35178 10:47:19 (0) ** WMIDiag v2.2 started on 11 sierpnia 2016 at 10:41. 35179 10:47:19 (0) ** 35180 10:47:19 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - July 2007. 35181 10:47:19 (0) ** 35182 10:47:19 (0) ** This script is not supported under any Microsoft standard support program or service. 35183 10:47:19 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all 35184 10:47:19 (0) ** implied warranties including, without limitation, any implied warranties of merchantability 35185 10:47:19 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance 35186 10:47:19 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors, 35187 10:47:19 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for 35188 10:47:19 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits, 35189 10:47:19 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of 35190 10:47:19 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised 35191 10:47:19 (0) ** of the possibility of such damages. 35192 10:47:19 (0) ** 35193 10:47:19 (0) ** 35194 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35195 10:47:19 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ---------------------------------------------------------- 35196 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35197 10:47:19 (0) ** 35198 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35199 10:47:19 (0) ** Windows 8.1 - No Service Pack - 64-bit (10240) - User 'EINTEGRACJA\USREINT' on computer 'EINTEGRACJA'. 35200 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35201 10:47:19 (0) ** INFO: Environment: .................................................................................................. 1 ITEM(S)! 35202 10:47:19 (0) ** INFO: => 2 possible incorrect shutdown(s) detected on: 35203 10:47:19 (0) ** - Shutdown on 09 August 2016 12:58:34 (GMT-0). 35204 10:47:19 (0) ** - Shutdown on 09 August 2016 16:24:08 (GMT-0). 35205 10:47:19 (0) ** 35206 10:47:19 (0) ** System drive: ....................................................................................................... C: (Dysk #0 partycja #2). 35207 10:47:19 (0) ** Drive type: ......................................................................................................... IDE (ST500DM002-1BD142). 35208 10:47:19 (0) ** There are no missing WMI system files: .............................................................................. OK. 35209 10:47:19 (0) ** There are no missing WMI repository files: .......................................................................... OK. 35210 10:47:19 (0) ** WMI repository state: ............................................................................................... N/A. 35211 10:47:19 (0) ** AFTER running WMIDiag: 35212 10:47:19 (0) ** The WMI repository has a size of: ................................................................................... 29 MB. 35213 10:47:19 (0) ** - Disk free space on 'C:': .......................................................................................... 409744 MB. 35214 10:47:19 (0) ** - INDEX.BTR, 5152768 bytes, 2016-08-10 18:24:39 35215 10:47:19 (0) ** - MAPPING1.MAP, 82632 bytes, 2016-08-10 18:19:09 35216 10:47:19 (0) ** - MAPPING2.MAP, 82632 bytes, 2016-08-10 18:24:39 35217 10:47:19 (0) ** - OBJECTS.DATA, 24551424 bytes, 2016-08-10 18:24:39 35218 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35219 10:47:19 (2) !! WARNING: Windows Firewall: .......................................................................................... DISABLED. 35220 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35221 10:47:19 (0) ** DCOM Status: ........................................................................................................ OK. 35222 10:47:19 (0) ** WMI registry setup: ................................................................................................. OK. 35223 10:47:19 (0) ** INFO: WMI service has dependents: ................................................................................... 2 SERVICE(S)! 35224 10:47:19 (0) ** - Security Center (WSCSVC, StartMode='Automatic') 35225 10:47:19 (0) ** - Internet Connection Sharing (ICS) (SHAREDACCESS, StartMode='Manual') 35226 10:47:19 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well. 35227 10:47:19 (0) ** Note: If the service is marked with (*), it means that the service/application uses WMI but 35228 10:47:19 (0) ** there is no hard dependency on WMI. However, if the WMI service is stopped, 35229 10:47:19 (0) ** this can prevent the service/application to work as expected. 35230 10:47:19 (0) ** 35231 10:47:19 (0) ** RPCSS service: ...................................................................................................... OK (Already started). 35232 10:47:19 (0) ** WINMGMT service: .................................................................................................... OK (Already started). 