[collector:] client ino-rut-fp01.powershell powershell XymonPS [date] Wed 10 Dec 22:18:39 2025 [clock] epoch: 1765365519 local: Wed 10 Dec 22:18:39 2025 UTC: Wed 10 Dec 11:18:39 2025 Time Synchronisation type: NT5DS Leap Indicator: 0(no warning) Stratum: 5 (secondary reference - syncd by (S)NTP) Precision: -23 (119.209ns per tick) Root Delay: 0.0059681s Root Dispersion: 0.1037581s ReferenceId: 0x0A023F2F (source IP: 10.2.63.47) Last Successful Sync Time: 10/12/2025 10:06:08 PM Source: INO-RUT-DC02.inside.inoxihp.com.au Poll Interval: 10 (1024s) [clientversion] 2.42 [uname] Microsoft Windows Server 2022 Datacenter (build 20348) [cpu] up: 0 days, 0 users, 109 procs, load=0.99% CPU states: total 0.99% cores: 4 CPU PID Image Name Pri Time MemUsage 0.2% 1256 SVC:EventLog 8 00:05:02 46972k 0.2% 2832 SVC:BASupportExpressStandalone 13 00:03:17 29340k 0.2% 3424 SVC:WinDefend 8 00:10:25 288912k 0.2% 3020 SVC:Mesh Agent 8 00:02:14 156248k 0.1% 4448 powershell 8 00:03:11 90464k 0.0% 4 System 8 00:02:12 144k 0.0% 3272 SVC:Winmgmt 8 00:00:36 30860k 0.0% 2952 SVC:LTService 8 00:00:35 32064k 0.0% 4672 WmiPrvSE 8 00:00:25 28112k 0.0% 728 SVC:KeyIso/Netlogon/SamSs 9 00:11:39 25404k 0.0% 976 SVC:RpcEptMapper/RpcSs 8 00:00:16 12332k 0.0% 8452 SVC:IDriveService 8 00:16:12 543144k 0.0% 4372 WmiPrvSE 8 00:00:02 13884k 0.0% 716 services 9 00:00:11 10552k 0.0% 3212 SVC:TrkWks 8 00:00:00 5980k 0.0% 3220 SVC:UsoSvc 8 00:00:00 12156k 0.0% 3644 SVC:XymonPSClient 8 00:00:00 6480k 0.0% 3440 SVC:Windows Agent Service 8 00:00:43 258632k 0.0% 3432 SVC:WinRM 8 00:00:00 13308k 0.0% 3636 SVC:VeeamEndpointBackupSvc 8 00:00:02 93396k 0.0% 3452 SVC:WpnService 8 00:00:00 11124k 0.0% 2824 SVC:DHCPServer 8 00:00:00 54520k 0.0% 2848 SVC:DiagTrack 8 00:00:01 33360k 0.0% 2916 SVC:HelpDeskService 8 00:00:00 8352k 0.0% 2728 SVC:Backup Service Controller 8 00:00:00 10412k 0.0% 2776 SVC:BASupportExpressSrvcUpdate 8 00:00:04 22844k 0.0% 2788 SVC:CryptSvc 8 00:00:22 19816k 0.0% 3084 SVC:SrmSvc 8 00:00:01 26416k 0.0% 3124 SVC:MSDTC 8 00:00:00 11208k 0.0% 3164 SVC:SysMain 8 00:00:00 6944k 0.0% 2968 SVC:LTSvcMon 8 00:00:00 14156k 0.0% 3000 SVC:LanmanServer 8 00:00:00 12932k 0.0% 3076 SVC:SstpSvc 8 00:00:00 7544k 0.0% 6428 conhost 8 00:00:00 10072k 0.0% 6488 SVC:StorSvc 8 00:00:00 14856k 0.0% 7052 SVC:WdNisSvc 8 00:00:30 13152k 0.0% 5796 NableReactiveManagement 8 00:00:00 45796k 0.0% 6252 conhost 8 00:00:00 10064k 0.0% 6344 NableSixtyFourBitManager 8 00:00:00 62348k 0.0% 8324 SVC:SolarWinds.MSP.RpcServerSe 8 00:00:04 72796k 0.0% 8380 SVC:UALSVC 8 00:00:00 14668k 0.0% 8780 SVC:PcaSvc 8 00:00:00 11580k 0.0% 7092 SVC:WdiSystemHost 8 00:00:00 6272k 0.0% 7156 BASupSysInf 6 00:00:00 19976k 0.0% 8268 SVC:DPS 8 00:00:02 22268k 0.0% 4332 conhost 6 00:00:00 10172k 0.0% 8880 SVC:SolarWinds.MSP.CacheServic 8 00:00:00 51576k 0.0% 4476 conhost 8 00:00:02 13200k 0.0% 3956 SVC:RasMan 8 00:00:00 13416k 0.0% 3980 SVC:VeeamTransportSvc 8 00:00:00 11320k 0.0% 3992 SVC:VeeamDeploySvc 8 00:00:00 17304k 0.0% 5048 BackupFP 8 00:02:03 275880k 0.0% 5228 conhost 8 00:00:00 10020k 0.0% 5248 SVC:PME.Agent.PmeService 8 00:00:00 33304k 0.0% 4684 AggregatorHost 8 00:00:00 7728k 0.0% 4728 SVC:StateRepository 8 00:00:00 10900k 0.0% 4772 Veeam.Guest.Interaction.Proxy 8 00:00:00 10748k 0.0% 992 SVC:W32Time 8 00:00:00 8668k 0.0% 1016 SVC:LSM 8 00:00:00 9556k 0.0% 1036 SVC:NcbService 8 00:00:00 8592k 0.0% 860 SVC:BrokerInfrastructure/DcomL 8 00:00:00 15424k 0.0% 896 fontdrvhost 8 00:00:00 3572k 0.0% 904 fontdrvhost 8 00:00:00 3428k 0.0% 1048 SVC:TimeBrokerSvc 8 00:00:00 6300k 0.0% 1208 SVC:Dnscache 8 00:00:06 9924k 0.0% 1272 dwm 13 00:00:00 44936k 0.0% 1384 SVC:BFE/mpssvc 8 00:00:01 19844k 0.0% 1128 SVC:ShellHWDetection 8 00:00:00 8940k 0.0% 1144 SVC:Dhcp 8 00:00:01 8120k 0.0% 1192 LogonUI 13 00:00:00 48040k 0.0% 444 SVC:nsi 8 00:00:00 8152k 0.0% 484 csrss 13 00:00:02 6648k 0.0% 528 SVC:TermService 8 00:00:00 13328k 0.0% 0 Idle 0 8k 0.0% 124 Registry 8 00:00:01 19572k 0.0% 380 smss 11 00:00:00 1300k 0.0% 572 wininit 13 00:00:00 7244k 0.0% 768 WmiPrvSE 8 00:00:09 20776k 0.0% 804 SVC:CDPSvc 8 00:00:00 11920k 0.0% 832 SVC:Windows Agent Maintenance 8 00:00:00 32504k 0.0% 580 csrss 13 00:00:00 5960k 0.0% 644 winlogon 13 00:00:00 10088k 0.0% 760 SVC:lmhosts 8 00:00:00 5692k 0.0% 2132 SVC:SessionEnv 8 00:00:00 10232k 0.0% 2188 WmiPrvSE 8 00:00:09 20116k 0.0% 2204 SVC:WSearch 8 00:00:08 23348k 0.0% 2000 SVC:Wcmsvc 8 00:00:00 9212k 0.0% 2036 SVC:LanmanWorkstation 8 00:00:00 10648k 0.0% 2124 SVC:WinHttpAutoProxySvc 8 00:00:00 7904k 0.0% 2360 SVC:DispBrokerDesktopSvc 8 00:00:00 7324k 0.0% 2588 SVC:IKEEXT 8 00:00:00 8608k 0.0% 2604 SVC:Spooler 8 00:00:01 28024k 0.0% 2716 SVC:AutomationManagerAgent 8 00:00:07 106544k 0.0% 2416 SVC:UserManager 8 00:00:00 7852k 0.0% 2532 SVC:iphlpsvc 8 00:00:00 10768k 0.0% 2580 SVC:PolicyAgent 8 00:00:00 7860k 0.0% 1572 SVC:UmRdpService 8 00:00:00 6928k 0.0% 1600 SVC:ProfSvc 8 00:00:00 6900k 0.0% 1608 SVC:Themes 8 00:00:00 6048k 0.0% 1452 SVC:ScreenConnect Client (69e7 8 00:00:00 39496k 0.0% 1484 SVC:NlaSvc 8 00:00:00 13716k 0.0% 1556 SVC:gpsvc 8 00:00:00 13208k 0.0% 1616 SVC:EventSystem 8 00:00:00 8328k 0.0% 1840 SVC:Schedule 8 00:00:01 15484k 0.0% 1860 SVC:SENS 8 00:00:00 9464k 0.0% 1872 SVC:CertPropSvc 8 00:00:00 6528k 0.0% 1624 SVC:FontCache 8 00:00:00 7108k 0.0% 1796 SVC:netprofm 8 00:00:00 11016k 0.0% 1820 SVC:CoreMessagingRegistrar 8 00:00:00 6252k [disk] Filesystem 1K-blocks Used Avail Capacity Mounted Label Summary(Total\Avail GB) C 209074172 37661328 171412844 18% /FIXED/C:\ 199.39\163.47 D 4194285564 1985908336 2208377228 47% /FIXED/D:\ data 3999.98\2106.07 [memory] memory Total Used physical: 32767 4075 virtual: 4864 355 page: 37631 4142 [msgs:EventlogSummary] LogMode MaximumSizeInBytes