[collector:] client cedolini.cressi.unicampania.it.powershell powershell XymonPS [date] sab 01 nov 06:20:58 2025 [clock] epoch: 1761974458 local: sab 01 nov 06:20:58 2025 UTC: sab 01 nov 05:20:58 2025 Time Synchronisation type: NTP NTP server: time.windows.com,0x9 [clientversion] 2.42 [uname] Microsoft Windows 7 Enterprise N Service Pack 1 (build 7601) [cpu] up: 457 days, 0 users, 53 procs, load=0.86% CPU states: total 0.86% cores: 4 CPU PID Image Name Pri Time MemUsage 0,2% 1588 powershell 8 3 69616k 0,2% 960 SVC:BITS/CertPropSvc/iphlpsvc/ 8 2 62020k 0,1% 1560 SVC:OVirtGuestService 8 2 24996k 0,1% 896 SVC:AudioEndpointBuilder/Netma 8 1 130072k 0,1% 840 SVC:AudioSrv/Dhcp/eventlog/Hom 8 1 98760k 0,1% 2308 WmiPrvSE 8 1 11716k 0,1% 1192 WmiPrvSE 8 14:18:52 29220k 0,0% 2968 SVC:WinDefend 8 23:31:00 203576k 0,0% 1148 WmiPrvSE 8 08:33:15 20936k 0,0% 496 services 9 06:57:31 11596k 0,0% 408 SVC:CryptSvc/Dnscache/LanmanWo 8 05:28:41 36552k 0,0% 736 SVC:RpcEptMapper/RpcSs 8 06:18:13 11044k 0,0% 1596 conhost 8 04:36:58 3920k 0,0% 520 lsm 8 04:24:03 8244k 0,0% 1460 SVC:QEMU-GA 8 00:08:11 31248k 0,0% 1516 SVC:XymonPSClient 8 00:02:19 5196k 0,0% 2276 dwm 8 00:00:05 6244k 0,0% 1648 explorer 8 00:31:38 47260k 0,0% 2004 taskhost 8 00:00:59 16636k 0,0% 4608 dwm 8 00:00:00 6072k 0,0% 4400 csrss 13 00:00:34 12012k 0,0% 4028 taskhost 8 00:00:08 18064k 0,0% 6088 SVC:AdobeARMservice 8 00:00:25 10968k 0,0% 4916 explorer 8 00:14:55 50892k 0,0% 4740 winlogon 13 00:00:00 5932k 0,0% 2860 GoogleCrashHandler64 6 00:00:00 1484k 0,0% 2844 GoogleCrashHandler 6 00:00:43 1380k 0,0% 2416 rdpclip 8 00:00:02 7060k 0,0% 3648 SVC:osppsvc 8 00:03:29 13312k 0,0% 3300 rdpclip 8 00:00:00 7856k 0,0% 2988 SVC:FDResPub/SSDPSRV/wcncsvc 8 01:28:11 17768k 0,0% 512 SVC:EFS/SamSs/VaultSvc 9 02:21:57 15388k 0,0% 452 winlogon 13 00:00:00 5364k 0,0% 632 SVC:DcomLaunch/PlugPlay/Power 8 00:30:09 12144k 0,0% 668 winlogon 13 00:00:00 5972k 0,0% 644 taskhost 8 00:01:12 18308k 0,0% 416 csrss 13 00:00:00 4312k 0,0% 240 csrss 13 00:02:47 11628k 0,0% 4 System 8 736k 0,0% 280 smss 11 00:00:00 1376k 0,0% 392 wininit 13 00:00:00 5084k 0,0% 352 csrss 13 04:09:20 5772k 0,0% 0 Idle 0 24k 0,0% 1140 rundll32 8 00:00:00 6708k 0,0% 1216 SVC:DiagTrack 8 00:25:08 28208k 0,0% 1328 SVC:MDM 8 00:03:09 5780k 0,0% 1320 vdagent 13 00:00:00 4300k 0,0% 1080 SVC:BFE/DPS/MpsSvc 8 00:10:49 15648k 0,0% 816 LogonUI 13 00:00:00 20444k 0,0% 696 SVC:vdservice 10 00:03:24 4464k 0,0% 924 SVC:EventSystem/fdPHost/FontCa 8 00:20:14 28044k 0,0% 1048 SVC:Spooler 8 00:05:38 16120k 0,0% 1012 SVC:gpsvc 8 00:06:19 9104k [disk] Filesystem 1K-blocks Used Avail Capacity Mounted Label Summary(Total\Avail GB) C 52323324 43817936 8505388 84% /FIXED/C:\ 49,90\8,11 [memory] memory Total Used physical: 4095 1734 virtual: 4094 1559 page: 0 0 [msgs:EventlogSummary] LogName MaximumSizeInBytes RecordCount LogMode ------- ------------------ ----------- ------- Security 20971520 14184 Circular Application 20971520 82224 Circular System 20971520 55307 Circular [msgs:eventlog_Security] [msgs:eventlog_Application] Error - 11/01/2025 06:17:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. Error - 11/01/2025 06:09:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. Error - 11/01/2025 06:01:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. Error - 11/01/2025 05:53:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. Error - 11/01/2025 05:45:35 - [2011] - Microsoft-Windows-PerfOS - Impossibile raccogliere i dati sulle prestazioni del file di paging. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato. [msgs:eventlog_System] [procs] PID User WorkingSet/Peak VirtualMem/Peak PagedMem/Peak NPS Handles %CPU Start Time Elapsed Name Command 1588 NT AUTHORITY\SYSTEM 69616/95328 611084/613132 77276/87832 32 430 0,2 2024-07-31 12:31:52 659149 powershell "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy RemoteSigned -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File "C:\Program Files\xymon\xymonclient.ps1" 960 NT AUTHORITY\SYSTEM 62020/119912 264712/593448 90640/163428 206 1404 0,2 2024-07-31 12:31:42 659149 SVC:BITS/CertPropSvc/iphlpsvc/LanmanServer/ProfSvc/Schedule/SENS/SessionEnv/ShellHWDetection/Winmgmt/wuauserv C:\Windows\system32\svchost.exe -k netsvcs 1560 NT AUTHORITY\SYSTEM 24996/25172 95484/98044 18708/18828 22 262 0,1 2024-07-31 12:31:52 659149 SVC:OVirtGuestService "C:\Program Files (x86)\Redhat\RHEV\Drivers\Agent\OVirtGuestService.exe" 896 NT AUTHORITY\SYSTEM 130072/174800 251992/285104 131908/175664 23 452 0,1 2024-07-31 12:31:42 659149 SVC:AudioEndpointBuilder/Netman/PcaSvc/SysMain/TrkWks/UmRdpService/UxSms/wudfsvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted 840 NT AUTHORITY\SERVIZIO LOCALE 98760/103428 197236/211948 122096/122672 29 581 0,1 2024-07-31 12:31:42 659149 SVC:AudioSrv/Dhcp/eventlog/HomeGroupProvider/lmhosts/wscsvc C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted 2308 NT AUTHORITY\SERVIZIO LOCALE 11716/11968 48068/49644 7152/7444 12 216 0,1 2024-07-31 12:32:11 659149 WmiPrvSE C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding 1192 NT AUTHORITY\SYSTEM 29220/32292 79576/110928 23580/25816 20 281 0,1 2024-07-31 12:32:05 659149 WmiPrvSE C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding 2968 NT AUTHORITY\SYSTEM 203576/844148 483884/1153324 171328/811648 130 463 0,0 2024-07-31 12:33:56 659147 SVC:WinDefend C:\Windows\System32\svchost.exe -k secsvcs 1148 NT AUTHORITY\SERVIZIO DI RETE 20936/23024 86024/93692 12828/14912 15 359 0,0 2024-07-31 12:32:00 659149 WmiPrvSE C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding 496 NT AUTHORITY\SYSTEM 11596/11904 40760/47460 6412/7076 13 249 0,0 2024-07-31 12:31:38 659149 services C:\Windows\system32\services.exe 408 NT AUTHORITY\SERVIZIO DI RETE 36552/70104 186544/209164 36604/64184 68 766 0,0 2024-07-31 12:31:49 659149 SVC:CryptSvc/Dnscache/LanmanWorkstation/NlaSvc/TermService C:\Windows\system32\svchost.exe -k NetworkService 736 NT AUTHORITY\SERVIZIO DI RETE 11044/11220 61384/97696 6052/6364 17 325 0,0 2024-07-31 12:31:42 659149 SVC:RpcEptMapper/RpcSs C:\Windows\system32\svchost.exe -k RPCSS 1596 NT AUTHORITY\SYSTEM 3920/3944 25840/26700 1704/1768 5 33 0,0 2024-07-31 12:31:52 659149 conhost \??\C:\Windows\system32\conhost.exe "403145530850256370188597234221091145511594478079-9954971916560377991131793947 520 NT AUTHORITY\SYSTEM 8244/8404 32800/35368 4480/5040 11 307 0,0 2024-07-31 12:31:38 659149 lsm C:\Windows\system32\lsm.exe 1460 NT AUTHORITY\SYSTEM 31248/40060 95708/97756 45908/45968 9 85 0,0 2024-07-31 12:31:51 659149 SVC:QEMU-GA "C:\Program Files\qemu-ga\qemu-ga.exe" -d 1516 NT AUTHORITY\SYSTEM 5196/5248 40044/42092 2704/2804 6 60 0,0 2024-07-31 12:31:52 659149 SVC:XymonPSClient "C:\Program Files\xymon\nssm.exe" 2276 CEDOLINI\stipendi 6244/22120 59520/78356 1908/18356 8 89 0,0 2024-08-01 11:45:48 657755 dwm "C:\Windows\system32\Dwm.exe" 1648 CEDOLINI\stipendi 47260/83052 295360/384260 48716/66472 58 852 0,0 2024-08-01 11:45:48 657755 explorer C:\Windows\Explorer.EXE 2004 CEDOLINI\Administrator 16636/17080 136068/142044 13664/13948 28 259 0,0 2025-01-15 14:17:42 417123 taskhost taskhost.exe USER 4608 