Tech Support Forum banner
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
39 Posts
Discussion Starter · #1 ·
My event viewer has been showing lots of errors in WinMgmt so
I ran the diagnostic tool and it generated this log but I'm
not sure how to correctly fix the errors and was looking for
some help


LOG


16363 15:36:00 (0) ** WMIDiag v2.0 started on Wednesday, March 30, 2011 at 15:32.
16364 15:36:00 (0) **
16365 15:36:00 (0) ** Copyright © Microsoft Corporation. All rights reserved - January 2007.
16366 15:36:00 (0) **
16367 15:36:00 (0) ** This script is not supported under any Microsoft standard support program or service.
16368 15:36:00 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all
16369 15:36:00 (0) ** implied warranties including, without limitation, any implied warranties of merchantability
16370 15:36:00 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance
16371 15:36:00 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors,
16372 15:36:00 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for
16373 15:36:00 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits,
16374 15:36:00 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of
16375 15:36:00 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised
16376 15:36:00 (0) ** of the possibility of such damages.
16377 15:36:00 (0) **
16378 15:36:00 (0) **
16379 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16380 15:36:00 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ----------------------------------------------------------
16381 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16382 15:36:00 (0) **
16383 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16384 15:36:00 (0) ** Windows XP - No service pack - 32-bit (2600) - User 'PAS\PAS' on computer 'PAS'.
16385 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16386 15:36:00 (0) ** INFO: Environment: .................................................................................................. 1 ITEM(S)!
16387 15:36:00 (0) ** INFO: => 3 incorrect shutdown(s) detected on:
16388 15:36:00 (0) ** - Shutdown on 08 March 2011 12:24:11 (GMT+8).
16389 15:36:00 (0) ** - Shutdown on 24 March 2011 07:57:21 (GMT+8).
16390 15:36:00 (0) ** - Shutdown on 24 March 2011 12:15:52 (GMT+8).
16391 15:36:00 (0) **
16392 15:36:00 (0) ** System drive: ....................................................................................................... C: (Disk #0 Partition #0).
16393 15:36:00 (0) ** Drive type: ......................................................................................................... IDE (Disk drive).
16394 15:36:00 (0) ** INFO: The following UNEXPECTED binary files are/is found in the WBEM folder: ........................................ 1 FILE(S)!
16395 15:36:00 (0) ** - WBEMCONS(2).DLL, 71680 bytes, 4/14/2008 4:42:10 AM
16396 15:36:00 (0) ** => This list is provided for information. Unexpected binary file(s) in 'C:\WINDOWS\SYSTEM32\WBEM\'
16397 15:36:00 (0) ** do not necessarily represent an error. For instance, the file(s) listed can be added by
16398 15:36:00 (0) ** any applications implementing WMI providers.
16399 15:36:00 (0) ** => NO ACTION is required.
16400 15:36:00 (0) **
16401 15:36:00 (0) ** There are no missing WMI system files: .............................................................................. OK.
16402 15:36:00 (0) ** There are no missing WMI repository files: .......................................................................... OK.
16403 15:36:00 (0) ** WMI repository state: ............................................................................................... N/A.
16404 15:36:00 (0) ** BEFORE running WMIDiag:
16405 15:36:00 (0) ** The WMI repository has a size of: ................................................................................... 7 MB.
16406 15:36:00 (0) ** - Disk free space on 'C:': .......................................................................................... 46569 MB.
16407 15:36:00 (0) ** - INDEX.BTR, 1040384 bytes, 3/30/2011 3:31:56 PM
16408 15:36:00 (0) ** - INDEX.MAP, 532 bytes, 3/30/2011 3:31:56 PM
16409 15:36:00 (0) ** - OBJECTS.DATA, 5865472 bytes, 3/30/2011 3:31:56 PM
16410 15:36:00 (0) ** - OBJECTS.MAP, 2888 bytes, 3/30/2011 3:31:56 PM
16411 15:36:00 (0) ** AFTER running WMIDiag:
16412 15:36:00 (0) ** The WMI repository has a size of: ................................................................................... 7 MB.
16413 15:36:00 (0) ** - Disk free space on 'C:': .......................................................................................... 46567 MB.
