NCSA SCADA
asked on
WMI to Remote computer fails
Thanks experts in advance for the help.
I have almost 100 windows 2003 servers I support accross north america. I have a tool I developed that uses wmi calls to collect information from each servers. It works great on about 95% of the servers. The others do not return any data. I have verified that I am an administrator on the servers, I have followed the steps I could find to rebuild the repository and for registering the service again. Nothing seems to help. I have also turned off the firewall on the servers. I find these errors on all of the servers that are failing. (Wmiprov.log)
(Sun Apr 17 18:24:23 2011.70015) : WDM call returned error: 4200
(Sun Apr 17 18:24:23 2011.70140) : ************************** ********** ***
(Sun Apr 17 18:24:23 2011.70140) : Could not get pointer to binary resource for file:
(Sun Apr 17 18:24:23 2011.70140) : C:\WINDOWS\System32\driver s\afd.sys[ AfdMofReso urce](Sun Apr 17 18:24:23 2011.70140) :
(Sun Apr 17 18:24:23 2011.70140) : ************************** ********** ***
In the wmiadap.log I find these errors
(Thu Sep 17 20:02:18 2009.1859343) : VerifyLoaded for mssindex hr = 80041001.
(Thu Sep 17 20:02:18 2009.1859343) : Construction of the mssindex perflib wrapper failed hr = 80041001.
Any help would be great
Thanks again
I have almost 100 windows 2003 servers I support accross north america. I have a tool I developed that uses wmi calls to collect information from each servers. It works great on about 95% of the servers. The others do not return any data. I have verified that I am an administrator on the servers, I have followed the steps I could find to rebuild the repository and for registering the service again. Nothing seems to help. I have also turned off the firewall on the servers. I find these errors on all of the servers that are failing. (Wmiprov.log)
(Sun Apr 17 18:24:23 2011.70015) : WDM call returned error: 4200
(Sun Apr 17 18:24:23 2011.70140) : **************************
(Sun Apr 17 18:24:23 2011.70140) : Could not get pointer to binary resource for file:
(Sun Apr 17 18:24:23 2011.70140) : C:\WINDOWS\System32\driver
(Sun Apr 17 18:24:23 2011.70140) : **************************
In the wmiadap.log I find these errors
(Thu Sep 17 20:02:18 2009.1859343) : VerifyLoaded for mssindex hr = 80041001.
(Thu Sep 17 20:02:18 2009.1859343) : Construction of the mssindex perflib wrapper failed hr = 80041001.
Any help would be great
Thanks again
I'd check out the WMI Diag Utility from Microsoft. You may have corrupt WMI components on the machine's that have a problem.
http://www.microsoft.com/downloads/en/details.aspx?familyid=d7ba3cd6-18d1-4d05-b11e-4c64192ae97d&displaylang=en
http://www.microsoft.com/downloads/en/details.aspx?familyid=d7ba3cd6-18d1-4d05-b11e-4c64192ae97d&displaylang=en
ASKER
I tried that as well, and it killed a bunch of critical services. I had to stop it and reboot the server
Can you manually re-register WMI components?
I've had this happen to me before. I've had a so-so amount of success fixing. some fixed, some not.
I manage a lot of remote servers using WMI too.
you'd had to execute all of the below lines. Or maybe copy into a .bat and run it.
CD c:\Windows\System32\wbem
for %i in (*.dll) do RegSvr32 -s %i
regsvr32 -s scrcons.exe
regsvr32 -s unsecapp.exe
regsvr32 -s wbemtest.exe
regsvr32 -s winmgmt.exe
regsvr32 -s wmiadap.exe
regsvr32 -s wmiapsvr.exe
regsvr32 -s wmiprvse.exe
net stop ccmexec
net start ccmexec
pause
I've had this happen to me before. I've had a so-so amount of success fixing. some fixed, some not.
I manage a lot of remote servers using WMI too.
you'd had to execute all of the below lines. Or maybe copy into a .bat and run it.
CD c:\Windows\System32\wbem
for %i in (*.dll) do RegSvr32 -s %i
regsvr32 -s scrcons.exe
regsvr32 -s unsecapp.exe
regsvr32 -s wbemtest.exe
regsvr32 -s winmgmt.exe
regsvr32 -s wmiadap.exe
regsvr32 -s wmiapsvr.exe
regsvr32 -s wmiprvse.exe
net stop ccmexec
net start ccmexec
pause
Please ignore the net stop/start ccmexec lines above....
ASKER
I manged to get the tool to run on another server here is what it returned
************************** **********
33323 18:19:29 (0) ** WMIDiag v2.0 started on Monday, April 18, 2011 at 18:15.
33324 18:19:29 (0) **
33325 18:19:29 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - January 2007.
33326 18:19:29 (0) **
33327 18:19:29 (0) ** This script is not supported under any Microsoft standard support program or service.
33328 18:19:29 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all
33329 18:19:29 (0) ** implied warranties including, without limitation, any implied warranties of merchantability
33330 18:19:29 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance
33331 18:19:29 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors,
33332 18:19:29 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for
33333 18:19:29 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits,
33334 18:19:29 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of
33335 18:19:29 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised
33336 18:19:29 (0) ** of the possibility of such damages.
33337 18:19:29 (0) **
33338 18:19:29 (0) **
33339 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33340 18:19:29 (0) ** -------------------------- ---------- ---------- ------- WMI REPORT: BEGIN -------------------------- ---------- ---------- ---------- --
33341 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33342 18:19:29 (0) **
33343 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33344 18:19:29 (0) ** Windows Server 2003 - No service pack - 32-bit (3790) - User 'CAVOBSMRSIDE01\ADMINISTRA TOR' on computer 'CAVOBSMRSIDE01'.
33345 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33346 18:19:29 (0) ** INFO: Environment: .......................... .......... .......... .......... .......... .......... .......... .......... .. 1 ITEM(S)!
33347 18:19:29 (0) ** INFO: => 7 incorrect shutdown(s) detected on:
33348 18:19:29 (0) ** - Shutdown on 16 January 2009 08:50:46 (GMT+4).
33349 18:19:29 (0) ** - Shutdown on 14 October 2009 16:27:40 (GMT+4).
33350 18:19:29 (0) ** - Shutdown on 03 December 2009 13:58:08 (GMT+4).
