28940 23:20:12 (0) ** WMIDiag v2.2 started on 17 czerwca 2016 at 23:14. 28941 23:20:12 (0) ** 28942 23:20:12 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - July 2007. 28943 23:20:12 (0) ** 28944 23:20:12 (0) ** This script is not supported under any Microsoft standard support program or service. 28945 23:20:12 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all 28946 23:20:12 (0) ** implied warranties including, without limitation, any implied warranties of merchantability 28947 23:20:12 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance 28948 23:20:12 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors, 28949 23:20:12 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for 28950 23:20:12 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits, 28951 23:20:12 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of 28952 23:20:12 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised 28953 23:20:12 (0) ** of the possibility of such damages. 28954 23:20:12 (0) ** 28955 23:20:12 (0) ** 28956 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 28957 23:20:12 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ---------------------------------------------------------- 28958 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 28959 23:20:12 (0) ** 28960 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 28961 23:20:12 (0) ** Windows 7 - Service Pack 1 - 32-bit (7601) - User 'TELMAX3\ADMIN' on computer 'TELMAX3'. 28962 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 28963 23:20:12 (0) ** INFO: Environment: .................................................................................................. 1 ITEM(S)! 28964 23:20:12 (0) ** INFO: => 4 possible incorrect shutdown(s) detected on: 28965 23:20:12 (0) ** - Shutdown on 02 March 2016 13:04:24 (GMT-0). 28966 23:20:12 (0) ** - Shutdown on 13 June 2016 06:49:56 (GMT-0). 28967 23:20:12 (0) ** - Shutdown on 13 June 2016 15:10:40 (GMT-0). 28968 23:20:12 (0) ** - Shutdown on 17 June 2016 13:35:50 (GMT-0). 28969 23:20:12 (0) ** 28970 23:20:12 (0) ** System drive: ....................................................................................................... C: (Disk #0 Partition #1). 28971 23:20:12 (0) ** Drive type: ......................................................................................................... IDE (TOSHIBA DT01ACA050 ATA Device). 28972 23:20:12 (0) ** There are no missing WMI system files: .............................................................................. OK. 28973 23:20:12 (0) ** There are no missing WMI repository files: .......................................................................... OK. 28974 23:20:12 (0) ** WMI repository state: ............................................................................................... N/A. 28975 23:20:12 (0) ** AFTER running WMIDiag: 28976 23:20:12 (0) ** The WMI repository has a size of: ................................................................................... 26 MB. 28977 23:20:12 (0) ** - Disk free space on 'C:': .......................................................................................... 27023 MB. 28978 23:20:12 (0) ** - INDEX.BTR, 4374528 bytes, 2016-06-17 23:16:47 28979 23:20:12 (0) ** - MAPPING1.MAP, 61476 bytes, 2016-06-17 23:03:31 28980 23:20:12 (0) ** - MAPPING2.MAP, 61476 bytes, 2016-06-17 23:11:14 28981 23:20:12 (0) ** - OBJECTS.DATA, 22765568 bytes, 2016-06-17 23:16:47 28982 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 28983 23:20:12 (2) !! WARNING: Windows Firewall Service: .................................................................................. STOPPED. 28984 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 28985 23:20:12 (0) ** DCOM Status: ........................................................................................................ OK. 28986 23:20:12 (0) ** WMI registry setup: ................................................................................................. OK. 28987 23:20:12 (0) ** INFO: WMI service has dependents: ................................................................................... 2 SERVICE(S)! 28988 23:20:12 (0) ** - Security Center (WSCSVC, StartMode='Automatic') 28989 23:20:12 (0) ** - Internet Connection Sharing (ICS) (SHAREDACCESS, StartMode='Automatic') 28990 23:20:12 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well. 28991 23:20:12 (0) ** Note: If the service is marked with (*), it means that the service/application uses WMI but 28992 23:20:12 (0) ** there is no hard dependency on WMI. However, if the WMI service is stopped, 28993 23:20:12 (0) ** this can prevent the service/application to work as expected. 28994 23:20:12 (0) ** 28995 23:20:12 (0) ** RPCSS service: ...................................................................................................... OK (Already started). 28996 23:20:12 (0) ** WINMGMT service: .................................................................................................... OK (Already started). 28997 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 28998 23:20:12 (0) ** WMI service DCOM setup: ............................................................................................. OK. 28999 23:20:12 (2) !! WARNING: WMI DCOM components registration is missing for the following EXE/DLLs: .................................... 2 WARNING(S)! 29000 23:20:12 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\IPMIPRV.DLL (\CLSID\{FD209E2E-813B-41C0-8646-4C3E9C917511}\InProcServer32) 29001 23:20:12 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\SERVERCOMPPROV.DLL (\CLSID\{9042E1B1-8FD4-4008-89FE-4040CC74575A}\InProcServer32) 29002 23:20:12 (0) ** => WMI System components are not properly registered as COM objects, which could make WMI to 29003 23:20:12 (0) ** fail depending on the operation requested. 29004 23:20:12 (0) ** => For a .DLL, you can correct the DCOM configuration by executing the 'REGSVR32.EXE ' command. 