RecordCount LogName ------- ------------------ ----------- ------- Circular 20971520 31265 Security Circular 20971520 62197 System Circular 20971520 49017 Application [msgs:eventlog_Security] [msgs:eventlog_System] Information - 12/10/2025 22:06:33 - [4] - Virtual Disk Service - Service stopped. Information - 12/10/2025 22:06:26 - [98] - Microsoft-Windows-Ntfs - Volume System Reserved (\Device\HarddiskVolumeShadowCopy13) is healthy. No action is needed. Information - 12/10/2025 22:06:26 - [98] - Microsoft-Windows-Ntfs - Volume ?? (\Device\HarddiskVolumeShadowCopy12) is healthy. No action is needed. Information - 12/10/2025 22:06:09 - [3] - Virtual Disk Service - Service started. [msgs:eventlog_Application] Information - 12/10/2025 22:09:37 - [8224] - VSS - The VSS service is shutting down due to idle timeout. Information - 12/10/2025 22:06:34 - [105] - Backup Manager - Backup finished for data source SystemStateBackupPlugin with session status Completed. Selected size: 17.6G; Selected count: 118850; Processed size: 225M; Processed count: 296; Sent size: 2.81M; Errors count: 0; Removed files count: 0. Information - 12/10/2025 22:06:26 - [2006] - ESENT - svchost (2824,G,0) Shadow copy instance 5 completed successfully. [procs] PID User WorkingSet/Peak VirtualMem/Peak PagedMem/Peak NPS Handles %CPU Start Time Elapsed Name Command 1256 NT AUTHORITY\LOCAL SERVICE 46972/77080 4194304/4194304 57436/69900 20 1631 0.2 2025-12-10 15:22:26 416 SVC:EventLog 2832 NT AUTHORITY\SYSTEM 29340/29564 152556/162544 15484/15892 38 415 0.2 2025-12-10 15:22:27 416 SVC:BASupportExpressStandaloneService_N_Central "C:\Program Files (x86)\BeAnywhere Support Express\GetSupportService_N-Central\BASupSrvc.exe" 3424 Unknown 288912/1056976 4194304/4194304 605384/1114124 303 825 0.2 2025-12-10 15:22:27 416 SVC:WinDefend 3020 NT AUTHORITY\SYSTEM 156248/156256 4194304/4194304 144672/144672 21 335 0.2 2025-12-10 15:22:27 416 SVC:Mesh Agent 4448 NT AUTHORITY\SYSTEM 90464/122848 331880/350312 73676/106928 38 557 0.1 2025-12-10 15:22:28 416 powershell "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy RemoteSigned -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File "C:\Program Files\xymon\xymonclient.ps1" 4 Unknown 144/1880 3968/15292 40/64 0 2048 0.0 2025-12-10 15:22:22 416 System 3272 NT AUTHORITY\SYSTEM 30860/41824 4194304/4194304 17288/34720 24 549 0.0 2025-12-10 15:22:27 416 SVC:Winmgmt 2952 NT AUTHORITY\SYSTEM 32064/234176 4194304/4194304 89840/257612 56 1997 0.0 2025-12-10 15:22:27 416 SVC:LTService 4672 NT AUTHORITY\NETWORK SERVICE 28112/32832 4194304/4194304 13148/15820 21 821 0.0 2025-12-10 15:22:30 416 WmiPrvSE 728 NT AUTHORITY\SYSTEM 25404/25920 4194304/4194304 10048/10804 31 1505 0.0 2025-12-10 15:22:25 416 SVC:KeyIso/Netlogon/SamSs 976 NT AUTHORITY\NETWORK SERVICE 12332/12460 4194304/4194304 5356/5588 18 834 0.0 2025-12-10 15:22:26 416 SVC:RpcEptMapper/RpcSs 8452 NT AUTHORITY\SYSTEM 543144/1105572 4194304/4194304 513752/1118028 55 1010 0.0 2025-12-10 15:24:29 414 SVC:IDriveService 4372 NT AUTHORITY\LOCAL SERVICE 13884/24412 4194304/4194304 4672/15528 13 190 0.0 2025-12-10 19:27:53 171 WmiPrvSE 716 Unknown 10552/10860 4194304/4194304 5696/7896 12 602 0.0 2025-12-10 15:22:25 416 services 3212 NT AUTHORITY\SYSTEM 5980/6012 4194304/4194304 1288/1440 8 144 0.0 2025-12-10 15:22:27 416 SVC:TrkWks 3220 NT AUTHORITY\SYSTEM 12156/12668 4194304/4194304 2828/3384 14 243 0.0 2025-12-10 15:22:27 416 SVC:UsoSvc 3644 NT AUTHORITY\SYSTEM 6480/6732 4194304/4194304 1864/2164 8 124 0.0 2025-12-10 15:22:27 416 SVC:XymonPSClient 3440 NT AUTHORITY\SYSTEM 258632/272284 815196/839544 229416/253192 112 2148 0.0 2025-12-10 15:22:27 416 SVC:Windows Agent Service "C:\Program Files (x86)\N-able Technologies\Windows Agent\bin\agent.exe" 3432 NT AUTHORITY\NETWORK SERVICE 13308/13416 4194304/4194304 3008/3668 14 252 0.0 2025-12-10 15:22:27 416 SVC:WinRM 3636 NT AUTHORITY\SYSTEM 93396/96472 4194304/4194304 50768/53152 66 1044 0.0 2025-12-10 15:22:27 416 SVC:VeeamEndpointBackupSvc 3452 NT AUTHORITY\SYSTEM 11124/11232 4194304/4194304 1388/1764 8 126 0.0 2025-12-10 15:22:27 416 SVC:WpnService 2824 NT AUTHORITY\NETWORK SERVICE 54520/55764 4194304/4194304 149624/150940 52 480 0.0 2025-12-10 15:22:27 416 SVC:DHCPServer 2848 NT AUTHORITY\SYSTEM 33360/50348 4194304/4194304 15600/39764 24 553 0.0 2025-12-10 15:22:27 416 SVC:DiagTrack 2916 NT AUTHORITY\SYSTEM 8352/8428 4194304/4194304 2220/2380 11 225 0.0 2025-12-10 15:22:27 416 SVC:HelpDeskService 2728 NT AUTHORITY\SYSTEM 10412/10488 4194304/4194304 2180/2364 11 196 0.0 2025-12-10 15:22:27 416 SVC:Backup Service Controller 2776 NT AUTHORITY\SYSTEM 22844/39932 128388/155868 9304/27148 23 336 0.0 2025-12-10 15:22:27 416 SVC:BASupportExpressSrvcUpdater_N_Central "C:\Program Files (x86)\BeAnywhere Support Express\GetSupportService_N-Central\BASupSrvcUpdater.exe" 2788 NT AUTHORITY\NETWORK SERVICE 19816/78608 4194304/4194304 9280/68288 31 410 0.0 2025-12-10 15:22:27 416 SVC:CryptSvc 3084 NT AUTHORITY\SYSTEM 26416/28516 4194304/4194304 12308/15056 47 382 0.0 2025-12-10 15:22:27 416 SVC:SrmSvc 3124 NT AUTHORITY\NETWORK SERVICE 11208/12500 4194304/4194304 2884/4092 14 242 0.0 2025-12-10 15:24:29 414 SVC:MSDTC 3164 NT AUTHORITY\SYSTEM 6944/6992 4194304/4194304 1540/1800 9 144 0.0 2025-12-10 15:22:27 416 SVC:SysMain 2968 NT AUTHORITY\SYSTEM 14156/42672 4194304/4194304 34152/35048 27 481 0.0 2025-12-10 15:22:27 416 SVC:LTSvcMon 3000 NT AUTHORITY\SYSTEM 12932/13016 4194304/4194304 3324/3732 14 261 0.0 2025-12-10 15:22:27 416 SVC:LanmanServer 3076 NT AUTHORITY\LOCAL SERVICE 7544/7604 4194304/4194304 1648/1912 42 160 0.0 2025-12-10 15:22:27 416 SVC:SstpSvc 6428 NT AUTHORITY\SYSTEM 10072/10116 4194304/4194304 6192/6260 7 86 0.0 