33351 18:19:29 (0) ** - Shutdown on 21 December 2010 16:28:19 (GMT+4).
33352 18:19:29 (0) ** - Shutdown on 21 December 2010 17:56:28 (GMT+4).
33353 18:19:29 (0) ** - Shutdown on 07 March 2011 19:09:06 (GMT+4).
33354 18:19:29 (0) ** - Shutdown on 17 April 2011 18:24:11 (GMT+4).
33355 18:19:29 (0) **
33356 18:19:29 (0) ** System drive: .......................... .......... .......... .......... .......... .......... .......... .......... ....... C: (Disk #0 Partition #0).
33357 18:19:29 (0) ** Drive type: .......................... .......... .......... .......... .......... .......... .......... .......... ......... SCSI (HP LOGICAL VOLUME SCSI Disk Device).
33358 18:19:29 (0) ** There are no missing WMI system files: .......................... .......... .......... .......... .......... .......... .. OK.
33359 18:19:29 (0) ** There are no missing WMI repository files: .......................... .......... .......... .......... .......... ........ OK.
33360 18:19:29 (0) ** WMI repository state: .......................... .......... .......... .......... .......... .......... .......... ......... N/A.
33361 18:19:29 (0) ** BEFORE running WMIDiag:
33362 18:19:29 (0) ** The WMI repository has a size of: .......................... .......... .......... .......... .......... .......... ....... 25 MB.
33363 18:19:29 (0) ** - Disk free space on 'C:': .......................... .......... .......... .......... .......... .......... .......... .... 84850 MB.
33364 18:19:29 (0) ** - INDEX.BTR, 2260992 bytes, 4/17/2011 6:24:38 PM
33365 18:19:29 (0) ** - MAPPING.VER, 4 bytes, 4/17/2011 6:24:38 PM
33366 18:19:29 (0) ** - MAPPING1.MAP, 13008 bytes, 4/17/2011 6:24:38 PM
33367 18:19:29 (0) ** - MAPPING2.MAP, 13008 bytes, 4/17/2011 6:24:30 PM
33368 18:19:29 (0) ** - OBJECTS.DATA, 24051712 bytes, 4/17/2011 6:24:38 PM
33369 18:19:29 (0) ** AFTER running WMIDiag:
33370 18:19:29 (0) ** The WMI repository has a size of: .......................... .......... .......... .......... .......... .......... ....... 25 MB.
33371 18:19:29 (0) ** - Disk free space on 'C:': .......................... .......... .......... .......... .......... .......... .......... .... 84846 MB.
33372 18:19:29 (0) ** - INDEX.BTR, 2260992 bytes, 4/18/2011 6:17:55 PM
33373 18:19:29 (0) ** - MAPPING.VER, 4 bytes, 4/18/2011 6:17:55 PM
33374 18:19:29 (0) ** - MAPPING1.MAP, 13008 bytes, 4/17/2011 6:24:38 PM
33375 18:19:29 (0) ** - MAPPING2.MAP, 13008 bytes, 4/18/2011 6:17:55 PM
33376 18:19:29 (0) ** - OBJECTS.DATA, 24051712 bytes, 4/18/2011 6:17:55 PM
33377 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33378 18:19:29 (0) ** Windows Firewall: .......................... .......... .......... .......... .......... .......... .......... .......... ... NOT INSTALLED.
33379 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33380 18:19:29 (0) ** DCOM Status: .......................... .......... .......... .......... .......... .......... .......... .......... ........ OK.
33381 18:19:29 (0) ** WMI registry setup: .......................... .......... .......... .......... .......... .......... .......... .......... . OK.
33382 18:19:29 (0) ** WMI Service has no dependents: .......................... .......... .......... .......... .......... .......... .......... OK.
33383 18:19:29 (0) ** RPCSS service: .......................... .......... .......... .......... .......... .......... .......... .......... ...... OK (Already started).
33384 18:19:29 (0) ** WINMGMT service: .......................... .......... .......... .......... .......... .......... .......... .......... .... OK (Already started).
33385 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33386 18:19:29 (0) ** WMI service DCOM setup: .......................... .......... .......... .......... .......... .......... .......... ....... OK.
33387 18:19:29 (0) ** WMI components DCOM registrations: .......................... .......... .......... .......... .......... .......... ...... OK.
33388 18:19:29 (0) ** WMI ProgID registrations: .......................... .......... .......... .......... .......... .......... .......... ..... OK.
33389 18:19:29 (0) ** WMI provider DCOM registrations: .......................... .......... .......... .......... .......... .......... ........ OK.
33390 18:19:29 (0) ** WMI provider CIM registrations: .......................... .......... .......... .......... .......... .......... ......... OK.
33391 18:19:29 (0) ** WMI provider CLSIDs: .......................... .......... .......... .......... .......... .......... .......... .......... OK.
33392 18:19:29 (0) ** WMI providers EXE/DLL availability: .......................... .......... .......... .......... .......... .......... ..... OK.
33393 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33394 18:19:29 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Default): .......................... .......... .......... .... MODIFIED.
33395 18:19:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\SELF' has been REMOVED!
33396 18:19:29 (0) ** - REMOVED ACE:
33397 18:19:29 (0) ** ACEType: &h0
33398 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33399 18:19:29 (0) ** ACEFlags: &h0
33400 18:19:29 (0) ** ACEMask: &h1
33401 18:19:29 (0) ** DCOM_RIGHT_EXECUTE
33402 18:19:29 (0) **
33403 18:19:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
33404 18:19:29 (0) ** Removing default security will cause some operations to fail!
33405 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
33406 18:19:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
33407 18:19:29 (0) **
33408 18:19:29 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): .......................... .......... . MODIFIED.
33409 18:19:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
33410 18:19:29 (0) ** - REMOVED ACE:
33411 18:19:29 (0) ** ACEType: &h0
33412 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33413 18:19:29 (0) ** ACEFlags: &h0
33414 18:19:29 (0) ** ACEMask: &h1
33415 18:19:29 (0) ** DCOM_RIGHT_EXECUTE
33416 18:19:29 (0) **
33417 18:19:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
33418 18:19:29 (0) ** Removing default security will cause some operations to fail!