16414 15:36:00 (0) ** - INDEX.BTR, 1040384 bytes, 3/30/2011 3:32:57 PM
16415 15:36:00 (0) ** - INDEX.MAP, 532 bytes, 3/30/2011 3:32:57 PM
16416 15:36:00 (0) ** - OBJECTS.DATA, 5865472 bytes, 3/30/2011 3:32:57 PM
16417 15:36:00 (0) ** - OBJECTS.MAP, 2888 bytes, 3/30/2011 3:32:57 PM
16418 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16419 15:36:00 (0) ** Windows Firewall: ................................................................................................... NOT INSTALLED.
16420 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16421 15:36:00 (0) ** DCOM Status: ........................................................................................................ OK.
16422 15:36:00 (0) ** WMI registry setup: ................................................................................................. OK.
16423 15:36:00 (0) ** WMI Service has no dependents: ...................................................................................... OK.
16424 15:36:00 (0) ** RPCSS service: ...................................................................................................... OK (Already started).
16425 15:36:00 (0) ** WINMGMT service: .................................................................................................... OK (Already started).
16426 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16427 15:36:00 (0) ** WMI service DCOM setup: ............................................................................................. OK.
16428 15:36:00 (2) !! WARNING: WMI DCOM components registration is missing for the following EXE/DLLs: .................................... 8 WARNING(S)!
16429 15:36:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{7A0227F6-7108-11D1-AD90-00C04FD8FDFF}\InProcServer32)
16430 15:36:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{D71EE747-F455-4804-9DF6-2ED81025F2C1}\InProcServer32)
16431 15:36:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{ED51D12E-511F-4999-8DCD-C2BAC91BE86E}\InProcServer32)
16432 15:36:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{4C6055D8-84B9-4111-A7D3-6623894EEDB3}\InProcServer32)
16433 15:36:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{A1044801-8F7E-11D1-9E7C-00C04FC324A8}\InProcServer32)
16434 15:36:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{F7CE2E13-8C90-11D1-9E7B-00C04FC324A8}\InProcServer32)
16435 15:36:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\SNMPINCL.DLL (\CLSID\{1F517A23-B29C-11CF-8C8D-00AA00A4086C}\InProcServer32)
16436 15:36:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\SNMPINCL.DLL (\CLSID\{70426720-F78F-11CF-9151-00AA00A4086C}\InProcServer32)
16437 15:36:00 (0) ** => WMI System components are not properly registered as COM objects, which could make WMI to
16438 15:36:00 (0) ** fail depending on the operation requested.
16439 15:36:00 (0) ** => For a .DLL, you can correct the DCOM configuration by executing the 'REGSVR32.EXE <Filename.DLL>' command.
16440 15:36:00 (0) **
16441 15:36:00 (0) ** WMI ProgID registrations: ........................................................................................... OK.
16442 15:36:00 (2) !! WARNING: WMI provider DCOM registrations missing for the following provider(s): ..................................... 1 WARNING(S)!
16443 15:36:00 (0) ** - ROOT/SNMP/LOCALHOST, MS_SNMP_CLASS_PROVIDER ({70426720-F78F-11CF-9151-00AA00A4086C})
16444 15:36:00 (0) ** Provider DLL: 'C:\WINNT\SYSTEM32\WBEM\SNMPINCL.DLL'
16445 15:36:00 (0) ** => This is an issue because there are still some WMI classes referencing this list of providers
16446 15:36:00 (0) ** while the DCOM registration is wrong or missing. This can be due to:
16447 15:36:00 (0) ** - a de-installation of the software.
16448 15:36:00 (0) ** - a deletion of some registry key data.
16449 15:36:00 (0) ** - a registry corruption.
16450 15:36:00 (0) ** => You can correct the DCOM configuration by:
16451 15:36:00 (0) ** - Executing the 'REGSVR32.EXE <Provider.DLL>' command.
16452 15:36:00 (0) ** Note: You can build a list of classes in relation with their WMI provider and MOF file with WMIDiag.