35233 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35234 10:47:19 (0) ** WMI service DCOM setup: ............................................................................................. OK. 35235 10:47:19 (0) ** WMI components DCOM registrations: .................................................................................. OK. 35236 10:47:19 (0) ** WMI ProgID registrations: ........................................................................................... OK. 35237 10:47:19 (0) ** WMI provider DCOM registrations: .................................................................................... OK. 35238 10:47:19 (0) ** WMI provider CIM registrations: ..................................................................................... OK. 35239 10:47:19 (0) ** WMI provider CLSIDs: ................................................................................................ OK. 35240 10:47:19 (2) !! WARNING: Some WMI providers EXE/DLL file(s) are missing: ............................................................ 1 WARNING(S)! 35241 10:47:19 (0) ** - ROOT/STANDARDCIMV2, NetSwitchTeam, C:\WINDOWS\system32\wbem\netswitchteamcim.dll 35242 10:47:19 (0) ** => This will make any operations related to the WMI class supported by the provider(s) to fail. 35243 10:47:19 (0) ** This can be due to: 35244 10:47:19 (0) ** - the de-installation of the software. 35245 10:47:19 (0) ** - the deletion of some files. 35246 10:47:19 (0) ** => If the software has been de-installed intentionally, then this information must be 35247 10:47:19 (0) ** removed from the WMI repository. You can use the 'WMIC.EXE' command to remove 35248 10:47:19 (0) ** the provider registration data. 35249 10:47:19 (0) ** i.e. 'WMIC.EXE /NAMESPACE:\\ROOT\STANDARDCIMV2 path __Win32Provider Where Name='NetSwitchTeam' DELETE' 35250 10:47:19 (0) ** => If not, you must restore a copy of the missing provider EXE/DLL file(s) as indicated by the path. 35251 10:47:19 (0) ** You can retrieve the missing file from: 35252 10:47:19 (0) ** - A backup. 35253 10:47:19 (0) ** - The Windows CD. 35254 10:47:19 (0) ** - Another Windows installation using the same version and service pack level of the examined system. 35255 10:47:19 (0) ** - The original CD or software package installing this WMI provider. 35256 10:47:19 (0) ** 35257 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35258 10:47:19 (0) ** INFO: User Account Control (UAC): ................................................................................... ENABLED. 35259 10:47:19 (0) ** => WMI tasks requiring Administrative privileges on this computer MUST run in an elevated context. 35260 10:47:19 (0) ** i.e. You can start your scripts or WMIC commands from an elevated command 35261 10:47:19 (0) ** prompt by right clicking on the 'Command Prompt' icon in the Start Menu and 35262 10:47:19 (0) ** selecting 'Run as Administrator'. 35263 10:47:19 (0) ** i.e. You can also execute the WMI scripts or WMIC commands as a task 35264 10:47:19 (0) ** in the Task Scheduler within the right security context. 35265 10:47:19 (0) ** 35266 10:47:19 (0) ** INFO: Local Account Filtering: ...................................................................................... ENABLED. 35267 10:47:19 (0) ** => WMI tasks remotely accessing WMI information on this computer and requiring Administrative 35268 10:47:19 (0) ** privileges MUST use a DOMAIN account part of the Local Administrators group of this computer 35269 10:47:19 (0) ** to ensure that administrative privileges are granted. If a Local User account is used for remote 35270 10:47:19 (0) ** accesses, it will be reduced to a plain user (filtered token), even if it is part of the Local Administrators group. 35271 10:47:19 (0) ** 35272 10:47:19 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 35273 10:47:19 (1) !! ERROR: Default trustee 'NT AUTHORITY\ANONYMOUS LOGON' has been REMOVED! 35274 10:47:19 (0) ** - REMOVED ACE: 35275 10:47:19 (0) ** ACEType: &h0 35276 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35277 10:47:19 (0) ** ACEFlags: &h0 35278 10:47:19 (0) ** ACEMask: &h3 35279 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35280 10:47:19 (0) ** DCOM_RIGHT_ACCESS_LOCAL 35281 10:47:19 (0) ** 35282 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35283 10:47:19 (0) ** Removing default security will cause some operations to fail! 35284 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35285 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35286 10:47:19 (0) ** 35287 10:47:19 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 35288 10:47:19 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED! 35289 10:47:19 (0) ** - REMOVED ACE: 35290 10:47:19 (0) ** ACEType: &h0 35291 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35292 10:47:19 (0) ** ACEFlags: &h0 35293 10:47:19 (0) ** ACEMask: &h7 35294 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35295 10:47:19 (0) ** DCOM_RIGHT_ACCESS_LOCAL 35296 10:47:19 (0) ** DCOM_RIGHT_ACCESS_REMOTE 35297 10:47:19 (0) ** 35298 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35299 10:47:19 (0) ** Removing default security will cause some operations to fail! 35300 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35301 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35302 10:47:19 (0) ** 35303 10:47:19 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 35304 10:47:19 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! 