Sat 01 Nov 06:13:05 2025 - Processes ok
 No process checks defined
PID User WorkingSet/Peak VirtualMem/Peak PagedMem/Peak NPS Handles %CPU Start Time Elapsed Name Command
636 NT AUTHORITY\SYSTEM 287880/383792 2147937644/2148052588 270252/376316 226 2497 4.4 2025-10-26 11:01:37 8351 SVC:EFS/Kdc/KeyIso/Netlogon/NTDS/SamSs/VaultSvc C:\windows\system32\lsass.exe
364 NT AUTHORITY\LOCAL SERVICE 25824/42148 2147578552/2148017012 16180/22236 22 560 3.5 2025-10-26 11:01:42 8351 SVC:Dhcp/EventLog/lmhosts/TimeBrokerSvc/vmictimesync C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
2412 NT AUTHORITY\SYSTEM 507740/564692 2148540780/2148544220 463712/520988 38 478 2.5 2025-10-26 11:02:13 8350 powershell "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy RemoteSigned -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File "C:\Program Files\xymon\xymonclient.ps1"
3132 NT AUTHORITY\SYSTEM 92392/96668 763980/788844 53216/61860 62 804 0.3 2025-10-26 11:02:13 8350 SVC:VeeamEndpointBackupSvc "C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe"
2708 Unknown 196140/1043772 2148233872/2149103844 301324/1132176 223 575 0.2 2025-10-26 11:02:12 8350 SVC:WinDefend
2740 NT AUTHORITY\SYSTEM 65496/94940 736372/802164 46876/78976 37 706 0.1 2025-10-26 11:02:12 8350 SVC:WindowsAzureGuestAgent C:\WindowsAzure\GuestAgent_2.7.41491.1172_2025-08-27_190126\WindowsAzureGuestAgent.exe
4 Unknown 144/1772 3464/11080 128/140 0 879 0.0 2025-10-26 11:01:32 8351 System
4996 NT AUTHORITY\SYSTEM 31548/31924 2147562264/2147567804 24384/24488 13 238 0.0 2025-10-26 11:02:57 8350 MicrosoftDependencyAgent "C:\Program Files\Microsoft Dependency Agent\bin\MicrosoftDependencyAgent.exe"
1312 NT AUTHORITY\SYSTEM 69396/457640 2148757592/2149229800 37152/300092 53 1616 0.0 2025-10-26 11:01:42 8351 SVC:Appinfo/BITS/CertPropSvc/gpsvc/iphlpsvc/lfsvc/ProfSvc/sacsvr/Schedule/SENS/SessionEnv/ShellHWDetection/Themes/UserManager/Winmgmt/WpnService C:\windows\system32\svchost.exe -k netsvcs
628 Unknown 11176/13276 2147525376/2147598320 5556/12196 11 349 0.0 2025-10-26 11:01:37 8351 services
1052 NT AUTHORITY\SYSTEM 9088/9808 2147527996/2147533072 2192/2476 11 156 0.0 2025-10-26 11:01:42 8351 SVC:vmicheartbeat C:\windows\system32\svchost.exe -k ICService
860 NT AUTHORITY\NETWORK SERVICE 10916/11060 2147526336/2147533988 4832/4944 21 577 0.0 2025-10-26 11:01:42 8351 SVC:RpcEptMapper/RpcSs C:\windows\system32\svchost.exe -k RPCSS
1012 NT AUTHORITY\SYSTEM 23572/27620 2147673872/2147687056 12880/15872 30 515 0.0 2025-10-26 11:01:42 8351 SVC:DsSvc/NcbService/PcaSvc/UALSVC/UmRdpService/vmickvpexchange/vmicshutdown/wudfsvc C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
2580 NT AUTHORITY\SYSTEM 40304/102400 642876/659044 64812/132372 45 867 0.0 2025-10-26 11:02:12 8350 SVC:RdAgent C:\WindowsAzure\GuestAgent_2.7.41491.1172_2025-08-27_190126\WaAppAgent.exe