2025-12-10 15:22:33 416 conhost 6488 NT AUTHORITY\SYSTEM 14856/15508 4194304/4194304 2996/3996 14 259 0.0 2025-12-10 15:22:30 416 SVC:StorSvc 7052 Unknown 13152/14028 4194304/4194304 5072/6280 10 209 0.0 2025-12-10 15:22:33 416 SVC:WdNisSvc 5796 NT AUTHORITY\SYSTEM 45796/47640 4194304/4194304 37500/38808 23 543 0.0 2025-12-10 15:22:33 416 NableReactiveManagement 6252 NT AUTHORITY\SYSTEM 10064/10108 4194304/4194304 6176/6244 7 86 0.0 2025-12-10 15:22:33 416 conhost 6344 NT AUTHORITY\SYSTEM 62348/62428 4194304/4194304 51612/59724 26 409 0.0 2025-12-10 15:22:33 416 NableSixtyFourBitManager 8324 NT AUTHORITY\SYSTEM 72796/109052 291732/355156 47148/90452 66 607 0.0 2025-12-10 15:22:55 416 SVC:SolarWinds.MSP.RpcServerService "C:\Program Files (x86)\MspPlatform\RequestHandlerAgent\RequestHandlerAgent.exe" 8380 NT AUTHORITY\SYSTEM 14668/16240 4194304/4194304 7908/12036 20 271 0.0 2025-12-10 15:24:30 414 SVC:UALSVC 8780 NT AUTHORITY\SYSTEM 11580/12564 4194304/4194304 3712/4528 13 248 0.0 2025-12-10 15:22:53 416 SVC:PcaSvc 7092 NT AUTHORITY\SYSTEM 6272/6340 4194304/4194304 1376/1780 8 126 0.0 2025-12-10 21:53:04 26 SVC:WdiSystemHost 7156 NT AUTHORITY\SYSTEM 19976/49084 107860/129076 7024/29428 18 268 0.0 2025-12-10 15:22:34 416 BASupSysInf C:\PROGRA~2\BEANYW~1\GETSUP~1\BASupSysInf.exe -pldpipeid dgs7WDodgo3aCPFTaJncxhNBvhrx3XnkTUhhdGX5MkGyUbAjf0co8qx6khFA9Vdf 8268 NT AUTHORITY\LOCAL SERVICE 22268/23916 4194304/4194304 16232/17208 17 306 0.0 2025-12-10 15:24:29 414 SVC:DPS 4332 NT AUTHORITY\SYSTEM 10172/10212 4194304/4194304 6208/6264 8 86 0.0 2025-12-10 15:22:34 416 conhost 8880 NT AUTHORITY\LOCAL SERVICE 51576/52352 4194304/4194304 41568/42432 34 634 0.0 2025-12-10 15:22:53 416 SVC:SolarWinds.MSP.CacheService 4476 NT AUTHORITY\SYSTEM 13200/13200 4194304/4194304 6600/6604 10 148 0.0 2025-12-10 15:22:28 416 conhost 3956 NT AUTHORITY\SYSTEM 13416/13480 4194304/4194304 3424/3776 24 419 0.0 2025-12-10 15:22:27 416 SVC:RasMan 3980 NT AUTHORITY\SYSTEM 11320/11424 55944/61800 2268/2612 18 259 0.0 2025-12-10 15:22:27 416 SVC:VeeamTransportSvc "C:\Program Files (x86)\Veeam\Backup Transport\VeeamTransportSvc.exe" 3992 NT AUTHORITY\SYSTEM 17304/17488 73184/80864 3696/4160 24 335 0.0 2025-12-10 15:22:27 416 SVC:VeeamDeploySvc "C:\Windows\Veeam\Backup\VeeamDeploymentSvc.exe" -port 6160 5048 NT AUTHORITY\SYSTEM 275880/412456 4194304/4194304 254568/378548 51 801 0.0 2025-12-10 15:22:28 416 BackupFP 5228 NT AUTHORITY\SYSTEM 10020/10080 4194304/4194304 6188/6276 7 86 0.0 2025-12-10 15:22:28 416 conhost 5248 NT AUTHORITY\SYSTEM 33304/33344 4194304/4194304 25920/26044 19 436 0.0 2025-12-10 15:22:57 416 SVC:PME.Agent.PmeService 4684 NT AUTHORITY\SYSTEM 7728/16424 4194304/4194304 2468/4736 8 123 0.0 2025-12-10 15:22:28 416 AggregatorHost 4728 NT AUTHORITY\SYSTEM 10900/12420 4194304/4194304 3592/5104 9 131 0.0 2025-12-10 15:24:32 414 SVC:StateRepository 4772 NT AUTHORITY\SYSTEM 10748/10904 51416/59096 2032/2468 18 251 0.0 2025-12-10 15:22:28 416 Veeam.Guest.Interaction.Proxy "C:\Program Files (x86)\Veeam\Backup Transport\GuestInteraction\Veeam.Guest.Interaction.Proxy.exe" 992 NT AUTHORITY\LOCAL SERVICE 8668/8736 4194304/4194304 1768/2136 13 228 0.0 2025-12-10 15:22:26 416 SVC:W32Time 1016 NT AUTHORITY\SYSTEM 9556/9620 4194304/4194304 2460/2732 12 294 0.0 2025-12-10 15:22:26 416 SVC:LSM 1036 NT AUTHORITY\SYSTEM 8592/8752 4194304/4194304 1812/2316 11 192 0.0 2025-12-10 15:22:26 416 SVC:NcbService 860 NT AUTHORITY\SYSTEM 15424/15668 4194304/4194304 5712/5956 15 834 0.0 2025-12-10 15:22:26 416 SVC:BrokerInfrastructure/DcomLaunch/PlugPlay/Power/SystemEventsBroker 896 Font Driver Host\UMFD-0 3572/3612 4194304/4194304 1328/1412 6 39 0.0 2025-12-10 15:22:26 416 fontdrvhost 904 Font Driver Host\UMFD-1 3428/3472 4194304/4194304 1260/1344 6 39 0.0 2025-12-10 15:22:26 416 fontdrvhost 1048 NT AUTHORITY\LOCAL SERVICE 6300/6404 4194304/4194304 1364/1692 8 140 0.0 2025-12-10 15:22:26 416 SVC:TimeBrokerSvc 1208 NT AUTHORITY\NETWORK SERVICE 9924/10140 4194304/4194304 3552/3900 18 312 0.0 2025-12-10 15:22:26 416 SVC:Dnscache 1272 Window Manager\DWM-1 44936/50604 4194304/4194304 22456/33276 27 626 0.0 2025-12-10 15:22:26 416 dwm 1384 NT AUTHORITY\LOCAL SERVICE 19844/23884 4194304/4194304 9752/14040 33 421 0.0 2025-12-10 15:22:26 416 SVC:BFE/mpssvc 1128 NT AUTHORITY\SYSTEM 8940/9008 4194304/4194304 1964/2320 12 184 0.0 2025-12-10 15:22:26 416 SVC:ShellHWDetection 1144 NT AUTHORITY\LOCAL SERVICE 8120/8352 4194304/4194304 2156/2580 11 233 0.0 2025-12-10 15:22:26 416 SVC:Dhcp 1192 NT AUTHORITY\SYSTEM 48040/55708 4194304/4194304 11652/23588 26 456 0.0 2025-12-10 15:22:26 416 LogonUI 444 NT AUTHORITY\LOCAL SERVICE 8152/8232 4194304/4194304 3628/3928 17 135 0.0 2025-12-10 15:22:26 416 SVC:nsi 484 Unknown 6648/6780 4194304/4194304 2132/2336 24 662 0.0 2025-12-10 15:22:25 416 csrss 528 NT AUTHORITY\NETWORK SERVICE 13328/13368 4194304/4194304 4656/4832 20 542 0.0 2025-12-10 15:22:26 416 SVC:TermService 0 8/8 8/8 60/60 0 0 0.0 0 Idle 124 Unknown 19572/162760 83532/166604 2508/100960 12 0 0.0 2025-12-10 15:22:20 416 Registry 380 Unknown 1300/1324 4194304/4194304 1100/1164 3 57 0.0 2025-12-10 15:22:22 416 smss 572 Unknown 7244/7368 4194304/4194304 1368/1904 11 156 0.0 2025-12-10 15:22:25 416 wininit 768 NT AUTHORITY\SYSTEM 20776/42916 4194304/4194304 14192/35412 15 288 0.0 2025-12-10 15:55:10 383 WmiPrvSE 804 NT AUTHORITY\LOCAL SERVICE 11920/11968 4194304/4194304 2228/2724 12 211 0.0 2025-12-10 15:24:29 414 SVC:CDPSvc 832 NT AUTHORITY\SYSTEM 32504/32876 160964/172828 19492/20860 25 447 0.0 2025-12-10 15:24:31 414 SVC:Windows Agent Maintenance Service "C:\Program Files (x86)\N-able Technologies\Windows Agent\bin\AgentMaint.exe" 580 Unknown 5960/11212 4194304/4194304 1752/2016 11 169 