-5-21-613702625-3014925118-4049324581-503 512 False True False Degraded A user account managed by the system. Guest WS16 S-1-5-21-613702625-3014925118-4049324581-501 512 False True False Degraded Built-in account for guest access to the computer/domain Administrator WS16 S-1-5-21-613702625-3014925118-4049324581-500 512 False False False OK Built-in account for administering the computer/domain [+] Local Administrators: [+] Local Groups: Name SID Description ---- --- ----------- Access Control Assistance Operators S-1-5-32-579 Members of this group can remotely query authorization attributes and permissions for resources on this computer. Administrators S-1-5-32-544 Administrators have complete and unrestricted access to the computer/domain Backup Operators S-1-5-32-551 Backup Operators can override security restrictions for the sole purpose of backing up or restoring files Certificate Service DCOM Access S-1-5-32-574 Members of this group are allowed to connect to Certification Authorities in the enterprise Cryptographic Operators S-1-5-32-569 Members are authorized to perform cryptographic operations. Distributed COM Users S-1-5-32-562 Members are allowed to launch, activate and use Distributed COM objects on this machine. Event Log Readers S-1-5-32-573 Members of this group can read event logs from local machine Guests S-1-5-32-546 Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted Hyper-V Administrators S-1-5-32-578 Members of this group have complete and unrestricted access to all features of Hyper-V. IIS_IUSRS S-1-5-32-568 Built-in group used by Internet Information Services. Network Configuration Operators S-1-5-32-556 Members in this group can have some administrative privileges to manage configuration of networking features Performance Log Users S-1-5-32-559 Members of this group may schedule logging of performance counters, enable trace providers, and collect event traces both locally and via remote access to this computer Performance Monitor Users S-1-5-32-558 Members of this group can access performance counter data locally and remotely Power Users S-1-5-32-547 Power Users are included for backwards compatibility and possess limited administrative powers Print Operators S-1-5-32-550 Members can administer printers installed on domain controllers RDS Endpoint Servers S-1-5-32-576 Servers in this group run virtual machines and host sessions where users RemoteApp programs and personal virtual desktops run. This group needs to be populated on servers running RD Connection Broker. RD Session Host servers and RD Virtualization Host servers used in the deployment need to be in this group. RDS Management Servers S-1-5-32-577 Servers in this group can perform routine administrative actions on servers running Remote Desktop Services. This group needs to be populated on all servers in a Remote Desktop Services deployment. The servers running the RDS Central Management service must be included in this group. RDS Remote Access Servers S-1-5-32-575 Servers in this group enable users of RemoteApp programs and personal virtual desktops access to these resources. In Internet-facing deployments, these servers are typically deployed in an edge network. This group needs to be populated on servers running RD Connection Broker. RD Gateway servers and RD Web Access servers used in the deployment need to be in this group. Remote Desktop Users S-1-5-32-555 Members in this group are granted the right to logon remotely Remote Management Users S-1-5-32-580 Members of this group can access WMI resources over management protocols (such as WS-Management via the Windows Remote Management service). This applies only to WMI namespaces that grant access to the user. Replicator S-1-5-32-552 Supports file replication in a domain Storage Replica Administrators S-1-5-32-582 Members of this group have complete and unrestricted access to all features of Storage Replica. System Managed Accounts Group S-1-5-32-581 Members of this group are managed by the system. Users S-1-5-32-545 Users are prevented from making accidental or intentional system-wide changes and can run most applications SQLServer2005SQLBrowserUser$WS16 S-1-5-21-613702625-3014925118-4049324581-1000 Members in the group have the required access and privileges to be assigned as the log on account for the associated instance of SQL Server Browser. [+] Group Membership for (Administrator) SID GroupName --- --------- S-1-1-0 Everyone S-1-2-0 LOCAL S-1-2-1 CONSOLE LOGON S-1-5-11 NT AUTHORITY\Authenticated Users S-1-5-113 NT AUTHORITY\Local account S-1-5-114 NT AUTHORITY\Local account and member of Administrators group S-1-5-15 NT AUTHORITY\This Organization S-1-5-21-613702625-3014925118-4049324581-513 WS16\None S-1-5-32-544 BUILTIN\Administrators S-1-5-32-545 BUILTIN\Users S-1-5-32-559 BUILTIN\Performance Log Users S-1-5-4 NT AUTHORITY\INTERACTIVE S-1-5-64-10 NT AUTHORITY\NTLM Authentication [+] DURATION: 00:00:02.0624467 [+] Invoke-HostEnum complete! |