{ "host": "HOBBES", "collected_at_utc": "2026-06-03T00:47:28Z", "os": { "caption": "Microsoft Windows 10 Pro", "version": "10.0.19045", "build": "19045", "install_date": "2020-12-15T18:35:44Z", "last_boot_utc": "2026-06-02T19:51:47Z", "architecture": "64-bit" }, "facts": { "builtin_admin_enabled": false, "os_eol": { "eol_date": "2025-10-14", "release": "Win10 22H2" }, "pending_updates": 1, "pending_reboot": true, "uptime_days": 0.2, "acg_managed_tools": [ "ScreenConnect / ConnectWise Control", "Splashtop (SOS/Streamer)", "Syncro / Kabuto" ], "hardware": { "model": "Precision M4800", "manufacturer": "Dell Inc.", "bios_date": "2015-12-01", "cpu_logical": 8, "bios_version": "A16", "cpu_cores": 4, "ram_gb": 15.9, "serial": "CTWRT32", "cpu": "Intel(R) Core(TM) i7-4910MQ CPU @ 2.90GHz" }, "local_administrators": [ "HOBBES\\Administrator", "HOBBES\\localadmin", "HOBBES\\paul", "UCRYO\\Domain Admins" ], "os_build": "19045", "secure_boot": true, "backup_agents": null, "autoruns_run_keys": [ { "key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "SecurityHealth", "value": "C:\\WINDOWS\\system32\\SecurityHealthSystray.exe" }, { "key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "RtHDVCpl", "value": "\"C:\\Program Files\\Realtek\\Audio\\HDA\\RtkNGUI64.exe\" /s" }, { "key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "RtHDVBg", "value": "\"C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe\" /MAXX5REC" }, { "key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "Apoint", "value": "\"C:\\Program Files\\DellTPad\\Apoint.exe\"" }, { "key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "WavesSvc", "value": "\"C:\\Program Files\\Waves\\MaxxAudio\\WavesSvc64.exe\"" }, { "key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "Autodesk Access", "value": "\"C:\\Program Files\\Autodesk\\AdODIS\\V1\\Access\\AdskAccessCore.exe\" --minimizedUi --autoLaunch" }, { "key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "Autodesk Access Service", "value": "\"C:\\Program Files\\Autodesk\\AdODIS\\V1\\Setup\\AdskAccessService.exe\" --autoLaunch" }, { "key": "HKLM:\\Software\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "ControlCenter4", "value": "C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe /autorun" }, { "key": "HKLM:\\Software\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "BrStsMon00", "value": "C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe /AUTORUN" }, { "key": "HKLM:\\Software\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run", "name": "Autodesk Genuine Service ", "value": "C:\\Program Files\\Autodesk\\Genuine Service\\GenuineService.exe" } ], "physical_disks": [ { "health": "Healthy", "model": "SAMSUNG SSD 830 Series", "media_type": "SSD" }, { "health": "Healthy", "model": "HGST HTS721010A9E630", "media_type": "HDD" } ], "local_users": [ { "last_logon": "", "name": "Administrator", "password_never_expires": false, "enabled": false }, { "last_logon": "", "name": "DefaultAccount", "password_never_expires": false, "enabled": false }, { "last_logon": "", "name": "Guest", "password_never_expires": false, "enabled": false }, { "last_logon": "", "name": "localadmin", "password_never_expires": false, "enabled": true }, { "last_logon": "2026-05-21", "name": "paul", "password_never_expires": false, "enabled": true }, { "last_logon": "2020-08-18", "name": "QBDataServiceUser30", "password_never_expires": false, "enabled": true }, { "last_logon": "", "name": "WDAGUtilityAccount", "password_never_expires": false, "enabled": false } ], "scheduled_tasks_count": 19, "volumes": [ { "drive": "[unlabeled]", "size_gb": 0.5, "free_pct": 15.4, "free_gb": 0.1 }, { "drive": "C:", "size_gb": 931, "free_pct": 80.4, "free_gb": 748.2 }, { "drive": "[unlabeled]", "size_gb": 0.1, "free_pct": 72, "free_gb": 0.1 }, { "drive": "[Recovery]", "size_gb": 0.5, "free_pct": 97.4, "free_gb": 0.5 } ], "network_adapters": [ { "dhcp": true, "description": "Intel(R) Ethernet Connection I217-LM", "gateway": [ "172.29.0.1" ], "mac": "20:47:47:A8:6F:AB", "ip": [ "172.29.0.137", "fe80::529a:39b9:465d:500b" ], "dns": [ "172.29.0.5", "8.8.8.8" ] } ], "failed_autostart_services": { "name": "gpsvc", "display": "Group Policy Client", "state": "Stopped" }, "stability_14d": { "unexpected_shutdowns": 1, "disk_errors": 1, "bugchecks": 0 }, "exposure": { "smb1_enabled": false, "laps_present": true, "rdp_enabled": true, "uac_enabled": true, "rdp_nla": true }, "accounts_password_never_expires": [], "installed_software": [ { "publisher": "Dassault Systemes SolidWorks Corp", "name": "3DEXPERIENCE Exchange for SOLIDWORKS", "version": "32.31.0002" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "3DEXPERIENCE Marketplace for SOLIDWORKS", "version": "6.32.3047" }, { "publisher": "Autodesk, Inc.", "name": "Autodesk Access", "version": "2.21.0.559" }, { "publisher": "Autodesk Inc.", "name": "Autodesk CER", "version": "7.2.2.923" }, { "publisher": "Autodesk", "name": "Autodesk Genuine Service", "version": "7.6.0.229" }, { "publisher": "Autodesk", "name": "Autodesk HSMWorks 2024", "version": "18.0.0.44173" }, { "publisher": "Autodesk, Inc.", "name": "Autodesk HSMWorks Ultimate 2024", "version": "18.0.0.44173" }, { "publisher": "Autodesk", "name": "Autodesk Identity Manager", "version": "1.11.9.11" }, { "publisher": "Apple Inc.", "name": "Bonjour", "version": "3.0.0.10" }, { "publisher": "Brother Industries, Ltd.", "name": "Brother MFL-Pro Suite MFC-9130CW", "version": "1.0.1.0" }, { "publisher": "Cablescan", "name": "Cablescan TestRite", "version": "6.6.124.0" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "CEF for SOLIDWORKS Applications", "version": "123.0.32733.0" }, { "publisher": "Microsoft Corporation", "name": "Copilot", "version": "148.0.3967.70" }, { "publisher": "ALPSALPINE CO., LTD.", "name": "Dell Touchpad", "version": "10.3201.101.215" }, { "publisher": "Intel Corporation", "name": "Intel(R) Processor Graphics", "version": "20.19.15.5063" }, { "publisher": "The Document Foundation", "name": "LibreOffice 26.2.3.2", "version": "26.2.3.2" }, { "publisher": "Waves Audio Ltd.", "name": "Maxx Audio Installer (x64)", "version": "2.6.6766.0" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Edge", "version": "148.0.3967.96" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Edge WebView2 Runtime", "version": "148.0.3967.96" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Update Health Tools", "version": "3.74.0.0" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Basic for Applications 7.1 (x64)", "version": "7.1.11.28" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Basic for Applications 7.1 (x64) English", "version": "7.1.11.28" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2005 Redistributable", "version": "8.0.61001" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2005 Redistributable (x64)", "version": "8.0.61000" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161", "version": "9.0.30729.6161" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17", "version": "9.0.30729" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161", "version": "9.0.30729.6161" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219", "version": "10.0.40219" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219", "version": "10.0.40219" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030", "version": "11.0.61030.0" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030", "version": "11.0.61030.0" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030", "version": "11.0.61030" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030", "version": "11.0.61030" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030", "version": "11.0.61030" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030", "version": "11.0.61030" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501", "version": "12.0.30501.0" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501", "version": "12.0.30501.0" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005", "version": "12.0.21005" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005", "version": "12.0.21005" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005", "version": "12.0.21005" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005", "version": "12.0.21005" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130", "version": "14.38.33130.0" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438", "version": "14.42.34438.0" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130", "version": "14.38.33130" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130", "version": "14.38.33130" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438", "version": "14.42.34438" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438", "version": "14.42.34438" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Studio Tools for Applications 2015", "version": "14.0.23829" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Studio