33419 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
33420 18:19:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
33421 18:19:29 (0) **
33422 18:19:29 (0) ** WMI namespace security for 'ROOT/SERVICEMODEL': .......................... .......... .......... .......... .......... ... MODIFIED.
33423 18:19:29 (1) !! ERROR: Actual trustee 'NT AUTHORITY\NETWORK SERVICE' DOES NOT match corresponding expected trustee rights (Actual->Default)
33424 18:19:29 (0) ** - ACTUAL ACE:
33425 18:19:29 (0) ** ACEType: &h0
33426 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33427 18:19:29 (0) ** ACEFlags: &h2
33428 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33429 18:19:29 (0) ** ACEMask: &h1
33430 18:19:29 (0) ** WBEM_ENABLE
33431 18:19:29 (0) ** - EXPECTED ACE:
33432 18:19:29 (0) ** ACEType: &h0
33433 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33434 18:19:29 (0) ** ACEFlags: &h12
33435 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33436 18:19:29 (0) ** INHERITED_ACE
33437 18:19:29 (0) ** ACEMask: &h13
33438 18:19:29 (0) ** WBEM_ENABLE
33439 18:19:29 (0) ** WBEM_METHOD_EXECUTE
33440 18:19:29 (0) ** WBEM_WRITE_PROVIDER
33441 18:19:29 (0) **
33442 18:19:29 (0) ** => The actual ACE has the right(s) '&h12 WBEM_METHOD_EXECUTE WBEM_WRITE_PROVIDER' removed!
33443 18:19:29 (0) ** This will cause some operations to fail!
33444 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the removed right.
33445 18:19:29 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
33446 18:19:29 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
33447 18:19:29 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
33448 18:19:29 (0) ** A specific WMI application can always require a security setup different
33449 18:19:29 (0) ** than the WMI security defaults.
33450 18:19:29 (0) **
33451 18:19:29 (0) ** WMI namespace security for 'ROOT/SERVICEMODEL': .......................... .......... .......... .......... .......... ... MODIFIED.
33452 18:19:29 (1) !! ERROR: Actual trustee 'NT AUTHORITY\LOCAL SERVICE' DOES NOT match corresponding expected trustee rights (Actual->Default)
33453 18:19:29 (0) ** - ACTUAL ACE:
33454 18:19:29 (0) ** ACEType: &h0
33455 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33456 18:19:29 (0) ** ACEFlags: &h2
33457 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33458 18:19:29 (0) ** ACEMask: &h1
33459 18:19:29 (0) ** WBEM_ENABLE
33460 18:19:29 (0) ** - EXPECTED ACE:
33461 18:19:29 (0) ** ACEType: &h0
33462 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33463 18:19:29 (0) ** ACEFlags: &h12
33464 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33465 18:19:29 (0) ** INHERITED_ACE
33466 18:19:29 (0) ** ACEMask: &h13
33467 18:19:29 (0) ** WBEM_ENABLE
33468 18:19:29 (0) ** WBEM_METHOD_EXECUTE
33469 18:19:29 (0) ** WBEM_WRITE_PROVIDER
33470 18:19:29 (0) **
33471 18:19:29 (0) ** => The actual ACE has the right(s) '&h12 WBEM_METHOD_EXECUTE WBEM_WRITE_PROVIDER' removed!
33472 18:19:29 (0) ** This will cause some operations to fail!
33473 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the removed right.
33474 18:19:29 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
33475 18:19:29 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
33476 18:19:29 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
33477 18:19:29 (0) ** A specific WMI application can always require a security setup different
33478 18:19:29 (0) ** than the WMI security defaults.
33479 18:19:29 (0) **
33480 18:19:29 (0) ** WMI namespace security for 'ROOT/SERVICEMODEL': .......................... .......... .......... .......... .......... ... MODIFIED.
33481 18:19:29 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
33482 18:19:29 (0) ** - REMOVED ACE:
33483 18:19:29 (0) ** ACEType: &h0
33484 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33485 18:19:29 (0) ** ACEFlags: &h12
33486 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33487 18:19:29 (0) ** INHERITED_ACE
33488 18:19:29 (0) ** ACEMask: &h13
33489 18:19:29 (0) ** WBEM_ENABLE
33490 18:19:29 (0) ** WBEM_METHOD_EXECUTE
33491 18:19:29 (0) ** WBEM_WRITE_PROVIDER
33492 18:19:29 (0) **
33493 18:19:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
33494 18:19:29 (0) ** Removing default security will cause some operations to fail!
33495 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
33496 18:19:29 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
33497 18:19:29 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
33498 18:19:29 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
33499 18:19:29 (0) ** A specific WMI application can always require a security setup different
33500 18:19:29 (0) ** than the WMI security defaults.
33501 18:19:29 (0) **
33502 18:19:29 (0) **
33503 18:19:29 (0) ** DCOM security warning(s) detected: .......................... .......... .......... .......... .......... .......... ...... 0.
33504 18:19:29 (0) ** DCOM security error(s) detected: .......................... .......... .......... .......... .......... .......... ........ 2.
33505 18:19:29 (0) ** WMI security warning(s) detected: .......................... .......... .......... .......... .......... .......... ....... 0.
33506 18:19:29 (0) ** WMI security error(s) detected: .......................... .......... .......... .......... .......... .......... ......... 3.
33507 18:19:29 (0) **
33508 18:19:29 (1) !! ERROR: Overall DCOM security status: .......................... .......... .......... .......... .......... .......... .... ERROR!
33509 18:19:29 (1) !! ERROR: Overall WMI security status: .......................... .......... .......... .......... .......... .......... ..... ERROR!
33510 18:19:29 (0) ** - Started at 'Root' -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33511 18:19:29 (0) ** INFO: WMI permanent SUBSCRIPTION(S): .......................... .......... .......... .......... .......... .......... .... 54.
33512 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA44" .
33513 18:19:29 (0) ** 'select * from MSMCAEvent_InvalidError where (type = 2147811432) and (LogToEventlog <> 0)'
33514 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA23" .
33515 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553235) and (LogToEventlog <> 0)'
33516 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA32" .
33517 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811420) and (LogToEventlog <> 0)'
33518 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA14" .
33519 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 2147811402) and (LogToEventlog <> 0)'
33520 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA37" .
33521 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553249) and (LogToEventlog <> 0)'
33522 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="SCM Event Log Consumer".