0.0 2025-12-10 15:22:25 416 csrss 644 NT AUTHORITY\SYSTEM 10088/15232 4194304/4194304 2512/6408 12 212 0.0 2025-12-10 15:22:25 416 winlogon 760 NT AUTHORITY\LOCAL SERVICE 5692/5716 4194304/4194304 1264/1440 8 119 0.0 2025-12-10 15:22:26 416 SVC:lmhosts 2132 NT AUTHORITY\SYSTEM 10232/10268 4194304/4194304 2260/2472 16 246 0.0 2025-12-10 15:22:26 416 SVC:SessionEnv 2188 NT AUTHORITY\SYSTEM 20116/39756 109936/154240 11380/32784 17 299 0.0 2025-12-10 15:55:09 383 WmiPrvSE C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding 2204 NT AUTHORITY\SYSTEM 23348/23712 4194304/4194304 20104/20520 37 734 0.0 2025-12-10 15:24:31 414 SVC:WSearch 2000 NT AUTHORITY\LOCAL SERVICE 9212/9524 4194304/4194304 2032/3296 13 289 0.0 2025-12-10 15:22:26 416 SVC:Wcmsvc 2036 NT AUTHORITY\NETWORK SERVICE 10648/10704 4194304/4194304 2296/2564 14 245 0.0 2025-12-10 15:22:26 416 SVC:LanmanWorkstation 2124 NT AUTHORITY\LOCAL SERVICE 7904/8060 4194304/4194304 1828/2400 10 178 0.0 2025-12-10 15:22:26 416 SVC:WinHttpAutoProxySvc 2360 NT AUTHORITY\LOCAL SERVICE 7324/7424 4194304/4194304 1328/1668 8 124 0.0 2025-12-10 15:22:26 416 SVC:DispBrokerDesktopSvc 2588 NT AUTHORITY\SYSTEM 8608/8692 4194304/4194304 2592/2904 14 278 0.0 2025-12-10 15:22:27 416 SVC:IKEEXT 2604 NT AUTHORITY\SYSTEM 28024/29076 4194304/4194304 10228/11828 37 620 0.0 2025-12-10 15:22:27 416 SVC:Spooler 2716 NT AUTHORITY\SYSTEM 106544/108596 336936/397912 78732/103100 74 1177 0.0 2025-12-10 15:22:27 416 SVC:AutomationManagerAgent "C:\Program Files (x86)\N-able Technologies\AutomationManagerAgent\AutomationManager.AgentService.exe" 2416 NT AUTHORITY\SYSTEM 7852/7936 4194304/4194304 1536/1852 9 145 0.0 2025-12-10 15:22:26 416 SVC:UserManager 2532 NT AUTHORITY\SYSTEM 10768/11044 4194304/4194304 2656/3468 16 363 0.0 2025-12-10 15:22:27 416 SVC:iphlpsvc 2580 NT AUTHORITY\NETWORK SERVICE 7860/8996 4194304/4194304 1864/2964 13 173 0.0 2025-12-10 15:22:27 416 SVC:PolicyAgent 1572 NT AUTHORITY\SYSTEM 6928/6944 4194304/4194304 1348/1508 9 138 0.0 2025-12-10 15:22:26 416 SVC:UmRdpService 1600 NT AUTHORITY\SYSTEM 6900/6932 4194304/4194304 1408/1668 8 126 0.0 2025-12-10 15:22:26 416 SVC:ProfSvc 1608 NT AUTHORITY\SYSTEM 6048/6096 4194304/4194304 1216/1420 8 121 0.0 2025-12-10 15:22:26 416 SVC:Themes 1452 NT AUTHORITY\SYSTEM 39496/39572 197860/206820 25240/25496 32 511 0.0 2025-12-10 15:22:27 416 SVC:ScreenConnect Client (69e7721040ec1250) "C:\Program Files (x86)\ScreenConnect Client (69e7721040ec1250)\ScreenConnect.ClientService.exe" "?e=Access&y=Guest&h=sc.viatek.com.au&p=8041&s=81f1fb2d-e971-4151-9233-026a4e5aab3f&k=BgIAAACkAABSU0ExAAgAAAEAAQCpFbFNTaYP9amF8McjmZ%2bQ8kLvvhOdthUPFJ78pr76tgUjzgIRnjzFiPwsqi3KH%2bAEGdBbu140Eu8gE8DXpk8y0v9cshavNO51TVuWILGYq54M%2bBpwafW1VRm7r8nJ%2fbpM58Hbc%2fArVsmsigBtGQ03Sse8wIfZ8ZkcfpiApbfZ94oT2gRUGDhLOh%2bbMDJXXzL%2bkCr5oO14ZoU9GzOu1GIPVuArDftfmD9D5O53gdE9njSXgqArzh%2bu06zB9Elvwke8PCvQTLHUpLHkYIOkCt1xNBIihW7ixPWPxb%2f0ZxzZ3sepeYefPryGzmthvqVHmX%2bOysNHAeTxvjOLuUYoCtKt&v=AQAAANCMnd8BFdERjHoAwE%2fCl%2bsBAAAALGJBS5pIdke3EzdSnWrobAAAAAACAAAAAAAQZgAAAAEAACAAAAB7kvEKnYW8uqUU%2fjSEpvV9HnnX9HqO%2fVbMDPZKo08AlAAAAAAOgAAAAAIAACAAAAACVNoR2QgbMpsEqXLIQ0GFhvqbkTLxbaow2RVrUSYoiqAEAADVYrkpnxJhBn%2bNjU%2freLqtP25RBcML1geBWFf9U2yr1vICIQn4iqQcTYcrWlLC2YUvJ98TvMu%2be40xwmZWGI0O9WZgdVjzC31EBrXka0F0UcXnG6KwDBMgTy2pABmanplouzpilrFxb4NoAM8RZFXE4NZL8jQszoOdyENLZnWMAx4ap8IoenNovusq2vK8Pdge5zHrtcEAHNOUx3UqWiZ8ZWoV4EW%2bqmGcnmBRTJXijFflRugBWs1t%2f9pp%2felDh%2fNCsqZuRRwp6mASD93D8h4MtZtEcSE2usqbpb8k5lwxxAzr5rNZswpp4lz1mWruFyjWDf99tbK%2bN80fP2r2W67%2bCGWAoOafafHSxKzFWCqVaDitLyuvRH%2b1UUDOs%2bbGeCvCKBkPnTlBxoQg9Z%2fDiEjUAxWP4ETJx%2bbS5Pv54TLOAawgArwzAG03%2bMe7rNcyLHGORxR6zAMZ9CXMSh6JlbfPLXKZKPcW7tqxbpBIrtd5EnrFsDteXpFkVfEyhTbnWGWilLXzhikInqjBgUmK5OniZIUiFVtHSvNor%2bimXlIzpQBdjEff7Z8FNRViDsvidNINIxg48NcxhUMtbnX%2f7oiTKbp4334rXM7xA2WrgdwBUYUT91%2bhvc0JZv5U0lyV2b%2b3FAqMp8Fclx6R0vxTcbc1ChIiA3JgS22miGvF1Y3PFQ4c1afPhuGXcbK7ubsvWFTUsj4gSj0h%2b%2fSn52SUl8K5llc5fa8%2bmdDkNgEQcHgNs50FyVhhX05zvN9t0%2fu8x6mS3md1wjGMJEWfPVT5zzjaIFPso4v4YkiCtYxLSvCbvK4F%2fDTiPdyr0KuA82LEw6nQAs4qDGY8EJr47GvOc7bBtuzbYWq%2f44yQl8R5ry6T0OUuZnhtSZxqemqUlPOxNXZWaL1UjJVFUImUn8WM0f%2fQBQ2mKHLWRf0PVujzS%2bZiaSqeOh06Cs2LiTVbqSk8Q4qgN4v0sz0FNbfrQW8mbUCaKL%2bl94aJZPkSGtQWa%2f%2fdmz9o3S7fzhDAMfumxIBLP08BVg0H1oK%2fstjGzL04yBragx0QqpxSZROQVw27cGwAHdbpeFbv5cKf9H0hjYyJka2nyN%2bDNRFirzYnOe0%2bqzrrG9kA140UxQ%2bWM7hueZ5Nzhstptnxi0u3yBbn3GuAvF0YMITPwtbDbSRCO5H%2bb7UNC1WQLZDulfC5mnvDzsdN%2bM9s6G9mWcbebMhBC3q39s5zodA35JEHPW%2fxkruJXA9EbZjfiD7a%2bbkJA7uekYDSG2nmjyMvBcEE8MrGHT31O9074zFyB1TYQG9Pb8%2fS0pLy%2bWOK7uq%2fkRaK7mo3HNDxaZgzpJrWk5FvFZ6%2fmJXzSDkEqoiPB2FQKKu2%2fyStsx1MTfnOh7uC8uaqM08uNmM67sGvsfjSSMsNfFU4KQVUKSk%2fDENRhyMImBvSyFSVGmAO5sHuVCstKkOeV2LUCzmp%2b8m0wettXEMhcYu0U%2b9ZlzMKtpwX5lmdzD4moLleZCTmGjO2H8KKpEyqukPS1GQr3%2bLyNGaOHRN89ju2F2tYOt0ouC5eXzAGO%2feNx705eLEAMcMdoqbGpyXhiF0HoDw6IkAAAADanZNH4yCid%2b46xk3uOFQ6pWk%2b0okknzTyEeeAxSgjKVz%2fndDTJexk04K8kyjh7H2s2%2bRFgMYiEW8Wl61smHxO&c=Inorail%20Pty%20Ltd&c=INX%20-%20Servers&c=&c=&c=&c=&c=&c=" 1484 NT AUTHORITY\NETWORK SERVICE 13716/14156 4194304/4194304 4276/5540 18 402 0.0 2025-12-10 15:22:26 416 SVC:NlaSvc 1556 NT AUTHORITY\SYSTEM 13208/13308 4194304/4194304 2692/2960 16 262 0.0 2025-12-10 15:22:26 416 SVC:gpsvc 1616 NT AUTHORITY\LOCAL SERVICE 8328/8460 4194304/4194304 1996/2388 10 171 0.0 2025-12-10 15:22:26 416 SVC:EventSystem 1840 NT AUTHORITY\SYSTEM 15484/15620 4194304/4194304 5104/5456 19 371 0.0 2025-12-10 15:22:26 416 SVC:Schedule 1860 NT AUTHORITY\SYSTEM 9464/9580 4194304/4194304 2068/2316 15 212 0.0 2025-12-10 15:22:26 416 SVC:SENS 1872 NT AUTHORITY\SYSTEM 6528/6568 4194304/4194304 1324/1476 8 145 0.0 2025-12-10 15:22:26 416 SVC:CertPropSvc 1624 NT AUTHORITY\LOCAL SERVICE 7108/8468 