[collector:] client ino-rut-vlt01.powershell powershell XymonPS [date] Wed 10 Dec 18:30:12 2025 [clock] epoch: 1765351812 local: Wed 10 Dec 18:30:12 2025 UTC: Wed 10 Dec 07:30:12 2025 Time Synchronisation type: NT5DS Leap Indicator: 0(no warning) Stratum: 5 (secondary reference - syncd by (S)NTP) Precision: -23 (119.209ns per tick) Root Delay: 0.0066113s Root Dispersion: 0.1045429s ReferenceId: 0x0A023F2F (source IP: 10.2.63.47) Last Successful Sync Time: 10/12/2025 6:22:16 PM Source: INO-RUT-DC02.inside.inoxihp.com.au Poll Interval: 10 (1024s) [clientversion] 2.42 [uname] Microsoft Windows Server 2022 Datacenter (build 20348) [cpu] up: 13 days, 0 users, 141 procs, load=6.9% CPU states: total 6.9% cores: 6 CPU PID Image Name Pri Time MemUsage 2.2% 2180 BackupFP 8 02:24:41 592308k 0.9% 6148 SVC:IDriveService 8 10:06:59 517080k 0.8% 4 System 8 02:09:25 144k 0.6% 3076 SVC:CryptSvc 8 00:30:59 22816k 0.5% 3820 SVC:WinDefend 8 08:02:31 316468k 0.5% 4068 SVC:MBAMService 8 11:48:50 311996k 0.2% 1868 SVC:swprv 8 00:00:03 14228k 0.2% 1304 SVC:MSSQL$AUTODESKVAULT 8 02:32:20 19415240k 0.2% 8572 AdskIdentityManager 8 02:49:50 20432k 0.1% 4228 SVC:BASupportExpressStandalone 13 01:02:17 54536k 0.1% 3384 SVC:Mesh Agent 8 02:13:11 5727364k 0.1% 768 SVC:KeyIso/Netlogon/SamSs 9 00:53:17 29060k 0.1% 9420 SVC:VSS 8 00:00:01 23056k 0.1% 3504 SVC:SQLWriter 8 00:03:14 55576k 0.1% 1392 SVC:EventLog 8 02:08:54 45460k 0.1% 7084 powershell 8 01:26:49 159408k 0.0% 12668 WmiPrvSE 8 00:02:56 36992k 0.0% 760 services 9 00:15:07 16624k 0.0% 3280 SVC:Winmgmt 8 00:42:12 34336k 0.0% 10524 SVC:LTService 8 00:04:46 32108k 0.0% 12084 BASupSysInf 6 00:01:16 19548k 0.0% 2732 SVC:AdskLicensingService 8 00:28:26 25140k 0.0% 10404 w3wp 8 00:00:52 187424k 0.0% 2788 SVC:Autodesk CER Service 8 00:12:40 28724k 0.0% 1008 SVC:RpcEptMapper/RpcSs 8 00:09:59 33028k 0.0% 7492 SVC:DPS 8 00:11:40 22980k 0.0% 3784 SVC:Windows Agent Service 8 00:21:31 323964k 0.0% 5548 w3wp 8 00:01:37 518832k 0.0% 8556 SVC:WdNisSvc 8 00:01:47 13996k 0.0% 5368 SVC:WSearch 8 00:06:44 26612k 0.0% 4992 Veeam.Guest.Interaction.Proxy 8 00:00:00 10168k 0.0% 4420 fdhost 8 00:00:07 7512k 0.0% 5132 AggregatorHost 8 00:00:19 10704k 0.0% 5060 conhost 8 00:00:00 10784k 0.0% 4304 SVC:RasMan 8 00:00:12 13604k 0.0% 4744 WmiPrvSE 8 00:00:00 9948k 0.0% 3552 SVC:SQLBrowser 8 00:00:00 6228k 0.0% 3600 SVC:SysMain 8 00:00:01 7236k 0.0% 3720 SVC:TrkWks 8 00:00:03 6080k 0.0% 14216 SVC:LTSvcMon 8 00:00:10 14104k 0.0% 3472 SVC:SstpSvc 8 00:00:00 7652k 0.0% 3512 SVC:LanmanServer 8 00:00:59 9448k 0.0% 3756 SVC:UsoSvc 8 00:00:12 13904k 0.0% 4024 SVC:VeeamTransportSvc 8 00:00:01 10724k 0.0% 4048 SVC:VeeamDeploySvc 8 00:00:07 20048k 0.0% 4056 SVC:WpnService 8 00:00:00 11196k 0.0% 3844 SVC:XymonPSClient 8 00:00:00 6596k 0.0% 3952 SVC:WinRM 8 00:00:06 12792k 0.0% 3964 SVC:W3SVC/WAS 8 00:00:08 13576k 0.0% 9168 SVC:SolarWinds.MSP.RpcServerSe 8 00:01:37 77588k 0.0% 9332 SVC:StateRepository 8 00:00:09 12132k 0.0% 9492 conhost 8 00:00:00 10864k 0.0% 8992 SVC:MSSQLFDLauncher$AUTODESKVA 8 00:00:00 4604k 0.0% 7964 SVC:PcaSvc 8 00:00:05 13272k 0.0% 8136 NableReactiveManagement 8 00:00:13 45532k 0.0% 8836 SVC:CDPSvc 8 00:00:00 12012k 0.0% 10840 WmiPrvSE 8 00:00:03 14988k 0.0% 12328 SVC:WdiSystemHost 8 00:00:00 6328k 0.0% 13352 conhost 6 00:00:00 11012k 0.0% 10308 SVC:DsSvc 8 00:00:00 11144k 0.0% 9588 SVC:MSDTC 8 00:00:00 11380k 0.0% 9908 SVC:UALSVC 8 00:00:02 21136k 0.0% 9960 SVC:ScreenConnect Client (69e7 8 00:00:00 41052k 0.0% 6152 SVC:WaaSMedicSvc 8 00:00:00 8276k 0.0% 6620 SVC:DispBrokerDesktopSvc 8 00:00:00 7472k 0.0% 6756 conhost 8 00:00:00 10788k 0.0% 6068 SVC:SQLTELEMETRY$AUTODESKVAULT 6 00:02:49 78520k 0.0% 5244 dllhost 8 00:00:00 12912k 0.0% 5348 SVC:VeeamEndpointBackupSvc 8 00:00:59 96644k 0.0% 5880 adsk_hive_host 8 00:00:43 26440k 0.0% 7324 SVC:StorSvc 8 00:00:01 15516k 0.0% 7432 conhost 8 00:00:00 10784k 0.0% 7712 w3wp 8 00:00:02 45296k 0.0% 7188 NableSixtyFourBitManager 8 00:00:04 66572k 0.0% 6932 AdskLicensingAgent 8 00:00:01 23836k 0.0% 7064 SVC:BASupportExpressSrvcUpdate 8 00:01:54 25804k 0.0% 7092 conhost 8 00:03:09 15284k 0.0% 1172 SVC:SolarWinds.MSP.CacheServic 8 00:01:31 54024k 0.0% 1152 SVC:TimeBrokerSvc 8 00:00:00 6488k 0.0% 1324 LogonUI 13 00:00:15 53796k 0.0% 1228 SVC:Dnscache 8 00:07:16 9992k 0.0% 1096 SVC:SecurityHealthService 8 00:00:00 11648k 0.0% 1048 SVC:W32Time 8 00:00:12 8896k 0.0% 1144 SVC:NcbService 8 00:00:00 8680k 0.0% 1136 SVC:Dhcp 8 00:00:39 8404k 0.0% 1700 SVC:gpsvc 8 00:00:06 18600k 0.0% 1656 SVC:UserManager 8 00:00:00 8164k 0.0% 1768 SVC:netprofm 8 00:00:10 11656k 0.0% 1740 SVC:CertPropSvc 8 00:00:00 6644k 0.0% 1480 SVC:BFE/mpssvc 8 00:01:01 19168k 0.0% 1464 dwm 13 00:01:26 51888k 0.0% 1572 SVC:NlaSvc 8 00:00:00 13112k 0.0% 1556 SVC:ProfSvc 8 00:00:00 11672k 0.0% 616 wininit 13 00:00:00 7296k 0.0% 520 csrss 13 00:04:17 7032k 0.0% 688 winlogon 13 00:00:00 10588k 0.0% 624 csrss 13 00:00:01 6040k 0.0% 148 Registry 8 00:01:01 115308k 0.0% 0 Idle 0 8k 0.0% 472 SVC:LSM 8 00:01:20 9772k 0.0% 408 smss 11 00:00:00 1256k 0.0% 948 SVC:SSDPSRV 8 00:01:04 8408k 0.0% 936 fontdrvhost 8 00:00:00 4560k 0.0% 1040 SVC:lmhosts 8 00:00:00 5760k 0.0% 1028 SVC:nsi 8 00:00:15 9032k 0.0% 848 SVC:Backup Service Controller 8 00:00:26 10744k 0.0% 732 SVC:TermService 8 00:00:47 16144k 0.0% 928 fontdrvhost 8 00:00:02 7544k 0.0% 900 SVC:BrokerInfrastructure/DcomL 8 00:01:01 17388k 0.0% 2844 SVC:Autodesk Access Service Ho 8 00:00:57 55352k 0.0% 2836 SVC:Autodesk Data Management S 8 00:00:03 38964k 0.0% 2892 SVC:AzureAttestService 8 00:00:00 6256k 0.0% 2872 SVC:AutomationManagerAgent 8 00:01:02 164248k 0.0% 2620 SVC:Spooler 8 00:00:21 30484k 0.0% 2548 SVC:iphlpsvc 8 00:00:01 10936k 0.0% 2824 SVC:Autodesk Data Management J 8 00:00:28 30596k 0.0% 2752 SVC:AppHostSvc 8 00:00:12 15328k 0.0% 3128 SVC:IISADMIN 8 00:01:02 28864k 0.0% 3120 SVC:HelpDeskService 8 00:00:36 8556k 0.0% 3332 SVC:MDCoreSvc 8 00:00:16 24668k 0.0% 3204 SVC:SSISTELEMETRY160 6 00:00:16 52944k 0.0% 3100 SVC:DiagTrack 8 00:01:34 43816k 0.0% 2988 SVC:MsDtsServer160 8 00:00:00 24204k 0.0% 3116 SVC:FOSWindowsService 8 00:00:51 65328k 0.0% 3108 SVC:FlexNet Licensing Service 8 00:00:29 14156k 0.0% 2124 SVC:LanmanWorkstation 8 00:00:36 9944k 0.0% 2056 SVC:SENS 8 00:00:01 9604k 0.0% 2192 SVC:WinHttpAutoProxySvc 8 00:00:09 8156k 0.0% 2164 SVC:Wcmsvc 8 00:00:01 9232k 0.0% 1840 SVC:Schedule 8 00:01:07 16920k 0.0% 1800 SVC:UmRdpService 8 00:00:00 7028k 0.0% 1964 SVC:Themes 8 00:00:00 6024k 0.0% 1896 SVC:EventSystem 8 00:00:16 8712k 0.0% 2416 SVC:SessionEnv 8 00:00:00 10376k 0.0% 2364 SVC:PME.Agent.PmeService 8 00:00:02 34876k 0.0% 2536 SVC:PolicyAgent 8 00:00:09 7788k 0.0% 2524 SVC:IKEEXT 8 00:00:01 8736k 0.0% 2272 SVC:CoreMessagingRegistrar 8 00:00:16 6400k 0.0% 2224 SVC:ShellHWDetection 8 00:00:00 8956k 0.0% 2324 SVC:Windows Agent Maintenance 8 00:00:11 33072k 0.0% 2296 SVC:FontCache 8 00:00:00 7084k [disk] Filesystem 1K-blocks Used Avail Capacity Mounted Label Summary(Total\Avail GB) C 209074172 91712092 117362080 44% /FIXED/C:\ 199.39\111.93 E 3145709564 1818978128 1326731436 58% /FIXED/E:\ Vault_Data 2999.98\1265.27 [memory] memory Total Used physical: 65535 32292 virtual: 9728 80 page: 75263 32445 [msgs:EventlogSummary] LogMode MaximumSizeInBytes RecordCount LogName ------- ------------------ ----------- ------- Circular 20971520 32458 Security Circular 20971520 61900 System Circular 20971520 43413 Application [msgs:eventlog_Security] [msgs:eventlog_System] Information - 12/10/2025 18:27:48 - [98] - Microsoft-Windows-Ntfs - Volume Vault_Data (\Device\HarddiskVolumeShadowCopy1051) is healthy. No action is needed. Information - 12/10/2025 18:27:47 - [98] - Microsoft-Windows-Ntfs - Volume ?? (\Device\HarddiskVolumeShadowCopy1050) is healthy. No action is needed. Information - 12/10/2025 18:27:33 - [4] - Virtual Disk Service - Service stopped. Information - 12/10/2025 18:27:23 - [98] - Microsoft-Windows-Ntfs - Volume System Reserved (\Device\HarddiskVolumeShadowCopy1049) is healthy. No action is needed. Information - 12/10/2025 18:27:23 - [98] - Microsoft-Windows-Ntfs - Volume ?? (\Device\HarddiskVolumeShadowCopy1048) is healthy. No action is needed. Information - 12/10/2025 18:27:09 - [3] - Virtual Disk Service - Service started. [msgs:eventlog_Application] Information - 12/10/2025 18:28:16 - [105] - Backup Manager - Backup finished for data source VssMsSqlBackupPlugin with session status Completed. Selected size: 53.9G; Selected count: 62; Processed size: 53.9G; Processed count: 62; Sent size: 20M; Errors count: 0; Removed files count: 0. [procs] PID User WorkingSet/Peak VirtualMem/Peak PagedMem/Peak NPS Handles %CPU Start Time Elapsed Name Command 2180 NT AUTHORITY\SYSTEM 592308/932548 5390528/5637984 578232/924928 59 888 2.2 2025-11-29 11:44:54 16245 BackupFP "C:\Program Files\Backup Manager\BackupFP.exe" 6148 NT AUTHORITY\SYSTEM 517080/890100 5278248/5774012 483888/920576 61 4086 0.9 2025-11-27 02:15:17 19695 SVC:IDriveService "C:\Program Files (x86)\IDriveWindows\id_service.exe" 4 Unknown 144/5960 3968/19008 44/72 0 2544 0.8 2025-11-27 02:12:49 19697 System 3076 NT AUTHORITY\NETWORK SERVICE 22816/84064 2152390872/2152442560 12444/72300 31 364 0.6 2025-11-27 02:12:51 19697 SVC:CryptSvc C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc 3820 Unknown 316468/1168636 2152943008/2154002512 342904/1152004 246 994 0.5 2025-11-27 02:12:52 19697 SVC:WinDefend 4068 Unknown 311996/1026096 5167688/6188724 437008/1261556 69 4328 0.5 2025-11-27 02:12:52 19697 SVC:MBAMService 1868 NT AUTHORITY\SYSTEM 14228/206288 2151802196/2151998292 3304/195924 15 359 0.2 2025-12-10 18:27:20 3 SVC:swprv C:\Windows\System32\svchost.exe -k swprv 1304 NT SERVICE\MSSQL$AUTODESKVAULT 19415240/19415712 131399076/131422504 19791308/19791836 354 1246 0.2 2025-11-27 02:15:18 19695 SVC:MSSQL$AUTODESKVAULT "C:\VaultData\Microsoft SQL Server\MSSQL16.AUTODESKVAULT\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT 8572 IIS APPPOOL\AutodeskFSPool 20432/20856 4318400/4333436 5920/6584 20 278 0.2 2025-11-28 07:15:37 17955 AdskIdentityManager "C:\Program Files\Autodesk\AdskIdentityManager\1.14.0.3/AdskIdentityManager.exe" --process_name Autodesk.IDSDK.DefaultProcess-v2 --server_name Autodesk.IDSDK.DefaultServer-v2 4228 NT AUTHORITY\SYSTEM 54536/57684 181976/187572 40612/40828 43 436 0.1 2025-12-05 00:10:20 8300 SVC:BASupportExpressStandaloneService_N_Central "C:\Program Files (x86)\BeAnywhere Support Express\GetSupportService_N-Central\BASupSrvc.exe" 3384 NT AUTHORITY\SYSTEM 5727364/5727392 10133544/10137976 5830360/5830396 68 340 0.1 2025-11-27 02:12:51 19697 SVC:Mesh Agent "C:\Program Files\Mesh Agent\MeshAgent.exe" 768 NT AUTHORITY\SYSTEM 29060/30604 2151781208/2151785912 12388/14472 32 1899 0.1 2025-11-27 02:12:50 19697 SVC:KeyIso/Netlogon/SamSs C:\Windows\system32\lsass.exe 9420 NT AUTHORITY\SYSTEM 23056/34008 2151838704/2151853484 9744/15556 22 586 0.1 2025-12-10 18:27:00 3 SVC:VSS C:\Windows\system32\vssvc.exe 3504 NT AUTHORITY\SYSTEM 55576/57612 4379176/4460772 44508/49836 22 407 0.1 2025-11-27 02:12:51 19697 SVC:SQLWriter "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" 1392 NT AUTHORITY\LOCAL SERVICE 45460/79468 2151835484/2152517252 55604/72208 19 1637 0.1 2025-11-27 02:12:51 19697 SVC:EventLog C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog 7084 NT AUTHORITY\SYSTEM 159408/186096 2152408980/2152448944 113580/141128 39 580 0.1 2025-11-27 02:12:54 19697 powershell "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy RemoteSigned -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File "C:\Program Files\XYMON\xymonclient.ps1" 12668 NT AUTHORITY\NETWORK SERVICE 36992/43176 2151827712/2151855116 18364/21744 24 1469 0.0 2025-12-10 00:17:36 1093 WmiPrvSE C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding 760 Unknown 16624/61516 2151768788/2152835076 8188/15628 16 779 0.0 2025-11-27 02:12:50 19697 services 3280 NT AUTHORITY\SYSTEM 34336/43812 2151849724/2151873852 19260/28972 22 525 0.0 2025-11-27 02:12:51 19697 SVC:Winmgmt C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt 10524 NT AUTHORITY\SYSTEM 32108/256184 4998992/5192540 137792/308932 64 2177 0.0 2025-12-09 08:50:19 2020 SVC:LTService C:\Windows\LTSvc\LTSVC.exe -sLTService 12084 NT AUTHORITY\SYSTEM 19548/48940 108056/129340 6344/29444 18 271 0.0 2025-12-10 02:41:24 949 BASupSysInf C:\PROGRA~2\BEANYW~1\GETSUP~1\BASupSysInf.exe -pldpipeid 2WoCsuA0MvLT9DJbSyfdowXH7rGdfArriE9SwlPBm5OKO2Nf0G7SJbUQGqSywkCd 2732 NT AUTHORITY\LOCAL SERVICE 25140/27544 5448196/5452628 23200/24760 16 214 0.0 2025-11-27 02:12:51 19697 SVC:AdskLicensingService "C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe" 10404 IIS APPPOOL\AutodeskFSPool 187424/256756 2166426840/2166522060 301100/327316 76 1189 0.0 2025-12-10 09:23:20 547 w3wp c:\windows\system32\inetsrv\w3wp.exe -ap "AutodeskFSPool" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipm91164642-f5fd-41f1-9659-e460c84e8212 -h "C:\inetpub\temp\apppools\AutodeskFSPool\AutodeskFSPool.config" -w "" -m 0 -t 20 -ta 0 2788 NT AUTHORITY\LOCAL SERVICE 28724/29324 5483444/5487544 24612/25340 18 343 0.0 2025-11-27 02:12:51 19697 SVC:Autodesk CER Service "C:\Program Files\Autodesk\Autodesk CER\service\cer_service.exe" 1008 NT AUTHORITY\NETWORK SERVICE 33028/33152 2151782024/2151794984 25740/25940 18 1422 0.0 2025-11-27 02:12:51 19697 SVC:RpcEptMapper/RpcSs C:\Windows\system32\svchost.exe -k RPCSS -p 7492 NT AUTHORITY\LOCAL SERVICE 22980/26088 2151832784/2152364968 19248/21696 17 311 0.0 2025-11-27 02:14:53 19695 SVC:DPS C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS 3784 NT AUTHORITY\SYSTEM 323964/358096 947084/997520 295136/337048 119 1891 0.0 2025-11-27 02:12:51 19697 SVC:Windows Agent Service "C:\Program Files (x86)\N-able Technologies\Windows Agent\bin\agent.exe" 5548 IIS APPPOOL\AutodeskDMPool 518832/799336 2166359292/2166369140 661344/955604 74 1122 0.0 2025-12-10 09:18:39 551 w3wp c:\windows\system32\inetsrv\w3wp.exe -ap "AutodeskDMPool" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipmeeb64098-1596-42d7-890f-5755ae7b006b -h "C:\inetpub\temp\apppools\AutodeskDMPool\AutodeskDMPool.config" -w "" -m 0 -t 20 -ta 0 8556 Unknown 13996/15008 2151784968/2151785248 6288/7388 14 215 0.0 2025-11-27 02:13:05 19697 SVC:WdNisSvc 5368 NT AUTHORITY\SYSTEM 26612/27284 2152390204/2152393280 21772/23088 44 688 0.0 2025-11-27 04:48:36 19542 SVC:WSearch C:\Windows\system32\SearchIndexer.exe /Embedding 4992 NT AUTHORITY\SYSTEM 10168/10260 51428/60392 1948/2396 17 239 0.0 2025-11-27 02:12:52 19697 Veeam.Guest.Interaction.Proxy "C:\Program Files (x86)\Veeam\Backup Transport\GuestInteraction\Veeam.Guest.Interaction.Proxy.exe" 4420 NT SERVICE\MSSQLFDLauncher$AUTOD 7512/7796 4316300/4389264 39096/39600 12 259 0.0 2025-11-27 02:15:22 19695 fdhost "C:\VaultData\Microsoft SQL Server\MSSQL16.AUTODESKVAULT\MSSQL\Binn\fdhost.exe" "MSSQL16.AUTODESKVAULTG9a3ed1f2fd7b8f4546fa39bfc933bebf90169ml6" "MSSQL16.AUTODESKVAULT" "MSSQL16.AUTODESKVAULT" "12" "" "16384" "M" "0" "" "" "" 5132 NT AUTHORITY\SYSTEM 10704/22256 2151746396/2151760024 5924/8984 8 119 0.0 2025-11-27 02:12:52 19697 AggregatorHost AggregatorHost.exe 5060 NT AUTHORITY\SYSTEM 10784/10820 2151756576/2151758116 6192/6276 7 86 0.0 2025-11-27 02:12:52 19697 conhost \??