System/Kernel
nadine@servmon c:\Users\Nadine> systeminfo
error: Access denied
nadine@servmon c:\Users\Nadine> powershell -C Get-ComputerInfo
windowsbuildlabex : 17763.1.amd64fre.rs5_release.180914-1434
windowscurrentversion : 6.3
windowseditionid : ServerStandard
windowsinstallationtype : Server
windowsinstalldatefromregistry : 3/1/2022 12:55:38 AM
windowsproductid : 00429-00521-62775-AA947
windowsproductname : Windows Server 2019 Standard
windowsregisteredowner : Windows User
windowssystemroot : C:\Windows
windowsversion : 1809
osserverlevel : FullServer
timezone : (UTC-08:00) Pacific Time (US & Canada)
powerplatformrole : Desktop
deviceguardsmartstatus : OffWindows Server 2019 Standard
Networks
nadine@SERVMON C:\Users\Nadine> netstat -ano
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 2232
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING 2340
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 64
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 876
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:5666 0.0.0.0:0 LISTENING 2300
TCP 0.0.0.0:5666 0.0.0.0:0 LISTENING 2300
TCP 0.0.0.0:6063 0.0.0.0:0 LISTENING 64
TCP 0.0.0.0:6699 0.0.0.0:0 LISTENING 64
TCP 0.0.0.0:8443 0.0.0.0:0 LISTENING 2300
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 476
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 1052
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1336
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 2188
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 616
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 2052
TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING 624
TCP 10.10.10.184:22 10.10.14.11:57260 ESTABLISHED 2340
TCP 10.10.10.184:139 0.0.0.0:0 LISTENING 4
TCP 127.0.0.1:49673 127.0.0.1:49674 ESTABLISHED 64
TCP 127.0.0.1:49674 127.0.0.1:49673 ESTABLISHED 64
TCP 127.0.0.1:49675 127.0.0.1:49676 ESTABLISHED 64
TCP 127.0.0.1:49676 127.0.0.1:49675 ESTABLISHED 64
UDP 0.0.0.0:123 *:* 2444
UDP 0.0.0.0:500 *:* 1728
UDP 0.0.0.0:4500 *:* 1728
UDP 0.0.0.0:5353 *:* 1388
UDP 0.0.0.0:5355 *:* 1388
UDP 0.0.0.0:34455 *:* 64
UDP 0.0.0.0:59940 *:* 2300
UDP 10.10.10.184:137 *:* 4
UDP 10.10.10.184:138 *:* 4
UDP 10.10.10.184:23456 *:* 64
UDP 10.10.10.184:23456 *:* 64
UDP 10.10.10.184:54367 *:* 64
UDP 127.0.0.1:59938 *:* 2500
UDP 127.0.0.1:59939 *:* 2300Users & Groups
nadine@servmon c:\Users\Nadine> net user
User accounts for \\SERVMON
-------------------------------------------------------------------------------
Administrator DefaultAccount Guest
Nadine Nathan WDAGUtilityAccount
The command completed successfully.nadine@servmon c:\Users\Nadine> net localgroup
Aliases for \\SERVMON
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Administrators
*Backup Operators
*Certificate Service DCOM Access
*Cryptographic Operators
*Device Owners
*Distributed COM Users
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Print Operators
*RDS Endpoint Servers
*RDS Management Servers
*RDS Remote Access Servers
*Remote Desktop Users
*Remote Management Users
*Replicator
*Storage Replica Administrators
*System Managed Accounts Group
*Users
The command completed successfully.Processes
nadine@SERVMON C:\Users\Nadine> powershell -C ps
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
77 5 2352 4132 0.03 2616 0 cmd
73 5 2716 4132 3736 1 cmd
198 13 7156 17604 2872 1 conhost
116 6 1172 4944 0.31 4784 0 conhost
154 9 6632 12592 4792 0 conhost
485 18 2268 5272 372 0 csrss
325 13 2156 4932 484 1 csrss
361 16 4924 15760 4344 1 ctfmon
254 14 4000 13336 2368 0 dllhost
585 26 22600 49136 976 1 dwm
1412 53 20220 74600 4668 1 explorer
49 6 1492 4248 760 0 fontdrvhost
49 8 4092 9008 768 1 fontdrvhost
0 0 56 8 0 0 Idle
916 23 5840 14692 624 0 lsass
223 13 3044 10236 3368 0 msdtc
627 84 233904 201576 2492 0 MsMpEng
153 38 4600 7312 4012 0 NisSrv
344 23 6572 19004 2300 0 nscp
2519 353 344028 373064 64 1 NVMS-1000
515 26 49640 52956 0.52 5768 0 powershell
0 12 372 11836 88 0 Registry
323 17 20492 32096 896 1 RuntimeBroker
223 12 2160 11832 5900 1 RuntimeBroker
674 32 21444 60420 5076 1 SearchUI
530 11 4836 9504 616 0 services
716 29 15476 50216 4564 1 ShellExperienceHost
443 17 4752 23396 3928 1 sihost
53 3 488 1040 276 0 smss
471 23 5756 16480 2188 0 spoolsv
126 9 2084 7328 1808 0 sshd
118 11 2344 6532 2340 0 sshd
135 9 2236 7236 0.16 5124 0 sshd
211 12 1984 9528 316 0 svchost
150 9 1756 11600 364 0 svchost
181 10 1936 8804 652 0 svchost
85 5 864 3620 748 0 svchost
830 20 6744 22196 808 0 svchost
806 17 5052 11484 876 0 svchost
241 10 1848 6956 920 0 svchost
273 13 3472 10880 1016 0 svchost
143 7 1288 5500 1036 0 svchost
382 13 10124 14012 1052 0 svchost
117 15 2940 6856 1192 0 svchost