4194304/4194304 1620/2056 10 142 0.0 2025-12-10 15:22:26 416 SVC:FontCache 1796 NT AUTHORITY\LOCAL SERVICE 11016/11668 4194304/4194304 2756/4236 13 430 0.0 2025-12-10 15:22:26 416 SVC:netprofm 1820 NT AUTHORITY\LOCAL SERVICE 6252/6284 4194304/4194304 1264/1408 8 126 0.0 2025-12-10 15:22:26 416 SVC:CoreMessagingRegistrar [netstat] PacketsReceived=2748929 ReceivedHeaderErrors=0 ReceivedAddressErrors=21998 DatagramsForwarded=0 UnknownProtocolsReceived=0 ReceivedPacketsDiscarded=568 ReceivedPacketsDelivered=2730597 OutputRequests=8164868 RoutingDiscards=0 DiscardedOutputPackets=265 OutputPacketNoRoute=0 ReassemblyRequired=0 ReassemblySuccessful=0 ReassemblyFailures=0 DatagramsSuccessfullyFragmented=0 DatagramsFailingFragmentation=0 FragmentsCreated=0 PacketsReceived=11962 ReceivedHeaderErrors=0 ReceivedAddressErrors=0 DatagramsForwarded=0 UnknownProtocolsReceived=0 ReceivedPacketsDiscarded=382 ReceivedPacketsDelivered=11583 OutputRequests=168 RoutingDiscards=0 DiscardedOutputPackets=0 OutputPacketNoRoute=0 ReassemblyRequired=0 ReassemblySuccessful=0 ReassemblyFailures=0 DatagramsSuccessfullyFragmented=0 DatagramsFailingFragmentation=0 FragmentsCreated=0 tcpActiveOpens=36735 tcpPassiveOpens=3537 tcpFailedConnectionAttempts=288 tcpResetConnections=1802 tcpCurrentConnections=41 tcpSegmentsReceived=2739596 tcpSegmentsSent=8034651 tcpSegmentsRetransmitted=181906 tcpActiveOpens=29 tcpPassiveOpens=29 tcpFailedConnectionAttempts=0 tcpResetConnections=6 tcpCurrentConnections=0 tcpSegmentsReceived=3387 tcpSegmentsSent=3244 tcpSegmentsRetransmitted=0 udpDatagramsReceived=48480 udpNoPorts=532 udpReceiveErrors=0 udpDatagramsSent=6789 udpDatagramsReceived=10632 udpNoPorts=382 udpReceiveErrors=0 udpDatagramsSent=10 [ports] Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING TCP 0.0.0.0:5948 0.0.0.0:0 LISTENING TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING TCP 0.0.0.0:6160 0.0.0.0:0 LISTENING TCP 0.0.0.0:6162 0.0.0.0:0 LISTENING TCP 0.0.0.0:6183 0.0.0.0:0 LISTENING TCP 0.0.0.0:6184 0.0.0.0:0 LISTENING TCP 0.0.0.0:6190 0.0.0.0:0 LISTENING TCP 0.0.0.0:6290 0.0.0.0:0 LISTENING TCP 0.0.0.0:11731 0.0.0.0:0 LISTENING TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING TCP 0.0.0.0:49672 0.0.0.0:0 LISTENING TCP 0.0.0.0:49709 0.0.0.0:0 LISTENING TCP 0.0.0.0:49781 0.0.0.0:0 LISTENING TCP 0.0.0.0:53957 0.0.0.0:0 LISTENING TCP 10.2.63.46:135 10.2.62.108:56728 ESTABLISHED TCP 10.2.63.46:139 0.0.0.0:0 LISTENING TCP 10.2.63.46:445 10.2.62.10:60212 ESTABLISHED TCP 10.2.63.46:445 10.2.62.64:52714 ESTABLISHED TCP 10.2.63.46:445 10.2.62.66:59391 ESTABLISHED TCP 10.2.63.46:445 10.2.62.77:52869 ESTABLISHED TCP 10.2.63.46:445 10.2.62.84:64172 ESTABLISHED TCP 10.2.63.46:445 10.2.62.85:49813 ESTABLISHED TCP 10.2.63.46:445 10.2.62.99:61116 ESTABLISHED TCP 10.2.63.46:445 10.2.62.108:55837 ESTABLISHED TCP 10.2.63.46:647 0.0.0.0:0 LISTENING TCP 10.2.63.46:647 10.2.63.21:57141 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.10:58363 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.64:53782 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.66:59399 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.77:49216 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.85:65258 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.99:63160 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.100:61868 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.108:56729 ESTABLISHED TCP 10.2.63.46:49670 10.2.62.108:62714 ESTABLISHED TCP 10.2.63.46:49670 10.2.63.21:57863 ESTABLISHED TCP 10.2.63.46:49839 206.148.0.34:443 ESTABLISHED TCP 10.2.63.46:49842 10.2.63.48:445 ESTABLISHED TCP 10.2.63.46:49916 103.36.248.58:443 ESTABLISHED TCP 10.2.63.46:49919 206.148.0.125:443 ESTABLISHED TCP 10.2.63.46:50012 103.36.248.58:443 ESTABLISHED TCP 10.2.63.46:50101 8.38.48.118:443 ESTABLISHED TCP 10.2.63.46:51295 10.2.63.48:445 ESTABLISHED TCP 10.2.63.46:51296 10.2.63.48:445 ESTABLISHED TCP 10.2.63.46:51297 10.2.63.48:445 ESTABLISHED TCP 10.2.63.46:54219 125.253.56.44:443 ESTABLISHED TCP 127.0.0.1:445 127.0.0.1:53959 ESTABLISHED TCP 127.0.0.1:3389 127.0.0.1:54217 CLOSE_WAIT TCP 127.0.0.1:6290 127.0.0.1:49695 ESTABLISHED TCP 127.0.0.1:9395 0.0.0.0:0 LISTENING TCP 127.0.0.1:42000 0.0.0.0:0 LISTENING TCP 127.0.0.1:49695 127.0.0.1:6290 ESTABLISHED TCP 127.0.0.1:49742 127.0.0.1:49743 ESTABLISHED TCP 127.0.0.1:49743 127.0.0.1:49742 ESTABLISHED TCP 127.0.0.1:49758 127.0.0.1:49759 ESTABLISHED TCP 127.0.0.1:49759 127.0.0.1:49758 ESTABLISHED TCP 127.0.0.1:49763 0.0.0.0:0 LISTENING TCP 127.0.0.1:50093 127.0.0.1:51821 ESTABLISHED TCP 127.0.0.1:51821 0.0.0.0:0 LISTENING TCP 127.0.0.1:51821 127.0.0.1:50093 ESTABLISHED TCP 127.0.0.1:53959 127.0.0.1:445 ESTABLISHED TCP 127.0.0.1:54196 127.0.0.1:3389 TIME_WAIT TCP 127.0.0.1:54207 127.0.0.1:49763 TIME_WAIT TCP 127.0.0.1:54208 127.0.0.1:3389 TIME_WAIT TCP 127.0.0.1:54209 127.0.0.1:49763 TIME_WAIT TCP 127.0.0.1:54212 127.0.0.1:49763 TIME_WAIT TCP 127.0.0.1:54214 127.0.0.1:49763 TIME_WAIT TCP 127.0.0.1:54215 127.0.0.1:49763 TIME_WAIT TCP 127.0.0.1:54217 127.0.0.1:3389 FIN_WAIT_2 TCP 127.0.0.1:54218 127.0.0.1:49763 TIME_WAIT TCP 127.0.0.1:54220 127.0.0.1:49763 TIME_WAIT TCP [::]:135 [::]:0 LISTENING TCP [::]:445 [::]:0 LISTENING TCP [::]:3389 [::]:0 LISTENING TCP [::]:5985 [::]:0 LISTENING TCP [::]:6160 [::]:0 LISTENING TCP [::]:6162 [::]:0 LISTENING TCP [::]:6183 [::]:0 LISTENING TCP [::]:6184 [::]:0 LISTENING TCP [::]:6190 [::]:0 LISTENING TCP [::]:6290 [::]:0 LISTENING TCP [::]:11731 [::]:0 LISTENING TCP [::]:47001 [::]:0 LISTENING TCP [::]:49664 [::]:0 LISTENING TCP [::]:49665 [::]:0 LISTENING TCP [::]:49666 [::]:0 LISTENING TCP [::]:49667 [::]:0 LISTENING TCP [::]:49668 [::]:0 LISTENING TCP [::]:49669 [::]:0 LISTENING TCP [::]:49670 [::]:0 LISTENING TCP [::]:49672 [::]:0 LISTENING TCP [::]:49709 [::]:0 LISTENING TCP [::]:49781 [::]:0 LISTENING TCP [::]:53957 [::]:0 LISTENING TCP [::1]:9395 [::]:0 LISTENING UDP 0.0.0.0:123 *:* UDP 0.0.0.0:500 *:* UDP 0.0.0.0:3389 *:* UDP 0.0.0.0:4500 *:* UDP 0.0.0.0:5353 *:* UDP 0.0.0.0:5355 *:* UDP 0.0.0.0:42000 *:* UDP 0.0.0.0:43212 *:* UDP 0.0.0.0:54990 *:* UDP 0.0.0.0:57296 *:* UDP 0.0.0.0:59052 *:* UDP 0.0.0.0:59053 *:* UDP 0.0.0.0:60236 *:* UDP 0.0.0.0:61234 *:* UDP 0.0.0.0:63032 *:* UDP 0.0.0.0:63034 *:* UDP 0.0.0.0:63956 *:* UDP 10.2.63.46:67 *:* UDP 10.2.63.46:68 *:* UDP 10.2.63.46:137 *:* UDP 10.2.63.46:138 *:* UDP 10.2.63.46:2535 *:* UDP 127.0.0.1:51979 127.0.0.1:51979 UDP 127.0.0.1:52610 127.0.0.1:52610 UDP 127.0.0.1:56482 127.0.0.1:56482 UDP 127.0.0.1:57689 127.0.0.1:57689 UDP 127.0.0.1:59435 127.0.0.1:59435 UDP 127.0.0.1:59437 127.0.0.1:59437 UDP 127.0.0.1:59439 127.0.0.1:59439 UDP 127.0.0.1:60839 127.0.0.1:60839 UDP 127.0.0.1:63055 127.0.0.1:63055 UDP [::]:123 *:* UDP [::]:500 *:* UDP [::]:3389 *:* UDP [::]:4500 *:* UDP [::]:5353 *:* UDP [::]:5355 *:* UDP [::]:54990 *:* UDP [::]:57296 *:* UDP [::]:59053 *:* UDP [::]:60236 *:* UDP [::]:61234 *:* UDP [::]:63956 *:* [ipconfig] Windows IP Configuration Host Name . . . . . . . . . . . . : INO-RUT-FP01 Primary Dns Suffix . . . . . . . : inside.inoxihp.com.au Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : inside.inoxihp.com.au Ethernet adapter Ethernet Instance 0: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection Physical Address. . . . . . . . . : 52-54-00-7C-8E-B1 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::6c3a:be9b:60bb:3502%9(Preferred) IPv4 Address. . . . . . . . . . . : 10.2.63.46(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.2.63.1 DHCPv6 IAID . . . . . . . . . . . : 106058752 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2F-91-E4-AF-52-54-00-7C-8E-B1 DNS Servers . . . . . . . . . . . : 10.2.63.45 10.2.63.47 10.2.63.21 10.2.63.22 NetBIOS over Tcpip. . . . . . . . : Enabled [route] =========================================================================== Interface List 9...52 54 00 7c 8e b1 ......Intel(R) 82574L Gigabit Network Connection 1...........................Software Loopback Interface 1 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.2.63.1 10.2.63.46 281 10.2.63.0 255.255.255.0 On-link 10.2.63.46 281 10.2.63.46 255.255.255.255 On-link 10.2.63.46 281 10.2.63.255 255.255.255.255 On-link 10.2.63.46 281 127.0.0.0 255.0.0.0 On-link 127.0.0.1 331 127.0.0.1 255.255.255.255 On-link 127.0.0.1 331 127.255.255.255 255.255.255.255 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 10.2.63.46 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 331 255.255.255.255 255.255.255.255 On-link 10.2.63.46 281 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 0.0.0.0 0.0.0.0 10.2.63.1 Default =========================================================================== IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 331 ::1/128 On-link 9 281 fe80::/64 On-link 9 281 fe80::6c3a:be9b:60bb:3502/128 On-link 1 331 ff00::/8 On-link 9 281 ff00::/8 On-link =========================================================================== Persistent Routes: None [ifstat] 10.2.63.46 1067370198 11423507069 [svcs] Name StartupType Status DisplayName AJRouter manual stopped AllJoyn Router Service ALG manual stopped Application Layer Gateway Service AppIDSvc manual stopped Application Identity Appinfo manual stopped Application Information AppMgmt manual stopped Application Management AppReadiness manual stopped App Readiness AppVClient disabled stopped Microsoft App-V Client AppXSvc manual stopped AppX Deployment Service (AppXSVC) AudioEndpointBuilder manual stopped Windows Audio Endpoint Builder Audiosrv manual stopped Windows Audio AutomationManagerAgent automatic started Automation Manager Agent AxInstSV disabled stopped ActiveX Installer (AxInstSV) Backup_Service_Controller automatic started Backup Service Controller BASupportExpressSrvcUpdater_N_Central automatic started N-able Take Control Updater Service (N-Central) BASupportExpressStandaloneService_N_Central automatic started N-able Take Control Service (N-Central) BFE automatic started Base Filtering Engine BITS manual stopped Background Intelligent Transfer Service BrokerInfrastructure automatic started Background Tasks Infrastructure Service bthserv manual stopped Bluetooth Support Service camsvc manual stopped Capability Access Manager Service CDPSvc automatic started Connected Devices Platform Service CertPropSvc manual started Certificate Propagation ClipSVC manual stopped Client License Service (ClipSVC) COMSysApp manual stopped COM+ System Application CoreMessagingRegistrar automatic started CoreMessaging CryptSvc automatic started Cryptographic Services CscService disabled stopped Offline Files DcomLaunch automatic started DCOM Server Process Launcher dcsvc manual stopped Declared Configuration(DC) service defragsvc manual stopped Optimize drives DeviceAssociationService manual stopped Device Association Service DeviceInstall manual stopped Device Install Service DevQueryBroker manual stopped DevQuery Background Discovery Broker Dhcp automatic started DHCP Client DHCPServer automatic started DHCP Server diagnosticshub.standardcollector.service manual stopped Microsoft (R) Diagnostics Hub Standard Collector Service DiagTrack automatic started Connected User Experiences and Telemetry DispBrokerDesktopSvc automatic started Display Policy Service DmEnrollmentSvc manual stopped Device Management Enrollment Service dmwappushservice disabled stopped Device Management Wireless Application Protocol (WAP) Push message Routing Service Dnscache automatic