azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
295126ee6c4abe2588f94de0e022eabdbb1c925d
claudetools/clients/ucryo/onboarding-baselines/LILO-20260603T005456.json
Mike Swanson 0413df8459 sync: auto-sync from GURU-5070 at 2026-06-02 18:44:13 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-06-02 18:44:13
2026-06-02 18:44:21 -07:00

1109 lines
35 KiB
JSON
Raw Blame History

{
"host": "LILO",
"collected_at_utc": "2026-06-03T00:52:27Z",
"os": {
"caption": "Microsoft Windows 10 Pro",
"version": "10.0.19045",
"build": "19045",
"install_date": "2023-01-31T00:31:03Z",
"last_boot_utc": "2026-03-12T17:25:21Z",
"architecture": "64-bit"
},
"facts": {
"builtin_admin_enabled": false,
"os_eol": {
"eol_date": "2025-10-14",
"release": "Win10 22H2"
},
"pending_updates": 1,
"pending_reboot": true,
"uptime_days": 82.3,
"acg_managed_tools": [
"ScreenConnect / ConnectWise Control",
"Splashtop (SOS/Streamer)",
"Syncro / Kabuto"
],
"hardware": {
"model": "20EQS12M00",
"manufacturer": "LENOVO",
"bios_date": "2024-03-18",
"cpu_logical": 8,
"bios_version": "N1EETA2W (1.75 )",
"cpu_cores": 4,
"ram_gb": 31.8,
"serial": "PC0G9X3B",
"cpu": "Intel(R) Core(TM) i7-6820HQ CPU @ 2.70GHz"
},
"local_administrators": [
"LILO\\Administrator",
"LILO\\localadmin",
"LILO\\me",
"LILO\\paul",
"UCRYO\\Domain Admins"
],
"os_build": "19045",
"secure_boot": true,
"backup_agents": null,
"autoruns_run_keys": [
{
"key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run",
"name": "SecurityHealth",
"value": "C:\\WINDOWS\\system32\\SecurityHealthSystray.exe"
},
{
"key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run",
"name": "Logitech Download Assistant",
"value": "C:\\Windows\\system32\\rundll32.exe C:\\Windows\\System32\\LogiLDA.dll,LogiFetch"
},
{
"key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run",
"name": "Autodesk Access",
"value": "\"C:\\Program Files\\Autodesk\\AdODIS\\V1\\Access\\AdskAccessCore.exe\" --minimizedUi --autoLaunch"
},
{
"key": "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run",
"name": "Autodesk Access Service",
"value": "\"C:\\Program Files\\Autodesk\\AdODIS\\V1\\Setup\\AdskAccessService.exe\" --autoLaunch"
},
{
"key": "HKLM:\\Software\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run",
"name": "ControlCenter4",
"value": "C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe /autorun"
},
{
"key": "HKLM:\\Software\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run",
"name": "BrStsMon00",
"value": "C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe /AUTORUN"
},
{
"key": "HKLM:\\Software\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run",
"name": "Autodesk Genuine Service ",
"value": "C:\\Program Files\\Autodesk\\Genuine Service\\GenuineService.exe"
}
],
"physical_disks": [
{
"health": "Healthy",
"model": "CT1000P1SSD8",
"media_type": "SSD"
}
],
"local_users": [
{
"last_logon": "",
"name": "Administrator",
"password_never_expires": false,
"enabled": false
},
{
"last_logon": "",
"name": "DefaultAccount",
"password_never_expires": false,
"enabled": false
},
{
"last_logon": "",
"name": "Guest",
"password_never_expires": false,
"enabled": false
},
{
"last_logon": "",
"name": "localadmin",
"password_never_expires": false,
"enabled": true
},
{
"last_logon": "",
"name": "me",
"password_never_expires": false,
"enabled": true
},
{
"last_logon": "2024-05-15",
"name": "paul",
"password_never_expires": false,
"enabled": true
},
{
"last_logon": "",
"name": "WDAGUtilityAccount",
"password_never_expires": false,
"enabled": false
}
],
"scheduled_tasks_count": 21,
"volumes": [
{
"drive": "[unlabeled]",
"size_gb": 0.6,
"free_pct": 13.8,
"free_gb": 0.1
},
{
"drive": "[Recovery]",
"size_gb": 0.5,
"free_pct": 97.4,
"free_gb": 0.5
},
{
"drive": "[unlabeled]",
"size_gb": 0.1,
"free_pct": 72,
"free_gb": 0.1
},
{
"drive": "C:",
"size_gb": 930.3,
"free_pct": 73,
"free_gb": 679.3
}
],
"network_adapters": [
{
"dhcp": true,
"description": "Intel(R) Dual Band Wireless-AC 8260",
"gateway": [
"172.29.0.1"
],
"mac": "E4:A7:A0:87:41:5A",
"ip": [
"172.29.0.129",
"fe80::a46c:9046:12ba:7f13"
],
"dns": [
"172.29.0.5",
"8.8.8.8"
]
}
],
"failed_autostart_services": [
{
"name": "gpsvc",
"display": "Group Policy Client",
"state": "Stopped"
},
{
"name": "Intel(R) TPM Provisioning Service",
"display": "Intel(R) TPM Provisioning Service",
"state": "Stopped"
},
{
"name": "LPlatSvc",