29005 23:20:12 (0) ** 29006 23:20:12 (0) ** WMI ProgID registrations: ........................................................................................... OK. 29007 23:20:12 (0) ** WMI provider DCOM registrations: .................................................................................... OK. 29008 23:20:12 (0) ** WMI provider CIM registrations: ..................................................................................... OK. 29009 23:20:12 (0) ** WMI provider CLSIDs: ................................................................................................ OK. 29010 23:20:12 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK. 29011 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29012 23:20:12 (0) ** INFO: User Account Control (UAC): ................................................................................... DISABLED. 29013 23:20:12 (0) ** INFO: Local Account Filtering: ...................................................................................... ENABLED. 29014 23:20:12 (0) ** => WMI tasks remotely accessing WMI information on this computer and requiring Administrative 29015 23:20:12 (0) ** privileges MUST use a DOMAIN account part of the Local Administrators group of this computer 29016 23:20:12 (0) ** to ensure that administrative privileges are granted. If a Local User account is used for remote 29017 23:20:12 (0) ** accesses, it will be reduced to a plain user (filtered token), even if it is part of the Local Administrators group. 29018 23:20:12 (0) ** 29019 23:20:12 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 29020 23:20:12 (1) !! ERROR: Default trustee 'NT AUTHORITY\ANONYMOUS LOGON' has been REMOVED! 29021 23:20:12 (0) ** - REMOVED ACE: 29022 23:20:12 (0) ** ACEType: &h0 29023 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29024 23:20:12 (0) ** ACEFlags: &h0 29025 23:20:12 (0) ** ACEMask: &h3 29026 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29027 23:20:12 (0) ** DCOM_RIGHT_ACCESS_LOCAL 29028 23:20:12 (0) ** 29029 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29030 23:20:12 (0) ** Removing default security will cause some operations to fail! 29031 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29032 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29033 23:20:12 (0) ** 29034 23:20:12 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 29035 23:20:12 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED! 29036 23:20:12 (0) ** - REMOVED ACE: 29037 23:20:12 (0) ** ACEType: &h0 29038 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29039 23:20:12 (0) ** ACEFlags: &h0 29040 23:20:12 (0) ** ACEMask: &h7 29041 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29042 23:20:12 (0) ** DCOM_RIGHT_ACCESS_LOCAL 29043 23:20:12 (0) ** DCOM_RIGHT_ACCESS_REMOTE 29044 23:20:12 (0) ** 29045 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29046 23:20:12 (0) ** Removing default security will cause some operations to fail! 29047 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29048 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29049 23:20:12 (0) ** 29050 23:20:12 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 29051 23:20:12 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! 29052 23:20:12 (0) ** - REMOVED ACE: 29053 23:20:12 (0) ** ACEType: &h0 29054 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29055 23:20:12 (0) ** ACEFlags: &h0 29056 23:20:12 (0) ** ACEMask: &h7 29057 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29058 23:20:12 (0) ** DCOM_RIGHT_ACCESS_LOCAL 29059 23:20:12 (0) ** DCOM_RIGHT_ACCESS_REMOTE 29060 23:20:12 (0) ** 29061 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29062 23:20:12 (0) ** Removing default security will cause some operations to fail! 29063 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29064 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29065 23:20:12 (0) ** 29066 23:20:12 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 29067 23:20:12 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 29068 23:20:12 (0) ** - REMOVED ACE: 29069 23:20:12 (0) ** ACEType: &h0 29070 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29071 23:20:12 (0) ** ACEFlags: &h0 29072 23:20:12 (0) ** ACEMask: &h1F 29073 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29074 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29075 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29076 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29077 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29078 23:20:12 (0) ** 29079 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29080 23:20:12 (0) ** Removing default security will cause some operations to fail! 29081 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29082 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29083 23:20:12 (0) ** 29084 23:20:12 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 29085 23:20:12 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 29086 23:20:12 (0) ** - REMOVED ACE: 29087 23:20:12 (0) ** ACEType: &h0 29088 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29089 23:20:12 (0) ** ACEFlags: &h0 29090 23:20:12 (0) ** ACEMask: &h1F 29091 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29092 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29093 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29094 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29095 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29096 23:20:12 (0) ** 29097 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29098 23:20:12 (0) ** Removing default security will cause some operations to fail! 29099 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29100 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29101 23:20:12 (0) ** 29102 23:20:12 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 29103 23:20:12 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 29104 23:20:12 (0) ** - REMOVED ACE: 29105 23:20:12 (0) ** ACEType: &h0 29106 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29107 23:20:12 (0) ** ACEFlags: &h0 29108 23:20:12 (0) ** ACEMask: &h1F 29109 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29110 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29111 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29112 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29113 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29114 23:20:12 (0) ** 29115 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29116 23:20:12 (0) ** Removing default security will cause some operations to fail! 29117 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29118 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29119 23:20:12 (0) ** 29120 23:20:12 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 29121 23:20:12 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 29122 23:20:12 (0) ** - REMOVED ACE: 29123 23:20:12 (0) ** ACEType: &h0 29124 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29125 23:20:12 (0) ** ACEFlags: &h0 29126 23:20:12 (0) ** ACEMask: &h1F 29127 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29128 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29129 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29130 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29131 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29132 23:20:12 (0) ** 29133 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29134 23:20:12 (0) ** Removing default security will cause some operations to fail! 29135 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29136 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29137 23:20:12 (0) ** 29138 23:20:12 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 29139 23:20:12 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED! 29140 23:20:12 (0) ** - REMOVED ACE: 29141 23:20:12 (0) ** ACEType: &h0 29142 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29143 23:20:12 (0) ** ACEFlags: &h0 29144 23:20:12 (0) ** ACEMask: &h1F 29145 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29146 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29147 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29148 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29149 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29150 23:20:12 (0) ** 29151 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29152 23:20:12 (0) ** Removing default security will cause some operations to fail! 29153 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29154 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29155 23:20:12 (0) ** 29156 23:20:12 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 29157 23:20:12 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! 29158 23:20:12 (0) ** - REMOVED ACE: 29159 23:20:12 (0) ** ACEType: &h0 29160 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29161 23:20:12 (0) ** ACEFlags: &h0 29162 23:20:12 (0) ** ACEMask: &hB 29163 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29164 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29165 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29166 23:20:12 (0) ** 29167 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29168 23:20:12 (0) ** Removing default security will cause some operations to fail! 29169 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29170 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29171 23:20:12 (0) ** 29172 23:20:12 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29173 23:20:12 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 29174 23:20:12 (0) ** - REMOVED ACE: 29175 23:20:12 (0) ** ACEType: &h0 29176 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29177 23:20:12 (0) ** ACEFlags: &h0 29178 23:20:12 (0) ** ACEMask: &h1F 29179 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29180 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29181 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29182 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29183 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29184 23:20:12 (0) ** 29185 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29186 23:20:12 (0) ** Removing default security will cause some operations to fail! 29187 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29188 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29189 23:20:12 (0) ** 29190 23:20:12 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29191 23:20:12 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 29192 23:20:12 (0) ** - REMOVED ACE: 29193 23:20:12 (0) ** ACEType: &h0 29194 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29195 23:20:12 (0) ** ACEFlags: &h0 29196 23:20:12 (0) ** ACEMask: &h1F 29197 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29198 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29199 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29200 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29201 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29202 23:20:12 (0) ** 29203 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29204 23:20:12 (0) ** Removing default security will cause some operations to fail! 29205 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29206 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29207 23:20:12 (0) ** 29208 23:20:12 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29209 23:20:12 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 29210 23:20:12 (0) ** - REMOVED ACE: 29211 23:20:12 (0) ** ACEType: &h0 29212 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29213 23:20:12 (0) ** ACEFlags: &h0 29214 23:20:12 (0) ** ACEMask: &h1F 29215 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29216 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29217 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29218 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29219 