CEDOLINI\Administrator 6072/14548 56640/66680 2028/10676 7 88 0,0 2025-01-15 14:17:42 417123 dwm "C:\Windows\system32\Dwm.exe" 4400 NT AUTHORITY\SYSTEM 12012/12728 178252/209812 2828/2932 12 301 0,0 2025-01-15 14:16:57 417124 csrss %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 4028 CEDOLINI\stipendi 18064/25668 107812/110464 12384/19416 20 285 0,0 2025-01-15 12:26:01 417235 taskhost "taskhost.exe" 6088 NT AUTHORITY\SYSTEM 10968/12052 77764/87128 3984/4668 20 265 0,0 2025-09-08 14:00:08 77301 SVC:AdobeARMservice "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" 4916 CEDOLINI\Administrator 50892/83388 305004/401920 50792/85852 51 843 0,0 2025-01-15 14:17:42 417123 explorer C:\Windows\Explorer.EXE 4740 NT AUTHORITY\SYSTEM 5932/5968 28100/56420 2016/2248 7 101 0,0 2025-01-15 14:16:57 417124 winlogon winlogon.exe 2860 NT AUTHORITY\SYSTEM 1484/4764 43360/45408 1696/1764 7 81 0,0 2024-07-31 12:33:56 659147 GoogleCrashHandler64 "C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe" 2844 NT AUTHORITY\SYSTEM 1380/4692 46412/51532 1600/1824 9 90 0,0 2024-07-31 12:33:56 659147 GoogleCrashHandler "C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe" 2416 CEDOLINI\stipendi 7060/8112 60988/64572 2404/3192 7 169 0,0 2024-08-01 11:45:48 657755 rdpclip rdpclip 3648 NT AUTHORITY\SERVIZIO DI RETE 13312/13484 45220/47780 5096/5336 8 163 0,0 2024-08-01 12:32:38 657708 SVC:osppsvc "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" 3300 CEDOLINI\Administrator 7856/7968 66916/69988 2072/2248 8 117 0,0 2025-01-15 14:17:42 417123 rdpclip rdpclip 2988 NT AUTHORITY\SERVIZIO LOCALE 17768/21556 74480/79088 14200/17700 25 327 0,0 2024-07-31 12:33:56 659147 SVC:FDResPub/SSDPSRV/wcncsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation 512 NT AUTHORITY\SYSTEM 15388/15512 50828/53900 7520/7820 27 905 0,0 2024-07-31 12:31:38 659149 SVC:EFS/SamSs/VaultSvc C:\Windows\system32\lsass.exe 452 NT AUTHORITY\SYSTEM 5364/5380 25684/55908 1824/2036 6 82 0,0 2024-07-31 12:31:38 659149 winlogon winlogon.exe 632 NT AUTHORITY\SYSTEM 12144/12724 71236/89748 5568/6404 15 388 0,0 2024-07-31 12:31:41 659149 SVC:DcomLaunch/PlugPlay/Power C:\Windows\system32\svchost.exe -k DcomLaunch 668 NT AUTHORITY\SYSTEM 5972/6008 28100/56420 2056/2212 7 104 0,0 2024-08-01 11:45:45 657755 winlogon winlogon.exe 644 CEDOLINI\stipendi 18308/19336 136316/142772 14600/15444 29 274 0,0 2024-08-01 11:45:48 657755 taskhost "taskhost.exe" 416 NT AUTHORITY\SYSTEM 4312/4312 41964/42028 1920/1984 8 81 0,0 2024-07-31 12:31:38 659149 csrss %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 240 NT AUTHORITY\SYSTEM 11628/13520 131796/211052 3112/3312 11 383 0,0 2024-08-01 11:45:45 657755 csrss %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 4 Unknown 736/18084 3980/21448 140/304 0 1030 0,0 0 System 280 NT AUTHORITY\SYSTEM 1376/1396 4496/17852 576/640 2 38 0,0 2024-07-31 12:31:34 659149 smss \SystemRoot\System32\smss.exe 392 NT AUTHORITY\SYSTEM 5084/5112 45304/52424 1744/2124 10 83 0,0 2024-07-31 12:31:38 659149 wininit wininit.exe 352 NT AUTHORITY\SYSTEM 5772/5816 50140/51676 3344/3408 12 659 0,0 2024-07-31 12:31:38 659149 csrss %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 0 24/24 0/0 0/0 0 0 0,0 0 Idle 1140 CEDOLINI\Administrator 6708/6748 63544/65080 1816/2020 7 74 0,0 2025-01-15 14:17:42 417123 rundll32 C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding 1216 NT AUTHORITY\SYSTEM 28208/28620 98568/103372 11748/12228 15 242 0,0 2024-07-31 12:31:51 659149 SVC:DiagTrack C:\Windows\System32\svchost.exe -k utcsvc 1328 NT AUTHORITY\SYSTEM 