"display": "Lenovo Platform Service",
"state": "Stopped"
}
],
"stability_14d": {
"unexpected_shutdowns": 0,
"disk_errors": 0,
"bugchecks": 0
},
"exposure": {
"smb1_enabled": false,
"laps_present": true,
"rdp_enabled": true,
"uac_enabled": true,
"rdp_nla": true
},
"accounts_password_never_expires": [],
"installed_software": [
{
"publisher": "Autodesk",
"name": "AutoCAD Mechanical 2004",
"version": "7.0.42.8"
},
{
"publisher": "Autodesk, Inc.",
"name": "Autodesk Access",
"version": "2.21.0.559"
},
{
"publisher": "Autodesk Inc.",
"name": "Autodesk CER",
"version": "7.2.2.923"
},
{
"publisher": "Autodesk, Inc.",
"name": "Autodesk Express Viewer",
"version": "3.1"
},
{
"publisher": "Autodesk",
"name": "Autodesk Genuine Service",
"version": "7.6.0.229"
},
{
"publisher": "Autodesk",
"name": "Autodesk HSMWorks 2023",
"version": "17.0.0.44039"
},
{
"publisher": "Autodesk, Inc.",
"name": "Autodesk HSMWorks Ultimate 2023",
"version": "17.0.0.44039"
},
{
"publisher": "Autodesk",
"name": "Autodesk Identity Manager",
"version": "1.11.9.11"
},
{
"publisher": "Autodesk",
"name": "Autodesk Single Sign On Component",
"version": "13.5.5.1805"
},
{
"publisher": "Apple Inc.",
"name": "Bonjour",
"version": "3.0.0.10"
},
{
"publisher": "Brother Industries, Ltd.",
"name": "Brother MFL-Pro Suite MFC-9130CW",
"version": "1.0.1.0"
},
{
"publisher": "Cablescan",
"name": "Cablescan TestRite",
"version": "6.6.124.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Copilot",
"version": "148.0.3967.70"
},
{
"publisher": "Dolby Laboratories, Inc.",
"name": "Dolby Audio X2 Windows API SDK",
"version": "0.8.8.90"
},
{
"publisher": "Intel Corporation",
"name": "Intel(R) Processor Graphics",
"version": "23.20.16.4973"
},
{
"publisher": "The Document Foundation",
"name": "LibreOffice 26.2.3.2",
"version": "26.2.3.2"
},
{
"publisher": "McMaster-Carr",
"name": "McMaster-Carr SolidWorks Add-in",
"version": "2.1.0.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Edge",
"version": "148.0.3967.96"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Edge WebView2 Runtime",
"version": "148.0.3967.96"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Office Professional Plus 2019 - en-us",
"version": "16.0.19127.20302"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Update Health Tools",
"version": "3.74.0.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual Basic for Applications 7.1 (x64)",
"version": "7.1.11.18"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual Basic for Applications 7.1 (x64) English",
"version": "7.1.11.18"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2005 Redistributable",
"version": "8.0.61001"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2005 Redistributable (x64)",
"version": "8.0.61000"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161",
"version": "9.0.30729.6161"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17",
"version": "9.0.30729"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161",
"version": "9.0.30729.6161"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219",
"version": "10.0.40219"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219",
"version": "10.0.40219"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030",
"version": "11.0.61030.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030",
"version": "11.0.61030.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030",
"version": "11.0.61030"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030",
"version": "11.0.61030"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030",
"version": "11.0.61030"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030",
"version": "11.0.61030"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501",
"version": "12.0.30501.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501",
"version": "12.0.30501.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005",
"version": "12.0.21005"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005",
"version": "12.0.21005"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005",
"version": "12.0.21005"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005",
"version": "12.0.21005"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130",
"version": "14.38.33130.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704",
"version": "14.30.30704.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130",