Tools for Applications 2015 Finalizer", "version": "14.0.23829" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Studio Tools for Applications 2015 x64 Hosting Support", "version": "14.0.23829" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Studio Tools for Applications 2015 x86 Hosting Support", "version": "14.0.23829" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Studio Tools for Applications 2019", "version": "16.0.31110" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support", "version": "16.0.31110" }, { "publisher": "Microsoft Corporation", "name": "Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support", "version": "16.0.31110" }, { "publisher": "Mozilla", "name": "Mozilla Firefox (x64 en-US)", "version": "151.0.2" }, { "publisher": "Mozilla", "name": "Mozilla Maintenance Service", "version": "151.0.2" }, { "publisher": "Mozilla", "name": "Mozilla Thunderbird (x86 en-US)", "version": "144.0.1" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA 3D Vision Driver 411.63", "version": "411.63" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Ansel", "version": "6.0.478.0" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Control Panel 411.63", "version": "411.63" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Display Container", "version": "1.11" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Display Container LS", "version": "1.11" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Display Session Container", "version": "1.11" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Display Watchdog Plugin", "version": "1.11" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Graphics Driver 411.63", "version": "411.63" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA HD Audio Driver 1.3.37.5", "version": "1.3.37.5" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Install Application", "version": "2.1002.306.3" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA nView 149.34", "version": "149.34" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA Stereoscopic 3D Driver", "version": "7.17.13.7500" }, { "publisher": "NVIDIA Corporation", "name": "NVIDIA WMI 2.33.0", "version": "2.33.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 Core Interpreter (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 Development Libraries (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 Documentation (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 Executables (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 pip Bootstrap (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 Standard Library (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 Tcl/Tk Support (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 Test Suite (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python 3.9.0 Utility Scripts (64-bit)", "version": "3.9.150.0" }, { "publisher": "Python Software Foundation", "name": "Python Launcher", "version": "3.9.7217.0" }, { "publisher": "Intuit Inc.", "name": "QuickBooks", "version": "30.0.4015.3000" }, { "publisher": "Intuit Inc.", "name": "QuickBooks Premier: Mfg and Whsle Edition 2020", "version": "30.0.4006.3000" }, { "publisher": "Intuit Inc.", "name": "QuickBooks Runtime Redistributable", "version": "1.00.0000" }, { "publisher": "Realtek Semiconductor Corp.", "name": "Realtek Audio COM Components", "version": "1.0.2" }, { "publisher": "Realtek Semiconductor Corp.", "name": "Realtek High Definition Audio Driver", "version": "6.0.1.6098" }, { "publisher": "ScreenConnect Software", "name": "ScreenConnect Client (1912bf3444b41a08)", "version": "26.1.24.9579" }, { "publisher": "Schneider Electric Motion USA", "name": "SEM SPI Interface", "version": "1.0.19" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS 2018 SP05", "version": "26.150.0066" }, { "publisher": "SolidWorks Corporation", "name": "SOLIDWORKS 2018 SP05", "version": "26.5.0.66" }, { "publisher": "SolidWorks Corporation", "name": "SOLIDWORKS 2020 SP0.1", "version": "28.0.1.1" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS 2020 SP0.1", "version": "28.101.0001" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS 2024 SP03.1", "version": "32.131.0002" }, { "publisher": "SolidWorks Corporation", "name": "SOLIDWORKS 2024 SP03.1", "version": "32.3.1.2" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS CAM 2018 SP05", "version": "26.50.0066" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS CAM 2020 