\C:\Windows\system32\conhost.exe 0x4 4304 NT AUTHORITY\SYSTEM 13604/13700 2151778960/2151781548 3588/3852 24 428 0.0 2025-11-27 02:12:52 19697 SVC:RasMan C:\Windows\System32\svchost.exe -k netsvcs 4744 NT AUTHORITY\SYSTEM 9948/9948 2151753524/2151757268 2568/6040 12 183 0.0 2025-12-10 18:27:10 3 WmiPrvSE C:\Windows\system32\wbem\wmiprvse.exe -Embedding 3552 NT AUTHORITY\LOCAL SERVICE 6228/6316 32640/37764 1744/1968 12 160 0.0 2025-11-27 02:12:51 19697 SVC:SQLBrowser "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" 3600 NT AUTHORITY\SYSTEM 7236/7264 2155941260/2155944336 1920/2000 9 144 0.0 2025-11-27 02:12:51 19697 SVC:SysMain C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain 3720 NT AUTHORITY\SYSTEM 6080/6100 2151744788/2151746840 1328/1456 8 143 0.0 2025-11-27 02:12:51 19697 SVC:TrkWks C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks 14216 NT AUTHORITY\SYSTEM 14104/43936 4815720/4821852 35388/36228 29 516 0.0 2025-12-09 07:43:46 2086 SVC:LTSvcMon C:\Windows\LTSvc\LTSvcMon.exe -sLTService 3472 NT AUTHORITY\LOCAL SERVICE 7652/7684 2151752948/2151756028 1724/1868 42 160 0.0 2025-11-27 02:12:51 19697 SVC:SstpSvc C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc 3512 NT AUTHORITY\SYSTEM 9448/9500 2151754900/2151760044 2504/2700 11 212 0.0 2025-11-27 02:12:51 19697 SVC:LanmanServer C:\Windows\System32\svchost.exe -k smbsvcs -s LanmanServer 3756 NT AUTHORITY\SYSTEM 13904/13976 2151767244/2151771344 3400/3612 14 250 0.0 2025-11-27 02:12:51 19697 SVC:UsoSvc C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc 4024 NT AUTHORITY\SYSTEM 10724/11516 55196/61600 2396/2684 17 237 0.0 2025-11-27 02:12:52 19697 SVC:VeeamTransportSvc "C:\Program Files (x86)\Veeam\Backup Transport\VeeamTransportSvc.exe" 4048 NT AUTHORITY\SYSTEM 20048/20876 86884/97264 4536/5404 26 404 0.0 2025-11-27 02:12:52 19697 SVC:VeeamDeploySvc "C:\Windows\Veeam\Backup\VeeamDeploymentSvc.exe" -port 6160 4056 NT AUTHORITY\SYSTEM 11196/11264 2151753564/2151758688 1404/1716 8 127 0.0 2025-11-27 02:12:52 19697 SVC:WpnService C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService 3844 NT AUTHORITY\SYSTEM 6596/6780 4267956/4272496 1880/2180 8 124 0.0 2025-11-27 02:12:52 19697 SVC:XymonPSClient "C:\Program Files\XYMON\nssm.exe" 3952 NT AUTHORITY\NETWORK SERVICE 12792/12956 2151781748/2151783288 3212/3900 13 240 0.0 2025-11-27 02:12:52 19697 SVC:WinRM C:\Windows\System32\svchost.exe -k NetworkService -p -s WinRM 3964 NT AUTHORITY\SYSTEM 13576/13600 2151775648/2151778212 6100/6152 16 260 0.0 2025-11-27 02:12:52 19697 SVC:W3SVC/WAS C:\Windows\system32\svchost.exe -k iissvcs 9168 NT AUTHORITY\SYSTEM 77588/139924 300840/376620 48868/123284 67 666 0.0 2025-11-27 02:13:24 19697 SVC:SolarWinds.MSP.RpcServerService "C:\Program Files (x86)\MspPlatform\RequestHandlerAgent\RequestHandlerAgent.exe" 9332 NT AUTHORITY\SYSTEM 12132/14184 2151755740/2151759328 4552/6604 9 131 0.0 2025-11-27 02:14:55 19695 SVC:StateRepository C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository 9492 NT SERVICE\MSSQLFDLauncher$AUTOD 10864/10900 2151756576/2151757604 6196/6252 7 86 0.0 2025-11-27 02:15:22 19695 conhost \??\C:\Windows\system32\conhost.exe 0x4 8992 NT SERVICE\MSSQLFDLauncher$AUTOD 4604/4748 4249168/4254160 888/1004 6 78 0.0 2025-11-27 02:15:22 19695 SVC:MSSQLFDLauncher$AUTODESKVAULT "C:\VaultData\Microsoft SQL Server\MSSQL16.AUTODESKVAULT\MSSQL\Binn\fdlauncher.exe" -s MSSQL16.AUTODESKVAULT 7964 NT AUTHORITY\SYSTEM 13272/14232 2151769524/2151777040 4340/5132 13 248 0.0 2025-11-27 02:13:18 19697 SVC:PcaSvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc 8136 NT AUTHORITY\SYSTEM 45532/50272 4815092/4873300 34824/39852 25 554 0.0 2025-11-27 02:12:57 19697 NableReactiveManagement "C:\Program Files (x86)\N-able Technologies\Reactive\bin\NableReactiveManagement.exe" 8836 NT AUTHORITY\LOCAL SERVICE 12012/12056 2151772428/2151779600 2276/2772 11 211 0.0 2025-11-27 02:14:53 19695 SVC:CDPSvc C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc 10840 NT AUTHORITY\LOCAL SERVICE 14988/26784 2151773992/2151779148 5508/17860 13 192 0.0 2025-12-10 15:34:46 175 WmiPrvSE C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding 12328 NT AUTHORITY\SYSTEM 6328/6400 2151744956/2151748540 1388/1756 8 126 0.0 2025-12-10 16:43:46 106 SVC:WdiSystemHost C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost 13352 NT AUTHORITY\SYSTEM 11012/11048 2151756584/2151757612 6196/6268 7 86 0.0 2025-12-10 02:41:25 949 conhost \??\C:\Windows\system32\conhost.exe 0x4 10308 NT AUTHORITY\SYSTEM 11144/11180 2152821396/2152827032 6388/6688 15 193 0.0 2025-11-27 06:12:52 19457 SVC:DsSvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc 9588 NT AUTHORITY\NETWORK SERVICE 11380/12580 2151764472/2151767432 3016/4140 14 242 0.0 2025-11-27 02:15:17 19695 SVC:MSDTC C:\Windows\System32\msdtc.exe 9908 NT AUTHORITY\SYSTEM 21136/24496 2152872424/2152884992 9720/12708 24 370 0.0 2025-11-27 02:15:22 19695 SVC:UALSVC C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s UALSVC 9960 NT AUTHORITY\SYSTEM 41052/41204 203336/214856 25444/25836 35 731 0.0 2025-12-10 17:56:02 34 SVC:ScreenConnect Client (69e7721040ec1250) "C:\Program Files (x86)\ScreenConnect Client (69e7721040ec1250)\ScreenConnect.ClientService.exe" "?e=Access&y=Guest&h=sc.viatek.com.au&p=8041&s=e5ed623a-911a-49b7-9d28-108e87e42822&k=BgIAAACkAABSU0ExAAgAAAEAAQCpFbFNTaYP9amF8McjmZ%2bQ8kLvvhOdthUPFJ78pr76tgUjzgIRnjzFiPwsqi3KH%2bAEGdBbu140Eu8gE8DXpk8y0v9cshavNO51TVuWILGYq54M%2bBpwafW1VRm7r8nJ%2fbpM58Hbc%2fArVsmsigBtGQ03Sse8wIfZ8ZkcfpiApbfZ94oT2gRUGDhLOh%2bbMDJXXzL%2bkCr5oO14ZoU9GzOu1GIPVuArDftfmD9D5O53gdE9njSXgqArzh%2bu06zB9Elvwke8PCvQTLHUpLHkYIOkCt1xNBIihW7ixPWPxb%2f0ZxzZ3sepeYefPryGzmthvqVHmX%2bOysNHAeTxvjOLuUYoCtKt&v=AQAAANCMnd8BFdERjHoAwE%2fCl%2bsBAAAAvNPXVaZ1lUKV0pdTHBSWzQAAAAACAAAAAAAQZgAAAAEAACAAAAALTxgR0FAU1S7Mw9BsZwIsttAG%2b5QOTYHJ2bxHdh5JYQAAAAAOgAAAAAIAACAAAAD%2fvPeS8yjVbZIad5RKpudGqQpuFrOFTURIUZNLQN9zU6AEAAB3gGj3NJzsTdjTdUKwEs1sxwl7C5yB3mi%2f1RTBy6DIvWryJSLC5PSv8I4b5Nhyv4AbNlqU9dSSU%2bsdirfSYBlq%2fSe%2fSRuh2N6xBY87CVPXCn7nqE0Cal7AasSjunc9w7xoBfCuH3cEURtIoMCIbBYbET2NUqK9hG%2bx4d718kLEigTsHjf4JBuLRZyEbZeDVqloEg7zhm2DXfovF48AEClhGpxiaMacX2wYHxlL258jwzlxRC6upO3IQM2NQl1GWylJH1%2f5bXwYwoE%2fDWZQ2zu5CB8dcxXYJPk%2fHkwnPwtL74Ej5QP3y6YAsJqSxr7wjBgYi1Nw94e9Ar3yyj5%2bQ%2bX3E5HubTIQbb3DssmOlHZoVR7vbgGbHy3sze7%2b0qtW6n6lnUzBS%2bm2nWZgbJOlI6q2cjpj2hnc6lwMS%2bdU%2b5D10vIGwyqSHf2ZmI%2bHlmZu4UnPdz8SwztRW%2btS5rdxJPHmifOrkca8Dsn5lwGccrlFIA172%2fb3TQ1Ohv3ay1dDIN%2fSxnt4pcv9qdTqZYCdlvrz7xyr7gEMW8VesqYeZ19SAfk%2bC0NflqKOo1eG6Osgq4l35TX2Ps2GBytm9d5Cb3%2fB29ivtq8sSF4YEXBhl6Sh7auZFixfqxiXFq31NIN5ChBWmwsg5wEf%2bLE9A0qlKCVmIYpXntfpm30t43DWw8IcsjRr8%2fopFVqcDpuitL0SxGsHspEfDIPTa7c0ecdzLFfLnfIT6RDjI%2fffDPhxAIiD1kHfVA672exdPnhTwMyuEvjo0j3PNgmUvEYQwd8HE%2bgYU4ZMh3Fb0tp7tQETxQamV8l7tk07UnN00YNInazxXfQ%2fG2eDl%2bBAZyXQXhcFjZ%2bZJRiQs17JpZhSJzJw%2fS1vgvPptzYVBwE5VMFxHraJTXAP6fC68pLZPnFk1xZjf87MVTlQzoKw2buBZrkaj%2fp1peb3d5i9vOP%2b5O5pRPpwigx1CgUA5D9N0iFAI61VlvVW9ZVSExTGPh1%2fCk8XhhEd3mNKzAlbjpHm9JmdkrDeED8GfuJts%2bID%2fVNm1MkcLkXVjOQPPiQS4yU6zIA8hsIoyv%2bl%2fodA%2fyjFeCZACLe8BOrmiNAvYPo89gx%2f%2fQ3uHElvVy8Uy%2fVngv%2fvIEMwOl%2f%2f722JIKMIzwpY642lUOI0rrMr%2ffMv4EjmEm6jx6SC1C3taeqbagkHTM1sp%2bUrQXJwqI%2bgMOQp99yGFa4RwNUJ4W9SwRFxgS09%2baQlFA6kkPlwafC%2bTr%2fPezOinCTMSKgO5lk98KuRkLHg29L6thgltjoPg1LR9ZBwjL1DDw1b5VIeS5z8cTfzYyyw%2fhKxMz8pQKUMrL2cgEM6caSGliJn3FHFQ521qlMk0svUCwzW1H6i7LIfqXfKvyHwRvKxbIpEE3YXKnTN62HcD%2bSAagUunfg4dj9byaOBchuY04o5lpOiYFgUAmkRfg8mtEgqr0teXCJX1063Fxe%2fTy8sr2vMCUJMYcdibYXB7PXL9LC9AP0tV1vtwBLaby5jmB6xe4%2fgdcn8ZzAmKtNvEG06UI0XCKvxgahfc68NrU7t7QorjzMNgEz7eRqxcBPU%2bK4wngZTPkAAAACqn2nW%2bddJBZ3FJJ3H7iJM81aYPBuZ78EOwB8KOXGkjmtuMHDuq0lmkw6EpF%2bd7tDd86c43z%2bx3AQUkPY%2fCROp&c=Inorail%20Pty%20Ltd&c=INX%20-%20Servers&c=&c=&c=&c=&c=&c=" 6152 Unknown 8276/8336 2151749248/2151755396 1624/1960 9 176 0.0 2025-11-27 02:12:53 19697 SVC:WaaSMedicSvc 6620 NT AUTHORITY\LOCAL SERVICE 7472/7516 2151745608/2151751244 1384/1692 8 124 0.0 2025-11-27 02:12:54 19697 SVC:DispBrokerDesktopSvc C:\Windows\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc 6756 NT AUTHORITY\SYSTEM 10788/10824 2151756576/2151757604 6204/6260 7 86 0.0 2025-11-27 02:12:57 19697 conhost \??