"version": "14.38.33130"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130",
"version": "14.38.33130"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704",
"version": "14.30.30704"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704",
"version": "14.30.30704"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual Studio Tools for Applications 2015",
"version": "14.0.23829"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual Studio Tools for Applications 2015 Finalizer",
"version": "14.0.23829"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual Studio Tools for Applications 2015 x64 Hosting Support",
"version": "14.0.23829"
},
{
"publisher": "Microsoft Corporation",
"name": "Microsoft Visual Studio Tools for Applications 2015 x86 Hosting Support",
"version": "14.0.23829"
},
{
"publisher": "Mozilla",
"name": "Mozilla Firefox (x64 en-US)",
"version": "151.0.2"
},
{
"publisher": "Mozilla",
"name": "Mozilla Maintenance Service",
"version": "151.0.2"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Ansel",
"version": "7.1.797.811"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Control Panel 513.29",
"version": "513.29"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Display Container",
"version": "1.37"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Display Container LS",
"version": "1.37"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Display MessageBus",
"version": "513.29"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Display Session Container",
"version": "1.37"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Display Watchdog Plugin",
"version": "1.37"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Graphics Driver 538.18",
"version": "538.18"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA Install Application",
"version": "2.1002.408.0"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA RTX Desktop Manager 203.05",
"version": "203.05"
},
{
"publisher": "NVIDIA Corporation",
"name": "NVIDIA WMI 2.36.0",
"version": "2.36.0"
},
{
"publisher": "Microsoft Corporation",
"name": "Office 16 Click-to-Run Extensibility Component",
"version": "16.0.19127.20154"
},
{
"publisher": "Microsoft Corporation",
"name": "Office 16 Click-to-Run Licensing Component",
"version": "16.0.19029.20184"
},
{
"publisher": "Microsoft Corporation",
"name": "Office 16 Click-to-Run Localization Component",
"version": "16.0.13929.20372"
},
{
"publisher": "Simon Tatham",
"name": "PuTTY release 0.78 (64-bit)",
"version": "0.78.0.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 Core Interpreter (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 Development Libraries (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 Documentation (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 Executables (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 pip Bootstrap (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 Standard Library (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 Tcl/Tk Support (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 Test Suite (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python 3.11.1 Utility Scripts (64-bit)",
"version": "3.11.1150.0"
},
{
"publisher": "Python Software Foundation",
"name": "Python Launcher",
"version": "3.11.8009.0"
},
{
"publisher": "Intuit Inc.",
"name": "QuickBooks",
"version": "30.0.4017.3000"
},
{
"publisher": "Intuit Inc.",
"name": "QuickBooks Premier: Mfg and Whsle Edition 2020",
"version": "30.0.4006.3000"
},
{
"publisher": "Intuit Inc.",
"name": "QuickBooks Runtime Redistributable",
"version": "1.00.0000"
},
{
"publisher": "ScreenConnect Software",
"name": "ScreenConnect Client (1912bf3444b41a08)",
"version": "26.1.24.9579"
},
{
"publisher": "Skype Technologies S.A.",
"name": "Skype version 8.72",
"version": "8.72"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS 2020 SP02",
"version": "28.120.0064"
},
{
"publisher": "SolidWorks Corporation",
"name": "SOLIDWORKS 2020 SP02",
"version": "28.2.0.64"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS 2022 SP05",
"version": "30.150.0049"
},
{
"publisher": "SolidWorks Corporation",
"name": "SOLIDWORKS 2022 SP05",
"version": "30.5.0.49"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS CAM 2020 SP02",
"version": "28.20.0064"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS CAM 2022 SP05",