SP0.1", "version": "28.01.0001" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS CAM 2024 SP03.1", "version": "32.31.0002" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS Composer Player 2018 SP05", "version": "26.50.0066" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS Composer Player 2020 SP0.1", "version": "28.01.0001" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS Composer Player 2024 SP03.1", "version": "32.31.0002" }, { "publisher": "Dassault Syst?mes SolidWorks Corp", "name": "SOLIDWORKS eDrawings 2018 SP05", "version": "18.50.0014" }, { "publisher": "Dassault Syst?mes SolidWorks Corp", "name": "SOLIDWORKS eDrawings 2020 SP0.1", "version": "28.00.5031" }, { "publisher": "Dassault Syst?mes SolidWorks Corp", "name": "SOLIDWORKS eDrawings 2024 SP03.1", "version": "32.30.0020" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS Explorer 2018 SP05", "version": "26.50.0066" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS File Utilities 2020 SP0.1", "version": "28.01.0001" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS File Utilities 2024 SP03.1", "version": "32.31.0002" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS SolidNetWork License Manager", "version": "34.11.0011" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS Visualize 2018 SP05", "version": "26.50.0066" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS Visualize 2020 SP0.1", "version": "28.01.0001" }, { "publisher": "Dassault Systemes SolidWorks Corp", "name": "SOLIDWORKS Visualize 2024 SP03.1", "version": "32.31.0002" }, { "publisher": "Splashtop Inc.", "name": "Splashtop Software Updater", "version": "1.5.6.23" }, { "publisher": "Splashtop Inc.", "name": "Splashtop Streamer", "version": "3.8.2.0" }, { "publisher": "Servably, Inc.", "name": "Syncro", "version": "1.0.201.18410" }, { "publisher": "Microsoft Corporation", "name": "Update for x64-based Windows Systems (KB5001716)", "version": "8.94.0.0" }, { "publisher": "ipcas GmbH", "name": "USB Floppy Emulator V2", "version": "1.40" }, { "publisher": "Silicon Laboratories Inc.", "name": "Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 6.7.6.2130)", "version": "05/23/2018 6.7.6.2130" }, { "publisher": "WireGuard LLC", "name": "WireGuard", "version": "0.5.3" }, { "publisher": "Microsoft", "name": "WPTx64", "version": "8.100.26866" } ], "tpm": { "enabled": false, "ready": false, "present": false }, "local_groups": [ "Access Control Assistance Operators", "Administrators", "Backup Operators", "Cryptographic Operators", "Device Owners", "Distributed COM Users", "Event Log Readers", "Guests", "Hyper-V Administrators", "IIS_IUSRS", "Network Configuration Operators", "Performance Log Users", "Performance Monitor Users", "Power Users", "Remote Desktop Users", "Remote Management Users", "Replicator", "System Managed Accounts Group", "Users" ], "battery": { "estimated_charge_remaining": "224", "status": "2", "present": true }, "third_party_av_active": false, "activation": { "edition": "Microsoft Windows 10 Pro", "description": "Windows(R) Operating System, RETAIL channel", "licensed": true, "license_status_code": 1 }, "time_source": "UC2-SERVER.ucryo.local", "chassis_types": [ 9 ], "last_hotfix": { "hotfix_id": "KB5072653", "installed_on": "2025-11-18T07:00:00Z" }, "scheduled_tasks": [ { "path": "\\", "name": "MicrosoftEdgeUpdateTaskMachineCore", "state": "Ready" }, { "path": "\\", "name": "MicrosoftEdgeUpdateTaskMachineUA", "state": "Ready" }, { "path": "\\", "name": "nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}", "state": "Ready" }, { "path": "\\", "name": "OneDrive Reporting Task-S-1-5-21-1051390473-2587535097-844096240-1117", "state": "Ready" }, { "path": "\\", "name": "OneDrive Reporting Task-S-1-5-21-1051390473-2587535097-844096240-2650", "state": "Ready" }, { "path": "\\", "name": "OneDrive Reporting Task-S-1-5-21-3829738941-2076101303-266003226-1001", "state": "Ready" }, { "path": "\\", "name": "OneDrive Standalone Update Task-S-1-5-21-1051390473-2587535097-844096240-1117", "state": "Ready" }, { "path": "\\", "name": "OneDrive Standalone Update Task-S-1-5-21-1051390473-2587535097-844096240-2629", "state": "Ready" }, { "path": "\\", "name": "OneDrive Standalone Update Task-S-1-5-21-1051390473-2587535097-844096240-2644", "state": "Ready" }, { "path": "\\", "name": "OneDrive Standalone Update Task-S-1-5-21-1051390473-2587535097-844096240-2646", "state": "Ready" }, { "path": "\\", "name": "OneDrive Standalone