[collector:] client cedolini.cressi.unicampania.it.powershell powershell XymonPS [date] sab 01 nov 08:26:06 2025 [clock] epoch: 1761981967 local: sab 01 nov 08:26:06 2025 UTC: sab 01 nov 07:26:06 2025 Time Synchronisation type: NTP NTP server: time.windows.com,0x9 [clientversion] 2.42 [uname] Microsoft Windows 7 Enterprise N Service Pack 1 (build 7601) [cpu] up: 457 days, 0 users, 53 procs, load=0.84% CPU states: total 0.84% cores: 4 CPU PID Image Name Pri Time MemUsage 0,2% 1588 powershell 8 3 69876k 0,2% 960 SVC:BITS/CertPropSvc/iphlpsvc/ 8 2 62036k 0,1% 1560 SVC:OVirtGuestService 8 2 24996k 0,1% 840 SVC:AudioSrv/Dhcp/eventlog/Hom 8 1 98772k 0,1% 2308 WmiPrvSE 8 1 11720k 0,1% 1192 WmiPrvSE 8 14:19:04 29216k 0,0% 2968 SVC:WinDefend 8 23:31:12 203568k 0,0% 1148 WmiPrvSE 8 08:33:21 21744k 0,0% 896 SVC:AudioEndpointBuilder/Netma 8 1 130056k 0,0% 736 SVC:RpcEptMapper/RpcSs 8 06:18:18 11044k 0,0% 2988 SVC:FDResPub/SSDPSRV/wcncsvc 8 01:28:12 17752k 0,0% 1596 conhost 8 04:37:01 3920k 0,0% 352 csrss 13 04:09:24 5772k 0,0% 408 SVC:CryptSvc/Dnscache/LanmanWo 8 05:28:45 36604k 0,0% 512 SVC:EFS/SamSs/VaultSvc 9 02:21:59 15364k 0,0% 520 lsm 8 04:24:05 8244k 0,0% 496 services 9 06:57:36 11576k 0,0% 2276 dwm 8 00:00:05 6244k 0,0% 2004 taskhost 8 00:00:59 16636k 0,0% 6088 SVC:AdobeARMservice 8 00:00:25 10972k 0,0% 1648 explorer 8 00:31:39 47260k 0,0% 4916 explorer 8 00:14:55 50892k 0,0% 1516 SVC:XymonPSClient 8 00:02:19 5200k 0,0% 4740 winlogon 13 00:00:00 5932k 0,0% 4028 taskhost 8 00:00:08 18064k 0,0% 2860 GoogleCrashHandler64 6 00:00:00 1484k 0,0% 3648 SVC:osppsvc 8 00:03:29 13316k 0,0% 3300 rdpclip 8 00:00:00 7856k 0,0% 4608 dwm 8 00:00:00 6072k 0,0% 2416 rdpclip 8 00:00:02 7060k 0,0% 4400 csrss 13 00:00:34 12012k 0,0% 2844 GoogleCrashHandler 6 00:00:43 1376k 0,0% 632 SVC:DcomLaunch/PlugPlay/Power 8 00:30:10 12136k 0,0% 452 winlogon 13 00:00:00 5364k 0,0% 644 taskhost 8 00:01:12 18308k 0,0% 696 SVC:vdservice 10 00:03:24 4464k 0,0% 668 winlogon 13 00:00:00 5972k 0,0% 240 csrss 13 00:02:47 11628k 0,0% 4 System 8 736k 0,0% 280 smss 11 00:00:00 1376k 0,0% 416 csrss 13 00:00:00 4312k 0,0% 392 wininit 13 00:00:00 5084k 0,0% 816 LogonUI 13 00:00:00 20444k 0,0% 1216 SVC:DiagTrack 8 00:25:09 28208k 0,0% 0 Idle 0 24k 0,0% 1320 vdagent 13 00:00:00 4300k 0,0% 1460 SVC:QEMU-GA 8 00:08:11 31244k 0,0% 1328 SVC:MDM 8 00:03:09 5780k 0,0% 1012 SVC:gpsvc 8 00:06:19 9104k 0,0% 924 SVC:EventSystem/fdPHost/FontCa 8 00:20:14 28036k 0,0% 1048 SVC:Spooler 8 00:05:38 16136k 0,0% 1140 rundll32 8 00:00:00 6708k 0,0% 1080 SVC:BFE/DPS/MpsSvc 8 00:10:49 15648k [disk] Filesystem 1K-blocks Used Avail Capacity Mounted Label Summary(Total\Avail GB) C 52323324 43818448 8504876 84% /FIXED/C:\ 49,90\8,11 [memory] memory Total Used physical: 4095 1735 virtual: 4094 1559 page: 0 0 [msgs:EventlogSummary] LogName MaximumSizeInBytes RecordCount LogMode ------- ------------------ ----------- ------- Security 20971520 14184 Circular Application 20971520 82241 Circular System 20971520 55315 Circular [msgs:eventlog_Security] [msgs:eventlog_Application] Error - 11/01/2025 08:25:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. Error - 11/01/2025 08:17:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. Error - 11/01/2025 08:09:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. Information - 11/01/2025 08:05:05 - [0] - gupdate - Error - 11/01/2025 08:01:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. Error - 11/01/2025 07:53:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. [msgs:eventlog_System] [procs] PID User WorkingSet/Peak