\C:\Windows\system32\conhost.exe 0x4 6068 NT SERVICE\SQLTELEMETRY$AUTODESK 78520/120444 4833204/4848276 71444/116384 34 607 0.0 2025-11-27 02:15:22 19695 SVC:SQLTELEMETRY$AUTODESKVAULT "C:\VaultData\Microsoft SQL Server\MSSQL16.AUTODESKVAULT\MSSQL\Binn\sqlceip.exe" -Service AUTODESKVAULT 5244 NT AUTHORITY\SYSTEM 12912/12996 2152300188/2152306988 3708/3988 18 211 0.0 2025-11-27 02:12:53 19697 dllhost C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} 5348 NT AUTHORITY\SYSTEM 96644/119216 4985412/5043648 54708/56048 66 1058 0.0 2025-11-27 02:12:53 19697 SVC:VeeamEndpointBackupSvc "C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe" 5880 NT AUTHORITY\SYSTEM 26440/36796 4352228/4365456 8180/8376 19 260 0.0 2025-11-27 02:12:53 19697 adsk_hive_host "C:\Program Files\Common Files\Autodesk Shared\Interoperability Engine Manager\1.3.2.2\bin\adsk_hive_host.exe" --duplexpipe fe0c2e5c-d8d5-4b4b-af54-346b6d9c285d 7324 NT AUTHORITY\SYSTEM 15516/16116 2151777640/2151788632 3216/4036 14 261 0.0 2025-11-27 02:13:22 19697 SVC:StorSvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p 7432 NT AUTHORITY\SYSTEM 10784/10824 2151756576/2151758112 6200/6284 7 86 0.0 2025-11-27 02:12:57 19697 conhost \??\C:\Windows\system32\conhost.exe 0x4 7712 IIS APPPOOL\DefaultAppPool 45296/45332 2166205084/2166209692 71844/71920 38 783 0.0 2025-12-10 09:14:37 556 w3wp c:\windows\system32\inetsrv\w3wp.exe -ap "DefaultAppPool" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipma5db5358-5da6-48ba-9aa8-cde775673e5b -h "C:\inetpub\temp\apppools\DefaultAppPool\DefaultAppPool.config" -w "" -m 0 -t 20 -ta 0 7188 NT AUTHORITY\SYSTEM 66572/71976 4909324/4964248 55884/69920 28 572 0.0 2025-11-27 02:12:57 19697 NableSixtyFourBitManager "C:\Program Files (x86)\N-able Technologies\Windows Agent\bin\NableSixtyFourBitManager.exe" 6932 IIS APPPOOL\AutodeskFSPool 23836/24216 2151829228/2151841516 7424/8340 22 346 0.0 2025-12-10 09:23:22 547 AdskLicensingAgent "C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\15.5.0.13374\AdskLicensingAgent/AdskLicensingAgent.exe" -r 0 -n /analytics/v1/connect?analyticsagentid=analytics-5b02e78e-172c-489f-a4a6-d66651a98cb6 --no-gui -c 2 -i analytics-5b02e78e-172c-489f-a4a6-d66651a98cb6 7064 NT AUTHORITY\SYSTEM 25804/42932 131256/154888 10936/28148 24 447 0.0 2025-12-05 00:09:54 8300 SVC:BASupportExpressSrvcUpdater_N_Central "C:\Program Files (x86)\BeAnywhere Support Express\GetSupportService_N-Central\BASupSrvcUpdater.exe" 7092 NT AUTHORITY\SYSTEM 15284/16296 2151770448/2151771624 9104/10280 10 148 0.0 2025-11-27 02:12:54 19697 conhost \??\C:\Windows\system32\conhost.exe 0x4 1172 NT AUTHORITY\LOCAL SERVICE 54024/58460 4835368/4840748 42896/47648 33 605 0.0 2025-11-27 02:13:22 19697 SVC:SolarWinds.MSP.CacheService "C:\Program Files (x86)\MspPlatform\FileCacheServiceAgent\FileCacheServiceAgent.exe" 1152 NT AUTHORITY\LOCAL SERVICE 6488/6528 2151746972/2151750512 1452/1700 8 142 0.0 2025-11-27 02:12:51 19697 SVC:TimeBrokerSvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc 1324 NT AUTHORITY\SYSTEM 53796/65676 2151981104/2151988964 11964/32876 27 454 0.0 2025-11-27 02:12:51 19697 LogonUI "LogonUI.exe" /flags:0x2 /state0:0xa3b19855 /state1:0x41c64e6d 1228 NT AUTHORITY\NETWORK SERVICE 9992/10280 2151766208/2151771328 3576/3984 16 317 0.0 2025-11-27 02:12:51 19697 SVC:Dnscache C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache 1096 Unknown 11648/12028 2151756720/2151758260 2584/2708 11 196 0.0 2025-12-03 20:13:02 9977 SVC:SecurityHealthService 1048 NT AUTHORITY\LOCAL SERVICE 8896/8952 2151755832/2151758396 2000/2184 13 232 0.0 2025-11-27 02:12:51 19697 SVC:W32Time C:\Windows\system32\svchost.exe -k LocalService -s W32Time 1144 NT AUTHORITY\SYSTEM 8680/8820 2151748136/2151755308 1836/2320 11 194 0.0 2025-11-27 02:12:51 19697 SVC:NcbService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService 1136 NT AUTHORITY\LOCAL SERVICE 8404/8596 2151754420/2151758536 2420/2956 11 237 0.0 2025-11-27 02:12:51 19697 SVC:Dhcp C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp 1700 NT AUTHORITY\SYSTEM 18600/19200 2151793108/2151802612 4064/4568 20 376 0.0 2025-11-27 02:12:51 19697 SVC:gpsvc C:\Windows\system32\svchost.exe -k netsvcs -p -s gpsvc 1656 NT AUTHORITY\SYSTEM 8164/8376 2151751572/2151756012 1880/2044 9 177 0.0 2025-11-27 02:12:51 19697 SVC:UserManager C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager 1768 NT AUTHORITY\LOCAL SERVICE 11656/11800 2151762372/2151777736 3384/4144 14 449 0.0 2025-11-27 02:12:51 19697 SVC:netprofm C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm 1740 NT AUTHORITY\SYSTEM 6644/6672 2151745800/2151747852 1416/1524 8 145 0.0 2025-11-27 02:12:51 19697 SVC:CertPropSvc C:\Windows\system32\svchost.exe -k netsvcs -s CertPropSvc 1480 NT AUTHORITY\LOCAL SERVICE 19168/21932 2151784056/2151794664 8980/11472 32 430 0.0 2025-11-27 02:12:51 19697 SVC:BFE/mpssvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p 1464 Window Manager\DWM-1 51888/60620 2151947536/2151964852 29192/46208 28 626 0.0 2025-11-27 02:12:51 19697 dwm "dwm.exe" 1572 NT AUTHORITY\NETWORK SERVICE 13112/13412 2151779272/2151791636 4036/5104 17 399 0.0 2025-11-27 02:12:51 19697 SVC:NlaSvc C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc 1556 NT AUTHORITY\SYSTEM 11672/11700 2151773224/2151776300 2308/2476 11 210 0.0 2025-11-27 02:12:51 19697 SVC:ProfSvc C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc 616 Unknown 7296/7368 2151748948/2151761376 1372/1912 11 156 0.0 2025-11-27 02:12:50 19697 wininit 520 Unknown 7032/7148 2151784864/2151786404 2356/2532 29 910 0.0 2025-11-27 02:12:50 19697 csrss 688 NT AUTHORITY\SYSTEM 10588/16448 2151811900/2151825220 2472/7344 12 214 0.0 2025-11-27 02:12:50 19697 winlogon winlogon.exe 624 Unknown 6040/14252 2151765944/2151775328 1780/2040 11 169 0.0 2025-11-27 02:12:50 19697 csrss 148 Unknown 115308/331616 122816/335808 3248/106692 10 0 0.0 2025-11-27 02:12:47 19697 Registry 0 8/8 8/8 60/60 0 0 0.0 0 Idle 472 NT AUTHORITY\SYSTEM 9772/9824 2151757496/2151763132 2616/2780 12 296 0.0 2025-11-27 02:12:51 19697 SVC:LSM C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM 408 Unknown 1256/1284 2151718576/2151726612 1072/1140 3 57 0.0 2025-11-27 02:12:49 19697 smss 948 NT AUTHORITY\LOCAL SERVICE 8408/8512 2151756720/2151761332 2444/2608 15 227 0.0 2025-11-27 02:13:22 19697 SVC:SSDPSRV C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV 936 Font Driver Host\UMFD-1 4560/39176 2151748520/2151784512 1868/2900 6 39 0.0 2025-11-27 02:12:50 19697 fontdrvhost "fontdrvhost.exe" 1040 NT AUTHORITY\LOCAL SERVICE 5760/5796 2151745296/2151746836 1292/1460 8 119 0.0 2025-11-27 02:12:51 19697 SVC:lmhosts C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts 1028 NT AUTHORITY\LOCAL SERVICE 9032/9104 2151745976/2151749564 4448/4684 20 147 0.0 2025-11-27 02:12:51 19697 SVC:nsi C:\Windows\system32\svchost.exe -k LocalService -p -s nsi 848 NT AUTHORITY\SYSTEM 10744/69764 4292508/4359792 2320/2448 11 196 0.0 2025-11-29 11:44:52 16245 SVC:Backup Service Controller "C:\Program Files\Backup Manager\ProcessController.exe" serve 732 NT AUTHORITY\NETWORK SERVICE 16144/16964 2151812408/2151822996 6028/7364 23 639 0.0 2025-11-27 02:12:51 19697 SVC:TermService C:\Windows\System32\svchost.exe -k termsvcs -s TermService 928 Font Driver Host\UMFD-0 7544/39204 2151886672/2151889928 4140/4196 8 39 0.0 2025-11-27 02:12:50 19697 fontdrvhost "fontdrvhost.exe" 900 NT AUTHORITY\SYSTEM 17388/17472 2151773560/2151779536 7404/7636 16 928 0.0 2025-11-27 02:12:50 19697 SVC:BrokerInfrastructure/DcomLaunch/PlugPlay/Power/SystemEventsBroker C:\Windows\system32\svchost.exe -k DcomLaunch -p 2844 NT AUTHORITY\SYSTEM 55352/67096 2151850984/2151878072 27048/27128 500 339 0.0 2025-11-27 02:12:51 19697 SVC:Autodesk Access Service Host "C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe" 2836 NT AUTHORITY\SYSTEM 