5780/5828 53960/57800 2136/2304 9 82 0,0 2024-07-31 12:31:51 659149 SVC:MDM "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe" 1320 NT AUTHORITY\SYSTEM 4300/4360 63352/69496 1480/1568 6 67 0,0 2024-07-31 12:31:51 659149 vdagent C:\Program Files (x86)\Redhat\RHEV\Drivers\Spice\vdagent.exe 1080 NT AUTHORITY\SERVIZIO LOCALE 15648/15980 52976/59852 10120/10356 32 325 0,0 2024-07-31 12:31:50 659149 SVC:BFE/DPS/MpsSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork 816 NT AUTHORITY\SYSTEM 20444/30864 94240/95888 11120/23688 26 190 0,0 2024-07-31 12:31:42 659149 LogonUI "LogonUI.exe" /flags:0x0 696 NT AUTHORITY\SYSTEM 4464/4504 43512/47608 1644/1732 6 65 0,0 2024-07-31 12:31:41 659149 SVC:vdservice "C:\Program Files (x86)\Redhat\RHEV\Drivers\Spice\vdservice.exe" 924 NT AUTHORITY\SERVIZIO LOCALE 28044/30884 166580/246620 18752/41056 35 653 0,0 2024-07-31 12:31:42 659149 SVC:EventSystem/fdPHost/FontCache/netprofm/nsi/WdiServiceHost/WinHttpAutoProxySvc C:\Windows\system32\svchost.exe -k LocalService 1048 NT AUTHORITY\SYSTEM 16120/17384 88984/107420 9164/10576 21 395 0,0 2024-07-31 12:31:50 659149 SVC:Spooler C:\Windows\System32\spoolsv.exe 1012 NT AUTHORITY\SYSTEM 9104/9164 37364/39412 3996/4160 10 162 0,0 2024-07-31 12:31:42 659149 SVC:gpsvc C:\Windows\system32\svchost.exe -k GPSvcGroup [netstat] Pacchettiricevuti=26092596 Erroridiintestazionericevuti=0 Erroridiindirizzoricevuti=220216 Datagrammiinoltrati=0 Protocollisconosciutiricevuti=0 Pacchettiricevutiscartati=11242 Pacchettiricevuticonsegnati=26554130 Richiestedioutput=9692450 Routingscartati=0 Pacchettidioutputscartati=424 Pacchettioutputsenzaroute=0 Richiestediriassemblaggio=0 Riassemblaggiriusciti=0 Erroridiriassemblaggio=0 Datagrammiframmentati=0 Erroriframmentazionedatagrammi=0 Frammenticreati=0 Pacchettiricevuti=349553 Erroridiintestazionericevuti=0 Erroridiindirizzoricevuti=10 Datagrammiinoltrati=0 Protocollisconosciutiricevuti=0 Pacchettiricevutiscartati=1199 Pacchettiricevuticonsegnati=1296476 Richiestedioutput=1597897 Routingscartati=0 Pacchettidioutputscartati=0 Pacchettioutputsenzaroute=2 Richiestediriassemblaggio=0 Riassemblaggiriusciti=0 Erroridiriassemblaggio=0 Datagrammiframmentati=0 Erroriframmentazionedatagrammi=0 Frammenticreati=0 Apertureattive=541649 Aperturepassive=130970 Tentativiconnessionenonriusciti=23 Connessionireimpostate=273688 Connessionicorrenti=0 Segmentiricevuti=9450019 Segmentitrasmessi=14461016 Segmentiritrasmessi=4860 Apertureattive=96 Aperturepassive=140 Tentativiconnessionenonriusciti=30 Connessionireimpostate=2 Connessionicorrenti=0 Segmentiricevuti=1304 Segmentitrasmessi=1125 Segmentiritrasmessi=41 DatagrammiRicevuti=16029061 Nessunaporta=11237 Erroriinricezione=3 Datagrammitrasmessi=264696 DatagrammiRicevuti=35054 Nessunaporta=1197 Erroriinricezione=0 Datagrammitrasmessi=650234 [ports] Connessioni attive Proto Indirizzo locale Indirizzo esterno Stato TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING TCP 10.224.4.205:139 0.0.0.0:0 LISTENING TCP [::]:135 [::]:0 LISTENING TCP [::]:445 [::]:0 LISTENING TCP [::]:3389 [::]:0 LISTENING TCP [::]:5357 [::]:0 LISTENING TCP [::]:49152 [::]:0 LISTENING TCP [::]:49153 [::]:0 LISTENING TCP [::]:49154 [::]:0 LISTENING TCP [::]:49155 [::]:0 LISTENING TCP [::]:49156 [::]:0 LISTENING UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:5355 *:* UDP 0.0.0.0:50109 *:* UDP 0.0.0.0:50111 *:* UDP 10.224.4.205:137 *:* UDP 10.224.4.205:138 *:* UDP 10.224.4.205:1900 *:* UDP 10.224.4.205:57378 *:* UDP 127.0.0.1:1900 *:* UDP 127.0.0.1:57379 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:5355 *:* UDP [::]:50110 *:* UDP [::]:50112 *:* UDP [::1]:1900 *:* UDP [::1]:57377 *:* UDP [fe80::3984:5fc2:17e1:50fe%11]:546 *:* UDP [fe80::3984:5fc2:17e1:50fe%11]:1900 *:* UDP [fe80::3984:5fc2:17e1:50fe%11]:57376 *:* [ipconfig] Configurazione IP di Windows Nome host . . . . . . . . . . . . . . : cedolini Suffisso DNS primario . . . . . . . . : cressi.unicampania.it Tipo nodo . . . . . . . . . . . . . . : Ibrido Routing IP abilitato. . . . . . . . . : No Proxy WINS abilitato . . . . . . . . : No Elenco di ricerca suffissi DNS. . . . : cressi.unicampania.it Scheda Ethernet Connessione alla rete locale (LAN): Suffisso DNS specifico per connessione: Descrizione . . . . . . . . . . . . . : Red Hat VirtIO Ethernet Adapter Indirizzo fisico. . . . . . . . . . . : 00-01-A4-A5-D1-0F DHCP abilitato. . . . . . . . . . . . : No Configurazione automatica abilitata : S? Indirizzo IPv6 locale rispetto al collegamento . : fe80::3984:5fc2:17e1:50fe%11(Preferenziale) Indirizzo IPv4. . . . . . . . . . . . : 10.224.4.205(Preferenziale) Subnet mask . . . . . . . . . . . . . : 255.255.254.0 Gateway predefinito . . . . . . . . . : 10.224.4.1 IAID DHCPv6 . . . . . . . . . . . : 184549796 DUID Client DHCPv6. . . . . . . . : 00-01-00-01-21-44-36-45-00-01-A4-A5-D1-0F Server DNS . . . . . . . . . . . . . : 193.206.103.215 193.206.103.214 NetBIOS su TCP/IP . . . . . . . . . . : Attivato Scheda Tunnel isatap.{56875D57-2610-4E84-A6EF-12CA448DA252}: Stato supporto. . . . . . . . . . . . : Supporto disconnesso Suffisso DNS specifico per connessione: Descrizione . . . . . . . . . . . . . : Microsoft ISATAP Adapter Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP abilitato. . . . . . . . . . . . : No Configurazione automatica abilitata : S? [route] =========================================================================== Elenco interfacce 11...00 01 a4 a5 d1 0f ......Red Hat VirtIO Ethernet Adapter 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter =========================================================================== IPv4 Tabella route =========================================================================== Route attive: Indirizzo rete Mask Gateway Interfaccia Metrica 0.0.0.0 0.0.0.0 10.224.4.1 10.224.4.205 261 10.224.4.0 255.255.254.0 On-link 10.224.4.205 261 10.224.4.205 255.255.255.255 On-link 10.224.4.205 261 10.224.5.255 255.255.255.255 On-link 10.224.4.205 261 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 10.224.4.205 261 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 10.224.4.205 261 =========================================================================== Route permanenti: Indirizzo rete Mask Indir. gateway Metrica 0.0.0.0 0.0.0.0 10.224.4.1 Predefinito =========================================================================== IPv6 Tabella route =========================================================================== Route attive: Interf Metrica Rete Destinazione Gateway 1 306 ::1/128 On-link 11 261 fe80::/64 On-link 11 261 fe80::3984:5fc2:17e1:50fe/128 On-link 1 306 ff00::/8 On-link 11 261 ff00::/8 On-link =========================================================================== Route permanenti: Nessuna [ifstat] 10.224.4.205 3076878937 2468551843 [svcs] Name StartupType Status DisplayName AdobeARMservice automatic started Adobe Acrobat Update Service AeLookupSvc manual stopped Verifica compatibilit? applicazioni ALG manual stopped Servizio Gateway di livello applicazione AppIDSvc manual stopped Identit? applicazione Appinfo manual stopped Informazioni applicazioni