VirtualMem/Peak PagedMem/Peak NPS Handles %CPU Start Time Elapsed Name Command 1588 NT AUTHORITY\SYSTEM 69876/95328 611084/613132 77720/87832 32 430 0,2 2024-07-31 12:31:52 659274 powershell "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy RemoteSigned -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File "C:\Program Files\xymon\xymonclient.ps1" 960 NT AUTHORITY\SYSTEM 62036/119912 264676/593448 90620/163428 206 1400 0,2 2024-07-31 12:31:42 659274 SVC:BITS/CertPropSvc/iphlpsvc/LanmanServer/ProfSvc/Schedule/SENS/SessionEnv/ShellHWDetection/Winmgmt/wuauserv C:\Windows\system32\svchost.exe -k netsvcs 1560 NT AUTHORITY\SYSTEM 24996/25172 95484/98044 18708/18828 22 264 0,1 2024-07-31 12:31:52 659274 SVC:OVirtGuestService "C:\Program Files (x86)\Redhat\RHEV\Drivers\Agent\OVirtGuestService.exe" 840 NT AUTHORITY\SERVIZIO LOCALE 98772/103428 197236/211948 122096/122672 29 578 0,1 2024-07-31 12:31:42 659274 SVC:AudioSrv/Dhcp/eventlog/HomeGroupProvider/lmhosts/wscsvc C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted 2308 NT AUTHORITY\SERVIZIO LOCALE 11720/11968 48068/49644 7152/7444 12 216 0,1 2024-07-31 12:32:11 659274 WmiPrvSE C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding 1192 NT AUTHORITY\SYSTEM 29216/32292 79576/110928 23580/25816 20 281 0,1 2024-07-31 12:32:05 659274 WmiPrvSE C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding 2968 NT AUTHORITY\SYSTEM 203568/844148 483884/1153324 171328/811648 130 463 0,0 2024-07-31 12:33:56 659272 SVC:WinDefend C:\Windows\System32\svchost.exe -k secsvcs 1148 NT AUTHORITY\SERVIZIO DI RETE 21744/23024 86276/93692 13364/14912 16 364 0,0 2024-07-31 12:32:00 659274 WmiPrvSE C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding 896 NT AUTHORITY\SYSTEM 130056/174800 251992/285104 131900/175664 23 452 0,0 2024-07-31 12:31:42 659274 SVC:AudioEndpointBuilder/Netman/PcaSvc/SysMain/TrkWks/UmRdpService/UxSms/wudfsvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted 736 NT AUTHORITY\SERVIZIO DI RETE 11044/11220 61384/97696 6052/6364 17 325 0,0 2024-07-31 12:31:42 659274 SVC:RpcEptMapper/RpcSs C:\Windows\system32\svchost.exe -k RPCSS 2988 NT AUTHORITY\SERVIZIO LOCALE 17752/21556 73968/79088 14148/17700 25 325 0,0 2024-07-31 12:33:56 659272 SVC:FDResPub/SSDPSRV/wcncsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation 1596 NT AUTHORITY\SYSTEM 3920/3944 25840/26700 1704/1768 5 33 0,0 2024-07-31 12:31:52 659274 conhost \??\C:\Windows\system32\conhost.exe "403145530850256370188597234221091145511594478079-9954971916560377991131793947 352 NT AUTHORITY\SYSTEM 5772/5816 50140/51676 3344/3408 12 655 0,0 2024-07-31 12:31:38 659274 csrss %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 408 NT AUTHORITY\SERVIZIO DI RETE 36604/70104 187056/209164 36648/64184 68 770 0,0 2024-07-31 12:31:49 659274 SVC:CryptSvc/Dnscache/LanmanWorkstation/NlaSvc/TermService C:\Windows\system32\svchost.exe -k NetworkService 512 NT AUTHORITY\SYSTEM 15364/15512 50316/53900 7448/7820 27 903 0,0 2024-07-31 12:31:38 659274 SVC:EFS/SamSs/VaultSvc C:\Windows\system32\lsass.exe 520 NT AUTHORITY\SYSTEM 8244/8404 32800/35368 4480/5040 11 307 0,0 2024-07-31 12:31:38 659274 lsm C:\Windows\system32\lsm.exe 496 NT AUTHORITY\SYSTEM 11576/11904 40248/47460 6360/7076 13 247 0,0 2024-07-31 12:31:38 659274 services C:\Windows\system32\services.exe 2276 CEDOLINI\stipendi 6244/22120 59520/78356 1908/18356 8 89 0,0 2024-08-01 11:45:48 657880 dwm "C:\Windows\system32\Dwm.exe" 2004 CEDOLINI\Administrator 16636/17080 136068/142044 13668/13948 28 260 0,0 2025-01-15 14:17:42 417248 