"version": "30.50.0049"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS Composer Player 2020 SP02",
"version": "28.20.0064"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS Composer Player 2022 SP05",
"version": "30.50.0049"
},
{
"publisher": "Dassault Syst?mes SolidWorks Corp",
"name": "SOLIDWORKS eDrawings 2020 SP02",
"version": "28.20.0046"
},
{
"publisher": "Dassault Syst?mes SolidWorks Corp",
"name": "SOLIDWORKS eDrawings 2022 SP05",
"version": "30.50.0019"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS File Utilities 2020 SP02",
"version": "28.20.0064"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS File Utilities 2022 SP05",
"version": "30.50.0049"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS Visualize 2020 SP02",
"version": "28.20.0064"
},
{
"publisher": "Dassault Systemes SolidWorks Corp",
"name": "SOLIDWORKS Visualize 2022 SP05",
"version": "30.50.0049"
},
{
"publisher": "Splashtop Inc.",
"name": "Splashtop Streamer",
"version": "3.8.2.0"
},
{
"publisher": "Servably, Inc.",
"name": "Syncro",
"version": "1.0.201.18410"
},
{
"publisher": "Microsoft Corporation",
"name": "Update for x64-based Windows Systems (KB5001716)",
"version": "8.94.0.0"
},
{
"publisher": "LunarG, Inc.",
"name": "Vulkan Run Time Libraries 1.0.65.1",
"version": "1.0.65.1"
},
{
"publisher": "Microsoft Corporation",
"name": "Windows 11 Installation Assistant",
"version": "1.4.19041.3630"
},
{
"publisher": "WireGuard LLC",
"name": "WireGuard",
"version": "0.5.3"
},
{
"publisher": "Microsoft",
"name": "WPTx64",
"version": "8.100.26866"
}
],
"tpm": {
"enabled": true,
"ready": true,
"present": true
},
"local_groups": [
"Access Control Assistance Operators",
"Administrators",
"Backup Operators",
"Cryptographic Operators",
"Device Owners",
"Distributed COM Users",
"Event Log Readers",
"Guests",
"Hyper-V Administrators",
"IIS_IUSRS",
"Network Configuration Operators",
"Performance Log Users",
"Performance Monitor Users",
"Power Users",
"Remote Desktop Users",
"Remote Management Users",
"Replicator",
"System Managed Accounts Group",
"Users"
],
"battery": {
"estimated_charge_remaining": "99",
"status": "2",
"present": true
},
"third_party_av_active": false,
"activation": {
"edition": "Microsoft Windows 10 Pro",
"description": "Windows(R) Operating System, OEM_DM channel",
"licensed": true,
"license_status_code": 1
},
"time_source": "UC2-SERVER.ucryo.local",
"chassis_types": [
10
],
"last_hotfix": {
"hotfix_id": "KB5072653",
"installed_on": "2025-11-18T07:00:00Z"
},
"scheduled_tasks": [
{
"path": "\\",
"name": "MicrosoftEdgeUpdateTaskMachineCore",
"state": "Ready"
},
{
"path": "\\",
"name": "MicrosoftEdgeUpdateTaskMachineUA",
"state": "Ready"
},
{
"path": "\\",
"name": "MicrosoftEdgeUpdateTaskUserS-1-5-21-1051390473-2587535097-844096240-2650Core{BF12FECA-34CF-4DB7-9470-17E1BA996B1D}",
"state": "Ready"
},
{
"path": "\\",
"name": "MicrosoftEdgeUpdateTaskUserS-1-5-21-1051390473-2587535097-844096240-2650UA{6606EBC1-7A36-43D4-98EC-BA94C6501B2E}",
"state": "Ready"
},
{
"path": "\\",
"name": "nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Reporting Task-S-1-5-21-1051390473-2587535097-844096240-1115",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Reporting Task-S-1-5-21-1051390473-2587535097-844096240-2615",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Reporting Task-S-1-5-21-1051390473-2587535097-844096240-2650",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Reporting Task-S-1-5-21-3479997975-746733243-4120700161-1001",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Standalone Update Task-S-1-5-21-1051390473-2587535097-844096240-1115",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Standalone Update Task-S-1-5-21-1051390473-2587535097-844096240-2615",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Standalone Update Task-S-1-5-21-1051390473-2587535097-844096240-2650",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Standalone Update Task-S-1-5-21-3479997975-746733243-4120700161-1001",
"state": "Ready"
},
{
"path": "\\",
"name": "OneDrive Startup Task-S-1-5-21-1051390473-2587535097-844096240-2650",
"state": "Ready"
},
{
"path": "\\",
"name": "RtHDVBg_Dolby",
"state": "Running"
},
{
"path": "\\",
"name": "RTKCPL",
"state": "Ready"
},
{
"path": "\\Lenovo\\Power Manager\\",
"name": "Background monitor",