Update Task-S-1-5-21-1051390473-2587535097-844096240-2650", "state": "Ready" }, { "path": "\\", "name": "OneDrive Standalone Update Task-S-1-5-21-3829738941-2076101303-266003226-1001", "state": "Ready" }, { "path": "\\", "name": "OneDrive Startup Task-S-1-5-21-1051390473-2587535097-844096240-2650", "state": "Ready" }, { "path": "\\", "name": "OneDrive Startup Task-S-1-5-21-3829738941-2076101303-266003226-1001", "state": "Ready" }, { "path": "\\", "name": "RtHDVBg_PushButton", "state": "Ready" }, { "path": "\\Mozilla\\", "name": "Firefox Background Update 308046B0AF4A39CB", "state": "Ready" }, { "path": "\\Mozilla\\", "name": "Firefox Background Update S-1-5-21-1051390473-2587535097-844096240-2650 308046B0AF4A39CB", "state": "Ready" }, { "path": "\\Mozilla\\", "name": "Firefox Background Update S-1-5-21-3829738941-2076101303-266003226-1001 308046B0AF4A39CB", "state": "Ready" }, { "path": "\\Mozilla\\", "name": "Firefox Default Browser Agent 308046B0AF4A39CB", "state": "Ready" } ], "antivirus_products": [ "Windows Defender" ], "domain_joined": true, "defender": { "antispyware_signature_age": 0, "tamper_protected": true, "real_time_protection": true, "nis_enabled": true, "available": true, "antivirus_enabled": true, "am_service_enabled": true }, "bitlocker": { "os_volume": "C:", "key_protectors": [], "recovery_key_present": false, "available": true, "encryption_percent": 0, "protection_status": "Off" }, "is_laptop": true, "installed_software_count": 117, "secure_channel_ok": true, "firewall_profiles": { "Private": true, "Domain": true, "Public": true }, "domain": "ucryo.local", "foreign_agents": null }, "findings": [ { "id": "sec.defender.ok", "category": "security", "severity": "info", "title": "Defender active and current", "detail": "Real-time protection on, service running, signatures current.", "evidence": "RealTimeProtectionEnabled=True; AMServiceEnabled=True; AntispywareSignatureAge=0 days; IsTamperProtected=True" }, { "id": "sec.av_products.defender_only", "category": "security", "severity": "info", "title": "Defender is the only registered AV", "detail": "Only Microsoft/Windows Defender is registered in Security Center.", "evidence": "Windows Defender" }, { "id": "sec.foreign_agents.none", "category": "security", "severity": "info", "title": "No competitor/leftover management agents detected", "detail": "No known competitor RMM or unmanaged remote-access agents found in installed programs or services.", "evidence": "Scanned uninstall hives (HKLM + WOW6432Node) and Win32_Service" }, { "id": "sec.foreign_agents.acg.screenconnect_connectwise_control", "category": "security", "severity": "info", "title": "Expected ACG management tooling present: ScreenConnect / ConnectWise Control", "detail": "This is Arizona Computer Guru managed/remote-access tooling that we deploy. Its presence is expected and not a foreign-agent risk.", "evidence": "program: ScreenConnect Client (1912bf3444b41a08) 26.1.24.9579\nservice: ScreenConnect Client (1912bf3444b41a08) (ScreenConnect Client (1912bf3444b41a08)) Running" }, { "id": "sec.foreign_agents.acg.splashtop_sos_streamer_", "category": "security", "severity": "info", "title": "Expected ACG management tooling present: Splashtop (SOS/Streamer)", "detail": "This is Arizona Computer Guru managed/remote-access tooling that we deploy. Its presence is expected and not a foreign-agent risk.", "evidence": "program: Splashtop Software Updater 1.5.6.23\nprogram: Splashtop Streamer 3.8.2.0\nservice: SplashtopRemoteService (Splashtop? Remote Service) Running\nservice: SSUService (Splashtop Software Updater Service) Running" }, { "id": "sec.foreign_agents.acg.syncro_kabuto", "category": "security", "severity": "info", "title": "Expected ACG management tooling present: Syncro / Kabuto", "detail": "This is Arizona Computer Guru managed/remote-access tooling that we deploy. Its presence is expected and not a foreign-agent risk.", "evidence": "program: Syncro 1.0.201.18410\nservice: Syncro (Syncro) Running" }, { "id": "sec.firewall.ok", "category": "security", "severity": "info", "title": "All firewall profiles enabled", "detail": "Domain, Private, and Public firewall profiles are all enabled.", "evidence": "Private=True; Domain=True; Public=True" }, { "id": "sec.bitlocker.unencrypted", "category": "security", "severity": "critical", "title": "OS volume is NOT encrypted with BitLocker", "detail": "The operating system volume is unencrypted. Data is exposed