29152 13:11:29 (0) ** WMIDiag v2.2 started on 7 maja 2016 at 13:05. 29153 13:11:29 (0) ** 29154 13:11:29 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - July 2007. 29155 13:11:29 (0) ** 29156 13:11:29 (0) ** This script is not supported under any Microsoft standard support program or service. 29157 13:11:29 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all 29158 13:11:29 (0) ** implied warranties including, without limitation, any implied warranties of merchantability 29159 13:11:29 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance 29160 13:11:29 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors, 29161 13:11:29 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for 29162 13:11:29 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits, 29163 13:11:29 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of 29164 13:11:29 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised 29165 13:11:29 (0) ** of the possibility of such damages. 29166 13:11:29 (0) ** 29167 13:11:29 (0) ** 29168 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29169 13:11:29 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ---------------------------------------------------------- 29170 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29171 13:11:29 (0) ** 29172 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29173 13:11:29 (0) ** Windows 7 - Service Pack 1 - 64-bit (7601) - User 'ASUS-KOMPUTER\ASUS' on computer 'ASUS-KOMPUTER'. 29174 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29175 13:11:29 (0) ** Environment: ........................................................................................................ OK. 29176 13:11:29 (0) ** System drive: ....................................................................................................... C: (Disk #0 Partition #1). 29177 13:11:29 (0) ** Drive type: ......................................................................................................... IDE (ST750LM022 HN-M750MBB ATA Device). 29178 13:11:29 (0) ** There are no missing WMI system files: .............................................................................. OK. 29179 13:11:29 (0) ** There are no missing WMI repository files: .......................................................................... OK. 29180 13:11:29 (0) ** WMI repository state: ............................................................................................... N/A. 29181 13:11:29 (0) ** AFTER running WMIDiag: 29182 13:11:29 (0) ** The WMI repository has a size of: ................................................................................... 22 MB. 29183 13:11:29 (0) ** - Disk free space on 'C:': .......................................................................................... 251908 MB. 29184 13:11:29 (0) ** - INDEX.BTR, 4521984 bytes, 2016-05-07 13:07:59 29185 13:11:29 (0) ** - MAPPING1.MAP, 59740 bytes, 2016-05-07 13:04:29 29186 13:11:29 (0) ** - MAPPING2.MAP, 59744 bytes, 2016-05-07 13:07:59 29187 13:11:29 (0) ** - OBJECTS.DATA, 18161664 bytes, 2016-05-07 13:07:59 29188 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29189 13:11:29 (0) ** INFO: Windows Firewall status: ...................................................................................... ENABLED. 29190 13:11:29 (0) ** Windows Firewall Profile: ........................................................................................... PRIVATE. 29191 13:11:29 (0) ** Inbound connections that do not match a rule BLOCKED: ............................................................... ENABLED. 29192 13:11:29 (0) ** => This will prevent any WMI remote connectivity to this computer except 29193 13:11:29 (0) ** if the following three inbound rules are ENABLED and non-BLOCKING: 29194 13:11:29 (0) ** - 'Windows Management Instrumentation (DCOM-In)' 29195 13:11:29 (0) ** - 'Windows Management Instrumentation (WMI-In)' 29196 13:11:29 (0) ** - 'Windows Management Instrumentation (ASync-In)' 29197 13:11:29 (0) ** Verify the reported status for each of these three inbound rules below. 29198 13:11:29 (0) ** 29199 13:11:29 (0) ** Windows Firewall 'Windows Management Instrumentation (WMI)' group rule: ............................................. DISABLED. 29200 13:11:29 (0) ** => This will prevent any WMI remote connectivity to/from this machine. 29201 13:11:29 (0) ** - You can adjust the configuration by executing the following command: 29202 13:11:29 (0) ** i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE GROUP="Windows Management Instrumentation (WMI)" NEW ENABLE=YES' 29203 13:11:29 (0) ** Note: With this command all inbound and outbound WMI rules are activated at once! 29204 13:11:29 (0) ** You can also enable each individual rule instead of activating the group rule. 29205 13:11:29 (0) ** 29206 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29207 13:11:29 (0) ** DCOM Status: ........................................................................................................ OK. 29208 13:11:29 (0) ** WMI registry setup: ................................................................................................. OK. 29209 13:11:29 (0) ** INFO: WMI service has dependents: ................................................................................... 2 SERVICE(S)! 29210 13:11:29 (0) ** - Security Center (WSCSVC, StartMode='Automatic') 29211 13:11:29 (0) ** - Internet Connection Sharing (ICS) (SHAREDACCESS, StartMode='Manual') 29212 13:11:29 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well. 29213 13:11:29 (0) ** Note: If the service is marked with (*), it means that the service/application uses WMI but 29214 13:11:29 (0) ** there is no hard dependency on WMI. However, if the WMI service is stopped, 29215 13:11:29 (0) ** this can prevent the service/application to work as expected. 29216 13:11:29 (0) ** 29217 13:11:29 (0) ** RPCSS service: ...................................................................................................... OK (Already started). 29218 13:11:29 (0) ** WINMGMT service: .................................................................................................... OK (Already started). 