taskhost taskhost.exe USER 6088 NT AUTHORITY\SYSTEM 10972/12052 77764/87128 3988/4668 20 267 0,0 2025-09-08 14:00:08 77426 SVC:AdobeARMservice "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" 1648 CEDOLINI\stipendi 47260/83052 295360/384260 48716/66472 58 852 0,0 2024-08-01 11:45:48 657880 explorer C:\Windows\Explorer.EXE 4916 CEDOLINI\Administrator 50892/83388 305004/401920 50792/85852 51 843 0,0 2025-01-15 14:17:42 417248 explorer C:\Windows\Explorer.EXE 1516 NT AUTHORITY\SYSTEM 5200/5248 40044/42092 2704/2804 6 62 0,0 2024-07-31 12:31:52 659274 SVC:XymonPSClient "C:\Program Files\xymon\nssm.exe" 4740 NT AUTHORITY\SYSTEM 5932/5968 28100/56420 2016/2248 7 101 0,0 2025-01-15 14:16:57 417249 winlogon winlogon.exe 4028 CEDOLINI\stipendi 18064/25668 107812/110464 12384/19416 20 285 0,0 2025-01-15 12:26:01 417360 taskhost "taskhost.exe" 2860 NT AUTHORITY\SYSTEM 1484/4764 43360/45408 1696/1764 7 81 0,0 2024-07-31 12:33:56 659272 GoogleCrashHandler64 "C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe" 3648 NT AUTHORITY\SERVIZIO DI RETE 13316/13484 45220/47780 5096/5336 8 163 0,0 2024-08-01 12:32:38 657833 SVC:osppsvc "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" 3300 CEDOLINI\Administrator 7856/7968 66916/69988 2072/2248 8 117 0,0 2025-01-15 14:17:42 417248 rdpclip rdpclip 4608 CEDOLINI\Administrator 6072/14548 56640/66680 2028/10676 7 88 0,0 2025-01-15 14:17:42 417248 dwm "C:\Windows\system32\Dwm.exe" 2416 CEDOLINI\stipendi 7060/8112 60988/64572 2404/3192 7 169 0,0 2024-08-01 11:45:48 657880 rdpclip rdpclip 4400 NT AUTHORITY\SYSTEM 12012/12728 178252/209812 2828/2932 12 301 0,0 2025-01-15 14:16:57 417249 csrss %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 2844 NT AUTHORITY\SYSTEM 1376/4692 46412/51532 1604/1824 9 90 0,0 2024-07-31 12:33:56 659272 GoogleCrashHandler "C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe" 632 NT AUTHORITY\SYSTEM 12136/12724 70724/89748 5520/6404 15 388 0,0 2024-07-31 12:31:41 659274 SVC:DcomLaunch/PlugPlay/Power C:\Windows\system32\svchost.exe -k DcomLaunch 452 NT AUTHORITY\SYSTEM 5364/5380 25684/55908 1824/2036 6 82 0,0 2024-07-31 12:31:38 659274 winlogon winlogon.exe 644 CEDOLINI\stipendi 18308/19336 136316/142772 14596/15444 29 275 0,0 2024-08-01 11:45:48 657880 taskhost "taskhost.exe" 696 NT AUTHORITY\SYSTEM 4464/4504 43512/47608 1644/1732 6 65 0,0 2024-07-31 12:31:41 659274 SVC:vdservice "C:\Program Files (x86)\Redhat\RHEV\Drivers\Spice\vdservice.exe" 668 NT AUTHORITY\SYSTEM 5972/6008 28100/56420 2056/2212 7 104 0,0 2024-08-01 11:45:45 657880 winlogon winlogon.exe 240 NT AUTHORITY\SYSTEM 11628/13520 131796/211052 3112/3312 11 383 0,0 2024-08-01 11:45:45 657880 csrss %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 4 Unknown 736/18084 3980/21448 140/304 0 1030 0,0 0 System 280 NT AUTHORITY\SYSTEM 1376/1396 4496/17852 576/640 2 38 0,0 2024-07-31 12:31:34 659274 smss \SystemRoot\System32\smss.exe 416 NT AUTHORITY\SYSTEM 4312/4312 41964/42028 1920/1984 8 81 0,0 2024-07-31 12:31:38 659274 csrss %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 392 NT AUTHORITY\SYSTEM 5084/5112 45304/52424 1744/2124 10 83 0,0 2024-07-31 12:31:38 659274 wininit wininit.exe 816 NT AUTHORITY\SYSTEM 20444/30864 94240/95888 11120/23688 26 190 0,0 2024-07-31 12:31:42 659274 LogonUI "LogonUI.exe" /flags:0x0 1216 NT AUTHORITY\SYSTEM 28208/28628 98568/103372 11748/12228 15 244 0,0 2024-07-31 12:31:51 659274 SVC:DiagTrack C:\Windows\System32\svchost.exe -k utcsvc 0 24/24 0/0 0/0 0 0 0,0 0 Idle 1320 NT AUTHORITY\SYSTEM 4300/4360 63352/69496 1480/1568 