AppMgmt manual stopped Gestione applicazione aspnet_state manual stopped Servizio stato di ASP.NET AudioEndpointBuilder manual started Generatore endpoint audio di Windows AudioSrv automatic started Audio di Windows AxInstSV manual stopped ActiveX Installer (AxInstSV) BDESVC manual stopped Servizio di crittografia unit? BitLocker BFE automatic started BFE (Base Filtering Engine) BITS manual started Servizio trasferimento intelligente in background Browser manual stopped Browser di computer bthserv manual stopped Servizio Supporto Tecnico Bluetooth CertPropSvc manual started Propagazione certificati clr_optimization_v2.0.50727_32 disabled stopped Microsoft .NET Framework NGEN v2.0.50727_X86 clr_optimization_v2.0.50727_64 disabled stopped Microsoft .NET Framework NGEN v2.0.50727_X64 clr_optimization_v4.0.30319_32 automatic stopped Microsoft .NET Framework NGEN v4.0.30319_X86 clr_optimization_v4.0.30319_64 automatic stopped Microsoft .NET Framework NGEN v4.0.30319_X64 COMSysApp manual stopped Applicazione di sistema COM+ CryptSvc automatic started Servizi di crittografia CscService manual stopped File non linea DcomLaunch automatic started Utilit? di avvio processi server DCOM defragsvc manual stopped Utilit? di deframmentazione dischi Dhcp manual started Client DHCP DiagTrack automatic started Diagnostics Tracking Service Dnscache automatic started Client DNS dot3svc manual stopped Configurazione automatica reti cablate DPS automatic started Servizio Criteri di diagnostica EapHost manual stopped Extensible Authentication Protocol EFS automatic started EFS (Encrypting File System) eventlog automatic started Registro eventi di Windows EventSystem automatic started COM+ Event System Fax manual stopped Fax fdPHost manual started Host provider di individuazione funzioni FDResPub manual started Pubblicazione risorse per individuazione FontCache automatic started Servizio cache tipi di carattere Windows FontCache3.0.0.0 manual stopped Cache tipi di carattere Windows Presentation Foundation 3.0.0.0 GoogleChromeElevationService manual stopped Google Chrome Elevation Service (GoogleChromeElevationService) gpsvc automatic started Client di Criteri di gruppo gupdate automatic stopped Servizio Google Update (gupdate) gupdatem manual stopped Servizio Google Update (gupdatem) hidserv manual stopped Accesso dispositivo Human Interface hkmsvc manual stopped Gestione chiavi e certificati di integrit? HomeGroupListener manual stopped Listener Gruppo Home HomeGroupProvider manual started Provider Gruppo Home idsvc manual stopped Windows CardSpace IEEtwCollectorService manual stopped Internet Explorer ETW Collector Service IKEEXT manual stopped Moduli di impostazione chiavi IPSec IKE e Auth-IP IPBusEnum manual stopped Enumeratore bus IP PnP-X iphlpsvc automatic started Helper IP KeyIso manual stopped Isolamento chiavi CNG KtmRm manual stopped KtmRm per Distributed Transaction Coordinator LanmanServer automatic started Server LanmanWorkstation automatic started Workstation lltdsvc manual stopped Mapper individuazione topologia livelli di collegamento lmhosts automatic started Helper NetBIOS di TCP/IP MDM automatic started Machine Debug Manager Microsoft_SharePoint_Workspace_Audit_Service manual stopped Microsoft SharePoint Workspace Audit Service MMCSS automatic stopped Utilit? di pianificazione classi multimediali MpsSvc automatic started Windows Firewall MSDTC manual stopped Distributed Transaction Coordinator MSiSCSI manual stopped Servizio iniziatore iSCSI Microsoft msiserver manual stopped Windows Installer napagent manual