29219 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29220 13:11:29 (0) ** WMI service DCOM setup: ............................................................................................. OK. 29221 13:11:29 (2) !! WARNING: WMI DCOM components registration is missing for the following EXE/DLLs: .................................... 2 WARNING(S)! 29222 13:11:29 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\IPMIPRV.DLL (\CLSID\{FD209E2E-813B-41C0-8646-4C3E9C917511}\InProcServer32) 29223 13:11:29 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\SERVERCOMPPROV.DLL (\CLSID\{9042E1B1-8FD4-4008-89FE-4040CC74575A}\InProcServer32) 29224 13:11:29 (0) ** => WMI System components are not properly registered as COM objects, which could make WMI to 29225 13:11:29 (0) ** fail depending on the operation requested. 29226 13:11:29 (0) ** => For a .DLL, you can correct the DCOM configuration by executing the 'REGSVR32.EXE ' command. 29227 13:11:29 (0) ** 29228 13:11:29 (0) ** WMI ProgID registrations: ........................................................................................... OK. 29229 13:11:29 (0) ** WMI provider DCOM registrations: .................................................................................... OK. 29230 13:11:29 (0) ** WMI provider CIM registrations: ..................................................................................... OK. 29231 13:11:29 (0) ** WMI provider CLSIDs: ................................................................................................ OK. 29232 13:11:29 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK. 29233 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29234 13:11:29 (0) ** INFO: User Account Control (UAC): ................................................................................... DISABLED. 29235 13:11:29 (0) ** INFO: Local Account Filtering: ...................................................................................... ENABLED. 29236 13:11:29 (0) ** => WMI tasks remotely accessing WMI information on this computer and requiring Administrative 29237 13:11:29 (0) ** privileges MUST use a DOMAIN account part of the Local Administrators group of this computer 29238 13:11:29 (0) ** to ensure that administrative privileges are granted. If a Local User account is used for remote 29239 13:11:29 (0) ** accesses, it will be reduced to a plain user (filtered token), even if it is part of the Local Administrators group. 29240 13:11:29 (0) ** 29241 13:11:29 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 29242 13:11:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\ANONYMOUS LOGON' has been REMOVED! 29243 13:11:29 (0) ** - REMOVED ACE: 29244 13:11:29 (0) ** ACEType: &h0 29245 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29246 13:11:29 (0) ** ACEFlags: &h0 29247 13:11:29 (0) ** ACEMask: &h3 29248 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29249 13:11:29 (0) ** DCOM_RIGHT_ACCESS_LOCAL 29250 13:11:29 (0) ** 29251 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29252 13:11:29 (0) ** Removing default security will cause some operations to fail! 29253 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29254 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29255 13:11:29 (0) ** 29256 13:11:29 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 29257 13:11:29 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED! 29258 13:11:29 (0) ** - REMOVED ACE: 29259 13:11:29 (0) ** ACEType: &h0 29260 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29261 13:11:29 (0) ** ACEFlags: &h0 29262 13:11:29 (0) ** ACEMask: &h7 29263 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29264 13:11:29 (0) ** DCOM_RIGHT_ACCESS_LOCAL 29265 13:11:29 (0) ** DCOM_RIGHT_ACCESS_REMOTE 29266 13:11:29 (0) ** 29267 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29268 13:11:29 (0) ** Removing default security will cause some operations to fail! 29269 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29270 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29271 13:11:29 (0) ** 29272 13:11:29 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 29273 13:11:29 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! 29274 13:11:29 (0) ** - REMOVED ACE: 29275 13:11:29 (0) ** ACEType: &h0 29276 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29277 13:11:29 (0) ** ACEFlags: &h0 29278 13:11:29 (0) ** ACEMask: &h7 29279 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29280 13:11:29 (0) ** DCOM_RIGHT_ACCESS_LOCAL 29281 13:11:29 (0) ** DCOM_RIGHT_ACCESS_REMOTE 29282 13:11:29 (0) ** 29283 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29284 13:11:29 (0) ** Removing default security will cause some operations to fail! 29285 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29286 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29287 13:11:29 (0) ** 29288 13:11:29 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 29289 13:11:29 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 29290 13:11:29 (0) ** - REMOVED ACE: 29291 13:11:29 (0) ** ACEType: &h0 29292 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29293 13:11:29 (0) ** ACEFlags: &h0 29294 13:11:29 (0) ** ACEMask: &h1F 29295 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29296 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29297 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29298 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29299 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29300 13:11:29 (0) ** 29301 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29302 13:11:29 (0) ** Removing default security will cause some operations to fail! 29303 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29304 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29305 13:11:29 (0) ** 29306 13:11:29 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 29307 13:11:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 29308 13:11:29 (0) ** - REMOVED ACE: 29309 13:11:29 (0) ** ACEType: &h0 29310 