6 67 0,0 2024-07-31 12:31:51 659274 vdagent C:\Program Files (x86)\Redhat\RHEV\Drivers\Spice\vdagent.exe 1460 NT AUTHORITY\SYSTEM 31244/40060 95708/97756 45908/45968 9 85 0,0 2024-07-31 12:31:51 659274 SVC:QEMU-GA "C:\Program Files\qemu-ga\qemu-ga.exe" -d 1328 NT AUTHORITY\SYSTEM 5780/5828 53960/57800 2136/2304 9 82 0,0 2024-07-31 12:31:51 659274 SVC:MDM "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe" 1012 NT AUTHORITY\SYSTEM 9104/9164 37364/39412 3996/4160 10 162 0,0 2024-07-31 12:31:42 659274 SVC:gpsvc C:\Windows\system32\svchost.exe -k GPSvcGroup 924 NT AUTHORITY\SERVIZIO LOCALE 28036/30884 166068/246620 18700/41056 35 657 0,0 2024-07-31 12:31:42 659274 SVC:EventSystem/fdPHost/FontCache/netprofm/nsi/WdiServiceHost/WinHttpAutoProxySvc C:\Windows\system32\svchost.exe -k LocalService 1048 NT AUTHORITY\SYSTEM 16136/17384 89240/107420 9216/10576 21 393 0,0 2024-07-31 12:31:50 659274 SVC:Spooler C:\Windows\System32\spoolsv.exe 1140 CEDOLINI\Administrator 6708/6748 63544/65080 1816/2020 7 74 0,0 2025-01-15 14:17:42 417248 rundll32 C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding 1080 NT AUTHORITY\SERVIZIO LOCALE 15648/15980 52976/59852 10120/10356 32 325 0,0 2024-07-31 12:31:50 659274 SVC:BFE/DPS/MpsSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork [netstat] Pacchettiricevuti=26096399 Erroridiintestazionericevuti=0 Erroridiindirizzoricevuti=220257 Datagrammiinoltrati=0 Protocollisconosciutiricevuti=0 Pacchettiricevutiscartati=11242 Pacchettiricevuticonsegnati=26558023 Richiestedioutput=9693319 Routingscartati=0 Pacchettidioutputscartati=424 Pacchettioutputsenzaroute=0 Richiestediriassemblaggio=0 Riassemblaggiriusciti=0 Erroridiriassemblaggio=0 Datagrammiframmentati=0 Erroriframmentazionedatagrammi=0 Frammenticreati=0 Pacchettiricevuti=349617 Erroridiintestazionericevuti=0 Erroridiindirizzoricevuti=10 Datagrammiinoltrati=0 Protocollisconosciutiricevuti=0 Pacchettiricevutiscartati=1199 Pacchettiricevuticonsegnati=1296720 Richiestedioutput=1598202 Routingscartati=0 Pacchettidioutputscartati=0 Pacchettioutputsenzaroute=2 Richiestediriassemblaggio=0 Riassemblaggiriusciti=0 Erroridiriassemblaggio=0 Datagrammiframmentati=0 Erroriframmentazionedatagrammi=0 Frammenticreati=0 Apertureattive=541749 Aperturepassive=130995 Tentativiconnessionenonriusciti=23 Connessionireimpostate=273738 Connessionicorrenti=0 Segmentiricevuti=9450655 Segmentitrasmessi=14462448 Segmentiritrasmessi=4860 Apertureattive=96 Aperturepassive=140 Tentativiconnessionenonriusciti=30 Connessionireimpostate=2 Connessionicorrenti=0 Segmentiricevuti=1304 Segmentitrasmessi=1125 Segmentiritrasmessi=41 DatagrammiRicevuti=16032113 Nessunaporta=11237 Erroriinricezione=3 Datagrammitrasmessi=264737 DatagrammiRicevuti=35058 Nessunaporta=1197 Erroriinricezione=0 Datagrammitrasmessi=650359 [ports] Connessioni attive Proto Indirizzo locale Indirizzo esterno Stato TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING TCP 10.224.4.205:139 0.0.0.0:0 LISTENING TCP [::]:135 [::]:0 LISTENING TCP [::]:445 [::]:0 LISTENING TCP [::]:3389 [::]:0 LISTENING TCP [::]:5357 [::]:0 LISTENING TCP [::]:49152 [::]:0 LISTENING TCP [::]:49153 [::]:0 LISTENING TCP [::]:49154 [::]:0 LISTENING TCP [::]:49155 [::]:0 LISTENING TCP [::]:49156 [::]:0 LISTENING UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:5355 *:* UDP 0.0.0.0:50109 *:* UDP 0.0.0.0:50111 *:* UDP 10.224.4.205:137 *:* UDP 10.224.4.205:138 *:* UDP 10.224.4.205:1900 *:* UDP 10.224.4.205:57378 *:* UDP 127.0.0.1:1900 *:* UDP 127.0.0.1:57379 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:5355 *:* UDP [::]:50110 *:* UDP [::]:50112 *:* UDP [::1]:1900 *:* UDP [::1]:57377 *:* UDP [fe80::3984:5fc2:17e1:50fe%11]:1900 *:* UDP [fe80::3984:5fc2:17e1:50fe%11]:57376 *:* [ipconfig] Configurazione IP di Windows Nome host . . . . . . . . . . . . . . : cedolini Suffisso DNS primario . . . . . . . . : cressi.unicampania.it Tipo nodo . . . . . . . . . . . . . . : Ibrido Routing IP abilitato. . . . . . . . . : No Proxy WINS abilitato . . . . . . . . : No Elenco di ricerca suffissi DNS. . . . : cressi.unicampania.it Scheda Ethernet Connessione alla rete locale (LAN): Suffisso DNS specifico per connessione: Descrizione . . . . . . . . . . . . . : Red Hat VirtIO Ethernet Adapter Indirizzo fisico. . . . . . . . . . . : 00-01-A4-A5-D1-0F DHCP abilitato. . . . . . . . . . . . : No Configurazione automatica abilitata : S? Indirizzo IPv6 locale rispetto al collegamento . : fe80::3984:5fc2:17e1:50fe%11(Preferenziale) Indirizzo IPv4. . . . . . . . . . . . : 10.224.4.205(Preferenziale) Subnet mask . . . . . . . . . . . . . : 255.255.254.0 Gateway predefinito . . . . . . . . . : 10.224.4.1 IAID DHCPv6 . . . . . . . . . . . : 184549796 DUID Client DHCPv6. . . . . . . . : 00-01-00-01-21-44-36-45-00-01-A4-A5-D1-0F Server DNS . . . . . . . . . . . . . : 193.206.103.215 193.206.103.214 NetBIOS su TCP/IP . . . . . . . . . . : Attivato Scheda Tunnel isatap.{56875D57-2610-4E84-A6EF-12CA448DA252}: Stato supporto. . . . . . . . . . . . : Supporto disconnesso Suffisso DNS specifico per connessione: Descrizione . . . . . . . . . . . . . : Microsoft ISATAP Adapter Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP abilitato. . . . . . . . . . . . : No Configurazione automatica abilitata : S? [route] =========================================================================== Elenco interfacce 11...00 01 a4 a5 d1 0f ......Red Hat VirtIO Ethernet Adapter 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter =========================================================================== IPv4 Tabella route =========================================================================== Route attive: Indirizzo rete Mask Gateway Interfaccia Metrica 0.0.0.0 0.0.0.0 10.224.4.1 10.224.4.205 261 10.224.4.0 255.255.254.0 On-link 10.224.4.205 261 10.224.4.205 255.255.255.255 On-link 10.224.4.205 261 10.224.5.255 255.255.255.255 On-link 10.224.4.205 261 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 10.224.4.205 261 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 10.224.4.205 261 =========================================================================== Route permanenti: Indirizzo rete Mask Indir. gateway Metrica 0.0.0.0 0.0.0.0 10.224.4.1 Predefinito =========================================================================== IPv6 Tabella route =========================================================================== Route attive: Interf Metrica Rete Destinazione Gateway 1 306 ::1/128 On-link 11 261 fe80::/64 On-link 11 261 fe80::3984:5fc2:17e1:50fe/128 On-link 1 306 ff00::/8 On-link 11 261 ff00::/8 On-link =========================================================================== Route permanenti: Nessuna [ifstat] 10.224.4.205 3078004386 2469969464 [svcs] Name StartupType Status DisplayName AdobeARMservice automatic started Adobe Acrobat Update Service AeLookupSvc manual stopped Verifica compatibilit? applicazioni ALG manual stopped Servizio Gateway di livello applicazione AppIDSvc manual stopped Identit? applicazione Appinfo manual stopped Informazioni applicazioni AppMgmt manual stopped Gestione applicazione