16453 15:36:00 (0) ** (This list can be built on a similar and working WMI Windows installation)
16454 15:36:00 (0) ** The following command line must be used:
16455 15:36:00 (0) ** i.e. 'WMIDiag CorrelateClassAndProvider'
16456 15:36:00 (2) !! WARNING: Re-registering with REGSVR32.EXE all DLL from 'SNMPINCL.DLL'
16457 15:36:00 (0) ** may not solve the problem as the DLL supporting the WMI class(es)
16458 15:36:00 (0) ** can be located in a different folder.
16459 15:36:00 (0) ** You must refer to the class name to determine the software delivering the related DLL.
16460 15:36:00 (0) ** => If the software has been de-installed intentionally, then this information must be
16461 15:36:00 (0) ** removed from the WMI repository. You can use the 'WMIC.EXE' command to remove
16462 15:36:00 (0) ** the provider registration data.
16463 15:36:00 (0) ** i.e. 'WMIC.EXE /NAMESPACE:\\ROOT\SNMP\LOCALHOST path __Win32Provider Where Name='MS_SNMP_INSTANCE_PROVIDER' DELETE'
16464 15:36:00 (0) ** => If the namespace was ENTIRELY dedicated to the intentionally de-installed software,
16465 15:36:00 (0) ** the namespace and ALL its content can be ENTIRELY deleted.
16466 15:36:00 (0) ** i.e. 'WMIC.EXE /NAMESPACE:\\ROOT\SNMP path __NAMESPACE Where Name='LOCALHOST' DELETE'
16467 15:36:00 (0) ** - Re-installing the software.
16468 15:36:00 (0) **
16469 15:36:00 (0) ** WMI provider CIM registrations: ..................................................................................... OK.
16470 15:36:00 (0) ** WMI provider CLSIDs: ................................................................................................ OK.
16471 15:36:00 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK.
16472 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16473 15:36:00 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED.
16474 15:36:00 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
16475 15:36:00 (0) ** - REMOVED ACE:
16476 15:36:00 (0) ** ACEType: &h0
16477 15:36:00 (0) ** ACCESS_ALLOWED_ACE_TYPE
16478 15:36:00 (0) ** ACEFlags: &h0
16479 15:36:00 (0) ** ACEMask: &h1
16480 15:36:00 (0) ** DCOM_RIGHT_EXECUTE
16481 15:36:00 (0) **
16482 15:36:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
16483 15:36:00 (0) ** Removing default security will cause some operations to fail!
16484 15:36:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
16485 15:36:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
16486 15:36:00 (0) **
16487 15:36:00 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED.
16488 15:36:00 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
16489 15:36:00 (0) ** - REMOVED ACE:
16490 15:36:00 (0) ** ACEType: &h0
16491 15:36:00 (0) ** ACCESS_ALLOWED_ACE_TYPE
16492 15:36:00 (0) ** ACEFlags: &h0
16493 15:36:00 (0) ** ACEMask: &h1
16494 15:36:00 (0) ** DCOM_RIGHT_EXECUTE
16495 15:36:00 (0) **
16496 15:36:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
16497 15:36:00 (0) ** Removing default security will cause some operations to fail!
16498 15:36:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
16499 15:36:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
16500 15:36:00 (0) **
16501 15:36:00 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED.
16502 15:36:00 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
16503 15:36:00 (0) ** - REMOVED ACE:
16504 15:36:00 (0) ** ACEType: &h0
16505 15:36:00 (0) ** ACCESS_ALLOWED_ACE_TYPE
16506 15:36:00 (0) ** ACEFlags: &h0
16507 15:36:00 (0) ** ACEMask: &h1
16508 15:36:00 (0) ** DCOM_RIGHT_EXECUTE
16509 15:36:00 (0) **
16510 15:36:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
16511 15:36:00 (0) ** Removing default security will cause some operations to fail!
16512 15:36:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
16513 15:36:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
16514 15:36:00 (0) **
16515 15:36:00 (0) **
16516 15:36:00 (0) ** DCOM security warning(s) detected: .................................................................................. 0.
16517 15:36:00 (0) ** DCOM security error(s) detected: .................................................................................... 3.
16518 15:36:00 (0) ** WMI security warning(s) detected: ................................................................................... 0.
16519 15:36:00 (0) ** WMI security error(s) detected: ..................................................................................... 0.
