Glad to see you're still hanging around, and learning!
That list shows open ports, and generically defined services. Your next steps should be connecting to those ports, and banner grabbing / researching, to see what service versions, etc, are reported as running on those ports, then follow up with searches for vulnerabilities existing on those versions and services.
For instance, you might find that some other service is actually using that port, and it's not really Microsoft ds on there, at all. Conversely, you could be hitting a honeypot (if this were a real-life pentest,) where that port isn't really even running the exploitable service, but responds to queries as if it was. You need to adequately try to determine what's running, not just gather a basic list of responding ports, and start attacking.
These are very tried and true principles for pentesting, and you need to do some digging on them, rather than just throwing a list of nmap reported open ports to the list. We're here to help, and to answer educated questions, not to lead you through every step. (No offense intended, just recommending you spend more time on this than simply a base nmap scan, followed by, "why doesn't an exploit work on 445?")
I understand that you're running a tool, like Metasploit, to perform these tests, but sometimes, you need to have a clearer understanding of the target system and it's services, before just throwing Metasploit and other tools at it, in the hopes that generically defined exploits will 'just work' as you'd like / expect them to.
Good luck, and as you continue, let us know what more you find.