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29311 13:11:29 (0) ** ACEFlags: &h0 29312 13:11:29 (0) ** ACEMask: &h1F 29313 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29314 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29315 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29316 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29317 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29318 13:11:29 (0) ** 29319 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29320 13:11:29 (0) ** Removing default security will cause some operations to fail! 29321 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29322 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29323 13:11:29 (0) ** 29324 13:11:29 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 29325 13:11:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 29326 13:11:29 (0) ** - REMOVED ACE: 29327 13:11:29 (0) ** ACEType: &h0 29328 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29329 13:11:29 (0) ** ACEFlags: &h0 29330 13:11:29 (0) ** ACEMask: &h1F 29331 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29332 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29333 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29334 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29335 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29336 13:11:29 (0) ** 29337 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29338 13:11:29 (0) ** Removing default security will cause some operations to fail! 29339 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29340 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29341 13:11:29 (0) ** 29342 13:11:29 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 29343 13:11:29 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 29344 13:11:29 (0) ** - REMOVED ACE: 29345 13:11:29 (0) ** ACEType: &h0 29346 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29347 13:11:29 (0) ** ACEFlags: &h0 29348 13:11:29 (0) ** ACEMask: &h1F 29349 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29350 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29351 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29352 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29353 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29354 13:11:29 (0) ** 29355 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29356 13:11:29 (0) ** Removing default security will cause some operations to fail! 29357 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29358 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29359 13:11:29 (0) ** 29360 13:11:29 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 29361 13:11:29 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED! 29362 13:11:29 (0) ** - REMOVED ACE: 29363 13:11:29 (0) ** ACEType: &h0 29364 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29365 13:11:29 (0) ** ACEFlags: &h0 29366 13:11:29 (0) ** ACEMask: &h1F 29367 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29368 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29369 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29370 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29371 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29372 13:11:29 (0) ** 29373 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29374 13:11:29 (0) ** Removing default security will cause some operations to fail! 29375 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29376 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29377 13:11:29 (0) ** 29378 13:11:29 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 29379 13:11:29 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! 29380 13:11:29 (0) ** - REMOVED ACE: 29381 13:11:29 (0) ** ACEType: &h0 29382 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29383 13:11:29 (0) ** ACEFlags: &h0 29384 13:11:29 (0) ** ACEMask: &hB 29385 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29386 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29387 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29388 13:11:29 (0) ** 29389 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29390 13:11:29 (0) ** Removing default security will cause some operations to fail! 29391 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29392 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29393 13:11:29 (0) ** 29394 13:11:29 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29395 13:11:29 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 29396 13:11:29 (0) ** - REMOVED ACE: 29397 13:11:29 (0) ** ACEType: &h0 29398 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29399 13:11:29 (0) ** ACEFlags: &h0 29400 13:11:29 (0) ** ACEMask: &h1F 29401 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29402 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29403 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29404 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29405 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29406 13:11:29 (0) ** 29407 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29408 13:11:29 (0) ** Removing default security will cause some operations to fail! 29409 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29410 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29411 13:11:29 (0) ** 29412 13:11:29 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29413 13:11:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 29414 13:11:29 (0) ** - REMOVED ACE: 29415 13:11:29 (0) ** ACEType: &h0 29416 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29417 13:11:29 (0) ** ACEFlags: &h0 29418 13:11:29 (0) ** ACEMask: &h1F 29419 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29420 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29421 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29422 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29423 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29424 13:11:29 (0) ** 29425 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29426 13:11:29 (0) ** Removing default security will cause some operations to fail! 29427 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29428 