35305 10:47:19 (0) ** - REMOVED ACE: 35306 10:47:19 (0) ** ACEType: &h0 35307 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35308 10:47:19 (0) ** ACEFlags: &h0 35309 10:47:19 (0) ** ACEMask: &h7 35310 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35311 10:47:19 (0) ** DCOM_RIGHT_ACCESS_LOCAL 35312 10:47:19 (0) ** DCOM_RIGHT_ACCESS_REMOTE 35313 10:47:19 (0) ** 35314 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35315 10:47:19 (0) ** Removing default security will cause some operations to fail! 35316 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35317 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35318 10:47:19 (0) ** 35319 10:47:19 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 35320 10:47:19 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 35321 10:47:19 (0) ** - REMOVED ACE: 35322 10:47:19 (0) ** ACEType: &h0 35323 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35324 10:47:19 (0) ** ACEFlags: &h0 35325 10:47:19 (0) ** ACEMask: &h1F 35326 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35327 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35328 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35329 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35330 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35331 10:47:19 (0) ** 35332 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35333 10:47:19 (0) ** Removing default security will cause some operations to fail! 35334 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35335 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35336 10:47:19 (0) ** 35337 10:47:19 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 35338 10:47:19 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 35339 10:47:19 (0) ** - REMOVED ACE: 35340 10:47:19 (0) ** ACEType: &h0 35341 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35342 10:47:19 (0) ** ACEFlags: &h0 35343 10:47:19 (0) ** ACEMask: &h1F 35344 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35345 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35346 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35347 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35348 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35349 10:47:19 (0) ** 35350 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35351 10:47:19 (0) ** Removing default security will cause some operations to fail! 35352 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35353 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35354 10:47:19 (0) ** 35355 10:47:19 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 35356 10:47:19 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 35357 10:47:19 (0) ** - REMOVED ACE: 35358 10:47:19 (0) ** ACEType: &h0 35359 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35360 10:47:19 (0) ** ACEFlags: &h0 35361 10:47:19 (0) ** ACEMask: &h1F 35362 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35363 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35364 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35365 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35366 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35367 10:47:19 (0) ** 35368 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35369 10:47:19 (0) ** Removing default security will cause some operations to fail! 35370 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35371 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35372 10:47:19 (0) ** 35373 10:47:19 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 35374 10:47:19 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 35375 10:47:19 (0) ** - REMOVED ACE: 35376 10:47:19 (0) ** ACEType: &h0 35377 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35378 10:47:19 (0) ** ACEFlags: &h0 35379 10:47:19 (0) ** ACEMask: &h1F 35380 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35381 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35382 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35383 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35384 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35385 10:47:19 (0) ** 35386 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35387 10:47:19 (0) ** Removing default security will cause some operations to fail! 35388 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35389 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35390 10:47:19 (0) ** 35391 10:47:19 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 35392 10:47:19 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED! 35393 10:47:19 (0) ** - REMOVED ACE: 35394 10:47:19 (0) ** ACEType: &h0 35395 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35396 10:47:19 (0) ** ACEFlags: &h0 35397 10:47:19 (0) ** ACEMask: &h1F 35398 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35399 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35400 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35401 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35402 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35403 10:47:19 (0) ** 35404 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35405 10:47:19 (0) ** Removing default security will cause some operations to fail! 35406 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35407 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35408 10:47:19 (0) ** 35409 10:47:19 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 35410 10:47:19 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! 