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29220 23:20:12 (0) ** 29221 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29222 23:20:12 (0) ** Removing default security will cause some operations to fail! 29223 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29224 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29225 23:20:12 (0) ** 29226 23:20:12 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29227 23:20:12 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED! 29228 23:20:12 (0) ** - REMOVED ACE: 29229 23:20:12 (0) ** ACEType: &h0 29230 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29231 23:20:12 (0) ** ACEFlags: &h0 29232 23:20:12 (0) ** ACEMask: &h1F 29233 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29234 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29235 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29236 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29237 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29238 23:20:12 (0) ** 29239 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29240 23:20:12 (0) ** Removing default security will cause some operations to fail! 29241 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29242 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29243 23:20:12 (0) ** 29244 23:20:12 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 29245 23:20:12 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED! 29246 23:20:12 (0) ** - REMOVED ACE: 29247 23:20:12 (0) ** ACEType: &h0 29248 23:20:12 (0) ** ACCESS_ALLOWED_ACE_TYPE 29249 23:20:12 (0) ** ACEFlags: &h0 29250 23:20:12 (0) ** ACEMask: &h1F 29251 23:20:12 (0) ** DCOM_RIGHT_EXECUTE 29252 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 29253 23:20:12 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 29254 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 29255 23:20:12 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 29256 23:20:12 (0) ** 29257 23:20:12 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 29258 23:20:12 (0) ** Removing default security will cause some operations to fail! 29259 23:20:12 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 29260 23:20:12 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 29261 23:20:12 (0) ** 29262 23:20:12 (0) ** 29263 23:20:12 (0) ** DCOM security warning(s) detected: .................................................................................. 0. 29264 23:20:12 (0) ** DCOM security error(s) detected: .................................................................................... 14. 29265 23:20:12 (0) ** WMI security warning(s) detected: ................................................................................... 0. 29266 23:20:12 (0) ** WMI security error(s) detected: ..................................................................................... 0. 29267 23:20:12 (0) ** 29268 23:20:12 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR! 29269 23:20:12 (0) ** Overall WMI security status: ........................................................................................ OK. 29270 23:20:12 (0) ** - Started at 'Root' -------------------------------------------------------------------------------------------------------------- 29271 23:20:12 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 1. 29272 23:20:12 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer". 29273 23:20:12 (0) ** 'select * from MSFT_SCMEventLogEvent' 29274 23:20:12 (0) ** 29275 23:20:12 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE. 29276 23:20:12 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: .................................................................... 3 NAMESPACE(S)! 29277 23:20:12 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTTPM. 29278 23:20:12 (0) ** - ROOT/CIMV2/TERMINALSERVICES. 29279 23:20:12 (0) ** - ROOT/SERVICEMODEL. 29280 23:20:12 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to 29281 23:20:12 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level. 29282 23:20:12 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRIVACY or PktPrivacy flags) 29283 23:20:12 (0) ** i.e. 'WMIC.EXE /NODE:"TELMAX3" /AUTHLEVEL:Pktprivacy /NAMESPACE:\\ROOT\SERVICEMODEL Class __SystemSecurity' 29284 23:20:12 (0) ** 29285 23:20:12 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK. 29286 23:20:12 (0) ** WMI CONNECTIONS: .................................................................................................... OK. 29287 23:20:12 (1) !! ERROR: WMI GET operation errors reported: ........................................................................... 6 ERROR(S)! 29288 23:20:12 (0) ** - Root/CIMV2, Win32_PerfFormattedData_NETDataProviderforOracle_NETDataProviderforOracle, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29289 23:20:12 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29290 23:20:12 (0) ** - Root/CIMV2, Win32_PerfRawData_NETDataProviderforOracle_NETDataProviderforOracle, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29291 23:20:12 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29292 23:20:12 (0) ** - Root/CIMV2, Win32_PerfFormattedData_RemoteAccess_RASPort, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29293 23:20:12 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29294 23:20:12 (0) ** - Root/CIMV2, Win32_PerfRawData_RemoteAccess_RASPort, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29295 23:20:12 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29296 23:20:12 (0) ** - Root/CIMV2, Win32_PerfFormattedData_RemoteAccess_RASTotal, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29297 23:20:12 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29298 23:20:12 (0) ** - Root/CIMV2, Win32_PerfRawData_RemoteAccess_RASTotal, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found. 29299 23:20:12 (0) ** MOF Registration: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 29300 23:20:12 (0) ** 29301 23:20:12 (0) ** WMI MOF representations: ............................................................................................ OK. 29302 23:20:12 (0) ** WMI QUALIFIER access operations: .................................................................................... OK. 29303 23:20:12 (0) ** WMI ENUMERATION operations: ......................................................................................... OK. 29304 23:20:12 (0) ** WMI EXECQUERY operations: ........................................................................................... OK. 29305 23:20:12 (1) !! ERROR: WMI GET VALUE operation errors reported: ..................................................................... 1 ERROR(S)! 29306 23:20:12 (0) ** - Root/CIMV2, Instance: Win32_Service='WSCSVC', Property: Displayname='Centrum zabezpieczeń' (Expected default='Security Center'). 29307 23:20:12 (0) ** 29308 23:20:12 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED. 29309 23:20:12 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED. 29310 23:20:12 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED. 29311 23:20:12 (0) ** WMI static instances retrieved: ..................................................................................... 1737. 29312 23:20:12 (0) ** WMI dynamic instances retrieved: .................................................................................... 0. 29313 23:20:12 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 1. 29314 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29315 23:20:12 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s): 29316 23:20:12 (0) ** DCOM: ............................................................................................................. 0. 29317 23:20:12 (0) ** WINMGMT: .......................................................................................................... 0. 29318 23:20:12 (0) ** WMIADAPTER: ....................................................................................................... 0. 29319 23:20:12 (0) ** 29320 23:20:12 (0) ** # of additional Event Log events AFTER WMIDiag execution: 29321 23:20:12 (0) ** DCOM: ............................................................................................................. 0. 29322 23:20:12 (0) ** WINMGMT: .......................................................................................................... 0. 29323 23:20:12 (0) ** WMIADAPTER: ....................................................................................................... 0. 29324 23:20:12 (0) ** 29325 23:20:12 (0) ** 6 error(s) 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found 29326 23:20:12 (0) ** => This error is typically a WMI error. This WMI error is due to: 29327 23:20:12 (0) ** - a missing WMI class definition or object. 29328 23:20:12 (0) ** (See any GET, ENUMERATION, EXECQUERY and GET VALUE operation failures). 29329 23:20:12 (0) ** You can correct the missing class definitions by: 29330 23:20:12 (0) ** - Manually recompiling the MOF file(s) with the 'MOFCOMP ' command. 29331 23:20:12 (0) ** Note: You can build a list of classes in relation with their WMI provider and MOF file with WMIDiag. 29332 23:20:12 (0) ** (This list can be built on a similar and working WMI Windows installation) 29333 23:20:12 (0) ** The following command line must be used: 29334 23:20:12 (0) ** i.e. 'WMIDiag CorrelateClassAndProvider' 29335 23:20:12 (0) ** Note: When a WMI performance class is missing, you can manually resynchronize performance counters 29336 23:20:12 (0) ** with WMI by starting the ADAP process. 29337 23:20:12 (0) ** - a WMI repository corruption. 29338 23:20:12 (0) ** In such a case, you must rerun WMIDiag with 'WriteInRepository' parameter 29339 23:20:12 (0) ** to validate the WMI repository operations. 29340 23:20:12 (0) ** Note: ENSURE you are an administrator with FULL access to WMI EVERY namespaces of the computer before 29341 23:20:12 (0) ** executing the WriteInRepository command. To write temporary data from the Root namespace, use: 29342 23:20:12 (0) ** i.e. 'WMIDiag WriteInRepository=Root' 29343 23:20:12 (0) ** - If the WriteInRepository command fails, while being an Administrator with ALL accesses to ALL namespaces 29344 23:20:12 (0) ** the WMI repository must be reconstructed. 29345 23:20:12 (0) ** Note: The WMI repository reconstruction requires to locate all MOF files needed to rebuild the repository, 29346 23:20:12 (0) ** otherwise some applications may fail after the reconstruction. 29347 23:20:12 (0) ** This can be achieved with the following command: 29348 23:20:12 (0) ** i.e. 'WMIDiag ShowMOFErrors' 29349 23:20:12 (0) ** Note: The repository reconstruction must be a LAST RESORT solution and ONLY after executing 29350 23:20:12 (0) ** ALL fixes previously mentioned. 29351 23:20:12 (2) !! WARNING: Static information stored by external applications in the repository will be LOST! (i.e. SMS Inventory) 29352 23:20:12 (0) ** 29353 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29354 23:20:12 (0) ** WMI Registry key setup: ............................................................................................. OK. 29355 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29356 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29357 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29358 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29359 23:20:12 (0) ** 29360 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29361 23:20:12 (0) ** ------------------------------------------------------ WMI REPORT: END ----------------------------------------------------------- 29362 23:20:12 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 29363 23:20:12 (0) ** 29364 23:20:12 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\USERS\ADMIN\APPDATA\LOCAL\TEMP\WMIDIAG-V2.2_WIN7_.CLI.SP1.32_TELMAX3_2016.06.17_23.14.55.LOG' for details. 29365 23:20:12 (0) ** 29366 23:20:12 (0) ** WMIDiag v2.2 ended on 17 czerwca 2016 at 23:20 (W:84 E:34 S:1).