azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
749a472089df42ef1301b7e835db4e4e8d40e217
claudetools/clients/at-trebesch/workstations.md
Howard Enos 0a7f3368a6 sync: auto-sync from ACG-TECH03L at 2026-04-17 19:47:15 
Author: Howard Enos
Machine: ACG-TECH03L
Timestamp: 2026-04-17 19:47:15
2026-04-17 19:47:20 -07:00

2.9 KiB
Raw Blame History

Workstations — AT Trebesch

Inventory built from on-machine audit runs. Last updated 2026-04-17.

Summary

PC Name User/Role OS Edition Domain BitLocker Last Audit
DESKTOP-QNP3ON5 Owner Win 11 25H2 Home WORKGROUP None (decrypted) 2026-04-17

DESKTOP-QNP3ON5

Hardware

  • Lenovo (model 91D00000US)
  • Serial: MZ025MVK
  • BIOS: M68KT23A
  • CPU: AMD Ryzen 7 250 w/ Radeon 780M Graphics (8 cores / 16 threads)
  • RAM: 15.3 GB
  • Storage: 953 GB KIOXIA KBG6AZNV1T02 LA SSD (NVMe), 598 GB free, healthy
  • Chassis: Desktop, no battery

OS / Activation

  • Windows 11 Home 25H2 (build 26200), 64-bit
  • Installed 2025-10-12
  • License: Licensed (StatusCode 1), partial key 6F4JW

Network

  • Ethernet: Realtek PCIe GbE — UP, 1 Gbps, 10.0.0.15
  • Wi-Fi: Realtek RTL8852BE WiFi 6 — disconnected
  • Bluetooth NIC enabled (unused — recommend disable)
  • Saved Wi-Fi profiles: ComputerGuru, Scurda2

Local accounts (enabled)

Name Last Logon PasswordRequired Notes
Owner 2026-04-15 False PASSWORD NOT REQUIRED — fix immediately
guru 2025-10-18 True MSP backdoor, in Administrators
localadmin (never logged) True Second MSP backdoor, in Administrators

Local Administrators: Administrator (disabled), guru, localadmin, Owner

Security posture (highlights)

  • BitLocker: Off, drive fully decrypted (Win Home limits BitLocker to "Device Encryption" only)
  • Secure Boot: DISABLED (UEFI capable, TPM 2.0 ready — turn on)
  • TPM: present + ready
  • WinRE: enabled
  • Firewall: enabled on all 3 profiles
  • LSA Protection (RunAsPPL): enabled (good)
  • WDigest cleartext: disabled (good)
  • Cached logons: 10 (recommend lower to 4)
  • NTLM LmCompatibilityLevel: blank (defaults to 3, recommend explicit 5)
  • UAC: enabled (default settings)
  • RDP: disabled
  • USB storage: unrestricted
  • AutoPlay: not disabled

Antivirus posture

  • Bitdefender Endpoint Security Tools 8.26.4.628 — primary EDR, 4 services running
  • Malwarebytes 5.5.4.252 — CONFLICT, also real-time. Pick one.
  • Defender: Passive Mode (correct, deferring to Bitdefender), but Tamper Protection disabled
  • Defender ASR rules: 1 configured, 0 in Block mode

Apps of note

  • Office 365 Apps Pro Plus (Office 2024)
  • Carbonite 6.6.0 (Dec 2025 build)
  • Classic Shell 4.3.1 — abandoned project, replace with Open-Shell-Menu or remove
  • ExplorerPatcher 26100.4946.69.6 — Win10-style shell mod
  • Lenovo System Update 5.08.03.59
  • AMD Software 26.3.1
  • Canon MX490 series MP Drivers 1.02 (printer)
  • Windows 11 Installation Assistant — leftover, can uninstall

Performance

  • Memory at 85.1% used (2.3 GB free of 15.3 GB) — investigate top procs in audit JSON
  • Uptime: 2.6 days (boot 2026-04-14)
  • 263 processes running

Updates

  • KB5083769, KB5082417, KB5088467 (4/14-4/15 cycle) installed
  • 1 pending update
  • 0 WU failures in last 30d
Reference in New Issue View Git Blame Copy Permalink