2692 NT AUTHORITY\SYSTEM 35272/41408 714784/729232 29248/35464 16 208 0.0 2025-10-26 11:02:12 8350 SVC:vmGuestHealthAgent C:\Packages\Plugins\Microsoft.Azure.Monitor.VirtualMachines.GuestHealth.GuestHealthWindowsAgent\1.0.54\bin\vmGuestHealthAgent.exe
2556 NT AUTHORITY\SYSTEM 7412/7616 2147520248/2147522812 2328/2624 11 158 0.0 2025-10-26 11:02:12 8350 SVC:Dfs C:\windows\system32\dfssvc.exe
2528 Unknown 15332/15872 2147541728/2147548336 7804/8852 11 249 0.0 2025-10-26 11:02:12 8350 SVC:MDCoreSvc
2548 NT AUTHORITY\SYSTEM 3340/13088 2147627100/2147627612 17764/17784 26 304 0.0 2025-10-26 11:02:12 8350 SVC:NtFrs C:\windows\system32\ntfrs.exe
2788 NT AUTHORITY\SYSTEM 5944/6376 59316/63412 1872/2176 7 108 0.0 2025-10-26 11:02:12 8350 SVC:XymonPSClient "C:\Program Files\xymon\nssm.exe"
2608 NT AUTHORITY\SYSTEM 11104/11648 2147535496/2147540372 2532/2864 16 197 0.0 2025-10-26 11:02:12 8350 SVC:vds C:\windows\System32\vds.exe
2592 NT AUTHORITY\SYSTEM 14628/17996 2147547184/2147595316 5196/7500 11 185 0.0 2025-10-26 11:02:12 8350 SVC:StateRepository/tiledatamodelsvc C:\windows\system32\svchost.exe -k appmodel
2756 NT AUTHORITY\SYSTEM 8100/8688 43708/47776 1980/2260 9 95 0.0 2025-10-26 11:02:12 8350 SVC:WindowsAzureNetAgentSvc C:\WindowsAzure\WindowsAzureNetAgent_1.0.0.178\WindowsAzureNetAgent\WindowsAzureNetAgent.exe
4580 NT AUTHORITY\SYSTEM 5260/5500 2147545588/2147546808 1160/1264 7 97 0.0 2025-10-26 11:02:54 8350 conhost \??\C:\windows\system32\conhost.exe 0x4
4528 NT AUTHORITY\SYSTEM 11568/11736 2147540964/2147544728 3644/3752 13 3484 0.0 2025-10-26 11:02:54 8350 AMAExtHealthMonitor AMAExtHealthMonitor.exe Global\AMA-HealthMonitor-ShutdownEvent AzureMonitorAgent-ResetEvent enable
4460 NT AUTHORITY\SYSTEM 6760/7740 2147518228/2147519252 1540/1948 7 94 0.0 2025-10-26 11:04:01 8348 MonAgentHost -LocalPath "C:\WindowsAzure\Resources\AMADataStore.AzDIR1-K16" -parent 1332 -mcsmode -ShutDownEvent AzureMonitorAgentExtension-ShutdownEventName -TotalShutDownEvent AzureMonitorAgentExtension-TotalShutdownEventName
5860 NT AUTHORITY\SYSTEM 15636/16124 2147550016/2147552080 4484/4752 14 287 0.0 2025-10-31 11:37:57 1115 MpDefenderCoreService "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpDefenderCoreService.exe" "network_client"
4932 NT AUTHORITY\SYSTEM 3392/3620 2147499948/2147503032 648/720 4 52 0.0 2025-10-26 11:02:57 8350 SVC:MicrosoftDependencyAgent "C:\Program Files\Microsoft Dependency Agent\bin\agentwrap.exe"
4784 NT AUTHORITY\SYSTEM 21292/22564 2147617572/2147635204 8624/10008 24 307 0.0 2025-10-26 11:04:17 8348 MonAgentManager -serviceShutdown MonAgentShutdownEvent.4460 -parent 4460 -deploymentdir "C:\Packages\Plugins\Microsoft.Azure.Monitor.AzureMonitorWindowsAgent\1.3.0.0\Monitoring\Agent" -LocalPath "C:\WindowsAzure\Resources\AMADataStore.AzDIR1-K16" "-mcsmode" "-ShutDownEvent" "AzureMonitorAgentExtension-ShutdownEventName" "-TotalShutDownEvent" "AzureMonitorAgentExtension-TotalShutdownEventName" -LogPath "C:\WindowsAzure\Resources\AMADataStore.AzDIR1-K16\Configuration\MonAgentHost.60.log"