33523 18:19:29 (0) ** 'select * from MSFT_SCMEventLogEvent'
33524 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA5".
33525 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553217) and (LogToEventlog <> 0)'
33526 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA18" .
33527 18:19:29 (0) ** 'select * from MSMCAEvent_SystemEventErro r where (type = 2147811406) and (LogToEventlog <> 0)'
33528 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA3".
33529 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553215) and (LogToEventlog <> 0)'
33530 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA41" .
33531 18:19:29 (0) ** 'select * from MSMCAEvent_SMBIOSError where (type = 3221553253) and (LogToEventlog <> 0)'
33532 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA26" .
33533 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811414) and (LogToEventlog <> 0)'
33534 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA36" .
33535 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811424) and (LogToEventlog <> 0)'
33536 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA9".
33537 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553221) and (LogToEventlog <> 0) and not ((MSSid = 0) and ((MsOp <> 3) or (MSOp <> 4)))'
33538 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA10" .
33539 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 2147811398) and (LogToEventlog <> 0)'
33540 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA17" .
33541 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 3221553229) and (LogToEventlog <> 0)'
33542 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA1".
33543 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553213) and (LogToEventlog <> 0)'
33544 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA42" .
33545 18:19:29 (0) ** 'select * from MSMCAEvent_PlatformSpecifi cError where (type = 2147811430) and (LogToEventlog <> 0)'
33546 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA4".
33547 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811392) and (LogToEventlog <> 0)'
33548 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA25" .
33549 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553237) and (LogToEventlog <> 0)'
33550 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA49" .
33551 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (MajorErrorType = 4) and (MSSid = 0) and (MSOp = 4) and (LogToEventlog <> 0)'
33552 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA27" .
33553 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553239) and (LogToEventlog <> 0)'
33554 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA45" .
33555 18:19:29 (0) ** 'select * from MSMCAEvent_InvalidError where (type = 3221553257) and (LogToEventlog <> 0)'
33556 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA8".
33557 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811396) and (LogToEventlog <> 0) and not ((MSSid = 0) and ((MsOp <> 3) or (MSOp <> 4)))'
33558 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA40" .
33559 18:19:29 (0) ** 'select * from MSMCAEvent_SMBIOSError where (type = 2147811428) and (LogToEventlog <> 0)'
33560 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA39" .
33561 18:19:29 (0) ** 'select * from MSMCAEvent_PCIComponentErr or where (type = 3221553251) and (LogToEventlog <> 0)'
33562 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA29" .
33563 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553241) and (LogToEventlog <> 0)'
33564 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA20" .
33565 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811408) and (LogToEventlog <> 0)'
33566 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA48" .
33567 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (MajorErrorType = 4) and (MSSid = 0) and (MSOp = 3) and (LogToEventlog <> 0)'
33568 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA28" .
33569 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811416) and (LogToEventlog <> 0)'
33570 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA33" .
33571 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553245) and (LogToEventlog <> 0)'
33572 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA7".
33573 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553219) and (LogToEventlog <> 0)'
33574 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA16" .
33575 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 2147811404) and (LogToEventlog <> 0)'
33576 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA43" .
33577 18:19:29 (0) ** 'select * from MSMCAEvent_PlatformSpecifi cError where (type = 3221553255) and (LogToEventlog <> 0)'
33578 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA21" .
33579 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553233) and (LogToEventlog <> 0)'
33580 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA6".
33581 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811394) and (LogToEventlog <> 0)'
33582 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA31" .
33583 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553243) and (LogToEventlog <> 0)'
33584 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA12" .
33585 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 2147811400) and (LogToEventlog <> 0)'
33586 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA46" .
33587 18:19:29 (0) ** 'select * from MSMCAEvent_InvalidError where (type = 2147811434) and (LogToEventlog <> 0)'
33588 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA47" .
33589 18:19:29 (0) ** 'select * from MSMCAEvent_InvalidError where (type = 3221553259) and (LogToEventlog <> 0)'
33590 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA35" .
33591 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553247) and (LogToEventlog <> 0)'
33592 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA0".
33593 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811388) and (LogToEventlog <> 0)'
33594 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA19" .
33595 18:19:29 (0) ** 'select * from MSMCAEvent_SystemEventErro r where (type = 3221553231) and (LogToEventlog <> 0)'
33596 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA11" .
33597 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 3221553223) and (LogToEventlog <> 0)'
33598 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA52" .
33599 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryPageRemov ed'
33600 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA30" .
33601 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811418) and (LogToEventlog <> 0)'
33602 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA15" .
33603 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 3221553227) and (LogToEventlog <> 0)'
33604 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA38" .
33605 18:19:29 (0) ** 'select * from MSMCAEvent_PCIComponentErr or where (type = 2147811426) and (LogToEventlog <> 0)'
33606 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA34" .
33607 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811422) and (LogToEventlog <> 0)'
33608 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA2".
33609 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811390) and (LogToEventlog <> 0)'
33610 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA22" .
33611 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811410) and (LogToEventlog <> 0)'
33612 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA13" .
33613 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 3221553225) and (LogToEventlog <> 0)'
33614 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA50" .
33615 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811441) and (LogToEventlog <> 0)'
33616 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA51" .
33617 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553266) and (LogToEventlog <> 0)'
33618 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na me="MCA24" .
33619 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811412) and (LogToEventlog <> 0)'
33620 18:19:29 (0) **
33621 18:19:29 (0) ** WMI TIMER instruction(s): .......................... .......... .......... .......... .......... .......... .......... ..... NONE.
33622 18:19:29 (0) ** WMI ADAP status: .......................... .......... .......... .......... .......... .......... .......... .......... .... OK.
33623 18:19:29 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: .......................... .......... .......... .......... .......... .. 2 NAMESPACE(S)!
33624 18:19:29 (0) ** - ROOT/SERVICEMODEL.
33625 18:19:29 (0) ** - ROOT/MICROSOFTIISV2.
33626 18:19:29 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to
33627 18:19:29 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level.