aspnet_state manual stopped Servizio stato di ASP.NET AudioEndpointBuilder manual started Generatore endpoint audio di Windows AudioSrv automatic started Audio di Windows AxInstSV manual stopped ActiveX Installer (AxInstSV) BDESVC manual stopped Servizio di crittografia unit? BitLocker BFE automatic started BFE (Base Filtering Engine) BITS manual started Servizio trasferimento intelligente in background Browser manual stopped Browser di computer bthserv manual stopped Servizio Supporto Tecnico Bluetooth CertPropSvc manual started Propagazione certificati clr_optimization_v2.0.50727_32 disabled stopped Microsoft .NET Framework NGEN v2.0.50727_X86 clr_optimization_v2.0.50727_64 disabled stopped Microsoft .NET Framework NGEN v2.0.50727_X64 clr_optimization_v4.0.30319_32 automatic stopped Microsoft .NET Framework NGEN v4.0.30319_X86 clr_optimization_v4.0.30319_64 automatic stopped Microsoft .NET Framework NGEN v4.0.30319_X64 COMSysApp manual stopped Applicazione di sistema COM+ CryptSvc automatic started Servizi di crittografia CscService manual stopped File non linea DcomLaunch automatic started Utilit? di avvio processi server DCOM defragsvc manual stopped Utilit? di deframmentazione dischi Dhcp manual started Client DHCP DiagTrack automatic started Diagnostics Tracking Service Dnscache automatic started Client DNS dot3svc manual stopped Configurazione automatica reti cablate DPS automatic started Servizio Criteri di diagnostica EapHost manual stopped Extensible Authentication Protocol EFS automatic started EFS (Encrypting File System) eventlog automatic started Registro eventi di Windows EventSystem automatic started COM+ Event System Fax manual stopped Fax fdPHost manual started Host provider di individuazione funzioni FDResPub manual started Pubblicazione risorse per individuazione FontCache automatic started Servizio cache tipi di carattere Windows FontCache3.0.0.0 manual stopped Cache tipi di carattere Windows Presentation Foundation 3.0.0.0 GoogleChromeElevationService manual stopped Google Chrome Elevation Service (GoogleChromeElevationService) gpsvc automatic started Client di Criteri di gruppo gupdate automatic stopped Servizio Google Update (gupdate) gupdatem manual stopped Servizio Google Update (gupdatem) hidserv manual stopped Accesso dispositivo Human Interface hkmsvc manual stopped Gestione chiavi e certificati di integrit? HomeGroupListener manual stopped Listener Gruppo Home HomeGroupProvider manual started Provider Gruppo Home idsvc manual stopped Windows CardSpace IEEtwCollectorService manual stopped Internet Explorer ETW Collector Service IKEEXT manual stopped Moduli di impostazione chiavi IPSec IKE e Auth-IP IPBusEnum manual stopped Enumeratore bus IP PnP-X iphlpsvc automatic started Helper IP KeyIso manual stopped Isolamento chiavi CNG KtmRm manual stopped KtmRm per Distributed Transaction Coordinator LanmanServer automatic started Server LanmanWorkstation automatic started Workstation lltdsvc manual stopped Mapper individuazione topologia livelli di collegamento lmhosts automatic started Helper NetBIOS di TCP/IP MDM automatic started Machine Debug Manager Microsoft_SharePoint_Workspace_Audit_Service manual stopped Microsoft SharePoint Workspace Audit Service MMCSS automatic stopped Utilit? di pianificazione classi multimediali MpsSvc automatic started Windows Firewall MSDTC manual stopped Distributed Transaction Coordinator MSiSCSI manual stopped Servizio iniziatore iSCSI Microsoft msiserver manual stopped Windows Installer napagent manual stopped Agente protezione