38964/39012 4826560/4892356 32492/32772 27 365 0.0 2025-11-27 02:12:51 19697 SVC:Autodesk Data Management Server Revit Dynamo Extension Service "C:\Program Files\Autodesk\Vault Server 2026\DynamoHelperService\Connectivity.DynamoHelperService.exe" 2892 NT AUTHORITY\SYSTEM 6256/6284 2151744900/2151746952 1284/1392 8 113 0.0 2025-11-27 02:12:51 19697 SVC:AzureAttestService C:\Windows\system32\svchost.exe -k AzureAttestService -s AzureAttestService 2872 NT AUTHORITY\SYSTEM 164248/190520 424716/501144 135940/173992 82 1221 0.0 2025-11-27 02:12:51 19697 SVC:AutomationManagerAgent "C:\Program Files (x86)\N-able Technologies\AutomationManagerAgent\AutomationManager.AgentService.exe" 2620 NT AUTHORITY\SYSTEM 30484/31460 2151851560/2151894132 9932/12324 29 581 0.0 2025-11-27 02:12:51 19697 SVC:Spooler C:\Windows\System32\spoolsv.exe 2548 NT AUTHORITY\SYSTEM 10936/11148 2152810972/2152821308 2780/3516 16 358 0.0 2025-11-27 02:12:51 19697 SVC:iphlpsvc C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc 2824 NT AUTHORITY\SYSTEM 30596/30852 4817496/4839312 31888/32372 22 587 0.0 2025-11-27 02:12:51 19697 SVC:Autodesk Data Management Job Dispatch "C:\Program Files\Autodesk\Vault Server 2026\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe" 2752 NT AUTHORITY\SYSTEM 15328/15680 2151801472/2151805572 7200/7824 14 205 0.0 2025-11-27 02:12:51 19697 SVC:AppHostSvc C:\Windows\system32\svchost.exe -k apphost -s AppHostSvc 3128 NT AUTHORITY\SYSTEM 28864/29048 2151793284/2151798920 17504/17936 18 243 0.0 2025-11-27 02:12:51 19697 SVC:IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe 3120 NT AUTHORITY\SYSTEM 8556/8592 4291876/4299052 2320/2388 11 225 0.0 2025-11-27 02:12:51 19697 SVC:HelpDeskService "C:\Program Files (x86)\HelpDeskHost\HelpDesk\\RPCHelpDeskServiceUAC.exe" 3332 Unknown 24668/25336 2151793928/2151800108 11548/11816 17 518 0.0 2025-11-27 02:12:51 19697 SVC:MDCoreSvc 3204 NT SERVICE\SSISTELEMETRY160 52944/53104 4815936/4828952 36528/36880 32 848 0.0 2025-11-27 02:15:22 19695 SVC:SSISTELEMETRY160 "C:\VaultData\Microsoft SQL Server\160\DTS\Binn\sqlceip.exe" -Service default MSIS 3100 NT AUTHORITY\SYSTEM 43816/73668 2151864588/2151913576 24332/54568 25 561 0.0 2025-11-27 02:12:51 19697 SVC:DiagTrack C:\Windows\System32\svchost.exe -k utcsvc -p 2988 NT SERVICE\MsDtsServer160 24204/24240 18693128/18730252 55868/56276 23 283 0.0 2025-11-27 02:15:18 19695 SVC:MsDtsServer160 "C:\VaultData\Microsoft SQL Server\160\DTS\Binn\MsDtsSrvr.exe" 3116 NT AUTHORITY\SYSTEM 65328/66908 4881840/5235560 43848/46628 37 961 0.0 2025-11-27 02:14:54 19695 SVC:FOSWindowsService "C:\Program Files\Autodesk\File Operations System\WindowsService\FOS.WindowsService.exe" 3108 NT AUTHORITY\SYSTEM 14156/16060 4309252/4314224 4740/4916 16 267 0.0 2025-11-27 02:12:51 19697 SVC:FlexNet Licensing Service 64 "C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe" 2124 NT AUTHORITY\NETWORK SERVICE 9944/10056 2151762040/2151765116 2324/2484 12 231 0.0 2025-11-27 02:12:51 19697 SVC:LanmanWorkstation C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation 2056 NT AUTHORITY\SYSTEM 9604/9784 2151760152/2151762212 2232/2412 15 209 0.0 2025-11-27 02:12:51 19697 SVC:SENS C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS 2192 NT AUTHORITY\LOCAL SERVICE 8156/8344 2151750640/2151755476 2056/2556 10 186 0.0 2025-11-27 02:12:51 19697 SVC:WinHttpAutoProxySvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc 2164 NT AUTHORITY\LOCAL SERVICE 9232/9368 2151751388/2151759072 2028/2784 13 290 0.0 2025-11-27 02:12:51 19697 SVC:Wcmsvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p 1840 NT AUTHORITY\SYSTEM 16920/22600 2151787192/2151801112 5964/6648 18 374 0.0 2025-11-27 02:12:51 19697 SVC:Schedule C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule 1800 NT AUTHORITY\SYSTEM 7028/7064 2151751312/2151753984 1384/1568 8 138 0.0 2025-11-27 02:12:51 19697 SVC:UmRdpService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s UmRdpService 1964 NT AUTHORITY\SYSTEM 6024/6056 2151747576/2151749628 1260/1380 8 121 0.0 2025-11-27 02:12:51 19697 SVC:Themes C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes 1896 NT AUTHORITY\LOCAL SERVICE 8712/9440 2151756436/2151760536 2376/3244 10 195 0.0 2025-11-27 02:12:51 19697 SVC:EventSystem C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem 2416 NT AUTHORITY\SYSTEM 10376/10416 2151759332/2151762408 2340/2500 16 246 0.0 2025-11-27 02:12:51 19697 SVC:SessionEnv C:\Windows\System32\svchost.exe -k netsvcs -p -s SessionEnv 2364 NT AUTHORITY\SYSTEM 34876/35132 4764024/4770940 27144/27512 19 303 0.0 2025-11-27 02:13:26 19697 SVC:PME.Agent.PmeService "C:\Program Files (x86)\MspPlatform\PME\PME.Agent.exe" 2536 NT AUTHORITY\NETWORK SERVICE 7788/7888 2151746656/2151751680 1776/2036 13 173 0.0 2025-11-27 02:12:51 19697 SVC:PolicyAgent C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent 2524 NT AUTHORITY\SYSTEM 8736/8768 2151754468/2151759080 2676/2900 14 278 0.0 2025-11-27 02:12:51 19697 SVC:IKEEXT C:\Windows\system32\svchost.exe -k netsvcs -p -s IKEEXT 2272 NT AUTHORITY\LOCAL SERVICE 6400/6428 2151753176/2151756252 1344/1472 7 126 0.0 2025-11-27 02:12:51 19697 SVC:CoreMessagingRegistrar C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p 2224 NT AUTHORITY\SYSTEM 8956/8988 2151754664/2151761836 1932/2376 13 191 0.0 2025-11-27 02:12:51 19697 SVC:ShellHWDetection C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection 2324 NT AUTHORITY\SYSTEM 33072/33288 162348/175024 19908/20944 25 452 0.0 2025-11-27 02:15:27 19695 SVC:Windows Agent Maintenance Service "C:\Program Files (x86)\N-able Technologies\Windows Agent\bin\AgentMaint.exe" 2296 NT AUTHORITY\LOCAL SERVICE 7084/7284 2151777660/2151781572 1816/1960 9 142 0.0 2025-11-27 02:12:51 19697 SVC:FontCache C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache [netstat] PacketsReceived=284489831 ReceivedHeaderErrors=0 ReceivedAddressErrors=1102266 DatagramsForwarded=0 UnknownProtocolsReceived=0 ReceivedPacketsDiscarded=214933 ReceivedPacketsDelivered=283453168 OutputRequests=828234138 RoutingDiscards=0 DiscardedOutputPackets=52936 OutputPacketNoRoute=6 ReassemblyRequired=0 ReassemblySuccessful=0 ReassemblyFailures=0 DatagramsSuccessfullyFragmented=0 DatagramsFailingFragmentation=0 FragmentsCreated=0 PacketsReceived=674435 ReceivedHeaderErrors=0 ReceivedAddressErrors=0 DatagramsForwarded=0 UnknownProtocolsReceived=0 ReceivedPacketsDiscarded=82577 ReceivedPacketsDelivered=592103 OutputRequests=13570 RoutingDiscards=0 DiscardedOutputPackets=0 OutputPacketNoRoute=0 ReassemblyRequired=0 ReassemblySuccessful=0 ReassemblyFailures=0 DatagramsSuccessfullyFragmented=0 DatagramsFailingFragmentation=0 FragmentsCreated=0 tcpActiveOpens=476719 tcpPassiveOpens=294873 tcpFailedConnectionAttempts=74640 tcpResetConnections=48067 tcpCurrentConnections=23 tcpSegmentsReceived=285756362 tcpSegmentsSent=814589320 tcpSegmentsRetransmitted=18336231 tcpActiveOpens=2964 tcpPassiveOpens=2936 tcpFailedConnectionAttempts=28 tcpResetConnections=236 tcpCurrentConnections=6 tcpSegmentsReceived=762467 tcpSegmentsSent=749336 tcpSegmentsRetransmitted=112 udpDatagramsReceived=2640027 udpNoPorts=204496 udpReceiveErrors=0 udpDatagramsSent=260406 udpDatagramsReceived=480482 udpNoPorts=82577 udpReceiveErrors=0 udpDatagramsSent=310 [ports] Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:80 0.0.0.0:0 LISTENING TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING TCP 0.0.0.0:5948 0.0.0.0:0 LISTENING TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING TCP 0.0.0.0:6160 0.0.0.0:0 LISTENING TCP 0.0.0.0:6162 0.0.0.0:0 LISTENING TCP 0.0.0.0:6183 0.0.0.0:0 LISTENING TCP 0.0.0.0:6184 0.0.0.0:0 LISTENING TCP 0.0.0.0:6190 0.0.0.0:0 LISTENING TCP 0.0.0.0:6290 0.0.0.0:0 LISTENING TCP 0.0.0.0:8000 0.0.0.0:0 LISTENING TCP 0.0.0.0:11731 0.0.0.0:0 LISTENING TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING TCP 0.0.0.0:49676 0.0.0.0:0 LISTENING TCP 0.0.0.0:49683 0.0.0.0:0 LISTENING TCP 0.0.0.0:49810 0.0.0.0:0 LISTENING TCP 0.0.0.0:61885 0.0.0.0:0 LISTENING TCP 10.2.63.49:139 0.0.0.0:0 LISTENING TCP 10.2.63.49:52607 206.148.0.39:443 ESTABLISHED TCP 10.2.63.49:55982 103.36.248.58:443 ESTABLISHED TCP 10.2.63.49:55992 103.36.248.58:443 ESTABLISHED TCP 10.2.63.49:59408 206.148.0.208:443 TIME_WAIT TCP 10.2.63.49:59416 20.42.65.93:443 TIME_WAIT TCP 10.2.63.49:59420 206.148.0.208:443 TIME_WAIT TCP 10.2.63.49:59423 206.148.0.208:443 TIME_WAIT TCP 10.2.63.49:59426 104.18.110.87:443 TIME_WAIT TCP 10.2.63.49:59429 206.148.0.208:443 TIME_WAIT TCP 10.2.63.49:59432 206.148.0.208:443 TIME_WAIT TCP 10.2.63.49:59435 10.2.63.47:135 TIME_WAIT TCP 10.2.63.49:59436 10.2.63.47:49690 TIME_WAIT TCP 10.2.63.49:59437 66.129.107.58:443 TIME_WAIT TCP 10.2.63.49:59455 206.148.0.208:443 TIME_WAIT TCP 10.2.63.49:59476 125.253.56.44:443 ESTABLISHED TCP 10.2.63.49:60092 8.38.48.118:443 ESTABLISHED TCP 10.2.63.49:60341 206.148.0.209:443 ESTABLISHED TCP 10.2.63.49:62312 10.2.63.48:445 ESTABLISHED TCP 10.2.63.49:62422 10.2.63.48:445 ESTABLISHED TCP 10.2.63.49:62426 10.2.63.48:445 ESTABLISHED TCP 10.2.63.49:62427 10.2.63.48:445 ESTABLISHED TCP 127.0.0.1:3389 127.0.0.1:59474 CLOSE_WAIT TCP 127.0.0.1:6290 127.0.0.1:49677 ESTABLISHED TCP 127.0.0.1:9395 0.0.0.0:0 LISTENING TCP 127.0.0.1:42000 0.0.0.0:0 LISTENING TCP 127.0.0.1:43227 0.0.0.0:0 LISTENING TCP 127.0.0.1:49565 127.0.0.1:49566 ESTABLISHED TCP 127.0.0.1:49566 127.0.0.1:49565 ESTABLISHED TCP 127.0.0.1:49571 127.0.0.1:49572 ESTABLISHED TCP 127.0.0.1:49572 127.0.0.1:49571 ESTABLISHED TCP 127.0.0.1:49674 0.0.0.0:0 LISTENING TCP 127.0.0.1:49674 127.0.0.1:59433 TIME_WAIT TCP 127.0.0.1:49674 127.0.0.1:59447 TIME_WAIT TCP 127.0.0.1:49674 127.0.0.1:59451 TIME_WAIT TCP 127.0.0.1:49674 127.0.0.1:59457 TIME_WAIT TCP 127.0.0.1:49674 127.0.0.1:59459 TIME_WAIT TCP 127.0.0.1:49674 127.0.0.1:59465 TIME_WAIT TCP 127.0.0.1:49674 127.0.0.1:59467 TIME_WAIT TCP 127.0.0.1:49674 127.0.0.1:59469 TIME_WAIT TCP 127.0.0.1:49674 127.0.0.1:59475 TIME_WAIT TCP 127.0.0.1:49677 127.0.0.1:6290 ESTABLISHED TCP 127.0.0.1:50086 0.0.0.0:0 LISTENING TCP 127.0.0.1:50086 127.0.0.1:62149 ESTABLISHED TCP 127.0.0.1:50086 127.0.0.1:62151 ESTABLISHED TCP 127.0.0.1:50147 127.0.0.1:62781 ESTABLISHED TCP 127.0.0.1:50154 0.0.0.0:0 LISTENING TCP 127.0.0.1:59402 127.0.0.1:3389 TIME_WAIT TCP 127.0.0.1:59415 127.0.0.1:64902 TIME_WAIT TCP 127.0.0.1:59438 127.0.0.1:49674 TIME_WAIT TCP 127.0.0.1:59443 127.0.0.1:64902 TIME_WAIT TCP 127.0.0.1:59445 127.0.0.1:80 TIME_WAIT TCP 127.0.0.1:59450 127.0.0.1:64902 TIME_WAIT TCP 127.0.0.1:59452 127.0.0.1:3389 TIME_WAIT TCP 127.0.0.1:59458 127.0.0.1:64902 TIME_WAIT TCP 127.0.0.1:59465 127.0.0.1:49674 TIME_WAIT TCP 127.0.0.1:59466 127.0.0.1:64902 TIME_WAIT TCP 127.0.0.1:59467 127.0.0.1:49674 TIME_WAIT TCP 127.0.0.1:59468 127.0.0.1:64902 TIME_WAIT TCP 127.0.0.1:59470 127.0.0.1:80 TIME_WAIT TCP 127.0.0.1:59472 127.0.0.1:49674 TIME_WAIT TCP 127.0.0.1:59473 127.0.0.1:64902 TIME_WAIT TCP 127.0.0.1:59474 127.0.0.1:3389 FIN_WAIT_2 TCP 127.0.0.1:59475 127.0.0.1:49674 TIME_WAIT TCP 127.0.0.1:59477 127.0.0.1:49674 TIME_WAIT TCP 127.0.0.1:59478 127.0.0.1:64902 TIME_WAIT TCP 127.0.0.1:62149 127.0.0.1:50086 ESTABLISHED TCP 127.0.0.1:62151 127.0.0.1:50086 ESTABLISHED TCP 127.0.0.1:62781 0.0.0.0:0 LISTENING TCP 127.0.0.1:62781 127.0.0.1:50147 ESTABLISHED TCP 127.0.0.1:64902 0.0.0.0:0 LISTENING TCP [::]:80 [::]:0 LISTENING TCP [::]:135 [::]:0 LISTENING TCP [::]:445 [::]:0 LISTENING TCP [::]:3389 [::]:0 LISTENING TCP [::]:5985 [::]:0 LISTENING TCP [::]:6160 [::]:0 LISTENING TCP [::]:6162 [::]:0 LISTENING TCP [::]:6183 [::]:0 LISTENING TCP [::]:6184 [::]:0 LISTENING TCP [::]:6190 [::]:0 LISTENING TCP [::]:6290 [::]:0 LISTENING TCP [::]:8000 [::]:0 LISTENING TCP [::]:11731 [::]:0 LISTENING TCP [::]:47001 [::]:0 LISTENING TCP [::]:49664 [::]:0 LISTENING TCP [::]:49665 [::]:0 LISTENING TCP [::]:49666 [::]:0 LISTENING TCP [::]:49667 [::]:0 LISTENING TCP [::]:49668 [::]:0 LISTENING TCP [::]:49669 [::]:0 LISTENING TCP [::]:49670 [::]:0 LISTENING TCP [::]:49676 [::]:0 LISTENING TCP [::]:49683 [::]:0 LISTENING TCP [::]:49810 [::]:0 LISTENING TCP [::]:61885 [::]:0 LISTENING TCP [::1]:80 [::1]:49969 ESTABLISHED TCP [::1]:9395 [::]:0 LISTENING TCP [::1]:49969 [::1]:80 ESTABLISHED TCP [::1]:50154 [::]:0 LISTENING TCP [fe80::c02a:7289:617b:f4c8%9]:80 [fe80::c02a:7289:617b:f4c8%9]:59231 ESTABLISHED TCP [fe80::c02a:7289:617b:f4c8%9]:80 [fe80::c02a:7289:617b:f4c8%9]:62148 ESTABLISHED TCP [fe80::c02a:7289:617b:f4c8%9]:59231 [fe80::c02a:7289:617b:f4c8%9]:80 ESTABLISHED TCP [fe80::c02a:7289:617b:f4c8%9]:62148 [fe80::c02a:7289:617b:f4c8%9]:80 ESTABLISHED UDP 0.0.0.0:123 *:* UDP 0.0.0.0:500 *:* UDP 0.0.0.0:1434 *:* UDP 0.0.0.0:3389 *:* UDP 0.0.0.0:4500 *:* UDP 0.0.0.0:5353 *:* UDP 0.0.0.0:5355 *:* UDP 0.0.0.0:42000 *:* UDP 0.0.0.0:43212 *:* UDP 0.0.0.0:52905 *:* UDP 0.0.0.0:60348 *:* UDP 0.0.0.0:62298 *:* UDP 0.0.0.0:62299 *:* UDP 10.2.63.49:137 *:* UDP 10.2.63.49:138 *:* UDP 10.2.63.49:1900 *:* UDP 10.2.63.49:62303 *:* UDP 127.0.0.1:1900 *:* UDP 127.0.0.1:50201 127.0.0.1:50201 UDP 127.0.0.1:51641 127.0.0.1:51641 UDP 127.0.0.1:59507 127.0.0.1:59507 UDP 127.0.0.1:61790 127.0.0.1:61790 UDP 127.0.0.1:61792 127.0.0.1:61792 UDP 127.0.0.1:62300 127.0.0.1:62300 UDP 127.0.0.1:62304 *:* UDP [::]:123 *:* UDP [::]:500 *:* UDP [::]:1434 *:* UDP [::]:3389 *:* UDP [::]:4500 *:* UDP [::]:5353 *:* UDP [::]:5355 *:* UDP [::]:52905 *:* UDP [::]:62299 *:* UDP [::1]:1900 *:* UDP [::1]:62302 *:* UDP [fe80::c02a:7289:617b:f4c8%9]:1900 *:* UDP [fe80::c02a:7289:617b:f4c8%9]:62301 *:* [ipconfig] Windows IP Configuration Host Name . . . . . . . . . . . . : INO-RUT-VLT01 Primary Dns Suffix . . . . . . . : inside.inoxihp.com.au Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : inside.inoxihp.com.au Ethernet adapter Ethernet Instance 0: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection Physical Address. . . . . . . . . : 52-54-00-B7-FB-29 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::c02a:7289:617b:f4c8%9(Preferred) IPv4 Address. . . . . . . . . . . : 10.2.63.49(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.2.63.1 DHCPv6 IAID . . . . . . . . . . . : 106058752 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2F-B6-8E-1E-52-54-00-B7-FB-29 DNS Servers . . . . . . . . . . . : 10.2.63.45 10.2.63.47 NetBIOS over Tcpip. . . . . . . . : Enabled [route] =========================================================================== Interface List 9...52 54 00 b7 fb 29 ......Intel(R) 82574L Gigabit Network Connection 1...........................Software Loopback Interface 1 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.2.63.1 10.2.63.49 281 10.2.63.0 255.255.255.0 On-link 10.2.63.49 281 10.2.63.49 255.255.255.255 On-link 10.2.63.49 281 10.2.63.255 255.255.255.255 On-link 10.2.63.49 281 127.0.0.0 255.0.0.0 On-link 127.0.0.1 331 127.0.0.1 255.255.255.255 On-link 127.0.0.1 331 127.255.255.255 255.255.255.255 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 10.2.63.49 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 331 255.255.255.255 255.255.255.255 On-link 10.2.63.49 281 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 0.0.0.0 0.0.0.0 10.2.63.1 Default =========================================================================== IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 331 ::1/128 On-link 9 281 fe80::/64 On-link 9 281 fe80::c02a:7289:617b:f4c8/128 On-link 1 331 ff00::/8 On-link 9 281 ff00::/8 On-link =========================================================================== Persistent Routes: None [ifstat] 10.2.63.49 72626634931 1231709721338 [svcs] Name StartupType Status DisplayName AdskLicensingService automatic started