16520 15:36:00 (0) **
16521 15:36:00 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR!
16522 15:36:00 (0) ** Overall WMI security status: ........................................................................................ OK.
16523 15:36:00 (0) ** - Started at 'Root' --------------------------------------------------------------------------------------------------------------
16524 15:36:00 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 2.
16525 15:36:00 (0) ** - ROOT/SUBSCRIPTION, MSFT_UCScenarioControl.Name="Microsoft WMI Updating Consumer Scenario Control".
16526 15:36:00 (0) ** 'SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario''
16527 15:36:00 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer".
16528 15:36:00 (0) ** 'select * from MSFT_SCMEventLogEvent'
16529 15:36:00 (0) **
16530 15:36:00 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE.
16531 15:36:00 (0) ** WMI ADAP status: .................................................................................................... OK.
16532 15:36:00 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: .................................................................... 1 NAMESPACE(S)!
16533 15:36:00 (0) ** - ROOT/SERVICEMODEL.
16534 15:36:00 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to
16535 15:36:00 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level.
16536 15:36:00 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRIVACY or PktPrivacy flags)
16537 15:36:00 (0) ** i.e. 'WMIC.EXE /NODE:"PAS" /AUTHLEVEL:pktprivacy /NAMESPACE:\\ROOT\SERVICEMODEL Class __SystemSecurity'
16538 15:36:00 (0) **
16539 15:36:00 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK.
16540 15:36:00 (0) ** WMI CONNECTIONS: .................................................................................................... OK.
16541 15:36:00 (0) ** WMI GET operations: ................................................................................................. OK.
16542 15:36:00 (0) ** WMI MOF representations: ............................................................................................ OK.
16543 15:36:00 (0) ** WMI QUALIFIER access operations: .................................................................................... OK.
16544 15:36:00 (0) ** WMI ENUMERATION operations: ......................................................................................... OK.
16545 15:36:00 (0) ** WMI EXECQUERY operations: ........................................................................................... OK.
16546 15:36:00 (0) ** WMI GET VALUE operations: ........................................................................................... OK.
16547 15:36:00 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED.
16548 15:36:00 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED.
16549 15:36:00 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED.
16550 15:36:00 (0) ** WMI static instances retrieved: ..................................................................................... 577.
16551 15:36:00 (0) ** WMI dynamic instances retrieved: .................................................................................... 0.
16552 15:36:00 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 0.
16553 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16554 15:36:00 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s):
16555 15:36:00 (0) ** DCOM: ............................................................................................................. 11.
16556 15:36:00 (0) ** WINMGMT: .......................................................................................................... 0.
16557 15:36:00 (0) ** WMIADAPTER: ....................................................................................................... 0.
16558 15:36:00 (0) ** => Verify the WMIDiag LOG at line #15880 for more details.
16559 15:36:00 (0) **
16560 15:36:00 (0) ** # of additional Event Log events AFTER WMIDiag execution:
16561 15:36:00 (0) ** DCOM: ............................................................................................................. 0.
16562 15:36:00 (0) ** WINMGMT: .......................................................................................................... 38.
16563 15:36:00 (0) ** WMIADAPTER: ....................................................................................................... 0.
16564 15:36:00 (2) !! WARNING: => Verify the WMIDiag LOG at line #15922 for more details.
16565 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16566 15:36:00 (0) ** WMI Registry key setup: ............................................................................................. OK.
16567 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16568 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16569 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16570 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16571 15:36:00 (0) **
16572 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16573 15:36:00 (0) ** ------------------------------------------------------ WMI REPORT: END -----------------------------------------------------------
16574 15:36:00 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
16575 15:36:00 (0) **
16576 15:36:00 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\DOCUMENTS AND SETTINGS\PAS\LOCAL SETTINGS\TEMP\WMIDIAG-V2.0_XP___.CLI.RTM.32_PAS_2011.03.30_15.32.06.LOG' for details.
16577 15:36:00 (0) **
16578 15:36:00 (0) ** WMIDiag v2.0 ended on Wednesday, March 30, 2011 at 15:36 (W:88 E:23 S:1).



Thanks
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top