accesso alla rete Netlogon manual stopped Accesso rete Netman manual started Connessioni di rete NetMsmqActivator disabled stopped Adattatore listener Net.Msmq NetPipeActivator disabled stopped Adattatore listener Net.Pipe netprofm manual started Servizio Elenco reti NetTcpActivator disabled stopped Adattatore listener Net.Tcp NetTcpPortSharing disabled stopped Servizio di condivisione porte Net.Tcp NlaSvc automatic started Riconoscimento presenza in rete nsi automatic started Servizio Interfaccia archivio di rete OracleMTSRecoveryService manual stopped OracleMTSRecoveryService ose manual stopped Office Source Engine osppsvc manual started Office Software Protection Platform OVirtGuestService automatic started oVirt Agent p2pimsvc manual stopped Gestione identit? reti peer p2psvc manual stopped Gruppi reti peer PcaSvc automatic started Servizio Risoluzione problemi compatibilit? programmi PeerDistSvc manual stopped BranchCache PerfHost manual stopped Host DLL contatore prestazioni pla manual stopped Avvisi e registri di prestazioni PlugPlay automatic started Plug and Play PNRPAutoReg manual stopped Servizio di pubblicazione nome computer PNRP PNRPsvc manual stopped Protocollo PNRP PolicyAgent manual stopped Agente criteri IPsec Power automatic started Alimentazione ProfSvc automatic started Servizio profili utente ProtectedStorage manual stopped Archiviazione protetta QEMU_Guest_Agent_VSS_Provider manual stopped QEMU Guest Agent VSS Provider QEMU-GA automatic started QEMU Guest Agent QWAVE manual stopped Servizio audio/video Windows di qualit? RasAuto manual stopped Auto Connection Manager di Accesso remoto RasMan manual stopped Connection Manager di Accesso remoto RemoteAccess disabled stopped Routing e Accesso remoto RemoteRegistry manual stopped Registro di sistema remoto RpcEptMapper automatic started Agente mapping endpoint RPC RpcLocator manual stopped RPC Locator RpcSs automatic started RPC (Remote Procedure Call) SamSs automatic started Sistema di gestione degli account di sicurezza (SAM) SCardSvr manual stopped Smart Card Schedule automatic started Utilit? di pianificazione SCPolicySvc manual stopped Criterio rimozione smart card SDRSVC manual stopped Windows Backup seclogon manual stopped Accesso secondario SENS automatic started Servizio di notifica eventi di sistema SensrSvc manual stopped Luminosit? adattiva SessionEnv manual started Configurazione Desktop remoto SharedAccess disabled stopped Condivisione connessione Internet (ICS) ShellHWDetection automatic started Rilevamento hardware shell SNMPTRAP manual stopped Trap SNMP Spooler automatic started Spooler di stampa sppsvc automatic stopped Protezione software sppuinotify manual stopped Servizio di notifica SPP SSDPSRV manual started Individuazione SSDP SstpSvc manual stopped Servizio SSTP (Secure Socket Tunneling Protocol) stisvc manual stopped Acquisizione di immagini di Windows (WIA) StorSvc manual stopped Servizio di archiviazione swprv manual stopped Provider di copie shadow software Microsoft SysMain automatic started Ottimizzazione avvio TabletInputService manual stopped Servizio di input Tablet PC TapiSrv manual stopped Telefonia TermService manual started Servizi Desktop remoto Themes manual stopped Temi THREADORDER manual stopped Server di ordinamento thread TrkWks automatic started Manutenzione collegamenti distribuiti client TrustedInstaller manual stopped Programma di installazione dei moduli di Windows UI0Detect manual stopped Rilevamento servizi interattivi UmRdpService manual started Redirector porta UserMode di