"state": "Running"
},
{
"path": "\\Lenovo\\Power Manager\\",
"name": "Uninstall task",
"state": "Ready"
},
{
"path": "\\Mozilla\\",
"name": "Firefox Background Update 308046B0AF4A39CB",
"state": "Ready"
},
{
"path": "\\Mozilla\\",
"name": "Firefox Background Update S-1-5-21-1051390473-2587535097-844096240-2650 308046B0AF4A39CB",
"state": "Ready"
},
{
"path": "\\Mozilla\\",
"name": "Firefox Default Browser Agent 308046B0AF4A39CB",
"state": "Ready"
}
],
"antivirus_products": [
"Windows Defender"
],
"domain_joined": true,
"defender": {
"antispyware_signature_age": 0,
"tamper_protected": true,
"real_time_protection": true,
"nis_enabled": true,
"available": true,
"antivirus_enabled": true,
"am_service_enabled": true
},
"bitlocker": {
"os_volume": "C:",
"key_protectors": [],
"recovery_key_present": false,
"available": true,
"encryption_percent": 0,
"protection_status": "Off"
},
"is_laptop": true,
"installed_software_count": 105,
"secure_channel_ok": true,
"firewall_profiles": {
"Private": true,
"Domain": true,
"Public": true
},
"domain": "ucryo.local",
"foreign_agents": null
},
"findings": [
{
"id": "sec.defender.ok",
"category": "security",
"severity": "info",
"title": "Defender active and current",
"detail": "Real-time protection on, service running, signatures current.",
"evidence": "RealTimeProtectionEnabled=True; AMServiceEnabled=True; AntispywareSignatureAge=0 days; IsTamperProtected=True"
},
{
"id": "sec.av_products.defender_only",
"category": "security",
"severity": "info",
"title": "Defender is the only registered AV",
"detail": "Only Microsoft/Windows Defender is registered in Security Center.",
"evidence": "Windows Defender"
},
{
"id": "sec.foreign_agents.none",
"category": "security",
"severity": "info",
"title": "No competitor/leftover management agents detected",
"detail": "No known competitor RMM or unmanaged remote-access agents found in installed programs or services.",
"evidence": "Scanned uninstall hives (HKLM + WOW6432Node) and Win32_Service"
},
{
"id": "sec.foreign_agents.acg.screenconnect_connectwise_control",
"category": "security",
"severity": "info",
"title": "Expected ACG management tooling present: ScreenConnect / ConnectWise Control",
"detail": "This is Arizona Computer Guru managed/remote-access tooling that we deploy. Its presence is expected and not a foreign-agent risk.",
"evidence": "program: ScreenConnect Client (1912bf3444b41a08) 26.1.24.9579\nservice: ScreenConnect Client (1912bf3444b41a08) (ScreenConnect Client (1912bf3444b41a08)) Running"
},
{
"id": "sec.foreign_agents.acg.splashtop_sos_streamer_",
"category": "security",
"severity": "info",
"title": "Expected ACG management tooling present: Splashtop (SOS/Streamer)",
"detail": "This is Arizona Computer Guru managed/remote-access tooling that we deploy. Its presence is expected and not a foreign-agent risk.",
"evidence": "program: Splashtop Streamer 3.8.2.0\nservice: SplashtopRemoteService (Splashtop? Remote Service) Running"
},
{
"id": "sec.foreign_agents.acg.syncro_kabuto",
"category": "security",
"severity": "info",
"title": "Expected ACG management tooling present: Syncro / Kabuto",
"detail": "This is Arizona Computer Guru managed/remote-access tooling that we deploy. Its presence is expected and not a foreign-agent risk.",
"evidence": "program: Syncro 1.0.201.18410\nservice: Syncro (Syncro) Running"
},
{
"id": "sec.firewall.ok",
"category": "security",
"severity": "info",
"title": "All firewall profiles enabled",
"detail": "Domain, Private, and Public firewall profiles are all enabled.",
"evidence": "Private=True; Domain=True; Public=True"
},
{
"id": "sec.bitlocker.unencrypted",
"category": "security",
"severity": "critical",
"title": "OS volume is NOT encrypted with BitLocker",
"detail": "The operating system volume is unencrypted. Data is exposed if the disk is removed or the device is lost. This is a laptop (portable chassis), so the data-at-rest risk if lost or stolen is high. Enable BitLocker and escrow the recovery key.",
"evidence": "Volume=C:; ProtectionStatus=Off; EncryptionPercentage=0; KeyProtectors="
},
{
"id": "sec.local_admins.list",
"category": "security",
"severity": "info",
"title": "Local administrators (5)",
"detail": "Members of the local Administrators group. Review for unexpected or unknown accounts (especially leftover MSP/vendor accounts from a prior provider).",
