[collector:] client dc0,alpha,arpa.windows windows [date] 2026-06-06 04:08:55 [osversion] Windows Server 2022 Standard Evaluation, version 6.2.9200.587 (NT 6.2) [winuptime] up 2 days, 05:50, since 2026-06-03 20:18:03 [bios] SystemProductName: Standard PC (Q35 + ICH9, 2009) SystemManufacturer: QEMU BaseBoardManufacturer: BIOSVendor: Proxmox distribution of EDK II BIOSVersion: 4.2025.05-2 BIOSReleaseDate: 11/13/2025 [who] USERNAME SESSIONNAME ID STATE IDLE TIME LOGON TIME - Console 1 Unknown 39d 11h 55m - Administrator - 2 Active 1d 15h 7m 2026-06-04 11:01:20 [diskinfo] \\.\PHYSICALDrive0 Total disk size: 32.00 GB Partitioning style; GPT Partition count: 4 Partition 1 (100.00 MB, type EFI System) Partition 2 ( 16.00 MB, type Microsoft Reserved) Partition 3 ( 31.37 GB, type Basic) Disk Drive C:\ Volume name: File system: NTFS Total space: 31.37 GB Free space: 19.45 GB Block size: 4.00 KB Partition 4 (524.00 MB, type Microsoft Recovery) [dirs_filter_childred] 1. 2542.00 MB C:\Program Files (x86)\Microsoft 2. 1317.27 MB C:\Program Files (x86)\Microsoft\EdgeCore 3. 835.05 MB C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.96 4. 699.78 MB C:\ProgramData\Microsoft\Windows Defender 5. 658.63 MB C:\Program Files (x86)\Microsoft\EdgeCore\148.0.3967.96 6. 658.63 MB C:\Program Files (x86)\Microsoft\EdgeCore\Optimized 7. 370.11 MB C:\Program Files (x86)\Microsoft\EdgeUpdate\Download 8. 333.74 MB C:\ProgramData\Microsoft\Windows Defender\Definition Updates 9. 300.70 MB C:\ProgramData\Microsoft\Windows Defender\Scans 10. 211.53 MB C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A02347A4-BABE-43C5-BA23-3542EE84F51F} [dirs] 1. 2586.28 MB C:\Program Files (x86) 2. 2542.00 MB C:\Program Files (x86)\Microsoft 3. 1317.27 MB C:\Program Files (x86)\Microsoft\EdgeCore 4. 844.85 MB C:\Program Files (x86)\Microsoft\Edge 5. 844.83 MB C:\Program Files (x86)\Microsoft\Edge\Application 6. 835.05 MB C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.96 7. 736.49 MB C:\ProgramData 8. 727.60 MB C:\ProgramData\Microsoft 9. 699.78 MB C:\ProgramData\Microsoft\Windows Defender 10. 658.63 MB C:\Program Files (x86)\Microsoft\EdgeCore\Optimized [winmemory] TOTAL USED FREE MEMORY USAGE Physical 1.93 GB 1581.75 MB 398.67 MB 79.87% Pagefile 990.57 MB 365.39 MB 625.18 MB 36.89% Virtual 2.90 GB 1630.98 MB 1340.00 MB 54.90% [ipconfig] Windows IP Configuration Host Name . . . . . . . . . . . . : dc0 Primary Dns Suffix . . . . . . . : alpha.arpa Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : alpha.arpa Ethernet adapter Ethernet: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Red Hat VirtIO Ethernet Adapter Physical Address. . . . . . . . . : BC-24-11-BA-DD-EA DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:2042:3e48:3901:45ad:2da9:b328:c267(Preferred) Link-local IPv6 Address . . . . . : fe80::45ad:2da9:b328:c267%7(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.10.220(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : fe80::cea:14ff:fe34:ea16%7 192.168.10.1 DHCPv6 IAID . . . . . . . . . . . : 112993297 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-31-AC-EF-94-BC-24-11-BA-DD-EA DNS Servers . . . . . . . . . . . : ::1 127.0.0.1 NetBIOS over