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29429 13:11:29 (0) ** 29430 13:11:29 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29431 13:11:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 29432 13:11:29 (0) ** - REMOVED ACE: 29433 13:11:29 (0) ** ACEType: &h0 29434 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29435 13:11:29 (0) ** ACEFlags: &h0 29436 13:11:29 (0) ** ACEMask: &h1F 29437 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29438 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29439 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29440 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29441 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29442 13:11:29 (0) ** 29443 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29444 13:11:29 (0) ** Removing default security will cause some operations to fail! 29445 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29446 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29447 13:11:29 (0) ** 29448 13:11:29 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29449 13:11:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED! 29450 13:11:29 (0) ** - REMOVED ACE: 29451 13:11:29 (0) ** ACEType: &h0 29452 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29453 13:11:29 (0) ** ACEFlags: &h0 29454 13:11:29 (0) ** ACEMask: &h1F 29455 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29456 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29457 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29458 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29459 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29460 13:11:29 (0) ** 29461 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29462 13:11:29 (0) ** Removing default security will cause some operations to fail! 29463 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29464 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29465 13:11:29 (0) ** 29466 13:11:29 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29467 13:11:29 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED! 29468 13:11:29 (0) ** - REMOVED ACE: 29469 13:11:29 (0) ** ACEType: &h0 29470 13:11:29 (0) ** ACCESS_ALLOWED_ACE_TYPE 29471 13:11:29 (0) ** ACEFlags: &h0 29472 13:11:29 (0) ** ACEMask: &h1F 29473 13:11:29 (0) ** DCOM_RIGHT_EXECUTE 29474 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29475 13:11:29 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29476 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29477 13:11:29 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29478 13:11:29 (0) ** 29479 13:11:29 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29480 13:11:29 (0) ** Removing default security will cause some operations to fail! 29481 13:11:29 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29482 13:11:29 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29483 13:11:29 (0) ** 29484 13:11:29 (0) ** 29485 13:11:29 (0) ** DCOM security warning(s) detected: .................................................................................. 0. 29486 13:11:29 (0) ** DCOM security error(s) detected: .................................................................................... 14. 29487 13:11:29 (0) ** WMI security warning(s) detected: ................................................................................... 0. 29488 13:11:29 (0) ** WMI security error(s) detected: ..................................................................................... 0. 29489 13:11:29 (0) ** 29490 13:11:29 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR! 29491 13:11:29 (0) ** Overall WMI security status: ........................................................................................ OK. 29492 13:11:29 (0) ** - Started at 'Root' -------------------------------------------------------------------------------------------------------------- 29493 13:11:29 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 1. 29494 13:11:29 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer". 29495 13:11:29 (0) ** 'select * from MSFT_SCMEventLogEvent' 29496 13:11:29 (0) ** 29497 13:11:29 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE. 29498 13:11:29 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: .................................................................... 4 NAMESPACE(S)! 29499 13:11:29 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTTPM. 29500 13:11:29 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTVOLUMEENCRYPTION. 29501 13:11:29 (0) ** - ROOT/CIMV2/TERMINALSERVICES. 29502 13:11:29 (0) ** - ROOT/SERVICEMODEL. 29503 13:11:29 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to 29504 13:11:29 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level. 29505 13:11:29 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRIVACY or PktPrivacy flags) 29506 13:11:29 (0) ** i.e. 'WMIC.EXE /NODE:"ASUS-KOMPUTER" /AUTHLEVEL:Pktprivacy /NAMESPACE:\\ROOT\SERVICEMODEL Class __SystemSecurity' 29507 13:11:29 (0) ** 29508 13:11:29 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK. 29509 13:11:29 (0) ** WMI CONNECTIONS: .................................................................................................... OK. 29510 13:11:29 (1) !! ERROR: WMI GET operation errors reported: ........................................................................... 4 ERROR(S)! 29511 13:11:29 (0) ** - Root/CIMV2, Win32_PerfFormattedData_RemoteAccess_RASPort, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29512 13:11:29 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29513 13:11:29 (0) ** - Root/CIMV2, Win32_PerfRawData_RemoteAccess_RASPort, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29514 13:11:29 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29515 13:11:29 (0) ** - Root/CIMV2, Win32_PerfFormattedData_RemoteAccess_RASTotal, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29516 13:11:29 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29517 13:11:29 (0) ** - Root/CIMV2, Win32_PerfRawData_RemoteAccess_RASTotal, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29518 13:11:29 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29519 13:11:29 (0) ** 29520 13:11:29 (0) ** WMI MOF representations: ............................................................................................ OK. 29521 13:11:29 (0) ** WMI QUALIFIER access operations: .................................................................................... OK. 29522 13:11:29 (0) ** WMI ENUMERATION operations: ......................................................................................... OK. 29523 13:11:29 (0) ** WMI EXECQUERY operations: ........................................................................................... OK. 29524 13:11:29 (1) !! ERROR: WMI GET VALUE operation errors reported: ..................................................................... 1 ERROR(S)! 29525 13:11:29 (0) ** - Root/CIMV2, Instance: Win32_Service='WSCSVC', Property: Displayname='Centrum zabezpieczeń' (Expected default='Security Center'). 29526 13:11:29 (0) ** 29527 13:11:29 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED. 29528 13:11:29 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED. 29529 13:11:29 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED. 29530 13:11:29 (0) ** WMI static instances retrieved: ..................................................................................... 1771. 29531 13:11:29 (0) ** WMI dynamic instances retrieved: .................................................................................... 0. 29532 13:11:29 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 1. 29533 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29534 13:11:29 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s): 29535 13:11:29 (0) ** DCOM: ............................................................................................................. 0. 29536 13:11:29 (0) ** WINMGMT: .......................................................................................................... 0. 29537 13:11:29 (0) ** WMIADAPTER: ....................................................................................................... 0. 29538 13:11:29 (0) ** 29539 13:11:29 (0) ** # of additional Event Log events AFTER WMIDiag execution: 29540 13:11:29 (0) ** DCOM: ............................................................................................................. 0. 29541 13:11:29 (0) ** WINMGMT: .......................................................................................................... 0. 29542 13:11:29 (0) ** WMIADAPTER: ....................................................................................................... 0. 29543 13:11:29 (0) ** 29544 13:11:29 (0) ** 4 error(s) 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found 29545 13:11:29 (0) ** => This error is typically a WMI error. This WMI error is due to: 29546 13:11:29 (0) ** - a missing WMI class definition or object. 29547 13:11:29 (0) ** (See any GET, ENUMERATION, EXECQUERY and GET VALUE operation failures). 29548 13:11:29 (0) ** You can correct the missing class definitions by: 29549 13:11:29 (0) ** - Manually recompiling the MOF file(s) with the 'MOFCOMP ' command. 29550 13:11:29 (0) ** Note: You can build a list of classes in relation with their WMI provider and MOF file with WMIDiag. 29551 13:11:29 (0) ** (This list can be built on a similar and working WMI Windows installation) 29552 13:11:29 (0) ** The following command line must be used: 29553 13:11:29 (0) ** i.e. 'WMIDiag CorrelateClassAndProvider' 29554 13:11:29 (0) ** Note: When a WMI performance class is missing, you can manually resynchronize performance counters 29555 13:11:29 (0) ** with WMI by starting the ADAP process. 29556 13:11:29 (0) ** - a WMI repository corruption. 29557 13:11:29 (0) ** In such a case, you must rerun WMIDiag with 'WriteInRepository' parameter 29558 13:11:29 (0) ** to validate the WMI repository operations. 29559 13:11:29 (0) ** Note: ENSURE you are an administrator with FULL access to WMI EVERY namespaces of the computer before 29560 13:11:29 (0) ** executing the WriteInRepository command. To write temporary data from the Root namespace, use: 29561 13:11:29 (0) ** i.e. 'WMIDiag WriteInRepository=Root' 29562 13:11:29 (0) ** - If the WriteInRepository command fails, while being an Administrator with ALL accesses to ALL namespaces 29563 13:11:29 (0) ** the WMI repository must be reconstructed. 29564 13:11:29 (0) ** Note: The WMI repository reconstruction requires to locate all MOF files needed to rebuild the repository, 29565 13:11:29 (0) ** otherwise some applications may fail after the reconstruction. 29566 13:11:29 (0) ** This can be achieved with the following command: 29567 13:11:29 (0) ** i.e. 'WMIDiag ShowMOFErrors' 29568 13:11:29 (0) ** Note: The repository reconstruction must be a LAST RESORT solution and ONLY after executing 29569 13:11:29 (0) ** ALL fixes previously mentioned. 29570 13:11:29 (2) !! WARNING: Static information stored by external applications in the repository will be LOST! (i.e. SMS Inventory) 29571 13:11:29 (0) ** 29572 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29573 13:11:29 (0) ** WMI Registry key setup: ............................................................................................. OK. 29574 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29575 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29576 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29577 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29578 13:11:29 (0) ** 29579 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29580 13:11:29 (0) ** ------------------------------------------------------ WMI REPORT: END ----------------------------------------------------------- 29581 13:11:29 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29582 13:11:29 (0) ** 29583 13:11:29 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\USERS\ASUS\APPDATA\LOCAL\TEMP\WMIDIAG-V2.2_WIN7_.CLI.SP1.64_ASUS-KOMPUTER_2016.05.07_13.05.33.LOG' for details. 29584 13:11:29 (0) ** 29585 13:11:29 (0) ** WMIDiag v2.2 ended on 7 maja 2016 at 13:11 (W:84 E:32 S:1).