33628 18:19:29 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRI VACY or PktPrivacy flags)
33629 18:19:29 (0) ** i.e. 'WMIC.EXE /NODE:"CAVOBSMRSIDE01" /AUTHLEVEL:Pktprivacy /NAMESPACE:\\ROOT\MICROSOF TIISV2 Class __SystemSecurity'
33630 18:19:29 (0) **
33631 18:19:29 (0) ** WMI MONIKER CONNECTIONS: .......................... .......... .......... .......... .......... .......... .......... ...... OK.
33632 18:19:29 (0) ** WMI CONNECTIONS: .......................... .......... .......... .......... .......... .......... .......... .......... .... OK.
33633 18:19:29 (0) ** WMI GET operations: .......................... .......... .......... .......... .......... .......... .......... .......... . OK.
33634 18:19:29 (0) ** WMI MOF representations: .......................... .......... .......... .......... .......... .......... .......... ...... OK.
33635 18:19:29 (0) ** WMI QUALIFIER access operations: .......................... .......... .......... .......... .......... .......... ........ OK.
33636 18:19:29 (0) ** WMI ENUMERATION operations: .......................... .......... .......... .......... .......... .......... .......... ... OK.
33637 18:19:29 (0) ** WMI EXECQUERY operations: .......................... .......... .......... .......... .......... .......... .......... ..... OK.
33638 18:19:29 (0) ** WMI GET VALUE operations: .......................... .......... .......... .......... .......... .......... .......... ..... OK.
33639 18:19:29 (0) ** WMI WRITE operations: .......................... .......... .......... .......... .......... .......... .......... ......... NOT TESTED.
33640 18:19:29 (0) ** WMI PUT operations: .......................... .......... .......... .......... .......... .......... .......... .......... . NOT TESTED.
33641 18:19:29 (0) ** WMI DELETE operations: .......................... .......... .......... .......... .......... .......... .......... ........ NOT TESTED.
33642 18:19:29 (0) ** WMI static instances retrieved: .......................... .......... .......... .......... .......... .......... ......... 1235.
33643 18:19:29 (0) ** WMI dynamic instances retrieved: .......................... .......... .......... .......... .......... .......... ........ 0.
33644 18:19:29 (0) ** WMI instance request cancellations (to limit performance impact): .......................... .......... .......... ..... 0.
33645 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33646 18:19:29 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s):
33647 18:19:29 (0) ** DCOM: .......................... .......... .......... .......... .......... .......... .......... .......... .......... ... 0.
33648 18:19:29 (0) ** WINMGMT: .......................... .......... .......... .......... .......... .......... .......... .......... .......... 0.
33649 18:19:29 (0) ** WMIADAPTER: .......................... .......... .......... .......... .......... .......... .......... .......... ....... 0.
33650 18:19:29 (0) **
33651 18:19:29 (0) ** # of additional Event Log events AFTER WMIDiag execution:
33652 18:19:29 (0) ** DCOM: .......................... .......... .......... .......... .......... .......... .......... .......... .......... ... 0.
33653 18:19:29 (0) ** WINMGMT: .......................... .......... .......... .......... .......... .......... .......... .......... .......... 0.
33654 18:19:29 (0) ** WMIADAPTER: .......................... .......... .......... .......... .......... .......... .......... .......... ....... 0.
33655 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33656 18:19:29 (0) ** WMI Registry key setup: .......................... .......... .......... .......... .......... .......... .......... ....... OK.
33657 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33658 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33659 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33660 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33661 18:19:29 (0) **
33662 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33663 18:19:29 (0) ** -------------------------- ---------- ---------- -------- WMI REPORT: END -------------------------- ---------- ---------- ---------- ---
33664 18:19:29 (0) ** -------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----
33665 18:19:29 (0) **
33666 18:19:29 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOC AL SETTINGS\TEMP\WMIDIAG-V2.0 _2003_.SRV .RTM.32_CA VOBSMRSIDE 01_2011.04 .18_18.15. 17.LOG' for details.
33667 18:19:29 (0) **
33668 18:19:29 (0) ** WMIDiag v2.0 ended on Monday, April 18, 2011 at 18:19 (W:64 E:7 S:1).
**************************
33323 18:19:29 (0) ** WMIDiag v2.0 started on Monday, April 18, 2011 at 18:15.
33324 18:19:29 (0) **
33325 18:19:29 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - January 2007.
33326 18:19:29 (0) **
33327 18:19:29 (0) ** This script is not supported under any Microsoft standard support program or service.
33328 18:19:29 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all
33329 18:19:29 (0) ** implied warranties including, without limitation, any implied warranties of merchantability
33330 18:19:29 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance
33331 18:19:29 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors,
33332 18:19:29 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for
33333 18:19:29 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits,
33334 18:19:29 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of
33335 18:19:29 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised
33336 18:19:29 (0) ** of the possibility of such damages.
33337 18:19:29 (0) **
33338 18:19:29 (0) **
33339 18:19:29 (0) ** --------------------------
33340 18:19:29 (0) ** --------------------------
33341 18:19:29 (0) ** --------------------------
33342 18:19:29 (0) **
33343 18:19:29 (0) ** --------------------------
33344 18:19:29 (0) ** Windows Server 2003 - No service pack - 32-bit (3790) - User 'CAVOBSMRSIDE01\ADMINISTRA
33345 18:19:29 (0) ** --------------------------
33346 18:19:29 (0) ** INFO: Environment: ..........................
33347 18:19:29 (0) ** INFO: => 7 incorrect shutdown(s) detected on:
33348 18:19:29 (0) ** - Shutdown on 16 January 2009 08:50:46 (GMT+4).
33349 18:19:29 (0) ** - Shutdown on 14 October 2009 16:27:40 (GMT+4).
33350 18:19:29 (0) ** - Shutdown on 03 December 2009 13:58:08 (GMT+4).
33351 18:19:29 (0) ** - Shutdown on 21 December 2010 16:28:19 (GMT+4).
33352 18:19:29 (0) ** - Shutdown on 21 December 2010 17:56:28 (GMT+4).
33353 18:19:29 (0) ** - Shutdown on 07 March 2011 19:09:06 (GMT+4).
33354 18:19:29 (0) ** - Shutdown on 17 April 2011 18:24:11 (GMT+4).
33355 18:19:29 (0) **
33356 18:19:29 (0) ** System drive: ..........................
33357 18:19:29 (0) ** Drive type: ..........................
33358 18:19:29 (0) ** There are no missing WMI system files: ..........................