"evidence": "LILO\\Administrator\nLILO\\localadmin\nLILO\\me\nLILO\\paul\nUCRYO\\Domain Admins"
},
{
"id": "sec.patch.os_eol",
"category": "security",
"severity": "critical",
"title": "OS build is end-of-life: Win10 22H2",
"detail": "This OS build (19045, Win10 22H2) passed end-of-servicing on 2025-10-14. It no longer receives security updates. Plan a feature update or OS upgrade.",
"evidence": "Microsoft Windows 10 Pro build 19045; EOL 2025-10-14"
},
{
"id": "sec.patch.pending",
"category": "security",
"severity": "warning",
"title": "1 pending Windows updates",
"detail": "Windows Update reports pending (not installed, not hidden) updates. Some may be security updates. Approve/install on the next maintenance window.",
"evidence": "Microsoft.Update.Session search IsInstalled=0 and IsHidden=0 -> 1"
},
{
"id": "sec.patch.last_hotfix",
"category": "security",
"severity": "info",
"title": "Last hotfix: KB5072653",
"detail": "Most recently installed update (from Get-HotFix; reflects CBS/MSU packages, not all cumulative metadata).",
"evidence": "KB5072653 installed 2025-11-18T07:00:00Z"
},
{
"id": "sec.exposure.rdp_on",
"category": "security",
"severity": "warning",
"title": "RDP is enabled",
"detail": "Remote Desktop is enabled (NLA required). Confirm it is restricted to VPN or specific source IPs and not exposed to the internet.",
"evidence": "fDenyTSConnections=0; UserAuthentication=1"
},
{
"id": "sec.exposure.smb1_off",
"category": "security",
"severity": "info",
"title": "SMBv1 disabled",
"detail": "SMBv1 server protocol is disabled.",
"evidence": "EnableSMB1Protocol=False"
},
{
"id": "sec.exposure.laps_present",
"category": "security",
"severity": "info",
"title": "LAPS detected",
"detail": "A LAPS mechanism is present.",
"evidence": "Windows LAPS reg key"
},
{
"id": "health.stability.clean",
"category": "health",
"severity": "info",
"title": "No stability events in the last 14 days",
"detail": "No unexpected shutdowns, BSODs, or disk errors logged.",
"evidence": "Unexpected shutdowns (id 41)=0; Bugchecks/BSOD (id 1001)=0; Disk errors (id 7/51/153)=0"
},
{
"id": "health.reboot_uptime.pending",
"category": "health",
"severity": "warning",
"title": "Reboot pending",
"detail": "A reboot is pending. Pending reboots can block patches and leave the system in a half-updated state. Schedule a restart.",
"evidence": "PendingFileRenameOperations"
},
{
"id": "health.reboot_uptime.long_uptime",
"category": "health",
"severity": "warning",
"title": "Uptime is 82.3 days",
"detail": "Uptime exceeds 30 days. Long uptime usually means pending updates have not been applied (reboots deferred). Schedule maintenance.",
"evidence": "LastBootUpTime=2026-03-12 10:25:21Z"
},
{
"id": "health.failed_services.stopped",
"category": "health",
"severity": "warning",
"title": "3 auto-start service(s) not running",
"detail": "These services are set to start automatically but are not running. Some may be benign; review for security agents, backup agents, or AV that should be running.",
"evidence": "gpsvc (Group Policy Client) = Stopped\nIntel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) = Stopped\nLPlatSvc (Lenovo Platform Service) = Stopped"
},
{
"id": "health.domain.secure_channel_ok",
"category": "health",
"severity": "info",
"title": "Domain secure channel healthy",
"detail": "Machine trust relationship with the domain is intact.",
"evidence": "Domain=ucryo.local"
},
{
"id": "health.time.source",
"category": "health",
"severity": "info",
"title": "Time service source",
"detail": "Current Windows Time service source.",
"evidence": "Source=UC2-SERVER.ucryo.local"
},
{
"id": "health.battery.present",
"category": "health",
"severity": "info",
"title": "Battery present",
"detail": "Battery detected. (Wear-level / design-vs-full-capacity requires a powercfg battery report, not collected here.)",
"evidence": "EstimatedChargeRemaining=99%; BatteryStatus=2"
},
{
"id": "health.backup.none",
"category": "health",
"severity": "info",
"title": "No backup agent detected",
"detail": "No known backup agent service found. Backup expectation varies by endpoint; confirm whether this machine is supposed to have local/cloud backup and whether server-side or M365 backup covers it.",
"evidence": "No matching backup service in Win32_Service"
}
]
}
Reference in New Issue View Git Blame Copy Permalink