Servizi Desktop remoto upnphost manual stopped Host di dispositivi UPnP UxSms automatic started Gestione sessione di Gestione finestre desktop VaultSvc manual started Gestione credenziali vds manual stopped Disco virtuale vdservice automatic started Spice Agent VSS manual stopped Copia shadow del volume W32Time manual stopped Ora di Windows WatAdminSvc manual stopped Servizio Windows Activation Technologies wbengine manual stopped Servizio modulo di backup a livello di blocco WbioSrvc manual stopped Servizio di biometria Windows wcncsvc manual started Windows Connect Now - Registro configurazioni WcsPlugInService manual stopped Sistema colori Windows WdiServiceHost manual started Host servizio di diagnostica WdiSystemHost manual stopped Host sistema di diagnostica WebClient manual stopped WebClient Wecsvc manual stopped Raccolta eventi Windows wercplsupport manual stopped Segnalazioni di problemi e soluzioni nel Pannello di controllo WerSvc manual stopped Servizio Segnalazione errori Windows WiaRpc manual stopped Eventi acquisizione Still Image WinDefend automatic started Windows Defender WinHttpAutoProxySvc manual started Servizio rilevamento automatico proxy WinHTTP Winmgmt automatic started Strumentazione gestione Windows WinRM manual stopped Gestione remota Windows (WS-Management) Wlansvc manual stopped Configurazione automatica WLAN wmiApSrv manual stopped Scheda WMI Performance WPCSvc manual stopped Parental Controls wscsvc automatic started Centro sicurezza PC WSearch manual stopped Windows Search wuauserv automatic started Windows Update wudfsvc manual started Windows Driver Foundation - Framework driver modalit? utente WwanSvc manual stopped Configurazione automatica WWAN XymonPSClient automatic started XymonPSClient [uptime] sec: 39556474 457 days 19 hours 54 minutes 33 seconds Bootup: 20240731123128.421875+120 [who] NOMESESSIONE NOMEUTENTE ID STATO TIPO DISPOSITIVO >services 0 Disc console 1 Conn stipendi 2 Disc Administrator 3 Disc rdp-tcp 65536 Rimani in ascolto Totale sessioni create: 41 Totale sessioni disconnesse: 123 Totale sessioni riconnesse: 84 [users] NOMEUTENTE NOMESESSIONE ID STATO INATTIVIT? ACCESSO stipendi 2 Disc 283+16:49 01/08/2024 10:45 administrator 3 Disc 281+12:30 15/01/2025 14:17 [XymonConfig] XymonSettings serversList : 10.224.4.197 serverUrl : serverHttpUsername : serverHttpTimeoutMs : 100000 wanteddisksList : {3} clientname : cedolini.cressi.unicampania.it clientsoftware : powershell clientclass : powershell loopinterval : 300 maxlogage : 60 MaxEvents : 5000 slowscanrate : 72 reportevt : 1 EnableWin32_Product : 0 EnableWin32_QuickFixEngineering : 0 EnableWMISections : 0 EnableIISSection : 1 EnableDiskPart : 0 ClientProcessPriority : Normal clientlogpath : c:\program files\xymon clientlogretain : 0 XymonAcceptUTF8 : 0 GetProcessInfoCommandLine : 1 GetProcessInfoOwner : 1 externalscriptlocation : C:\Program Files\xymon\ext externaldatalocation : C:\Program Files\xymon\tmp localdatalocation : C:\Program Files\xymon\local servergiflocation : /xymon/gifs/ servers : 10.224.4.197 clientlogfile : c:\program files\xymon\xymonclient.log clientconfigfile : c:\program files\xymon\clientconfig.cfg clientfqdn : 1 clientlower : 1 clientbbwinmembug : 0 clientremotecfgexec : 1 HaveCmd Name Value ---- ----- qwinsta True query True XymonClientVersion : xymonclient.ps1 2.42 2019-03-11 zak.beck@accenture.com clientname cedolini.cressi.unicampania.it [XymonPSClientInfo] Collection number: 131693 Last transmission method: TCP Id : 1588 Handles : 263 CPU : 274382,8125 Name : powershell