if the disk is removed or the device is lost. This is a laptop (portable chassis), so the data-at-rest risk if lost or stolen is high. Enable BitLocker and escrow the recovery key.", "evidence": "Volume=C:; ProtectionStatus=Off; EncryptionPercentage=0; KeyProtectors=" }, { "id": "sec.local_admins.list", "category": "security", "severity": "info", "title": "Local administrators (4)", "detail": "Members of the local Administrators group. Review for unexpected or unknown accounts (especially leftover MSP/vendor accounts from a prior provider).", "evidence": "HOBBES\\Administrator\nHOBBES\\localadmin\nHOBBES\\paul\nUCRYO\\Domain Admins" }, { "id": "sec.patch.os_eol", "category": "security", "severity": "critical", "title": "OS build is end-of-life: Win10 22H2", "detail": "This OS build (19045, Win10 22H2) passed end-of-servicing on 2025-10-14. It no longer receives security updates. Plan a feature update or OS upgrade.", "evidence": "Microsoft Windows 10 Pro build 19045; EOL 2025-10-14" }, { "id": "sec.patch.pending", "category": "security", "severity": "warning", "title": "1 pending Windows updates", "detail": "Windows Update reports pending (not installed, not hidden) updates. Some may be security updates. Approve/install on the next maintenance window.", "evidence": "Microsoft.Update.Session search IsInstalled=0 and IsHidden=0 -> 1" }, { "id": "sec.patch.last_hotfix", "category": "security", "severity": "info", "title": "Last hotfix: KB5072653", "detail": "Most recently installed update (from Get-HotFix; reflects CBS/MSU packages, not all cumulative metadata).", "evidence": "KB5072653 installed 2025-11-18T07:00:00Z" }, { "id": "sec.exposure.rdp_on", "category": "security", "severity": "warning", "title": "RDP is enabled", "detail": "Remote Desktop is enabled (NLA required). Confirm it is restricted to VPN or specific source IPs and not exposed to the internet.", "evidence": "fDenyTSConnections=0; UserAuthentication=1" }, { "id": "sec.exposure.smb1_off", "category": "security", "severity": "info", "title": "SMBv1 disabled", "detail": "SMBv1 server protocol is disabled.", "evidence": "EnableSMB1Protocol=False" }, { "id": "sec.exposure.laps_present", "category": "security", "severity": "info", "title": "LAPS detected", "detail": "A LAPS mechanism is present.", "evidence": "Windows LAPS reg key" }, { "id": "health.stability.some", "category": "health", "severity": "warning", "title": "Stability events present in the last 14 days", "detail": "One or more unexpected shutdowns, BSODs, or disk errors occurred recently. Monitor and correlate with user reports.", "evidence": "Unexpected shutdowns (id 41)=1; Bugchecks/BSOD (id 1001)=0; Disk errors (id 7/51/153)=1" }, { "id": "health.reboot_uptime.pending", "category": "health", "severity": "warning", "title": "Reboot pending", "detail": "A reboot is pending. Pending reboots can block patches and leave the system in a half-updated state. Schedule a restart.", "evidence": "PendingFileRenameOperations" }, { "id": "health.failed_services.stopped", "category": "health", "severity": "warning", "title": "1 auto-start service(s) not running", "detail": "These services are set to start automatically but are not running. Some may be benign; review for security agents, backup agents, or AV that should be running.", "evidence": "gpsvc (Group Policy Client) = Stopped" }, { "id": "health.domain.secure_channel_ok", "category": "health", "severity": "info", "title": "Domain secure channel healthy", "detail": "Machine trust relationship with the domain is intact.", "evidence": "Domain=ucryo.local" }, { "id": "health.time.source", "category": "health", "severity": "info", "title": "Time service source", "detail": "Current Windows Time service source.", "evidence": "Source=UC2-SERVER.ucryo.local" }, { "id": "health.battery.present", "category": "health", "severity": "info", "title": "Battery present", "detail": "Battery detected. (Wear-level / design-vs-full-capacity requires a powercfg battery report, not collected here.)", "evidence": "EstimatedChargeRemaining=224%; BatteryStatus=2" }, { "id": "health.backup.none", "category": "health", "severity": "info", "title": "No backup agent detected", "detail": "No known backup agent service found. Backup expectation varies by endpoint; confirm whether this machine is supposed to have local/cloud backup and whether server-side or M365 backup covers it.", "evidence": "No matching backup service in Win32_Service" } ] }