Autodesk Desktop Licensing Service AJRouter manual stopped AllJoyn Router Service ALG manual stopped Application Layer Gateway Service AppHostSvc automatic started Application Host Helper Service AppIDSvc manual stopped Application Identity Appinfo manual stopped Application Information AppMgmt manual stopped Application Management AppReadiness manual stopped App Readiness AppVClient automatic stopped Microsoft App-V Client AppXSvc manual stopped AppX Deployment Service (AppXSVC) aspnet_state manual stopped ASP.NET State Service AudioEndpointBuilder manual stopped Windows Audio Endpoint Builder Audiosrv manual stopped Windows Audio Autodesk_Access_Service_Host automatic started Autodesk Access Service Host Autodesk_CER_Service automatic started Autodesk CER Service Autodesk_Data_Management_Job_Dispatch automatic started Autodesk Data Management Job Dispatch Autodesk_Data_Management_Server_Revit_Dynamo_Extension_Service automatic started Autodesk Data Management Server Revit Dynamo Extension Service AutomationManagerAgent automatic started Automation Manager Agent AxInstSV manual stopped ActiveX Installer (AxInstSV) AzureAttestService automatic started AzureAttestService Backup_Service_Controller automatic started Backup Service Controller BASupportExpressSrvcUpdater_N_Central automatic started N-able Take Control Updater Service (N-Central) BASupportExpressStandaloneService_N_Central automatic started N-able Take Control Service (N-Central) BFE automatic started Base Filtering Engine BITS manual stopped Background Intelligent Transfer Service BrokerInfrastructure automatic started Background Tasks Infrastructure Service bthserv manual stopped Bluetooth Support Service camsvc manual stopped Capability Access Manager Service CDPSvc automatic started Connected Devices Platform Service CertPropSvc manual started Certificate Propagation ClipSVC manual stopped Client License Service (ClipSVC) COMSysApp manual stopped COM+ System Application CoreMessagingRegistrar automatic started CoreMessaging CryptSvc automatic started Cryptographic Services CscService disabled stopped Offline Files DcomLaunch automatic started DCOM Server Process Launcher dcsvc manual stopped Declared Configuration(DC) service defragsvc manual stopped Optimize drives DeviceAssociationService manual stopped Device Association Service DeviceInstall manual stopped Device Install Service DevQueryBroker manual stopped DevQuery Background Discovery Broker Dhcp automatic started DHCP Client diagnosticshub.standardcollector.service manual stopped Microsoft (R) Diagnostics Hub Standard Collector Service DiagTrack automatic started Connected User Experiences and Telemetry DispBrokerDesktopSvc automatic started Display Policy Service DmEnrollmentSvc manual stopped Device Management Enrollment Service dmwappushservice disabled stopped Device Management Wireless Application Protocol (WAP) Push message Routing Service Dnscache automatic started DNS Client DoSvc manual stopped Delivery Optimization dot3svc manual stopped Wired AutoConfig DPS automatic started Diagnostic Policy Service DsmSvc manual stopped Device Setup Manager DsSvc manual started Data Sharing Service EapHost manual stopped Extensible Authentication Protocol edgeupdate automatic stopped Microsoft Edge Update Service (edgeupdate) edgeupdatem manual stopped Microsoft Edge Update Service (edgeupdatem) EFS manual stopped Encrypting File System (EFS) embeddedmode manual stopped Embedded Mode EntAppSvc manual stopped Enterprise App Management Service EventLog automatic started Windows Event Log EventSystem automatic started COM+ Event System fdPHost manual stopped Function Discovery Provider Host FDResPub manual stopped Function Discovery Resource Publication FlexNet_Licensing_Service_64 automatic started FlexNet Licensing Service 64 FontCache automatic started Windows Font Cache Service FOSWindowsService automatic started Autodesk File Operations System Service FrameServer manual stopped Windows Camera Frame Server FrameServerMonitor manual stopped Windows Camera Frame Server Monitor GoogleChromeElevationService manual stopped Google Chrome Elevation Service (GoogleChromeElevationService) GoogleUpdaterInternalService143.0.7482.0 disabled stopped Google Updater Internal Service (GoogleUpdaterInternalService143.0.7482.0) GoogleUpdaterService143.0.7482.0 disabled stopped Google Updater Service (GoogleUpdaterService143.0.7482.0) gpsvc automatic started Group Policy Client GraphicsPerfSvc disabled stopped GraphicsPerfSvc HelpDeskService automatic started HelpDeskService hidserv manual stopped Human Interface Device Service HvHost manual stopped HV Host Service IDriveService automatic started IDriveService IISADMIN automatic started IIS Admin Service IKEEXT automatic started IKE and AuthIP IPsec Keying Modules InstallService manual stopped Microsoft Store Install Service iphlpsvc automatic started IP Helper KeyIso manual started CNG Key Isolation KPSSVC manual stopped KDC Proxy Server service (KPS) KtmRm manual stopped KtmRm for Distributed Transaction Coordinator LanmanServer automatic started Server LanmanWorkstation automatic started Workstation lfsvc disabled stopped Geolocation Service LicenseManager manual stopped Windows License Manager Service lltdsvc manual stopped Link-Layer Topology Discovery Mapper lmhosts manual started TCP/IP NetBIOS Helper LSM automatic started Local Session Manager LTService automatic started Viatek Technology Monitoring Service LTSvcMon automatic started Viatek Technology Monitoring Service Watchdog Service MapsBroker disabled stopped Downloaded Maps Manager MBAMService automatic started Malwarebytes Service MBVpnTunnelService manual stopped MBVpnTunnelService McpManagementService manual stopped McpManagementService MDCoreSvc automatic started Microsoft Defender Core Service Mesh_Agent automatic started Mesh Agent MicrosoftEdgeElevationService manual stopped Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) mpssvc automatic started Windows Defender Firewall MSDTC automatic started Distributed Transaction Coordinator MsDtsServer160 automatic started SQL Server Integration Services 16.0 MSiSCSI manual stopped Microsoft iSCSI Initiator Service msiserver manual stopped Windows Installer MSSQL$AUTODESKVAULT automatic started SQL Server (AUTODESKVAULT) MSSQLFDLauncher$AUTODESKVAULT manual started SQL Full-text Filter Daemon Launcher (AUTODESKVAULT) NcaSvc manual stopped Network Connectivity Assistant NcbService manual started Network Connection Broker Netlogon automatic started Netlogon Netman manual stopped Network Connections netprofm automatic started Network List Service NetSetupSvc manual stopped Network Setup Service NetTcpPortSharing manual stopped Net.Tcp Port Sharing Service NgcCtnrSvc manual stopped Microsoft Passport Container NgcSvc manual stopped Microsoft Passport NlaSvc automatic started Network Location Awareness nsi automatic started Network Store Interface Service PcaSvc automatic started Program Compatibility Assistant Service PerfHost manual stopped Performance Counter DLL Host pla manual stopped Performance Logs & Alerts PlugPlay manual started Plug and Play PME.Agent.PmeService automatic started PME Agent PolicyAgent manual started IPsec Policy Agent Power automatic started Power PrintNotify manual stopped Printer Extensions and Notifications ProfSvc automatic started User Profile Service PushToInstall disabled stopped Windows PushToInstall Service QWAVE manual stopped Quality Windows Audio Video Experience RasAuto manual stopped Remote Access Auto Connection Manager RasMan automatic started Remote Access Connection Manager RemoteAccess disabled stopped Routing and Remote Access RemoteRegistry automatic stopped Remote Registry RmSvc disabled stopped Radio Management Service RpcEptMapper automatic started RPC Endpoint