35411 10:47:19 (0) ** - REMOVED ACE: 35412 10:47:19 (0) ** ACEType: &h0 35413 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35414 10:47:19 (0) ** ACEFlags: &h0 35415 10:47:19 (0) ** ACEMask: &hB 35416 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35417 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35418 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35419 10:47:19 (0) ** 35420 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35421 10:47:19 (0) ** Removing default security will cause some operations to fail! 35422 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35423 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35424 10:47:19 (0) ** 35425 10:47:19 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 35426 10:47:19 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 35427 10:47:19 (0) ** - REMOVED ACE: 35428 10:47:19 (0) ** ACEType: &h0 35429 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35430 10:47:19 (0) ** ACEFlags: &h0 35431 10:47:19 (0) ** ACEMask: &h1F 35432 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35433 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35434 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35435 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35436 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35437 10:47:19 (0) ** 35438 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35439 10:47:19 (0) ** Removing default security will cause some operations to fail! 35440 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35441 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35442 10:47:19 (0) ** 35443 10:47:19 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 35444 10:47:19 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 35445 10:47:19 (0) ** - REMOVED ACE: 35446 10:47:19 (0) ** ACEType: &h0 35447 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35448 10:47:19 (0) ** ACEFlags: &h0 35449 10:47:19 (0) ** ACEMask: &h1F 35450 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35451 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35452 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35453 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35454 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35455 10:47:19 (0) ** 35456 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35457 10:47:19 (0) ** Removing default security will cause some operations to fail! 35458 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35459 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35460 10:47:19 (0) ** 35461 10:47:19 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 35462 10:47:19 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 35463 10:47:19 (0) ** - REMOVED ACE: 35464 10:47:19 (0) ** ACEType: &h0 35465 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35466 10:47:19 (0) ** ACEFlags: &h0 35467 10:47:19 (0) ** ACEMask: &h1F 35468 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35469 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35470 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35471 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35472 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35473 10:47:19 (0) ** 35474 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35475 10:47:19 (0) ** Removing default security will cause some operations to fail! 35476 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35477 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35478 10:47:19 (0) ** 35479 10:47:19 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 35480 10:47:19 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED! 35481 10:47:19 (0) ** - REMOVED ACE: 35482 10:47:19 (0) ** ACEType: &h0 35483 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35484 10:47:19 (0) ** ACEFlags: &h0 35485 10:47:19 (0) ** ACEMask: &h1F 35486 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35487 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35488 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35489 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35490 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35491 10:47:19 (0) ** 35492 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35493 10:47:19 (0) ** Removing default security will cause some operations to fail! 35494 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35495 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35496 10:47:19 (0) ** 35497 10:47:19 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 35498 10:47:19 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED! 35499 10:47:19 (0) ** - REMOVED ACE: 35500 10:47:19 (0) ** ACEType: &h0 35501 10:47:19 (0) ** ACCESS_ALLOWED_ACE_TYPE 35502 10:47:19 (0) ** ACEFlags: &h0 35503 10:47:19 (0) ** ACEMask: &h1F 35504 10:47:19 (0) ** DCOM_RIGHT_EXECUTE 35505 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 35506 10:47:19 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 35507 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 35508 10:47:19 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 35509 10:47:19 (0) ** 35510 10:47:19 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 35511 10:47:19 (0) ** Removing default security will cause some operations to fail! 35512 10:47:19 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 35513 10:47:19 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 35514 10:47:19 (0) ** 35515 10:47:19 (0) ** 35516 10:47:19 (0) ** DCOM security warning(s) detected: .................................................................................. 