3952 NT AUTHORITY\SYSTEM 1444/10640 2147558016/2147559040 3240/3376 11 155 0.0 2025-10-26 11:02:33 8350 rundll32 "C:\windows\system32\rundll32.exe" C:\windows\system32\pla.dll,PlaHost "RTEvents" "0xe5c_0xfa0_0x24eca375"
6464 NT AUTHORITY\SYSTEM 14492/14808 2147546604/2147550196 3616/3964 13 283 0.0 2025-10-27 10:11:43 6961 MpDefenderCoreService "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpDefenderCoreService.exe" "network_client"
3580 NT AUTHORITY\SYSTEM 34104/49792 2147657368/2147690136 18608/24440 37 618 0.0 2025-10-26 11:04:18 8348 MonAgentCore -deploymentdir "C:\Packages\Plugins\Microsoft.Azure.Monitor.AzureMonitorWindowsAgent\1.3.0.0\Monitoring\Agent" -LocalPath "C:\WindowsAzure\Resources\AMADataStore.AzDIR1-K16" -mcsmode -managerver 1 -parent 4784 -ShutDownEvent AzureMonitorAgentExtension-ShutdownEventName4460 -TotalShutDownEvent AzureMonitorAgentExtension-TotalShutdownEventName4460 -ConfigFile "C:\WindowsAzure\Resources\AMADataStore.AzDIR1-K16\mcs\mcsconfig.lkg.xml"
3576 NT AUTHORITY\LOCAL SERVICE 10424/10740 2147556568/2147559648 4104/4536 37 178 0.0 2025-10-26 11:02:46 8350 SVC:WdNisSvc "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\NisSrv.exe"
3752 NT AUTHORITY\SYSTEM 1448/10304 2147558016/2147559040 3040/3176 11 155 0.0 2025-10-26 11:02:25 8350 rundll32 "C:\windows\system32\rundll32.exe" C:\windows\system32\pla.dll,PlaHost "GAEvents" "0xd2c_0xf2c_0x207726f5"
3712 NT AUTHORITY\SYSTEM 10388/10784 2147526144/2147530920 2772/5376 9 158 0.0 2025-10-26 11:02:15 8350 WmiPrvSE C:\windows\system32\wbem\wmiprvse.exe -Embedding
3604 NT AUTHORITY\SYSTEM 6196/6412 2147517796/2147519988 1532/1704 7 123 0.0 2025-11-01 05:04:48 68 WaSecAgentProv "C:\WindowsAzure\SecAgent\WaSecAgentProv.exe" -startPoll C:\WindowsAzure\Logs\ 168.63.129.16 5248000 3600000 21600000
808 NT AUTHORITY\SYSTEM 19576/19896 2147553660/2147562396 6416/6888 21 606 0.0 2025-10-26 11:01:41 8351 SVC:BrokerInfrastructure/DcomLaunch/LSM/PlugPlay/Power/SystemEventsBroker C:\windows\system32\svchost.exe -k DcomLaunch
564 NT AUTHORITY\SYSTEM 8624/13088 2147545192/2147556972 2772/5484 9 164 0.0 2025-10-26 11:01:37 8351 winlogon winlogon.exe
516 Window Manager\DWM-1 30044/30128 2147642952/2147644876 13944/17140 19 319 0.0 2025-10-26 11:01:42 8351 dwm "dwm.exe"
1044 NT AUTHORITY\NETWORK SERVICE 23516/24888 2147643880/2147647940 9612/11080 39 750 0.0 2025-10-26 11:01:42 8351 SVC:CryptSvc/Dnscache/LanmanWorkstation/NlaSvc/WinRM C:\windows\system32\svchost.exe -k NetworkService
968 NT AUTHORITY\NETWORK SERVICE 21016/56928 2147648256/2147702044 11988/49012 24 675 0.0 2025-10-26 11:01:42 8351 SVC:TermService C:\windows\System32\svchost.exe -k termsvcs
964 NT AUTHORITY\SYSTEM 5328/5368 2147542296/2147543064 1152/1312 7 92 0.0 2025-11-01 05:04:48 68 conhost \??\C:\windows\system32\conhost.exe 0x4
512 Unknown 3696/7180 2147526824/2147530676 1368/1528 9 121 0.0 2025-10-26 11:01:37 8351 csrss
316 Unknown 1256/1288 2147490116/2147511644 396/468 2 51 0.0 2025-10-26 11:01:32 8351 smss