33359 18:19:29 (0) ** There are no missing WMI repository files: ..........................
33360 18:19:29 (0) ** WMI repository state: ..........................
33361 18:19:29 (0) ** BEFORE running WMIDiag:
33362 18:19:29 (0) ** The WMI repository has a size of: ..........................
33363 18:19:29 (0) ** - Disk free space on 'C:': ..........................
33364 18:19:29 (0) ** - INDEX.BTR, 2260992 bytes, 4/17/2011 6:24:38 PM
33365 18:19:29 (0) ** - MAPPING.VER, 4 bytes, 4/17/2011 6:24:38 PM
33366 18:19:29 (0) ** - MAPPING1.MAP, 13008 bytes, 4/17/2011 6:24:38 PM
33367 18:19:29 (0) ** - MAPPING2.MAP, 13008 bytes, 4/17/2011 6:24:30 PM
33368 18:19:29 (0) ** - OBJECTS.DATA, 24051712 bytes, 4/17/2011 6:24:38 PM
33369 18:19:29 (0) ** AFTER running WMIDiag:
33370 18:19:29 (0) ** The WMI repository has a size of: ..........................
33371 18:19:29 (0) ** - Disk free space on 'C:': ..........................
33372 18:19:29 (0) ** - INDEX.BTR, 2260992 bytes, 4/18/2011 6:17:55 PM
33373 18:19:29 (0) ** - MAPPING.VER, 4 bytes, 4/18/2011 6:17:55 PM
33374 18:19:29 (0) ** - MAPPING1.MAP, 13008 bytes, 4/17/2011 6:24:38 PM
33375 18:19:29 (0) ** - MAPPING2.MAP, 13008 bytes, 4/18/2011 6:17:55 PM
33376 18:19:29 (0) ** - OBJECTS.DATA, 24051712 bytes, 4/18/2011 6:17:55 PM
33377 18:19:29 (0) ** --------------------------
33378 18:19:29 (0) ** Windows Firewall: ..........................
33379 18:19:29 (0) ** --------------------------
33380 18:19:29 (0) ** DCOM Status: ..........................
33381 18:19:29 (0) ** WMI registry setup: ..........................
33382 18:19:29 (0) ** WMI Service has no dependents: ..........................
33383 18:19:29 (0) ** RPCSS service: ..........................
33384 18:19:29 (0) ** WINMGMT service: ..........................
33385 18:19:29 (0) ** --------------------------
33386 18:19:29 (0) ** WMI service DCOM setup: ..........................
33387 18:19:29 (0) ** WMI components DCOM registrations: ..........................
33388 18:19:29 (0) ** WMI ProgID registrations: ..........................
33389 18:19:29 (0) ** WMI provider DCOM registrations: ..........................
33390 18:19:29 (0) ** WMI provider CIM registrations: ..........................
33391 18:19:29 (0) ** WMI provider CLSIDs: ..........................
33392 18:19:29 (0) ** WMI providers EXE/DLL availability: ..........................
33393 18:19:29 (0) ** --------------------------
33394 18:19:29 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Default): ..........................
33395 18:19:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\SELF' has been REMOVED!
33396 18:19:29 (0) ** - REMOVED ACE:
33397 18:19:29 (0) ** ACEType: &h0
33398 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33399 18:19:29 (0) ** ACEFlags: &h0
33400 18:19:29 (0) ** ACEMask: &h1
33401 18:19:29 (0) ** DCOM_RIGHT_EXECUTE
33402 18:19:29 (0) **
33403 18:19:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
33404 18:19:29 (0) ** Removing default security will cause some operations to fail!
33405 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
33406 18:19:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
33407 18:19:29 (0) **
33408 18:19:29 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..........................
33409 18:19:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
33410 18:19:29 (0) ** - REMOVED ACE:
33411 18:19:29 (0) ** ACEType: &h0
33412 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33413 18:19:29 (0) ** ACEFlags: &h0
33414 18:19:29 (0) ** ACEMask: &h1
33415 18:19:29 (0) ** DCOM_RIGHT_EXECUTE
33416 18:19:29 (0) **
33417 18:19:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
33418 18:19:29 (0) ** Removing default security will cause some operations to fail!
33419 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
33420 18:19:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
33421 18:19:29 (0) **
33422 18:19:29 (0) ** WMI namespace security for 'ROOT/SERVICEMODEL': ..........................
33423 18:19:29 (1) !! ERROR: Actual trustee 'NT AUTHORITY\NETWORK SERVICE' DOES NOT match corresponding expected trustee rights (Actual->Default)
33424 18:19:29 (0) ** - ACTUAL ACE:
33425 18:19:29 (0) ** ACEType: &h0
33426 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33427 18:19:29 (0) ** ACEFlags: &h2
33428 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33429 18:19:29 (0) ** ACEMask: &h1
33430 18:19:29 (0) ** WBEM_ENABLE
33431 18:19:29 (0) ** - EXPECTED ACE:
33432 18:19:29 (0) ** ACEType: &h0
33433 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33434 18:19:29 (0) ** ACEFlags: &h12
33435 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33436 18:19:29 (0) ** INHERITED_ACE
33437 18:19:29 (0) ** ACEMask: &h13
33438 18:19:29 (0) ** WBEM_ENABLE
33439 18:19:29 (0) ** WBEM_METHOD_EXECUTE
33440 18:19:29 (0) ** WBEM_WRITE_PROVIDER
33441 18:19:29 (0) **
33442 18:19:29 (0) ** => The actual ACE has the right(s) '&h12 WBEM_METHOD_EXECUTE WBEM_WRITE_PROVIDER' removed!
33443 18:19:29 (0) ** This will cause some operations to fail!
33444 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the removed right.
33445 18:19:29 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
33446 18:19:29 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
33447 18:19:29 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
33448 18:19:29 (0) ** A specific WMI application can always require a security setup different
33449 18:19:29 (0) ** than the WMI security defaults.
33450 18:19:29 (0) **
33451 18:19:29 (0) ** WMI namespace security for 'ROOT/SERVICEMODEL': ..........................