Mapper RpcLocator manual stopped Remote Procedure Call (RPC) Locator RpcSs automatic started Remote Procedure Call (RPC) RSoPProv manual stopped Resultant Set of Policy Provider sacsvr manual stopped Special Administration Console Helper SamSs automatic started Security Accounts Manager SCardSvr manual stopped Smart Card ScDeviceEnum disabled stopped Smart Card Device Enumeration Service Schedule automatic started Task Scheduler SCPolicySvc manual stopped Smart Card Removal Policy ScreenConnect_Client_(69e7721040ec1250) automatic started ScreenConnect Client (69e7721040ec1250) seclogon manual stopped Secondary Logon SecurityHealthService manual started Windows Security Service SEMgrSvc disabled stopped Payments and NFC/SE Manager SENS automatic started System Event Notification Service Sense manual stopped Windows Defender Advanced Threat Protection Service SensorDataService disabled stopped Sensor Data Service SensorService manual stopped Sensor Service SensrSvc manual stopped Sensor Monitoring Service SessionEnv manual started Remote Desktop Configuration SharedAccess manual stopped Internet Connection Sharing (ICS) ShellHWDetection automatic started Shell Hardware Detection shpamsvc manual stopped Shared PC Account Manager smphost manual stopped Microsoft Storage Spaces SMP SNMPTRAP manual stopped SNMP Trap SolarWinds.MSP.CacheService automatic started File Cache Service Agent SolarWinds.MSP.RpcServerService automatic started Request Handler Agent Spooler automatic started Print Spooler sppsvc automatic stopped Software Protection SQLAgent$AUTODESKVAULT manual stopped SQL Server Agent (AUTODESKVAULT) SQLBrowser automatic started SQL Server Browser SQLTELEMETRY$AUTODESKVAULT automatic started SQL Server CEIP service (AUTODESKVAULT) SQLWriter automatic started SQL Server VSS Writer SSDPSRV manual started SSDP Discovery ssh-agent disabled stopped OpenSSH Authentication Agent SSISTELEMETRY160 automatic started SQL Server Integration Services CEIP service 16.0 SstpSvc manual started Secure Socket Tunneling Protocol Service StateRepository automatic started State Repository Service StiSvc manual stopped Windows Image Acquisition (WIA) StorSvc automatic started Storage Service svsvc manual stopped Spot Verifier swprv automatic started Microsoft Software Shadow Copy Provider SysMain automatic started SysMain SystemEventsBroker automatic started System Events Broker TabletInputService manual stopped Touch Keyboard and Handwriting Panel Service tapisrv manual stopped Telephony TermService manual started Remote Desktop Services Themes automatic started Themes TieringEngineService manual stopped Storage Tiers Management TimeBrokerSvc manual started Time Broker TokenBroker manual stopped Web Account Manager TrkWks automatic started Distributed Link Tracking Client TrustedInstaller manual stopped Windows Modules Installer tzautoupdate manual stopped Auto Time Zone Updater UALSVC automatic started User Access Logging Service UevAgentService disabled stopped User Experience Virtualization Service UmRdpService manual started Remote Desktop Services UserMode Port Redirector upnphost manual stopped UPnP Device Host UserManager automatic started User Manager UsoSvc automatic started Update Orchestrator Service VaultSvc manual stopped Credential Manager vds manual stopped Virtual Disk VeeamDeploySvc automatic started Veeam Installer Service VeeamEndpointBackupSvc automatic started Veeam Agent for Microsoft Windows VeeamTransportSvc automatic started Veeam Data Mover Service VG.LocalAgent manual stopped Autodesk Vault Gateway Local Agent vmicguestinterface manual stopped Hyper-V Guest Service Interface vmicheartbeat manual stopped Hyper-V Heartbeat Service vmickvpexchange manual stopped Hyper-V Data Exchange Service vmicshutdown manual stopped Hyper-V Guest Shutdown Service vmictimesync manual stopped Hyper-V Time Synchronization Service vmicvmsession manual stopped Hyper-V PowerShell Direct Service vmicvss manual stopped Hyper-V Volume Shadow Copy Requestor VSInstallerElevationService manual stopped Visual Studio Installer Elevation Service VSS automatic started Volume Shadow Copy VSStandardCollectorService150 manual stopped Visual Studio Standard Collector Service 150 W32Time automatic started Windows Time w3logsvc manual stopped W3C Logging Service W3SVC automatic started World Wide Web Publishing Service WaaSMedicSvc manual started Windows Update Medic Service WalletService disabled stopped WalletService WarpJITSvc manual stopped Warp JIT Service WAS manual started Windows Process Activation Service WbioSrvc manual stopped Windows Biometric Service Wcmsvc automatic started Windows Connection Manager WdiServiceHost manual stopped Diagnostic Service Host WdiSystemHost manual started Diagnostic System Host WdNisSvc manual started Microsoft Defender Antivirus Network Inspection Service Wecsvc manual stopped Windows Event Collector WEPHOSTSVC manual stopped Windows Encryption Provider Host Service wercplsupport manual stopped Problem Reports Control Panel Support WerSvc manual stopped Windows Error Reporting Service WiaRpc manual stopped Still Image Acquisition Events WinDefend automatic started Microsoft Defender Antivirus Service Windows_Agent_Maintenance_Service automatic started Windows Agent Maintenance Service Windows_Agent_Service automatic started Windows Agent Service WinHttpAutoProxySvc manual started WinHTTP Web Proxy Auto-Discovery Service Winmgmt automatic started Windows Management Instrumentation WinRM automatic started Windows Remote Management (WS-Management) wisvc manual stopped Windows Insider Service wlidsvc manual stopped Microsoft Account Sign-in Assistant wmiApSrv manual stopped WMI Performance Adapter WMPNetworkSvc manual stopped Windows Media Player Network Sharing Service WPDBusEnum manual stopped Portable Device Enumerator Service WpnService automatic started Windows Push Notifications System Service WSearch manual started Windows Search wuauserv automatic stopped Windows Update XymonPSClient automatic started XymonPSClient [uptime] sec: 1181840 13 days 16 hours 17 minutes 20 seconds Bootup: 20251127021247.500000+660 [who] SESSIONNAME USERNAME ID STATE TYPE DEVICE >services 0 Disc console 1 Conn 31c5ce94259d4... 65536 Listen rdp-tcp 65537 Listen Total sessions created: 2 Total sessions disconnected: 0 Total sessions reconnected: 0 [users] [iis_sites] Default Web Site IIS://localhost/W3SVC/1 SiteID: 1 LogFileDirectory C:\inetpub\logs\LogFiles ServerBindings :80: ServerState 2 [XymonConfig] XymonSettings serversList : xymon.twilightcomputer.au serverUrl : serverHttpUsername : serverHttpTimeoutMs : 100000 wanteddisksList : {3} clientname : ino-rut-vlt01 clientbbwinmembug : 1 clientsoftware : powershell clientclass : powershell loopinterval : 300 maxlogage : 60 MaxEvents : 5000 slowscanrate : 72 reportevt : 1 EnableWin32_Product : 0 EnableWin32_QuickFixEngineering : 0 EnableWMISections : 0 EnableDiskPart : 0 ClientProcessPriority : Normal clientlogpath : c:\program files\xymon\logs XymonAcceptUTF8 : 0 GetProcessInfoCommandLine : 1 GetProcessInfoOwner : 1 localdatalocation : C:\Program Files\XYMON\local servergiflocation : /xymon/gifs/ servers : xymon.twilightcomputer.au clientlogfile : c:\program files\xymon\logs\xymonclient.log clientlogretain : 3 clientconfigfile : c:\program files\xymon\clientconfig.cfg clientfqdn : 0 clientlower : 1 clientremotecfgexec : 1 enableiissection : 1 externalscriptlocation : c:\program files\xymon\ext externaldatalocation : c:\program files\xymon\tmp HaveCmd Name Value ---- ----- qwinsta True query True XymonClientVersion : xymonclient.ps1 2.42 2019-03-11 zak.beck@accenture.com clientname ino-rut-vlt01 [XymonPSClientInfo] Collection number: 3938 Last transmission method: TCP Id : 7084 Handles : 563 CPU : 5210.71875 SI : 0 Name : powershell