Tcpip. . . . . . . . : Enabled [winroute] =========================================================================== Interface List 7...bc 24 11 ba dd ea ......Red Hat VirtIO Ethernet Adapter 1...........................Software Loopback Interface 1 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.220 271 127.0.0.0 255.0.0.0 On-link 127.0.0.1 331 127.0.0.1 255.255.255.255 On-link 127.0.0.1 331 127.255.255.255 255.255.255.255 On-link 127.0.0.1 331 192.168.10.0 255.255.255.0 On-link 192.168.10.220 271 192.168.10.220 255.255.255.255 On-link 192.168.10.220 271 192.168.10.255 255.255.255.255 On-link 192.168.10.220 271 224.0.0.0 240.0.0.0 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 192.168.10.220 271 255.255.255.255 255.255.255.255 On-link 127.0.0.1 331 255.255.255.255 255.255.255.255 On-link 192.168.10.220 271 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 0.0.0.0 0.0.0.0 192.168.10.1 Default =========================================================================== IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 7 31 ::/0 fe80::cea:14ff:fe34:ea16 1 331 ::1/128 On-link 7 31 2001:2042:3e48:3901::/64 On-link 7 271 2001:2042:3e48:3901:45ad:2da9:b328:c267/128 On-link 7 271 fe80::/64 On-link 7 271 fe80::45ad:2da9:b328:c267/128 On-link 1 331 ff00::/8 On-link 7 271 ff00::/8 On-link =========================================================================== Persistent Routes: None [winportsused] IP version Protocol Ports Used # Ports Used % IPv4 TCP 79 0.12 IPv6 TCP 45 0.07 IPv4 UDP 2527 3.86 IPv6 UDP 2520 3.85 [winports] Proto Local Address Foreign Address State PID TCP 0.0.0.0:88 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 916 TCP 0.0.0.0:389 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:464 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:593 0.0.0.0:0 LISTENING 916 TCP 0.0.0.0:636 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 400 TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:9389 0.0.0.0:0 LISTENING 2380 TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 532 TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 516 TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 1328 TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:49894 0.0.0.0:0 LISTENING 2428 TCP 0.0.0.0:49906 0.0.0.0:0 LISTENING 2412 TCP 0.0.0.0:53749 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:53750 0.0.0.0:0 LISTENING 2340 TCP 0.0.0.0:53753 0.0.0.0:0 LISTENING 656 TCP 127.0.0.1:53 0.0.0.0:0 LISTENING 2428 TCP 192.168.10.220:53 0.0.0.0:0 LISTENING 2428 TCP 192.168.10.220:88 192.168.10.221:34168 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:39256 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:39260 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:39898 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:49422 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:49424 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:53964 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:53972 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:54840 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.221:54844 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:35736 