started DNS Client DoSvc manual stopped Delivery Optimization dot3svc manual stopped Wired AutoConfig DPS automatic started Diagnostic Policy Service DsmSvc manual stopped Device Setup Manager DsSvc manual stopped Data Sharing Service EapHost manual stopped Extensible Authentication Protocol edgeupdate automatic stopped Microsoft Edge Update Service (edgeupdate) edgeupdatem manual stopped Microsoft Edge Update Service (edgeupdatem) EFS manual stopped Encrypting File System (EFS) embeddedmode manual stopped Embedded Mode EntAppSvc manual stopped Enterprise App Management Service EventLog automatic started Windows Event Log EventSystem automatic started COM+ Event System fdPHost manual stopped Function Discovery Provider Host FDResPub manual stopped Function Discovery Resource Publication FontCache automatic started Windows Font Cache Service FontCache3.0.0.0 manual stopped Windows Presentation Foundation Font Cache 3.0.0.0 FrameServer manual stopped Windows Camera Frame Server FrameServerMonitor manual stopped Windows Camera Frame Server Monitor GoogleChromeElevationService manual stopped Google Chrome Elevation Service (GoogleChromeElevationService) GoogleUpdaterInternalService144.0.7547.0 automatic stopped Google Updater Internal Service (GoogleUpdaterInternalService144.0.7547.0) GoogleUpdaterService144.0.7547.0 automatic stopped Google Updater Service (GoogleUpdaterService144.0.7547.0) gpsvc automatic started Group Policy Client GraphicsPerfSvc disabled stopped GraphicsPerfSvc HelpDeskService automatic started HelpDeskService hidserv manual stopped Human Interface Device Service HvHost manual stopped HV Host Service IDriveService automatic started IDriveService IKEEXT automatic started IKE and AuthIP IPsec Keying Modules InstallService manual stopped Microsoft Store Install Service iphlpsvc automatic started IP Helper KeyIso manual started CNG Key Isolation KPSSVC manual stopped KDC Proxy Server service (KPS) KtmRm manual stopped KtmRm for Distributed Transaction Coordinator LanmanServer automatic started Server LanmanWorkstation automatic started Workstation lfsvc disabled stopped Geolocation Service LicenseManager manual stopped Windows License Manager Service lltdsvc disabled stopped Link-Layer Topology Discovery Mapper lmhosts manual started TCP/IP NetBIOS Helper LSM automatic started Local Session Manager LTService automatic started Viatek Technology Monitoring Service LTSvcMon automatic started Viatek Technology Monitoring Service Watchdog Service MapsBroker disabled stopped Downloaded Maps Manager McpManagementService manual stopped McpManagementService Mesh_Agent automatic started Mesh Agent MicrosoftEdgeElevationService manual stopped Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) mpssvc automatic started Windows Defender Firewall MSDTC automatic started Distributed Transaction Coordinator MSiSCSI manual stopped Microsoft iSCSI Initiator Service msiserver manual stopped Windows Installer NcaSvc manual stopped Network Connectivity Assistant NcbService manual started Network Connection Broker Netlogon automatic started Netlogon Netman manual stopped Network Connections netprofm manual started Network List Service NetSetupSvc manual stopped Network Setup Service NetTcpPortSharing disabled stopped Net.Tcp Port Sharing Service NgcCtnrSvc manual stopped Microsoft Passport Container NgcSvc manual stopped Microsoft Passport NlaSvc automatic started Network Location Awareness nsi automatic started Network Store Interface Service PcaSvc automatic started Program Compatibility Assistant Service PerfHost manual stopped Performance Counter DLL Host pla manual stopped Performance Logs & Alerts PlugPlay manual started Plug and Play PME.Agent.PmeService automatic started PME Agent PolicyAgent manual started IPsec Policy Agent Power automatic started Power PrintNotify manual stopped Printer Extensions and Notifications ProfSvc automatic started User Profile Service PushToInstall disabled stopped Windows PushToInstall Service QWAVE manual stopped Quality Windows Audio Video Experience RasAuto manual stopped Remote Access Auto Connection Manager RasMan automatic started Remote Access Connection Manager RemoteAccess disabled stopped Routing and Remote Access RemoteRegistry automatic stopped Remote Registry RmSvc disabled stopped Radio Management Service RpcEptMapper automatic started RPC Endpoint Mapper RpcLocator manual stopped Remote Procedure Call (RPC) Locator RpcSs automatic started Remote Procedure Call (RPC) RSoPProv manual stopped Resultant Set of Policy Provider sacsvr manual stopped Special Administration Console Helper SamSs automatic started Security Accounts Manager SCardSvr manual stopped Smart Card ScDeviceEnum disabled stopped Smart Card Device Enumeration Service Schedule automatic started Task Scheduler SCPolicySvc manual stopped Smart Card Removal Policy ScreenConnect_Client_(69e7721040ec1250) automatic started ScreenConnect Client (69e7721040ec1250) seclogon manual stopped Secondary Logon SecurityHealthService manual stopped Windows Security Service SEMgrSvc disabled stopped Payments and NFC/SE Manager SENS automatic started System Event Notification Service Sense manual stopped Windows Defender Advanced Threat Protection Service SensorDataService disabled stopped Sensor Data Service SensorService manual stopped Sensor Service SensrSvc manual stopped Sensor Monitoring Service SessionEnv manual started Remote Desktop Configuration SharedAccess disabled stopped Internet Connection Sharing (ICS) ShellHWDetection automatic started Shell Hardware Detection shpamsvc disabled stopped Shared PC Account Manager smphost manual stopped Microsoft Storage Spaces SMP SNMPTRAP manual stopped SNMP Trap