0. 35517 10:47:19 (0) ** DCOM security error(s) detected: .................................................................................... 14. 35518 10:47:19 (0) ** WMI security warning(s) detected: ................................................................................... 0. 35519 10:47:19 (0) ** WMI security error(s) detected: ..................................................................................... 0. 35520 10:47:19 (0) ** 35521 10:47:19 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR! 35522 10:47:19 (0) ** Overall WMI security status: ........................................................................................ OK. 35523 10:47:19 (0) ** - Started at 'Root' -------------------------------------------------------------------------------------------------------------- 35524 10:47:19 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 1. 35525 10:47:19 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer". 35526 10:47:19 (0) ** 'select * from MSFT_SCMEventLogEvent' 35527 10:47:19 (0) ** 35528 10:47:19 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE. 35529 10:47:19 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: .................................................................... 4 NAMESPACE(S)! 35530 10:47:19 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTTPM. 35531 10:47:19 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTVOLUMEENCRYPTION. 35532 10:47:19 (0) ** - ROOT/CIMV2/TERMINALSERVICES. 35533 10:47:19 (0) ** - ROOT/SERVICEMODEL. 35534 10:47:19 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to 35535 10:47:19 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level. 35536 10:47:19 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRIVACY or PktPrivacy flags) 35537 10:47:19 (0) ** i.e. 'WMIC.EXE /NODE:"EINTEGRACJA" /AUTHLEVEL:Pktprivacy /NAMESPACE:\\ROOT\SERVICEMODEL Class __SystemSecurity' 35538 10:47:19 (0) ** 35539 10:47:19 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK. 35540 10:47:19 (1) !! ERROR: WMI CONNECTION errors occured for the following namespaces: .................................................. 2 ERROR(S)! 35541 10:47:19 (0) ** - Root/nap, 0x8004100E - (WBEM_E_INVALID_NAMESPACE) Namespace specified cannot be found. 35542 10:47:19 (0) ** - Root/aspnet, 0x8004100E - (WBEM_E_INVALID_NAMESPACE) Namespace specified cannot be found. 35543 10:47:19 (0) ** 35544 10:47:19 (1) !! ERROR: WMI GET operation errors reported: ........................................................................... 4 ERROR(S)! 35545 10:47:19 (0) ** - Root/CIMV2, Win32_FloppyDrive, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 35546 10:47:19 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 35547 10:47:19 (0) ** - Root/CIMV2, Win32_FloppyController, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 35548 10:47:19 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 35549 10:47:19 (0) ** - Root/CIMV2, Win32_PerfFormattedData_TermService_TerminalServicesSession, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 35550 10:47:19 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 35551 10:47:19 (0) ** - Root/CIMV2, Win32_PerfRawData_TermService_TerminalServicesSession, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 35552 10:47:19 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 35553 10:47:19 (0) ** 35554 10:47:19 (0) ** WMI MOF representations: ............................................................................................ OK. 35555 10:47:19 (0) ** WMI QUALIFIER access operations: .................................................................................... OK. 35556 10:47:19 (1) !! ERROR: WMI ENUMERATION operation errors reported: ................................................................... 1 ERROR(S)! 35557 10:47:19 (0) ** - Root/CIMV2, InstancesOf, 'Win32_PerfFormattedData_PerfOS_PagingFile' did not return any instance while AT LEAST 1 instance is expected. 35558 10:47:19 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 35559 10:47:19 (0) ** 35560 10:47:19 (1) !! ERROR: WMI EXECQUERY operation errors reported: ..................................................................... 1 ERROR(S)! 35561 10:47:19 (0) ** - Root/CIMV2, 'Select * From Win32_PageFileUsage' did not return any instance while AT LEAST 1 instance is expected. 35562 10:47:19 (0) ** 35563 10:47:19 (1) !! ERROR: WMI GET VALUE operation errors reported: ..................................................................... 1 ERROR(S)! 35564 10:47:19 (0) ** - Root/CIMV2, Instance: Win32_Service='WSCSVC', Property: Displayname='Centrum zabezpieczeń' (Expected default='Security Center'). 