284 NT AUTHORITY\SYSTEM 43172/51544 2147716220/2147725604 11228/19136 24 422 0.0 2025-10-26 11:01:42 8351 LogonUI "LogonUI.exe" /flags:0x2 /state0:0xa3b79055 /state1:0x41c64e6d
0 4/4 64/64 0/0 0 0 0.0 0 Idle
504 Unknown 5060/5432 2147530516/2147532052 1188/1376 9 102 0.0 2025-10-26 11:01:37 8351 wininit
432 Unknown 4336/4456 2147532580/2147534500 1972/2028 14 483 0.0 2025-10-26 11:01:37 8351 csrss
372 NT AUTHORITY\LOCAL SERVICE 21176/21776 2147600508/2147614324 9076/9184 34 598 0.0 2025-10-26 11:01:42 8351 SVC:CDPSvc/EventSystem/FontCache/netprofm/nsi/W32Time/WinHttpAutoProxySvc C:\windows\system32\svchost.exe -k LocalService
2492 NT AUTHORITY\SYSTEM 29280/43980 2147639368/2147651240 12752/18664 22 455 0.0 2025-10-26 11:02:12 8350 SVC:DiagTrack C:\windows\System32\svchost.exe -k utcsvc
2484 NT AUTHORITY\SYSTEM 75904/102060 611716/618456 62268/89168 35 714 0.0 2025-10-26 11:02:12 8350 SVC:ADWS C:\windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
2476 NT AUTHORITY\SYSTEM 129808/129984 2147662468/2147662984 132396/132936 4910 10415 0.0 2025-10-26 11:02:12 8350 SVC:DNS C:\windows\system32\dns.exe
2520 NT AUTHORITY\SYSTEM 14584/15616 2147578544/2147583664 5344/6328 16 239 0.0 2025-10-26 11:02:12 8350 SVC:AzureNetworkWatcherAgent "C:\Packages\Plugins\Microsoft.Azure.NetworkWatcher.NetworkWatcherAgentWindows\1.4.2192.1\NetworkWatcherAgent\NetworkWatcherAgent.exe" /service
2512 NT AUTHORITY\SYSTEM 5468/5840 2147515540/2147520648 1848/2192 12 122 0.0 2025-10-26 11:02:12 8350 SVC:IsmServ C:\windows\System32\ismserv.exe
2504 NT AUTHORITY\SYSTEM 15724/15752 2147551800/2147552316 5212/5300 20 247 0.0 2025-10-26 11:02:12 8350 SVC:DFSR C:\windows\system32\DFSRs.exe
2436 NT AUTHORITY\SYSTEM 18036/18340 2147588372/2147589140 6280/6512 25 446 0.0 2025-10-26 11:02:12 8350 SVC:Spooler C:\windows\System32\spoolsv.exe
1496 NT AUTHORITY\LOCAL SERVICE 7228/7344 2147522560/2147523584 2092/2116 10 169 0.0 2025-10-26 11:01:45 8351 SVC:Wcmsvc C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted
1332 NT AUTHORITY\SYSTEM 3764/3972 2147503856/2147505512 732/792 5 63 0.0 2025-10-26 11:04:01 8348 MonAgentLauncher Monitoring\Agent\MonAgentLauncher.exe -useenv -ShutDownEvent AzureMonitorAgentExtension-ShutdownEventName -TotalShutDownEvent AzureMonitorAgentExtension-TotalShutdownEventName
1288 NT AUTHORITY\LOCAL SERVICE 23224/25408 2147582356/2147584952 16556/18540 35 463 0.0 2025-10-26 11:01:42 8351 SVC:BFE/CoreMessagingRegistrar/DPS/MpsSvc/pla C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
2332 NT AUTHORITY\NETWORK SERVICE 9516/10928 2147532648/2147535208 2688/3668 12 190 0.0 2025-10-26 11:04:23 8348 SVC:MSDTC C:\windows\System32\msdtc.exe
2240 NT AUTHORITY\SYSTEM 8276/8388 2147520236/2147522284 2284/2284 12 198 0.0 2025-10-26 11:01:54 8351 SVC:LanmanServer C:\windows\System32\svchost.exe -k smbsvcs
2192 NT AUTHORITY\SYSTEM 5784/6100 2147546176/2147546944 1416/1512 8 103 0.0 2025-10-26 11:02:13 8350 conhost \??\C:\windows\system32\conhost.exe 0x4
|
