• List of iSCSI Mutual CHAP Posts by OS
  • Tools and Utilities for Windows
  • Unix and Linux Distros

slice2

slice2

Tag Archives: .NET

Determine what applications are using .NET on Windows with Process Explorer and Version Detector

03 Monday Feb 2014

Posted by Slice2 in Windows

≈ Leave a comment

Tags

.NET, Windows

I was asked recently whether a certain app or service required the .NET framework and while I generally knew the answer was no, I had no proof. I kept thinking, how can I determine what apps on this server were actually .NET? The following is a quick way to find those apps.

Microsoft Sysinternals Suite is an excellent set of utilities used to get under the hood of Windows and various Microsoft services. You can download the individual utilities but I just download the entire Suite. This post will use Process Explorer from the Suite but will barely scratch the surface of this powerful utility.

http://technet.microsoft.com/en-us/sysinternals/bb842062

To find out what .NET assembly versions you have installed, run Asoft’s .NET Version Detector. There is more to .NET detection than just looking in Add/Remove Programs, Program Files or the Registry.

http://www.asoft.be/prod_netver.html

1) Download and unzip Asoft’s .NET Version Detector. Double-click the dotnet.exe file, click OK on the license page and it will render your versions on the left and in the lower section. On the right they conveniently provide you with the default .NET version for each Windows OS. This is a great time saver. Thanks Asoft devs!

DotNet-04

2) Download the Sysinternals Suite at the URL above or just download Process Explorer itself. Unzip and copy the procexp.chm and procexp.exe files to C:\Windows\System32 or if you don’t want to place them in System32 just park them in a location of your choice. Process Explorer is standalone so no installation is required.

3) In order to access the .NET tabs, it must be run as Administrator. I prefer to execute it from the CLI. Start > enter cmd.exe in the search field and cmd.exe will appear at the top. Right-click it and select Run As Administrator. If you didn’t place it in the System32 folder, change directories to the location of procexp.exe.  To run it just type procexp.exe and press enter. You can also just right-click the procexp.exe file and select Run As Administrator. Click Yes on the User Account Control pop-up window.

4) Select Options > Configure Colors.

DotNet-00

5) Select the check box next to .Net Processes in the yellow box and click OK. This will highlight .NET processes in yellow.

DotNet-01

6) Scroll up and down in the process column and look for yellow highlighted entries. Note that there may not be any. If you suspect that an application might be a .NET application simply start it and check the process column again for that app. In this case, the first instance I find is Microsoft AD web services.

DotNet-02

7) Right-click the service that is highlighted in yellow and select Properties. Select the .NET Assemblies and .NET Performance tabs to dig deeper into the service.

DotNet-03

8) A less useful but honorable mention goes to wmic. It provides the installed version but little else. I need to play around with it a bit more and see what I can find. Running the command below will provide the installed version and takes about 30 seconds to run.

C:\Windows\system32> wmic product where “Name like ‘Microsoft .Net%'” get Name, Version

Name                                    Version
Microsoft .NET Framework    4.5.1  4.5.50938

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Recent Posts

  • Patch Alma Linux 8.7 on an Offline or Air-Gapped System
  • HOWTO Remove /home logical volume and add that space to the root partition
  • Patch Rocky Linux 8.6 on an Offline or Air-Gapped System
  • HOWTO Install the Splunk Universal Forwarder on FreeBSD
  • HOWTO install a Splunk Universal Forwarder on Solaris 11 SPARC and x64 Using pkg(p5p) and tar
  • HOWTO install a Splunk Universal Forwarder on Solaris 10 SPARC and x64 Using pkgadd and tar
  • Recover Files from a Windows NTFS partition using Linux based SystemRescue
  • Sysmon Event ID 1 Process Creation rules for Splunk Universal Forwarder and McAfee All Access
  • Upgrading CentOS 7.2003 to 7.2009 on an Offline or Air-Gapped System
  • HOWTO Easily Resize the Default LVM Volume on Ubuntu 18.04
  • Create a Docker Container for your Cisco ESA, SMA or WSA Offline Content Updates
  • Apply the Mozilla Firefox STIG to Firefox on Ubuntu Linux 18.04
  • Dynamically Resize Those Tiny BlackArch Linux Terminals and Add a Scrollbar
  • Kali Linux OVA for Air-Gapped Use Build Process
  • HOWTO install the XFCE 4 Desktop on NetBSD 8.1
  • Build a Kali Linux ISO with the latest OS patches and packages
  • HOWTO quickly STIG Firefox 59.01
  • HOWTO mount a Synology NAS SMB share on Linux with SMBv1 disabled
  • Howto safely delete the WSUS WID on Windows 2012R2
  • HOWTO quickly STIG Firefox 45.0.1
  • Completing the vSphere vCenter Appliance Hardening Process
  • HOWTO install the XFCE 4.12 Desktop on NetBSD 7
  • Enabling TLS 1.2 on the Splunk 6.2x Console and Forwarders using Openssl and self signed certs.
  • HOWTO enable SSH on a Cisco ASA running 9.1.x
  • Apply a Windows 2012 R2 Domain GPO to a standalone Windows 2012 R2 server
  • Enable legacy SSL and Java SSL support in your browser for those old, crusty websites
  • HOWTO update FreeBSD 10.1 to the latest 11-current release
  • HOWTO Secure iSCSI Luns Between FreeBSD 10.1 and NetApp Storage with Mutual CHAP
  • HOWTO install the XFCE 4 Desktop on NetBSD 6.1.5
  • HOWTO Secure iSCSI Luns Between Ubuntu Server 14.10 and NetApp Storage with Mutual CHAP

Categories

  • Cisco (2)
  • ESXi (4)
  • FreeBSD (2)
  • HP (5)
  • iSCSI (12)
  • Linux (31)
  • Nessus (3)
  • NetApp (31)
  • NetBSD (10)
  • Oracle (9)
  • Security (48)
  • Solaris (9)
  • Splunk (5)
  • VMware (19)
  • Windows (20)
  • Wireshark (4)
  • XFCE (3)

Archives

  • February 2023
  • August 2022
  • July 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • November 2021
  • January 2021
  • December 2020
  • November 2020
  • August 2020
  • May 2020
  • September 2019
  • August 2019
  • March 2018
  • November 2016
  • March 2016
  • January 2016
  • November 2015
  • July 2015
  • June 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013

Blogroll

  • Adobe Security Bulletins
  • CentOS Blog
  • Cisco Security Blog
  • CSO Magazine
  • DHS National Vulnerability Database
  • Eric Sloof's NTPRO
  • HT SSL Tests
  • Intel Corp Security Advisories
  • Internet Usage World Stats
  • Kali Linux Blog
  • Linux Mint Blog
  • Meltdown and Spectre
  • Microsoft Security Blog
  • Microsoft Security Intelligence Report
  • Microsoft Security Research & Defense
  • Microsoft Security Response Center
  • MITRE CVE Site
  • NetApp Blogs
  • NetBSD Blog
  • Oracle OTN Security
  • Oracle Security Blog
  • PacketStorm
  • Redhat Security Blog
  • SC Magazine
  • Shodan Search Engine
  • US-CERT Alerts
  • US-CERT Bulletins
  • US-CERT Vulnerability Notes KB
  • VMware Blogs
  • VMware Security Advisories

Category Cloud

Cisco ESXi FreeBSD HP iSCSI Linux Nessus NetApp NetBSD Oracle Security Solaris Splunk VMware Windows Wireshark XFCE

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 38 other subscribers

Powered by WordPress.com.

 

Loading Comments...