stopped Agente protezione accesso alla rete Netlogon manual stopped Accesso rete Netman manual started Connessioni di rete NetMsmqActivator disabled stopped Adattatore listener Net.Msmq NetPipeActivator disabled stopped Adattatore listener Net.Pipe netprofm manual started Servizio Elenco reti NetTcpActivator disabled stopped Adattatore listener Net.Tcp NetTcpPortSharing disabled stopped Servizio di condivisione porte Net.Tcp NlaSvc automatic started Riconoscimento presenza in rete nsi automatic started Servizio Interfaccia archivio di rete OracleMTSRecoveryService manual stopped OracleMTSRecoveryService ose manual stopped Office Source Engine osppsvc manual started Office Software Protection Platform OVirtGuestService automatic started oVirt Agent p2pimsvc manual stopped Gestione identit? reti peer p2psvc manual stopped Gruppi reti peer PcaSvc automatic started Servizio Risoluzione problemi compatibilit? programmi PeerDistSvc manual stopped BranchCache PerfHost manual stopped Host DLL contatore prestazioni pla manual stopped Avvisi e registri di prestazioni PlugPlay automatic started Plug and Play PNRPAutoReg manual stopped Servizio di pubblicazione nome computer PNRP PNRPsvc manual stopped Protocollo PNRP PolicyAgent manual stopped Agente criteri IPsec Power automatic started Alimentazione ProfSvc automatic started Servizio profili utente ProtectedStorage manual stopped Archiviazione protetta QEMU_Guest_Agent_VSS_Provider manual stopped QEMU Guest Agent VSS Provider QEMU-GA automatic started QEMU Guest Agent QWAVE manual stopped Servizio audio/video Windows di qualit? RasAuto manual stopped Auto Connection Manager di Accesso remoto RasMan manual stopped Connection Manager di Accesso remoto RemoteAccess disabled stopped Routing e Accesso remoto RemoteRegistry manual stopped Registro di sistema remoto RpcEptMapper automatic started Agente mapping endpoint RPC RpcLocator manual stopped RPC Locator RpcSs automatic started RPC (Remote Procedure Call) SamSs automatic started Sistema di gestione degli account di sicurezza (SAM) SCardSvr manual stopped Smart Card Schedule automatic started Utilit? di pianificazione SCPolicySvc manual stopped Criterio rimozione smart card SDRSVC manual stopped Windows Backup seclogon manual stopped Accesso secondario SENS automatic started Servizio di notifica eventi di sistema SensrSvc manual stopped Luminosit? adattiva SessionEnv manual started Configurazione Desktop remoto SharedAccess disabled stopped Condivisione connessione Internet (ICS) ShellHWDetection automatic started Rilevamento hardware shell SNMPTRAP manual stopped Trap SNMP Spooler automatic started Spooler di stampa sppsvc automatic stopped Protezione software sppuinotify manual stopped Servizio di notifica SPP SSDPSRV manual started Individuazione SSDP SstpSvc manual stopped Servizio SSTP (Secure Socket Tunneling Protocol) stisvc manual stopped Acquisizione di immagini di Windows (WIA) StorSvc manual stopped Servizio di archiviazione swprv manual stopped Provider di copie shadow software Microsoft SysMain automatic started Ottimizzazione avvio TabletInputService manual stopped Servizio di input Tablet PC TapiSrv manual stopped Telefonia TermService manual started Servizi Desktop remoto Themes manual stopped Temi THREADORDER manual stopped Server di ordinamento thread TrkWks automatic started Manutenzione collegamenti distribuiti client TrustedInstaller manual stopped Programma di installazione dei moduli di Windows UI0Detect manual stopped Rilevamento servizi interattivi UmRdpService manual started Redirector porta