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:35750 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:42162 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:42172 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:53512 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:53822 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:53838 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:57802 ESTABLISHED 676 TCP 192.168.10.220:88 192.168.10.222:57812 ESTABLISHED 676 TCP 192.168.10.220:139 0.0.0.0:0 LISTENING 4 TCP 192.168.10.220:389 192.168.10.221:36740 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:45916 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:49856 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:49872 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:51022 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:51024 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:55382 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:55890 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:55898 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:60882 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.221:60890 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.222:35016 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.223:52598 ESTABLISHED 676 TCP 192.168.10.220:389 192.168.10.224:52716 ESTABLISHED 676 TCP 192.168.10.220:445 192.168.10.221:36992 ESTABLISHED 4 TCP 192.168.10.220:445 192.168.10.221:36994 ESTABLISHED 4 TCP 192.168.10.220:445 192.168.10.221:56368 ESTABLISHED 4 TCP 192.168.10.220:445 192.168.10.221:56384 ESTABLISHED 4 TCP 192.168.10.220:445 192.168.10.221:60128 ESTABLISHED 4 TCP 192.168.10.220:445 192.168.10.221:60140 ESTABLISHED 4 TCP 192.168.10.220:445 192.168.10.221:60708 ESTABLISHED 4 TCP 192.168.10.220:445 192.168.10.221:60716 ESTABLISHED 4 TCP 192.168.10.220:445 192.168.10.221:60858 ESTABLISHED 4 TCP 192.168.10.220:3268 192.168.10.222:33580 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:33594 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:38310 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:38316 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:38804 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:38812 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:41910 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:51864 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:51868 ESTABLISHED 676 TCP 192.168.10.220:3268 192.168.10.222:53800 ESTABLISHED 676 TCP [::]:88 [::]:0 LISTENING 676 TCP [::]:135 [::]:0 LISTENING 916 TCP [::]:389 [::]:0 LISTENING 676 TCP [::]:445 [::]:0 LISTENING 4 TCP [::]:464 [::]:0 LISTENING 676 TCP [::]:593 [::]:0 LISTENING 916 TCP [::]:636 [::]:0 LISTENING 676 TCP [::]:3268 [::]:0 LISTENING 676 TCP [::]:3269 [::]:0 LISTENING 676 TCP [::]:3389 [::]:0 LISTENING 400 TCP [::]:5357 [::]:0 LISTENING 4 TCP [::]:5985 [::]:0 LISTENING 4 TCP [::]:9389 [::]:0 LISTENING 2380 TCP [::]:47001 [::]:0 LISTENING 4 TCP [::]:49664 [::]:0 LISTENING 676 TCP [::]:49665 [::]:0 LISTENING 532 TCP [::]:49666 [::]:0 LISTENING 516 TCP [::]:49667 [::]:0 LISTENING 1328 TCP [::]:49668 [::]:0 LISTENING 676 TCP [::]:49894 [::]:0 LISTENING 2428 TCP [::]:49906 [::]:0 LISTENING 2412 TCP [::]:53749 [::]:0 LISTENING 676 TCP [::]:53750 [::]:0 LISTENING 2340 TCP [::]:53753 [::]:0 LISTENING 656 TCP [100::]:53 [::]:0 LISTENING 2428 TCP [100::]:389 [100::]:53751 ESTABLISHED 676 TCP [100::]:389 [100::]:53752 ESTABLISHED 676 TCP [100::]:389 [100::]:60335 ESTABLISHED 676 TCP [100::]:53751 [100::]:389 ESTABLISHED 2452 TCP [100::]:53752 [100::]:389 ESTABLISHED 2452 TCP [100::]:60335 [100::]:389 ESTABLISHED 2428 TCP [67c2:28b3:a92d:ad45:139:483e:4220:120]:53 [::]:0 LISTENING 2428 TCP [67c2:28b3:a92d:ad45:139:483e:4220:120]:61638 [a37e:6503::b01:700:6310:326]:443 ESTABLISHED 2592 TCP [67c2:28b3:a92d:ad45:139:483e:4220:120]:61641 [8406::6b00:424e:42a]:80 ESTABLISHED 1056 TCP [67c2:28b3:a92d:ad45::80fe]:53 [::]:0 LISTENING 2428 TCP [67c2:28b3:a92d:ad45::80fe]:389 [67c2:28b3:a92d:ad45::80fe]:60326 ESTABLISHED 676 TCP [67c2:28b3:a92d:ad45::80fe]:389 [67c2:28b3:a92d:ad45::80fe]:60330 ESTABLISHED 676 TCP [67c2:28b3:a92d:ad45::80fe]:389 [67c2:28b3:a92d:ad45::80fe]:60332 ESTABLISHED 676 TCP [67c2:28b3:a92d:ad45::80fe]:49668 [67c2:28b3:a92d:ad45::80fe]:49897 ESTABLISHED 676 TCP [67c2:28b3:a92d:ad45::80fe]:49668 [67c2:28b3:a92d:ad45::80fe]:49972 ESTABLISHED 676 TCP [67c2:28b3:a92d:ad45::80fe]:49897 [67c2:28b3:a92d:ad45::80fe]:49668 ESTABLISHED 2412 TCP [67c2:28b3:a92d:ad45::80fe]:49972 [67c2:28b3:a92d:ad45::80fe]:49668 ESTABLISHED 676 TCP [67c2:28b3:a92d:ad45::80fe]:60326 [67c2:28b3:a92d:ad45::80fe]:389 ESTABLISHED 2412 TCP [67c2:28b3:a92d:ad45::80fe]:60330 [67c2:28b3:a92d:ad45::80fe]:389 ESTABLISHED 2412 TCP [67c2:28b3:a92d:ad45::80fe]:60332 [67c2:28b3:a92d:ad45::80fe]:389 ESTABLISHED 2428 UDP 127.0.0.1:53 *:* 2428 UDP 192.168.10.220:53 *:* 2428 UDP 192.168.10.220:88 *:* 676 UDP 0.0.0.0:123 *:* 528 UDP 192.168.10.220:137 *:* 4 UDP 192.168.10.220:138 *:* 4 UDP 0.0.0.0:389 *:* 676 UDP 192.168.10.220:464 *:* 676 UDP 0.0.0.0:3389 *:* 400 UDP 0.0.0.0:3702 *:* 1348 UDP 0.0.0.0:3702 *:* 1348 UDP 0.0.0.0:5353 *:* 1056 UDP 0.0.0.0:5355 *:* 1056 UDP 127.0.0.1:49941 *:* 676 UDP 127.0.0.1:50519 *:* 1056 UDP 127.0.0.1:50876 *:* 2452 UDP 0.0.0.0:50880 *:* 2428 UDP 0.0.0.0:50881 *:* 2428 UDP 0.0.0.0:50882 *:* 2428 UDP 0.0.0.0:50883 *:* 2428 UDP 0.0.0.0:50884 *:* 2428 UDP 0.0.0.0:50885 *:* 2428 UDP 0.0.0.0:50886 *:* 2428 UDP 0.0.0.0:50887 *:* 2428 UDP 0.0.0.0:50888 *:* 2428 UDP 0.0.0.0:50889 *:* 2428 UDP 0.0.0.0:50890 *:* 2428 UDP 0.0.0.0:50891 *:* 2428 UDP 0.0.0.0:50892 *:* 2428 UDP 0.0.0.0:50893 *:* 2428 UDP 0.0.0.0:50894 *:* 2428 UDP 0.0.0.0:50895 *:* 2428 UDP 0.0.0.0:50896 *:* 2428 UDP 0.0.0.0:50897 *:* 2428 UDP 0.0.0.0:50898 *:* 2428 UDP 0.0.0.0:50899 *:* 2428 ...IP 0.0.0.0 and PID 2428 spans above 20 entries, and 2480 more with highest local port 53379 UDP 127.0.0.1:56952 *:* 2428 UDP 0.0.0.0:58355 *:* 2428 UDP 127.0.0.1:59538 *:* 2464 UDP 127.0.0.1:60286 *:* 1328 UDP 127.0.0.1:63038 *:* 2340 UDP 127.0.0.1:63069 *:* 2412 UDP 0.0.0.0:63650 *:* 1348 UDP 127.0.0.1:63708 *:* 2380 UDP 0.0.0.0:55880 *:* 1056 UDP 0.0.0.0:60407 *:* 1056 UDP 0.0.0.0:60417 *:* 1056 UDP [100::]:53 *:* 2428 UDP [67c2:28b3:a92d:ad45:139:483e:4220:120]:53 *:* 2428 UDP [67c2:28b3:a92d:ad45::80fe]:53 *:* 2428 UDP [67c2:28b3:a92d:ad45:139:483e:4220:120]:88 *:* 676 UDP [67c2:28b3:a92d:ad45::80fe]:88 *:* 676 UDP [::]:123 *:* 528 UDP [::]:389 *:* 676 UDP [67c2:28b3:a92d:ad45:139:483e:4220:120]:464 *:* 676 UDP [67c2:28b3:a92d:ad45::80fe]:464 *:* 676 UDP [::]:3389 *:* 400 UDP [::]:3702 *:* 1348 UDP [::]:3702 *:* 1348 UDP [::]:5353 *:* 1056 UDP [::]:5355 *:* 1056 UDP [100::]:50877 *:* 2428 UDP [::]:53380 *:* 2428 UDP [::]:53381 *:* 2428 UDP [::]:53382 *:* 2428 UDP [::]:53383 *:* 2428 UDP [::]:53384 *:* 2428 UDP [::]:53385 *:* 2428 UDP [::]:53386 *:* 2428 UDP [::]:53387 *:* 2428 UDP [::]:53388 *:* 2428 UDP [::]:53389 *:* 2428 UDP [::]:53390 *:* 2428 UDP [::]:53391 *:* 2428 UDP [::]:53392 *:* 2428 UDP [::]:53393 *:* 2428 UDP [::]:53394 *:* 2428 UDP [::]:53395 *:* 2428 UDP [::]:53396 *:* 2428 UDP [::]:53397 *:* 2428 UDP [::]:53398 *:* 2428 UDP [::]:53399 *:* 2428 ...IP [::] and PID 2428 spans above 20 entries, and 2480 more with highest local port 55879 UDP [::]:55880 *:* 1056 UDP [::]:58356 *:* 2428 UDP [::]:60407 *:* 1056 UDP [::]:60417 *:* 1056 UDP [::]:63651 *:* 1348 [processes] PROCESS PID USER CPU MEMORY AggregatorHost 1796 NT AUTHORITY\SYSTEM 0.0 % 588.00 KB cmd 5780 ALPHA\Administrator 0.0 % 556.00 KB conhost 4080 ALPHA\Administrator 0.0 % 868.00 KB csrss 4372 NT AUTHORITY\SYSTEM 0.0 % 1.13 MB csrss 524 NT AUTHORITY\SYSTEM 0.0 % 1.02 MB csrss 452 NT AUTHORITY\SYSTEM 0.0 % 1.14 MB ctfmon 3604 ALPHA\Administrator 0.0 % 2.82 MB dfsrs 2412 NT AUTHORITY\SYSTEM 0.0 % 9.24 MB dfssvc 2464 NT AUTHORITY\SYSTEM 0.0 % 1.56 MB dllhost 5764 ALPHA\Administrator 0.0 % 1.91 MB dllhost 3288 NT AUTHORITY\SYSTEM 0.0 % 1.81 MB dns 2428 NT AUTHORITY\SYSTEM 0.0 % 119.51 MB dwm 4892 Window Manager\DWM-2 0.0 % 17.71 MB dwm 372 Window Manager\DWM-1 0.0 % 16.18 MB explorer 2508 ALPHA\Administrator 0.0 % 2.77 MB fontdrvhost 3664 Font Driver Host\UMFD-0 0.0 % 996.00 KB fontdrvhost 3656 Font Driver Host\UMFD-1 0.0 % 932.00 KB fontdrvhost 1416 Font Driver Host\UMFD-2 0.0 % 1.24 MB ismserv 2452 NT AUTHORITY\SYSTEM 0.0 % 1.08 MB LogonUI 4532 NT AUTHORITY\SYSTEM 0.0 % 5.64 MB LogonUI 1008 NT AUTHORITY\SYSTEM 0.0 % 7.54 MB lsass 676 NT AUTHORITY\SYSTEM 0.0 % 37.39 MB Microsoft.ActiveDirectory.WebServices 2380 NT AUTHORITY\SYSTEM 0.0 % 16.41 MB MicrosoftEdgeUpdate 4492 NT AUTHORITY\SYSTEM 0.0 % 1012.00 KB MpDefenderCoreService 2592 NT AUTHORITY\SYSTEM 0.0 % 6.77 MB mrbig64 3048 NT AUTHORITY\SYSTEM 96.9 % 6.36 MB msdtc 4716 NT AUTHORITY\NETWORK SERVICE 0.0 % 1.95 MB MsMpEng 2628 NT AUTHORITY\SYSTEM 0.0 % 94.01 MB MusNotifyIcon 5564 ALPHA\Administrator 0.0 % 772.00 KB NisSrv 3628 NT AUTHORITY\LOCAL SERVICE 0.0 % 3.43 MB rdpclip 4960 ALPHA\Administrator 0.0 % 1.76 MB Registry 104 NT AUTHORITY\SYSTEM 0.0 % 1.50 MB RuntimeBroker 6648 ALPHA\Administrator 0.0 % 1.52 MB RuntimeBroker 5544 ALPHA\Administrator 0.0 % 1.71 MB RuntimeBroker 5160 ALPHA\Administrator 0.0 % 3.87 MB RuntimeBroker 1696 ALPHA\Administrator 0.0 % 2.65 MB SearchApp 4112 ALPHA\Administrator 0.0 % 252.00 KB ServerManager 3424 ALPHA\Administrator 0.0 % 52.98 MB services 656 NT AUTHORITY\SYSTEM 0.0 % 3.62 MB ShellExperienceHost 6540 ALPHA\Administrator 0.0 % 260.00 KB sihost 1716 ALPHA\Administrator 0.0 % 3.65 MB smss 332 NT AUTHORITY\SYSTEM 0.0 % 284.00 KB spoolsv 2340 NT AUTHORITY\SYSTEM 