SolarWinds.MSP.CacheService automatic started File Cache Service Agent SolarWinds.MSP.RpcServerService automatic started Request Handler Agent Spooler automatic started Print Spooler sppsvc automatic stopped Software Protection SrmReports manual stopped File Server Storage Reports Manager SrmSvc automatic started File Server Resource Manager SSDPSRV disabled stopped SSDP Discovery ssh-agent disabled stopped OpenSSH Authentication Agent SstpSvc manual started Secure Socket Tunneling Protocol Service StateRepository automatic started State Repository Service StiSvc manual stopped Windows Image Acquisition (WIA) StorSvc automatic started Storage Service svsvc manual stopped Spot Verifier swprv automatic stopped Microsoft Software Shadow Copy Provider SysMain automatic started SysMain SystemEventsBroker automatic started System Events Broker TabletInputService manual stopped Touch Keyboard and Handwriting Panel Service tapisrv manual stopped Telephony TermService manual started Remote Desktop Services Themes automatic started Themes TieringEngineService manual stopped Storage Tiers Management TimeBrokerSvc manual started Time Broker TokenBroker manual stopped Web Account Manager TrkWks automatic started Distributed Link Tracking Client TrustedInstaller manual stopped Windows Modules Installer tzautoupdate disabled stopped Auto Time Zone Updater UALSVC automatic started User Access Logging Service UevAgentService disabled stopped User Experience Virtualization Service UmRdpService manual started Remote Desktop Services UserMode Port Redirector upnphost disabled stopped UPnP Device Host UserManager automatic started User Manager UsoSvc automatic started Update Orchestrator Service VaultSvc manual stopped Credential Manager vds manual stopped Virtual Disk VeeamDeploySvc automatic started Veeam Installer Service VeeamEndpointBackupSvc automatic started Veeam Agent for Microsoft Windows VeeamTransportSvc automatic started Veeam Data Mover Service vmicguestinterface manual stopped Hyper-V Guest Service Interface vmicheartbeat manual stopped Hyper-V Heartbeat Service vmickvpexchange manual stopped Hyper-V Data Exchange Service vmicshutdown manual stopped Hyper-V Guest Shutdown Service vmictimesync manual stopped Hyper-V Time Synchronization Service vmicvmsession manual stopped Hyper-V PowerShell Direct Service vmicvss manual stopped Hyper-V Volume Shadow Copy Requestor VSS automatic stopped Volume Shadow Copy W32Time automatic started Windows Time WaaSMedicSvc manual stopped Windows Update Medic Service WalletService disabled stopped WalletService WarpJITSvc manual stopped Warp JIT Service WbioSrvc manual stopped Windows Biometric Service Wcmsvc automatic started Windows Connection Manager WdiServiceHost manual stopped Diagnostic Service Host WdiSystemHost manual started Diagnostic System Host WdNisSvc manual started Microsoft Defender Antivirus Network Inspection Service Wecsvc manual stopped Windows Event Collector WEPHOSTSVC manual stopped Windows Encryption Provider Host Service wercplsupport manual stopped Problem Reports Control Panel Support WerSvc manual stopped Windows Error Reporting Service WiaRpc manual stopped Still Image Acquisition Events WinDefend automatic started Microsoft Defender Antivirus Service Windows_Agent_Maintenance_Service automatic started Windows Agent Maintenance Service Windows_Agent_Service automatic started Windows Agent Service WinHttpAutoProxySvc manual started WinHTTP Web Proxy Auto-Discovery Service Winmgmt automatic started Windows Management Instrumentation WinRM automatic started Windows Remote Management (WS-Management) wisvc disabled stopped Windows Insider Service wlidsvc manual stopped Microsoft Account Sign-in Assistant wmiApSrv manual stopped WMI Performance Adapter WMPNetworkSvc manual stopped Windows Media Player Network Sharing Service WPDBusEnum manual stopped Portable Device Enumerator Service WpnService automatic started Windows Push Notifications System Service WSearch automatic started Windows Search wuauserv automatic stopped Windows Update XymonPSClient automatic started XymonPSClient [uptime] sec: 24975 0 days 6 hours 56 minutes 14 seconds Bootup: 20251210152220.500000+660 [who] SESSIONNAME USERNAME ID STATE TYPE DEVICE >services 0 Disc console 1 Conn 31c5ce94259d4... 65536 Listen rdp-tcp 65537 Listen Total sessions created: 2 Total sessions disconnected: 0 Total sessions reconnected: 0 [users] [XymonConfig] XymonSettings serversList : xymon.twilightcomputer.au serverUrl : serverHttpUsername : serverHttpTimeoutMs : 100000 wanteddisksList : {3} clientname : ino-rut-fp01 clientbbwinmembug : 1 clientsoftware : powershell clientclass : powershell loopinterval : 300 maxlogage : 60 MaxEvents : 5000 slowscanrate : 72 reportevt : 1 EnableWin32_Product : 0 EnableWin32_QuickFixEngineering : 0 EnableWMISections : 0 EnableDiskPart : 0 ClientProcessPriority : Normal clientlogpath : c:\program files\xymon\logs XymonAcceptUTF8 : 0 GetProcessInfoCommandLine : 1 GetProcessInfoOwner : 1 localdatalocation : C:\Program Files\xymon\local servergiflocation : /xymon/gifs/ servers : xymon.twilightcomputer.au clientlogfile : c:\program files\xymon\logs\xymonclient.log clientlogretain : 3 clientconfigfile : c:\program files\xymon\clientconfig.cfg clientfqdn : 0 clientlower : 1 clientremotecfgexec : 1 enableiissection : 1 externalscriptlocation : c:\program files\xymon\ext externaldatalocation : c:\program files\xymon\tmp HaveCmd Name Value ---- ----- qwinsta True query True XymonClientVersion : xymonclient.ps1 2.42 2019-03-11 zak.beck@accenture.com clientname ino-rut-fp01 [XymonPSClientInfo] Collection number: 85 Last transmission method: TCP Id : 4448 Handles : 558 CPU : 192.359375 SI : 0 Name : powershell