35565 10:47:19 (0) ** 35566 10:47:19 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED. 35567 10:47:19 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED. 35568 10:47:19 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED. 35569 10:47:19 (0) ** WMI static instances retrieved: ..................................................................................... 1937. 35570 10:47:19 (0) ** WMI dynamic instances retrieved: .................................................................................... 0. 35571 10:47:19 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 1. 35572 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35573 10:47:19 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s): 35574 10:47:19 (0) ** DCOM: ............................................................................................................. 0. 35575 10:47:19 (0) ** WINMGMT: .......................................................................................................... 0. 35576 10:47:19 (0) ** WMIADAPTER: ....................................................................................................... 0. 35577 10:47:19 (0) ** 35578 10:47:19 (0) ** # of additional Event Log events AFTER WMIDiag execution: 35579 10:47:19 (0) ** DCOM: ............................................................................................................. 0. 35580 10:47:19 (0) ** WINMGMT: .......................................................................................................... 0. 35581 10:47:19 (0) ** WMIADAPTER: ....................................................................................................... 0. 35582 10:47:19 (0) ** 35583 10:47:19 (0) ** 2 error(s) 0x8004100E - (WBEM_E_INVALID_NAMESPACE) Namespace specified cannot be found 35584 10:47:19 (0) ** 35585 10:47:19 (0) ** 4 error(s) 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found 35586 10:47:19 (0) ** => This error is typically a WMI error. This WMI error is due to: 35587 10:47:19 (0) ** - a missing WMI class definition or object. 35588 10:47:19 (0) ** (See any GET, ENUMERATION, EXECQUERY and GET VALUE operation failures). 35589 10:47:19 (0) ** You can correct the missing class definitions by: 35590 10:47:19 (0) ** - Manually recompiling the MOF file(s) with the 'MOFCOMP ' command. 35591 10:47:19 (0) ** Note: You can build a list of classes in relation with their WMI provider and MOF file with WMIDiag. 35592 10:47:19 (0) ** (This list can be built on a similar and working WMI Windows installation) 35593 10:47:19 (0) ** The following command line must be used: 35594 10:47:19 (0) ** i.e. 'WMIDiag CorrelateClassAndProvider' 35595 10:47:19 (0) ** Note: When a WMI performance class is missing, you can manually resynchronize performance counters 35596 10:47:19 (0) ** with WMI by starting the ADAP process. 35597 10:47:19 (0) ** - a WMI repository corruption. 35598 10:47:19 (0) ** In such a case, you must rerun WMIDiag with 'WriteInRepository' parameter 35599 10:47:19 (0) ** to validate the WMI repository operations. 35600 10:47:19 (0) ** Note: ENSURE you are an administrator with FULL access to WMI EVERY namespaces of the computer before 35601 10:47:19 (0) ** executing the WriteInRepository command. To write temporary data from the Root namespace, use: 35602 10:47:19 (0) ** i.e. 'WMIDiag WriteInRepository=Root' 35603 10:47:19 (0) ** - If the WriteInRepository command fails, while being an Administrator with ALL accesses to ALL namespaces 35604 10:47:19 (0) ** the WMI repository must be reconstructed. 35605 10:47:19 (0) ** Note: The WMI repository reconstruction requires to locate all MOF files needed to rebuild the repository, 35606 10:47:19 (0) ** otherwise some applications may fail after the reconstruction. 35607 10:47:19 (0) ** This can be achieved with the following command: 35608 10:47:19 (0) ** i.e. 'WMIDiag ShowMOFErrors' 35609 10:47:19 (0) ** Note: The repository reconstruction must be a LAST RESORT solution and ONLY after executing 35610 10:47:19 (0) ** ALL fixes previously mentioned. 35611 10:47:19 (2) !! WARNING: Static information stored by external applications in the repository will be LOST! (i.e. SMS Inventory) 35612 10:47:19 (0) ** 35613 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35614 10:47:19 (0) ** WMI Registry key setup: ............................................................................................. OK. 35615 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35616 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35617 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35618 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35619 10:47:19 (0) ** 35620 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35621 10:47:19 (0) ** ------------------------------------------------------ WMI REPORT: END ----------------------------------------------------------- 35622 10:47:19 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 35623 10:47:19 (0) ** 35624 10:47:19 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\USERS\USREINT\APPDATA\LOCAL\TEMP\WMIDIAG-V2.2_WIN8.1_.CLI.RTM.64_EINTEGRACJA_2016.08.11_10.40.57.LOG' for details. 35625 10:47:19 (0) ** 35626 10:47:19 (0) ** WMIDiag v2.2 ended on 11 sierpnia 2016 at 10:47 (W:162 E:143 S:1).