0.0 % 4.68 MB StartMenuExperienceHost 3064 ALPHA\Administrator 0.0 % 240.00 KB svchost 5624 ALPHA\Administrator 0.0 % 1.62 MB svchost 4760 NT AUTHORITY\SYSTEM 0.0 % 4.64 MB svchost 3396 ALPHA\Administrator 0.0 % 5.32 MB svchost 2388 NT AUTHORITY\SYSTEM 0.0 % 14.38 MB svchost 2364 NT AUTHORITY\LOCAL SERVICE 0.0 % 7.87 MB svchost 2272 NT AUTHORITY\SYSTEM 0.0 % 1.60 MB svchost 2116 NT AUTHORITY\SYSTEM 0.0 % 1.10 MB svchost 1580 NT AUTHORITY\SYSTEM 0.0 % 2.66 MB svchost 1388 NT AUTHORITY\LOCAL SERVICE 0.0 % 1.35 MB svchost 1348 NT AUTHORITY\LOCAL SERVICE 0.0 % 2.11 MB svchost 1328 NT AUTHORITY\SYSTEM 0.0 % 25.45 MB svchost 1192 NT AUTHORITY\LOCAL SERVICE 0.0 % 9.34 MB svchost 1076 NT AUTHORITY\NETWORK SERVICE 0.0 % 3.34 MB svchost 1056 NT AUTHORITY\NETWORK SERVICE 0.0 % 7.54 MB svchost 916 NT AUTHORITY\NETWORK SERVICE 0.0 % 4.65 MB svchost 908 NT AUTHORITY\SYSTEM 0.0 % 8.79 MB svchost 864 NT AUTHORITY\SYSTEM 0.0 % 5.63 MB svchost 796 NT AUTHORITY\LOCAL SERVICE 0.0 % 7.16 MB svchost 528 NT AUTHORITY\LOCAL SERVICE 0.0 % 1.14 MB svchost 516 NT AUTHORITY\LOCAL SERVICE 0.0 % 13.75 MB svchost 400 NT AUTHORITY\NETWORK SERVICE 0.0 % 7.44 MB System 4 NT AUTHORITY\SYSTEM 10.9 % 12.00 KB taskhostw 4580 ALPHA\Administrator 0.0 % 1.81 MB taskhostw 2080 ALPHA\Administrator 0.0 % 2.42 MB TextInputHost 2988 ALPHA\Administrator 0.0 % 6.62 MB vds 2056 NT AUTHORITY\SYSTEM 0.0 % 1.84 MB wininit 532 NT AUTHORITY\SYSTEM 0.0 % 988.00 KB winlogon 1132 NT AUTHORITY\SYSTEM 0.0 % 1.31 MB winlogon 588 NT AUTHORITY\SYSTEM 0.0 % 1.18 MB wlms 2616 NT AUTHORITY\SYSTEM 0.0 % 464.00 KB [topprocessescpu] PROCESS PID USER CPU MEMORY mrbig64 3048 NT AUTHORITY\SYSTEM 96.9 % 6.36 MB System 4 NT AUTHORITY\SYSTEM 10.9 % 12.00 KB AggregatorHost 1796 NT AUTHORITY\SYSTEM 0.0 % 588.00 KB cmd 5780 ALPHA\Administrator 0.0 % 556.00 KB conhost 4080 ALPHA\Administrator 0.0 % 868.00 KB csrss 4372 NT AUTHORITY\SYSTEM 0.0 % 1.13 MB csrss 524 NT AUTHORITY\SYSTEM 0.0 % 1.02 MB csrss 452 NT AUTHORITY\SYSTEM 0.0 % 1.14 MB ctfmon 3604 ALPHA\Administrator 0.0 % 2.82 MB dfsrs 2412 NT AUTHORITY\SYSTEM 0.0 % 9.24 MB dfssvc 2464 NT AUTHORITY\SYSTEM 0.0 % 1.56 MB dllhost 5764 ALPHA\Administrator 0.0 % 1.91 MB dllhost 3288 NT AUTHORITY\SYSTEM 0.0 % 1.81 MB dns 2428 NT AUTHORITY\SYSTEM 0.0 % 119.51 MB dwm 4892 Window Manager\DWM-2 0.0 % 17.71 MB dwm 372 Window Manager\DWM-1 0.0 % 16.18 MB explorer 2508 ALPHA\Administrator 0.0 % 2.77 MB fontdrvhost 3664 Font Driver Host\UMFD-0 0.0 % 996.00 KB fontdrvhost 3656 Font Driver Host\UMFD-1 0.0 % 932.00 KB fontdrvhost 1416 Font Driver Host\UMFD-2 0.0 % 1.24 MB [topprocessesmemory] PROCESS PID USER CPU MEMORY dns 2428 NT AUTHORITY\SYSTEM 0.0 % 119.51 MB MsMpEng 2628 NT AUTHORITY\SYSTEM 0.0 % 94.01 MB ServerManager 3424 ALPHA\Administrator 0.0 % 52.98 MB lsass 676 NT AUTHORITY\SYSTEM 0.0 % 37.39 MB svchost 1328 NT AUTHORITY\SYSTEM 0.0 % 25.45 MB dwm 4892 Window Manager\DWM-2 0.0 % 17.71 MB Microsoft.ActiveDirectory.WebServices 2380 NT AUTHORITY\SYSTEM 0.0 % 16.41 MB dwm 372 Window Manager\DWM-1 0.0 % 16.18 MB svchost 2388 NT AUTHORITY\SYSTEM 0.0 % 14.38 MB svchost 516 NT AUTHORITY\LOCAL SERVICE 0.0 % 13.75 MB svchost 1192 NT AUTHORITY\LOCAL SERVICE 0.0 % 9.34 MB dfsrs 2412 NT