UserMode di Servizi Desktop remoto upnphost manual stopped Host di dispositivi UPnP UxSms automatic started Gestione sessione di Gestione finestre desktop VaultSvc manual started Gestione credenziali vds manual stopped Disco virtuale vdservice automatic started Spice Agent VSS manual stopped Copia shadow del volume W32Time manual stopped Ora di Windows WatAdminSvc manual stopped Servizio Windows Activation Technologies wbengine manual stopped Servizio modulo di backup a livello di blocco WbioSrvc manual stopped Servizio di biometria Windows wcncsvc manual started Windows Connect Now - Registro configurazioni WcsPlugInService manual stopped Sistema colori Windows WdiServiceHost manual started Host servizio di diagnostica WdiSystemHost manual stopped Host sistema di diagnostica WebClient manual stopped WebClient Wecsvc manual stopped Raccolta eventi Windows wercplsupport manual stopped Segnalazioni di problemi e soluzioni nel Pannello di controllo WerSvc manual stopped Servizio Segnalazione errori Windows WiaRpc manual stopped Eventi acquisizione Still Image WinDefend automatic started Windows Defender WinHttpAutoProxySvc manual started Servizio rilevamento automatico proxy WinHTTP Winmgmt automatic started Strumentazione gestione Windows WinRM manual stopped Gestione remota Windows (WS-Management) Wlansvc manual stopped Configurazione automatica WLAN wmiApSrv manual stopped Scheda WMI Performance WPCSvc manual stopped Parental Controls wscsvc automatic started Centro sicurezza PC WSearch manual stopped Windows Search wuauserv automatic started Windows Update wudfsvc manual started Windows Driver Foundation - Framework driver modalit? utente WwanSvc manual stopped Configurazione automatica WWAN XymonPSClient automatic started XymonPSClient [uptime] sec: 39548966 457 days 17 hours 49 minutes 26 seconds Bootup: 20240731123128.421875+120 [who] NOMESESSIONE NOMEUTENTE ID STATO TIPO DISPOSITIVO >services 0 Disc console 1 Conn stipendi 2 Disc Administrator 3 Disc rdp-tcp 65536 Rimani in ascolto Totale sessioni create: 41 Totale sessioni disconnesse: 123 Totale sessioni riconnesse: 84 [users] NOMEUTENTE NOMESESSIONE ID STATO INATTIVIT? ACCESSO stipendi 2 Disc 283+14:44 01/08/2024 10:45 administrator 3 Disc 281+10:24 15/01/2025 14:17 [XymonConfig] XymonSettings serversList : 10.224.4.197 serverUrl : serverHttpUsername : serverHttpTimeoutMs : 100000 wanteddisksList : {3} clientname : cedolini.cressi.unicampania.it clientsoftware : powershell clientclass : powershell loopinterval : 300 maxlogage : 60 MaxEvents : 5000 slowscanrate : 72 reportevt : 1 EnableWin32_Product : 0 EnableWin32_QuickFixEngineering : 0 EnableWMISections : 0 EnableIISSection : 1 EnableDiskPart : 0 ClientProcessPriority : Normal clientlogpath : c:\program files\xymon clientlogretain : 0 XymonAcceptUTF8 : 0 GetProcessInfoCommandLine : 1 GetProcessInfoOwner : 1 externalscriptlocation : C:\Program Files\xymon\ext externaldatalocation : C:\Program Files\xymon\tmp localdatalocation : C:\Program Files\xymon\local servergiflocation : /xymon/gifs/ servers : 10.224.4.197 clientlogfile : c:\program files\xymon\xymonclient.log clientconfigfile : c:\program files\xymon\clientconfig.cfg clientfqdn : 1 clientlower : 1 clientbbwinmembug : 0 clientremotecfgexec : 1 HaveCmd Name Value ---- ----- qwinsta True query True XymonClientVersion : xymonclient.ps1 2.42 2019-03-11 zak.beck@accenture.com clientname cedolini.cressi.unicampania.it [XymonPSClientInfo] Collection number: 131668 Last transmission method: TCP Id : 1588 Handles : 263 CPU : 274330,375 Name : powershell