184 9 1776 7368 1252 0 svchost
210 9 2096 7388 1264 0 svchost
375 17 4788 13996 1336 0 svchost
340 13 4012 10480 1352 0 svchost
239 13 3044 8244 1388 0 svchost
231 12 2644 11232 1464 0 svchost
426 9 2764 8776 1476 0 svchost
152 7 1200 5452 1488 0 svchost
164 9 1700 7768 1608 0 svchost
306 10 2404 8232 1624 0 svchost
314 11 2036 8800 1676 0 svchost
261 13 2524 7684 1728 0 svchost
233 11 2464 9604 1760 0 svchost
185 11 2056 11720 1780 0 svchost
141 9 1732 6512 1852 0 svchost
404 32 6676 15708 1900 0 svchost
114 7 1472 6040 1928 0 svchost
194 11 1928 7912 1960 0 svchost
167 12 1764 7164 2052 0 svchost
170 9 3008 7792 2072 0 svchost
181 22 2492 9696 2224 0 svchost
327 16 4588 11972 2232 0 svchost
390 16 9092 17676 2240 0 svchost
305 20 9716 14668 2272 0 svchost
115 7 1224 5112 2284 0 svchost
207 11 2288 8216 2324 0 svchost
136 8 1416 6096 2348 0 svchost
128 7 1228 5248 2396 0 svchost
209 12 1776 7352 2444 0 svchost
462 16 3300 11604 2500 0 svchost
170 10 2096 12988 2508 0 svchost
168 11 2440 13284 2624 0 svchost
324 18 4732 21468 2740 0 svchost
361 18 5420 27128 3740 1 svchost
270 13 3292 14396 3892 1 svchost
204 15 6256 10472 4252 0 svchost
171 9 1504 7176 4256 0 svchost
201 11 2504 11384 4288 0 svchost
164 9 4112 11620 4420 0 svchost
252 14 2960 13476 4496 0 svchost
164 9 1940 7176 4940 0 svchost
320 16 14312 16356 5380 0 svchost
1773 0 192 132 4 0 System
196 12 3760 9404 3604 1 taskhostw
179 11 2136 10960 4120 1 taskhostw
169 12 3220 10320 2412 0 VGAuthService
132 8 1608 6360 1244 0 vm3dservice
131 9 1680 7128 6020 1 vm3dservice
386 22 9316 21092 2404 0 vmtoolsd
259 18 5236 16308 4068 1 vmtoolsd
134 10 1368 7008 5728 1 WatchDog
171 11 1436 6688 476 0 wininit
279 12 2772 12888 540 1 winlogon
339 15 7384 16012 3292 0 WmiPrvSEnscp
Tasks
nadine@servmon c:\Users\Nadine> schtasks /QUERY /FO TABLE | findstr /v /i "\Microsoft" | findstr /v /i "access level" | findstr /v /i "system32"
folder: \
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
Server Initial Configuration Task N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
.NET Framework NGEN v4.0.30319 N/A Ready
.NET Framework NGEN v4.0.30319 64 N/A Ready
.NET Framework NGEN v4.0.30319 64 Critic N/A Disabled
.NET Framework NGEN v4.0.30319 Critical N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
AD RMS Rights Policy Template Management N/A Disabled
AD RMS Rights Policy Template Management N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
PolicyConverter N/A Disabled
VerifiedPublisherCertStoreCheck N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
microsoft compatibility appraiser 1/30/2023 4:00:11 AM Ready
ProgramDataUpdater N/A Ready
StartupAppTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
appuriverifierdaily N/A Ready
appuriverifierinstall N/A Ready
CleanupTemporaryState N/A Ready
DsSvcCleanup N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Pre-staged app cleanup N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Proxy N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
BitLocker Encrypt All Drives N/A Ready
BitLocker MDM policy Refresh N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UninstallDeviceTask N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
BgTaskRegistrationMaintenanceTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ProactiveScan N/A Ready
SyspartRepair N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
consolidator 1/30/2023 6:00:00 AM Ready
UsbCeip N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
data integrity scan 2/18/2023 6:00:00 PM Ready
Data Integrity Scan for Crash Recovery N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ScheduledDefrag N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
device 1/30/2023 3:23:05 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
DXGIAdapterCache N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SilentCleanup N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Microsoft-Windows-DiskDiagnosticDataColl N/A Ready
Microsoft-Windows-DiskDiagnosticResolver N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Diagnostics N/A Ready
StorageSense N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
EDP App Launch Task N/A Ready
EDP Auth Task N/A Ready
StorageCardEncryption Task N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ExploitGuard MDM policy Refresh N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Property Definition Sync N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
TaskName Next Run Time Status
======================================== ====================== ===============
ReconcileFeatures N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
refreshcache 1/31/2023 12:24:53 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ScanForUpdates N/A Disabled