AUTHORITY\SYSTEM 0.0 % 9.24 MB svchost 908 NT AUTHORITY\SYSTEM 0.0 % 8.79 MB svchost 2364 NT AUTHORITY\LOCAL SERVICE 0.0 % 7.87 MB svchost 1056 NT AUTHORITY\NETWORK SERVICE 0.0 % 7.54 MB LogonUI 1008 NT AUTHORITY\SYSTEM 0.0 % 7.54 MB svchost 400 NT AUTHORITY\NETWORK SERVICE 0.0 % 7.44 MB svchost 796 NT AUTHORITY\LOCAL SERVICE 0.0 % 7.16 MB MpDefenderCoreService 2592 NT AUTHORITY\SYSTEM 0.0 % 6.77 MB TextInputHost 2988 ALPHA\Administrator 0.0 % 6.62 MB [runningservices] PID SERVICE DISPLAY NAME STARTUP STATUS 2380 ADWS Active Directory Web Services Auto Running 1192 BFE Base Filtering Engine Auto Running 864 BrokerInfrastructure Background Tasks Infrastructure Service Auto Running 4760 camsvc Capability Access Manager Service Manual Running 796 CDPSvc Connected Devices Platform Service Auto Running 1580 CertPropSvc Certificate Propagation Manual Running 2364 CoreMessagingRegistrar CoreMessaging Auto Running 1056 CryptSvc Cryptographic Services Auto Running 864 DcomLaunch DCOM Server Process Launcher Auto Running 2464 Dfs DFS Namespace Auto Running 2412 DFSR DFS Replication Auto Running 516 Dhcp DHCP Client Auto Running 2388 DiagTrack Connected User Experiences and Telemetry Auto Running 796 DispBrokerDesktopSvc Display Policy Service Auto Running 2428 DNS DNS Server Auto Running 1056 Dnscache DNS Client Auto Running 1076 DoSvc Delivery Optimization Manual Running 2364 DPS Diagnostic Policy Service Auto Running 908 DsSvc Data Sharing Service Manual Running 516 EventLog Windows Event Log Auto Running 796 EventSystem COM+ Event System Auto Running 796 fdPHost Function Discovery Provider Host Manual Running 1348 FDResPub Function Discovery Resource Publication Manual Running 796 FontCache Windows Font Cache Service Auto Running 1328 gpsvc Group Policy Client Auto Running 1328 iphlpsvc IP Helper Auto Running 2452 IsmServ Intersite Messaging Auto Running 676 Kdc Kerberos Key Distribution Center Auto Running 676 KeyIso CNG Key Isolation Manual Running 2272 LanmanServer Server Auto Running 1056 LanmanWorkstation Workstation Auto Running 796 LicenseManager Windows License Manager Service Manual Running 516 lmhosts TCP/IP NetBIOS Helper Manual Running 864 LSM Local Session Manager Auto Running 2592 MDCoreSvc Microsoft Defender Core Service Auto Running 1192 mpssvc Windows Defender Firewall Auto Running 3048 MrBig Mr Big Monitoring Agent Auto Running 4716 MSDTC Distributed Transaction Coordinator Auto Running 908 NcbService Network Connection Broker Manual Running 676 Netlogon Netlogon Auto Running 796 netprofm Network List Service Manual Running 1056 NlaSvc Network Location Awareness Auto Running 796 nsi Network Store Interface Service Auto Running 676 NTDS Active Directory Domain Services Auto Running 908 PcaSvc Program Compatibility Assistant Service Auto Running 864 PlugPlay Plug and Play Manual Running 864 Power Power Auto Running 1328 ProfSvc User Profile Service Auto Running 1580 RasMan Remote Access Connection Manager Auto Running 916 RpcEptMapper RPC Endpoint Mapper Auto Running 916 RpcSs Remote Procedure Call (RPC) Auto Running 676 SamSs Security Accounts Manager Auto Running 1328 Schedule Task Scheduler Auto Running 1328 SENS System Event Notification