33452 18:19:29 (1) !! ERROR: Actual trustee 'NT AUTHORITY\LOCAL SERVICE' DOES NOT match corresponding expected trustee rights (Actual->Default)
33453 18:19:29 (0) ** - ACTUAL ACE:
33454 18:19:29 (0) ** ACEType: &h0
33455 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33456 18:19:29 (0) ** ACEFlags: &h2
33457 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33458 18:19:29 (0) ** ACEMask: &h1
33459 18:19:29 (0) ** WBEM_ENABLE
33460 18:19:29 (0) ** - EXPECTED ACE:
33461 18:19:29 (0) ** ACEType: &h0
33462 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33463 18:19:29 (0) ** ACEFlags: &h12
33464 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33465 18:19:29 (0) ** INHERITED_ACE
33466 18:19:29 (0) ** ACEMask: &h13
33467 18:19:29 (0) ** WBEM_ENABLE
33468 18:19:29 (0) ** WBEM_METHOD_EXECUTE
33469 18:19:29 (0) ** WBEM_WRITE_PROVIDER
33470 18:19:29 (0) **
33471 18:19:29 (0) ** => The actual ACE has the right(s) '&h12 WBEM_METHOD_EXECUTE WBEM_WRITE_PROVIDER' removed!
33472 18:19:29 (0) ** This will cause some operations to fail!
33473 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the removed right.
33474 18:19:29 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
33475 18:19:29 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
33476 18:19:29 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
33477 18:19:29 (0) ** A specific WMI application can always require a security setup different
33478 18:19:29 (0) ** than the WMI security defaults.
33479 18:19:29 (0) **
33480 18:19:29 (0) ** WMI namespace security for 'ROOT/SERVICEMODEL': ..........................
33481 18:19:29 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
33482 18:19:29 (0) ** - REMOVED ACE:
33483 18:19:29 (0) ** ACEType: &h0
33484 18:19:29 (0) ** ACCESS_ALLOWED_ACE_TYPE
33485 18:19:29 (0) ** ACEFlags: &h12
33486 18:19:29 (0) ** CONTAINER_INHERIT_ACE
33487 18:19:29 (0) ** INHERITED_ACE
33488 18:19:29 (0) ** ACEMask: &h13
33489 18:19:29 (0) ** WBEM_ENABLE
33490 18:19:29 (0) ** WBEM_METHOD_EXECUTE
33491 18:19:29 (0) ** WBEM_WRITE_PROVIDER
33492 18:19:29 (0) **
33493 18:19:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
33494 18:19:29 (0) ** Removing default security will cause some operations to fail!
33495 18:19:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
33496 18:19:29 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
33497 18:19:29 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
33498 18:19:29 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
33499 18:19:29 (0) ** A specific WMI application can always require a security setup different
33500 18:19:29 (0) ** than the WMI security defaults.
33501 18:19:29 (0) **
33502 18:19:29 (0) **
33503 18:19:29 (0) ** DCOM security warning(s) detected: ..........................
33504 18:19:29 (0) ** DCOM security error(s) detected: ..........................
33505 18:19:29 (0) ** WMI security warning(s) detected: ..........................
33506 18:19:29 (0) ** WMI security error(s) detected: ..........................
33507 18:19:29 (0) **
33508 18:19:29 (1) !! ERROR: Overall DCOM security status: ..........................
33509 18:19:29 (1) !! ERROR: Overall WMI security status: ..........................
33510 18:19:29 (0) ** - Started at 'Root' --------------------------
33511 18:19:29 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ..........................
33512 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33513 18:19:29 (0) ** 'select * from MSMCAEvent_InvalidError where (type = 2147811432) and (LogToEventlog <> 0)'
33514 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33515 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553235) and (LogToEventlog <> 0)'
33516 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33517 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811420) and (LogToEventlog <> 0)'
33518 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33519 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 2147811402) and (LogToEventlog <> 0)'
33520 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33521 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553249) and (LogToEventlog <> 0)'
33522 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33523 18:19:29 (0) ** 'select * from MSFT_SCMEventLogEvent'
33524 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33525 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553217) and (LogToEventlog <> 0)'
33526 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33527 18:19:29 (0) ** 'select * from MSMCAEvent_SystemEventErro
33528 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33529 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553215) and (LogToEventlog <> 0)'
33530 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33531 18:19:29 (0) ** 'select * from MSMCAEvent_SMBIOSError where (type = 3221553253) and (LogToEventlog <> 0)'
33532 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33533 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811414) and (LogToEventlog <> 0)'
33534 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33535 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811424) and (LogToEventlog <> 0)'
33536 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33537 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553221) and (LogToEventlog <> 0) and not ((MSSid = 0) and ((MsOp <> 3) or (MSOp <> 4)))'
33538 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33539 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 2147811398) and (LogToEventlog <> 0)'
33540 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33541 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 3221553229) and (LogToEventlog <> 0)'
33542 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33543 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553213) and (LogToEventlog <> 0)'
33544 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33545 18:19:29 (0) ** 'select * from MSMCAEvent_PlatformSpecifi
33546 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33547 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811392) and (LogToEventlog <> 0)'
33548 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33549 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553237) and (LogToEventlog <> 0)'
33550 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33551 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (MajorErrorType = 4) and (MSSid = 0) and (MSOp = 4) and (LogToEventlog <> 0)'
33552 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33553 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553239) and (LogToEventlog <> 0)'
33554 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33555 18:19:29 (0) ** 'select * from MSMCAEvent_InvalidError where (type = 3221553257) and (LogToEventlog <> 0)'
33556 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33557 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811396) and (LogToEventlog <> 0) and not ((MSSid = 0) and ((MsOp <> 3) or (MSOp <> 4)))'
33558 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33559 18:19:29 (0) ** 'select * from MSMCAEvent_SMBIOSError where (type = 2147811428) and (LogToEventlog <> 0)'
33560 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33561 18:19:29 (0) ** 'select * from MSMCAEvent_PCIComponentErr
33562 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33563 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553241) and (LogToEventlog <> 0)'
33564 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33565 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811408) and (LogToEventlog <> 0)'
33566 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33567 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (MajorErrorType = 4) and (MSSid = 0) and (MSOp = 3) and (LogToEventlog <> 0)'
33568 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33569 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811416) and (LogToEventlog <> 0)'