ScanForUpdatesAsUser N/A Disabled
WakeUpAndContinueUpdates N/A Disabled
WakeUpAndScanForUpdates N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Notifications N/A Ready
WindowsActionDialog N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
WinSAT N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
MapsToastTask N/A Disabled
MapsUpdateTask N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
ProcessMemoryDiagnosticEvents N/A Disabled
RunFullMemoryDiagnostic N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
MNO Metadata Parser N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
LPRemove N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SystemSoundsService N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
GatherNetworkInfo N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Background Synchronization N/A Disabled
Logon Synchronization N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Server Manager Performance Monitor N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Device Install Group Policy N/A Ready
Device Install Reboot Required N/A Ready
Sysprep Generalize Drivers N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
AnalyzeSystem N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
VerifyWinRE N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
CleanupOldPerfLogs N/A Ready
ServerManager N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
StartComponentCleanup N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Account Cleanup N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
CreateObjectTask N/A Ready
IndexerAutomaticMaintenance N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Collection N/A Disabled
Configuration N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SpaceAgentTask N/A Ready
SpaceManagerTask N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
HeadsetButtonPress N/A Ready
speechmodeldownloadtask 1/31/2023 12:03:35 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Storage Tiers Management Initialization N/A Ready
Storage Tiers Optimization N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
MsCtfMonitor N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
ForceSynchronizeTime N/A Ready
SynchronizeTime N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
SynchronizeTimeZone N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UPnPHostConfig N/A Disabled
TaskName Next Run Time Status
======================================== ====================== ===============
Windows Defender Cache Maintenance N/A Ready
Windows Defender Cleanup N/A Ready
windows defender scheduled scan 1/30/2023 2:08:42 AM Ready
Windows Defender Verification N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
queuereporting 1/30/2023 2:28:59 AM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
BfeOnServiceStartTypeChange N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
UpdateLibrary N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
Calibration Loader N/A Ready
TaskName Next Run Time Status
======================================== ====================== ===============
scheduled start 1/30/2023 11:57:18 PM Ready
TaskName Next Run Time Status
======================================== ====================== ===============
CacheTask N/A Running
TaskName Next Run Time Status
======================================== ====================== ===============
Automatic-Device-Join N/A Disabled
Recovery-Check N/A DisabledFirewall & AV
nadine@SERVMON C:\Users\Nadine> netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Disable
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
22 TCP Enable Inbound SSHD Port OpenSSH (chocolatey package: openssh)
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Disable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable Yes Network Discovery
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
22 TCP Enable Inbound SSHD Port OpenSSH (chocolatey package: openssh)
Log configuration:
-------------------------------------------------------------------
File location = C:\Windows\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .Firewall is enabled
nadine@SERVMON C:\Users\Nadine> powershell -C Get-MpComputerStatus
Get-MpComputerStatus : Cannot connect to CIM server. Access denied
At line:1 char:1
+ Get-MpComputerStatus
+ ~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (MSFT_MpComputerStatus:String) [Get-MpComputerStatus], CimJobException
+ FullyQualifiedErrorId : CimJob_BrokenCimSession,Get-MpComputerStatusInstalled .NET Frameworks
nadine@servmon c:\Users\Nadine> dir /A:D C:\Windows\Microsoft.NET\Framework
Volume in drive C has no label.