Service Auto Running 1328 SessionEnv Remote Desktop Configuration Manual Running 1328 ShellHWDetection Shell Hardware Detection Auto Running 2340 Spooler Print Spooler Auto Running 796 SstpSvc Secure Socket Tunneling Protocol Service Manual Running 4760 StateRepository State Repository Service Auto Running 908 StorSvc Storage Service Auto Running 908 SysMain SysMain Auto Running 864 SystemEventsBroker System Events Broker Auto Running 908 TabletInputService Touch Keyboard and Handwriting Panel Service Manual Running 400 TermService Remote Desktop Services Manual Running 1328 Themes Themes Auto Running 516 TimeBrokerSvc Time Broker Manual Running 1328 TokenBroker Web Account Manager Manual Running 908 UALSVC User Access Logging Service Auto Running 908 UmRdpService Remote Desktop Services UserMode Port Redirector Manual Running 1328 UserManager User Manager Auto Running 1328 UsoSvc Update Orchestrator Service Auto Running 2056 vds Virtual Disk Manual Running 528 W32Time Windows Time Auto Running 2116 WaaSMedicSvc Windows Update Medic Service Manual Running 1388 Wcmsvc Windows Connection Manager Auto Running 3628 WdNisSvc Microsoft Defender Antivirus Network Inspection Service Manual Running 2628 WinDefend Microsoft Defender Antivirus Service Auto Running 516 WinHttpAutoProxySvc WinHTTP Web Proxy Auto-Discovery Service Manual Running 1328 Winmgmt Windows Management Instrumentation Auto Running 1056 WinRM Windows Remote Management (WS-Management) Auto Running 2616 WLMS Windows Licensing Monitoring Service Auto Running 1328 WpnService Windows Push Notifications System Service Auto Running 1328 wuauserv Windows Update Manual Running 5624 cbdhsvc_aed31c Clipboard User Service_aed31c Auto Running 3396 CDPUserSvc_aed31c Connected Devices Platform User Service_aed31c Auto Running 3396 WpnUserService_aed31c Windows Push Notifications User Service_aed31c Auto Running - edgeupdate Microsoft Edge Update Service (edgeupdate) Auto Stopped - RemoteRegistry Remote Registry Auto Stopped - sppsvc Software Protection Auto Stopped [eventlog_application] (No warnings or errors found within the last 1.000000h.) [eventlog_setup] (No warnings or errors found within the last 1.000000h.) [eventlog_system] Timestamp Id Level Source Message 2026-06-06 01:22:22 36 Warning Microsoft-Windows-Time-Serv.. The time service has not synchronized the system time for the last 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients after 0 seconds. The time service will continue to r.. [applications] Microsoft Edge 148.0.3967.96 Microsoft Corporation x64 Microsoft Edge Update 1.3.237.7 - x64 [certificates] (No certificates found in store 'MY')[reboots] Date User Reason 2026-05-30 10:42:36 DC0\Administrator No title for this reason could be found 2026-05-30 10:36:45 DC\Administrator No title for this reason could be found 2026-05-30 10:30:29 WIN-RDNVKTI5CF1\Administrator No title for this reason could be found 2026-05-30 10:15:27 NT AUTHORITY\SYSTEM Operating System: Upgrade (Planned) 2026-05-30 10:13:14 DC\Administrator No title for this reason could be found [clientversion] MrBig version 0.26.4 [clock] local: 2026-06-06 04:08:56 W. Europe Daylight Time UTC: 2026-06-06 02:08:56 UTC