To get the binary path and user of running processes:

Get-Process | Where-Object { $_.Path } | ForEach-Object { $p = $_; $o = Get-CimInstance Win32_Process -Filter "ProcessId=$($p.Id)" | Invoke-CimMethod -MethodName GetOwner; [PSCustomObject]@{ Type = 'Process'; Name = $p.Name; Id = $p.Id; Path = $p.Path; User = "$($o.Domain)\\$($o.User)" } } | Format-Table -AutoSize

To get the binary path and user of running services:

Get-Service | ForEach-Object { $s = $_; $wmi = Get-WmiObject Win32_Service -Filter "Name='$($s.Name)'"; [PSCustomObject]@{ Type = 'Service'; Name = $s.Name; Id = $null; Path = $wmi.PathName; User = $wmi.StartName } } | Format-Table -AutoSize

To get the binary path and user of scheduled tasks:

Get-ScheduledTask | ForEach-Object { $t = $_; $a = $t.Actions[0]; $principal = $t.Principal; [PSCustomObject]@{ Type = 'Task'; Name = $t.TaskName; Id = $null; Path = $a.Execute; User = $principal.UserId } } | Format-Table -AutoSize

To get the binary path and user of listening ports:

netstat -ano | Select-String "LISTENING" | ForEach-Object { $split = $_ -split "\\s+"; $proc = Get-Process -Id $split[-1] -ErrorAction SilentlyContinue; if ($proc) { [PSCustomObject]@{ Protocol = $split[1]; LocalAddress = $split[2]; PID = $split[-1]; ProcessName = $proc.ProcessName; Path = $proc.Path; User = (Get-WmiObject Win32_Process -Filter "ProcessId=$($split[-1])").GetOwner().User } } } | Format-Table -AutoSize