33570 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33571 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553245) and (LogToEventlog <> 0)'
33572 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33573 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553219) and (LogToEventlog <> 0)'
33574 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33575 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 2147811404) and (LogToEventlog <> 0)'
33576 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33577 18:19:29 (0) ** 'select * from MSMCAEvent_PlatformSpecifi
33578 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33579 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553233) and (LogToEventlog <> 0)'
33580 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33581 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811394) and (LogToEventlog <> 0)'
33582 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33583 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553243) and (LogToEventlog <> 0)'
33584 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33585 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 2147811400) and (LogToEventlog <> 0)'
33586 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33587 18:19:29 (0) ** 'select * from MSMCAEvent_InvalidError where (type = 2147811434) and (LogToEventlog <> 0)'
33588 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33589 18:19:29 (0) ** 'select * from MSMCAEvent_InvalidError where (type = 3221553259) and (LogToEventlog <> 0)'
33590 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33591 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 3221553247) and (LogToEventlog <> 0)'
33592 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33593 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811388) and (LogToEventlog <> 0)'
33594 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33595 18:19:29 (0) ** 'select * from MSMCAEvent_SystemEventErro
33596 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33597 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 3221553223) and (LogToEventlog <> 0)'
33598 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33599 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryPageRemov
33600 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33601 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811418) and (LogToEventlog <> 0)'
33602 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33603 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 3221553227) and (LogToEventlog <> 0)'
33604 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33605 18:19:29 (0) ** 'select * from MSMCAEvent_PCIComponentErr
33606 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33607 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811422) and (LogToEventlog <> 0)'
33608 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33609 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811390) and (LogToEventlog <> 0)'
33610 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33611 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811410) and (LogToEventlog <> 0)'
33612 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33613 18:19:29 (0) ** 'select * from MSMCAEvent_MemoryError where (type = 3221553225) and (LogToEventlog <> 0)'
33614 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33615 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 2147811441) and (LogToEventlog <> 0)'
33616 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33617 18:19:29 (0) ** 'select * from MSMCAEvent_CPUError where (type = 3221553266) and (LogToEventlog <> 0)'
33618 18:19:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Na
33619 18:19:29 (0) ** 'select * from MSMCAEvent_PCIBusError where (type = 2147811412) and (LogToEventlog <> 0)'
33620 18:19:29 (0) **
33621 18:19:29 (0) ** WMI TIMER instruction(s): ..........................
33622 18:19:29 (0) ** WMI ADAP status: ..........................
33623 18:19:29 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: ..........................
33624 18:19:29 (0) ** - ROOT/SERVICEMODEL.
33625 18:19:29 (0) ** - ROOT/MICROSOFTIISV2.
33626 18:19:29 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to
33627 18:19:29 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level.
33628 18:19:29 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRI
33629 18:19:29 (0) ** i.e. 'WMIC.EXE /NODE:"CAVOBSMRSIDE01" /AUTHLEVEL:Pktprivacy /NAMESPACE:\\ROOT\MICROSOF
33630 18:19:29 (0) **
33631 18:19:29 (0) ** WMI MONIKER CONNECTIONS: ..........................
33632 18:19:29 (0) ** WMI CONNECTIONS: ..........................
33633 18:19:29 (0) ** WMI GET operations: ..........................
33634 18:19:29 (0) ** WMI MOF representations: ..........................
33635 18:19:29 (0) ** WMI QUALIFIER access operations: ..........................
33636 18:19:29 (0) ** WMI ENUMERATION operations: ..........................
33637 18:19:29 (0) ** WMI EXECQUERY operations: ..........................
33638 18:19:29 (0) ** WMI GET VALUE operations: ..........................
33639 18:19:29 (0) ** WMI WRITE operations: ..........................
33640 18:19:29 (0) ** WMI PUT operations: ..........................
33641 18:19:29 (0) ** WMI DELETE operations: ..........................
33642 18:19:29 (0) ** WMI static instances retrieved: ..........................
33643 18:19:29 (0) ** WMI dynamic instances retrieved: ..........................
33644 18:19:29 (0) ** WMI instance request cancellations (to limit performance impact): ..........................
33645 18:19:29 (0) ** --------------------------
33646 18:19:29 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s):
33647 18:19:29 (0) ** DCOM: ..........................
33648 18:19:29 (0) ** WINMGMT: ..........................
33649 18:19:29 (0) ** WMIADAPTER: ..........................
33650 18:19:29 (0) **
33651 18:19:29 (0) ** # of additional Event Log events AFTER WMIDiag execution:
33652 18:19:29 (0) ** DCOM: ..........................
33653 18:19:29 (0) ** WINMGMT: ..........................
33654 18:19:29 (0) ** WMIADAPTER: ..........................
33655 18:19:29 (0) ** --------------------------
33656 18:19:29 (0) ** WMI Registry key setup: ..........................
33657 18:19:29 (0) ** --------------------------
33658 18:19:29 (0) ** --------------------------
33659 18:19:29 (0) ** --------------------------
33660 18:19:29 (0) ** --------------------------
33661 18:19:29 (0) **
33662 18:19:29 (0) ** --------------------------
33663 18:19:29 (0) ** --------------------------
33664 18:19:29 (0) ** --------------------------
33665 18:19:29 (0) **
33666 18:19:29 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOC
33667 18:19:29 (0) **
33668 18:19:29 (0) ** WMIDiag v2.0 ended on Monday, April 18, 2011 at 18:19 (W:64 E:7 S:1).
ASKER
The thins that look odd to me are these
!! ERROR: Default trustee 'EVERYONE' has been REMOVED!
33452 18:19:29 (1) !! ERROR: Actual trustee 'NT AUTHORITY\LOCAL SERVICE' DOES NOT match corresponding expected trustee rights (Actual->Default)
33394 18:19:29 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Default): .......................... .......... .......... .... MODIFIED.
33395 18:19:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\SELF' has been REMOVED!
How do i fix these
!! ERROR: Default trustee 'EVERYONE' has been REMOVED!
33452 18:19:29 (1) !! ERROR: Actual trustee 'NT AUTHORITY\LOCAL SERVICE' DOES NOT match corresponding expected trustee rights (Actual->Default)
33394 18:19:29 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Default): ..........................
33395 18:19:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\SELF' has been REMOVED!
How do i fix these
ASKER
any help experts
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I was unable to get a solution
ASKER
I have verified the dcom permissions as well