Volume Serial Number is 20C1-47A1
directory of c:\Windows\Microsoft.NET\Framework
02/28/2022 06:07 PM <DIR> .
02/28/2022 06:07 PM <DIR> ..
09/14/2018 11:19 PM <DIR> v1.0.3705
09/14/2018 11:19 PM <DIR> v1.1.4322
02/28/2022 06:07 PM <DIR> v2.0.50727
02/28/2022 06:07 PM <DIR> v3.0
02/28/2022 06:07 PM <DIR> v3.5
01/30/2023 12:09 AM <DIR> v4.0.30319
0 File(s) 0 bytes
8 Dir(s) 6,116,278,272 bytes free
nadine@servmon c:\Users\Nadine>
nadine@servmon c:\Users\Nadine> reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
nadine@servmon c:\Users\Nadine> reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
smsvchostpath reg_sz c:\Windows\Microsoft.NET\Framework64\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727
CBS REG_DWORD 0x1
Increment REG_SZ 4927
Install REG_DWORD 0x1
OCM REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 2.0.50727.4927
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1028
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1029
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1030
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1031
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1032
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1033
CBS REG_DWORD 0x1
Increment REG_SZ 4927
SP REG_DWORD 0x2
Version REG_SZ 2.0.50727.4927
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1035
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1036
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1038
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1040
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1041
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1042
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1043
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1044
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1045
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1046
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1049
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1053
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\1055
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\2052
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\2070
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\3076
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v2.0.50727\3082
Install REG_DWORD 0x1
MSI REG_DWORD 0x1
OCM REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0
CBS REG_DWORD 0x1
Increment REG_SZ 4926
Install REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Servicing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Servicing\Windows Workflow Foundation
CBS REG_DWORD 0x1
Hotfix REG_SZ
Install REG_DWORD 0x1
SP REG_DWORD 0x2
SPIndex REG_DWORD 0x0
SPName REG_SZ SP2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup
InstallSuccess REG_DWORD 0x1
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\1033
CBS REG_DWORD 0x1
Increment REG_SZ 4926
Install REG_DWORD 0x1
InstallSuccess REG_DWORD 0x1
SP REG_DWORD 0x2
Version REG_SZ 3.0.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Communication Foundation
InstallSuccess REG_DWORD 0x1
referenceinstallpath reg_sz c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
runtimeinstallpath reg_sz c:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\
Version REG_SZ 3.0.4506.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Presentation Foundation
(Default) REG_SZ WPF v3.0.6920.4902
installroot reg_sz c:\Windows\Microsoft.NET\Framework64\v3.0\WPF\
InstallSuccess REG_DWORD 0x1
ProductVersion REG_SZ 3.0.6920.4902
Version REG_SZ 3.0.6920.4902
wpfcommonassembliespathx64 reg_sz c:\Windows\System32\
wpfnonreferenceassembliespathx64 reg_sz c:\Windows\Microsoft.NET\Framework64\v3.0\WPF\
wpfreferenceassembliespathx64 reg_sz c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.0\Setup\Windows Workflow Foundation
(Default) REG_SZ Windows Workflow Foundation
FileVersion REG_SZ 3.0.4203.4926
installdir reg_sz c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\
InstallSuccess REG_DWORD 0x1
MajorBuildNum REG_SZ 4203
ProductVersion REG_SZ 3.0.0.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.5
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
installpath reg_sz c:\Windows\Microsoft.NET\Framework64\v3.5\
SP REG_DWORD 0x1
Version REG_SZ 3.5.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v3.5\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
SP REG_DWORD 0x1
Version REG_SZ 3.5.30729.4926
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
installpath reg_sz c:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
installpath reg_sz c:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x70bf6
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.7.03190
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.04.7.03190 is the lastest