Attacks are reported on Windows 7 endpoints, however, the forensic report is missing. The endpoint computer has .Net Framework Client Profile is installed, but not a full .NET installation.
SETDADCollNatDll 10\07\2019-17:11:14:12 2019-10-07 17:11:14,035 [9] ERROR JN.RemoteAgent.Common.Utils.MessageFactory - Error::OnPipeDataReceived::Failed::DeserializeMessageSETDADCollNatDll 10\07\2019-17:11:14:12 2019-10-07 17:11:14,035 [9] ERROR JN.RemoteAgent.Common.Utils.MessageFactory - Error::OnPipeDataReceived::Failed::DeserializeMessageSystem.IO.FileNotFoundException: Could not load file or assembly 'System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=...' or one of its dependencies. The system cannot find the file specified.File name: 'System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=...' ---> System.IO.FileNotFoundException: Could not
Forensic collector will start but fail to collect data without the full installation of .Net 4.5 and above.
Install the full .Net 4.5 framework on the endpoint to resolve the issue.