26581 07:16:44 (0) ** WMIDiag v2.2 started on jeudi 6 avril 2017 at 07:13. 26582 07:16:44 (0) ** 26583 07:16:44 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - July 2007. 26584 07:16:44 (0) ** 26585 07:16:44 (0) ** This script is not supported under any Microsoft standard support program or service. 26586 07:16:44 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all 26587 07:16:44 (0) ** implied warranties including, without limitation, any implied warranties of merchantability 26588 07:16:44 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance 26589 07:16:44 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors, 26590 07:16:44 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for 26591 07:16:44 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits, 26592 07:16:44 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of 26593 07:16:44 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised 26594 07:16:44 (0) ** of the possibility of such damages. 26595 07:16:44 (0) ** 26596 07:16:44 (0) ** 26597 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26598 07:16:44 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ---------------------------------------------------------- 26599 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26600 07:16:44 (0) ** 26601 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26602 07:16:44 (0) ** Windows 7 - Service Pack 1 - 64-bit (7601) - User 'BDK-PC\BDK' on computer 'BDK-PC'. 26603 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26604 07:16:44 (0) ** INFO: Environment: .................................................................................................. 1 ITEM(S)! 26605 07:16:44 (0) ** INFO: => 7 possible incorrect shutdown(s) detected on: 26606 07:16:44 (0) ** - Shutdown on 25 January 2017 04:55:51 (GMT-0). 26607 07:16:44 (0) ** - Shutdown on 31 January 2017 22:53:24 (GMT-0). 26608 07:16:44 (0) ** - Shutdown on 14 February 2017 21:20:05 (GMT-0). 26609 07:16:44 (0) ** - Shutdown on 05 March 2017 03:53:55 (GMT-0). 26610 07:16:44 (0) ** - Shutdown on 19 March 2017 00:45:40 (GMT-0). 26611 07:16:44 (0) ** - Shutdown on 30 March 2017 15:43:19 (GMT-0). 26612 07:16:44 (0) ** - Shutdown on 04 April 2017 21:34:13 (GMT-0). 26613 07:16:44 (0) ** 26614 07:16:44 (0) ** System drive: ....................................................................................................... C: (Disque n° 0 partition n° 0). 26615 07:16:44 (0) ** Drive type: ......................................................................................................... IDE (KINGSTON SHSS37A240G ATA Device). 26616 07:16:44 (0) ** There are no missing WMI system files: .............................................................................. OK. 26617 07:16:44 (0) ** There are no missing WMI repository files: .......................................................................... OK. 26618 07:16:44 (0) ** WMI repository state: ............................................................................................... N/A. 26619 07:16:44 (0) ** AFTER running WMIDiag: 26620 07:16:44 (0) ** The WMI repository has a size of: ................................................................................... 22 MB. 26621 07:16:44 (0) ** - Disk free space on 'C:': .......................................................................................... 110711 MB. 26622 07:16:44 (0) ** - INDEX.BTR, 4374528 bytes, 06/04/2017 07:14:19 26623 07:16:44 (0) ** - MAPPING1.MAP, 62160 bytes, 06/04/2017 07:14:19 26624 07:16:44 (0) ** - MAPPING2.MAP, 62160 bytes, 06/04/2017 06:30:19 26625 07:16:44 (0) ** - OBJECTS.DATA, 18751488 bytes, 06/04/2017 07:14:19 26626 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26627 07:16:44 (0) ** INFO: Windows Firewall status: ...................................................................................... ENABLED. 26628 07:16:44 (0) ** Windows Firewall Profile: ........................................................................................... PRIVATE. 26629 07:16:44 (0) ** Inbound connections that do not match a rule BLOCKED: ............................................................... ENABLED. 26630 07:16:44 (0) ** => This will prevent any WMI remote connectivity to this computer except 26631 07:16:44 (0) ** if the following three inbound rules are ENABLED and non-BLOCKING: 26632 07:16:44 (0) ** - 'Windows Management Instrumentation (DCOM-In)' 26633 07:16:44 (0) ** - 'Windows Management Instrumentation (WMI-In)' 26634 07:16:44 (0) ** - 'Windows Management Instrumentation (ASync-In)' 26635 07:16:44 (0) ** Verify the reported status for each of these three inbound rules below. 26636 07:16:44 (0) ** 26637 07:16:44 (0) ** Windows Firewall 'Windows Management Instrumentation (WMI)' group rule: ............................................. DISABLED. 26638 07:16:44 (0) ** => This will prevent any WMI remote connectivity to/from this machine. 26639 07:16:44 (0) ** - You can adjust the configuration by executing the following command: 26640 07:16:44 (0) ** i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE GROUP="Windows Management Instrumentation (WMI)" NEW ENABLE=YES' 26641 07:16:44 (0) ** Note: With this command all inbound and outbound WMI rules are activated at once! 26642 07:16:44 (0) ** You can also enable each individual rule instead of activating the group rule. 26643 07:16:44 (0) ** 26644 07:16:44 (0) ** Windows Firewall 'Windows Management Instrumentation (DCOM-In)' rule: ............................................... DISABLED. 26645 07:16:44 (0) ** => This will prevent any DCOM WMI inbound connectivity to this machine. 26646 07:16:44 (0) ** Note: The rule 'Windows Management Instrumentation (DCOM-In)' rule must be ENABLED to allow incoming DCOM WMI connectivity. 26647 07:16:44 (0) ** - You can adjust the configuration of this rule by executing the following command: 26648 07:16:44 (0) ** i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE NAME="Windows Management Instrumentation (DCOM-In)" NEW ENABLE=YES' 26649 07:16:44 (0) ** 26650 07:16:44 (0) ** Windows Firewall 'Windows Management Instrumentation (WMI-In)' rule: ................................................ DISABLED. 26651 07:16:44 (0) ** => This will prevent any WMI inbound connectivity to this machine. 26652 07:16:44 (0) ** Note: The rule 'Windows Management Instrumentation (WMI-In)' rule must be ENABLED to allow incoming WMI connectivity. 26653 07:16:44 (0) ** - You can adjust the configuration of this rule by executing the following command: 26654 07:16:44 (0) ** i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE NAME="Windows Management Instrumentation (WMI-In)" NEW ENABLE=YES' 26655 07:16:44 (0) ** 26656 07:16:44 (0) ** Windows Firewall 'Windows Management Instrumentation (ASync-In)' rule: .............................................. DISABLED. 26657 07:16:44 (0) ** => This will prevent any WMI asynchronous inbound connectivity to this machine. 26658 07:16:44 (0) ** - You can adjust the configuration of this rule by executing the following command: 26659 07:16:44 (0) ** i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE NAME="Windows Management Instrumentation (ASync-In)" NEW ENABLE=YES' 26660 07:16:44 (0) ** 26661 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26662 07:16:44 (0) ** DCOM Status: ........................................................................................................ OK. 26663 07:16:44 (2) !! WARNING: WMI registry setup: ........................................................................................ INVALID HOSTING SETUP! 26664 07:16:44 (0) ** => The WMI service must be configured to run as a STANDALONE service host or 26665 07:16:44 (0) ** as a SHARED service host but the (SvcHost) configuration contains invalid information. 26666 07:16:44 (0) ** => You can fix this issue by running ONE of the following commands: 26667 07:16:44 (0) ** - Shared service host (recommended): 26668 07:16:44 (0) ** i.e. 'WINMGMT.EXE /SharedHost' 26669 07:16:44 (0) ** - Standalone service host: 26670 07:16:44 (0) ** i.e. 'WINMGMT.EXE /StandaloneHost' 26671 07:16:44 (0) ** => Reboot the system. 26672 07:16:44 (0) ** 26673 07:16:44 (0) ** INFO: WMI service has dependents: ................................................................................... 2 SERVICE(S)! 26674 07:16:44 (0) ** - Security Center (WSCSVC, StartMode='Automatic') 26675 07:16:44 (0) ** - Internet Connection Sharing (ICS) (SHAREDACCESS, StartMode='Manual') 26676 07:16:44 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well. 26677 07:16:44 (0) ** Note: If the service is marked with (*), it means that the service/application uses WMI but 26678 07:16:44 (0) ** there is no hard dependency on WMI. However, if the WMI service is stopped, 26679 07:16:44 (0) ** this can prevent the service/application to work as expected. 26680 07:16:44 (0) ** 26681 07:16:44 (0) ** RPCSS service: ...................................................................................................... OK (Already started). 26682 07:16:44 (0) ** WINMGMT service: .................................................................................................... OK (Already started). 26683 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26684 07:16:44 (0) ** WMI service DCOM setup: ............................................................................................. OK. 26685 07:16:44 (2) !! WARNING: WMI DCOM components registration is missing for the following EXE/DLLs: .................................... 2 WARNING(S)! 26686 07:16:44 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\IPMIPRV.DLL (\CLSID\{FD209E2E-813B-41C0-8646-4C3E9C917511}\InProcServer32) 26687 07:16:44 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\SERVERCOMPPROV.DLL (\CLSID\{9042E1B1-8FD4-4008-89FE-4040CC74575A}\InProcServer32) 26688 07:16:44 (0) ** => WMI System components are not properly registered as COM objects, which could make WMI to 26689 07:16:44 (0) ** fail depending on the operation requested. 26690 07:16:44 (0) ** => For a .DLL, you can correct the DCOM configuration by executing the 'REGSVR32.EXE ' command. 26691 07:16:44 (0) ** 26692 07:16:44 (0) ** WMI ProgID registrations: ........................................................................................... OK. 26693 07:16:44 (0) ** WMI provider DCOM registrations: .................................................................................... OK. 26694 07:16:44 (0) ** WMI provider CIM registrations: ..................................................................................... OK. 26695 07:16:44 (0) ** WMI provider CLSIDs: ................................................................................................ OK. 26696 07:16:44 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK. 26697 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26698 07:16:44 (0) ** INFO: User Account Control (UAC): ................................................................................... ENABLED. 26699 07:16:44 (0) ** => WMI tasks requiring Administrative privileges on this computer MUST run in an elevated context. 26700 07:16:44 (0) ** i.e. You can start your scripts or WMIC commands from an elevated command 26701 07:16:44 (0) ** prompt by right clicking on the 'Command Prompt' icon in the Start Menu and 26702 07:16:44 (0) ** selecting 'Run as Administrator'. 26703 07:16:44 (0) ** i.e. You can also execute the WMI scripts or WMIC commands as a task 26704 07:16:44 (0) ** in the Task Scheduler within the right security context. 26705 07:16:44 (0) ** 26706 07:16:44 (0) ** INFO: Local Account Filtering: ...................................................................................... ENABLED. 26707 07:16:44 (0) ** => WMI tasks remotely accessing WMI information on this computer and requiring Administrative 26708 07:16:44 (0) ** privileges MUST use a DOMAIN account part of the Local Administrators group of this computer 26709 07:16:44 (0) ** to ensure that administrative privileges are granted. If a Local User account is used for remote 26710 07:16:44 (0) ** accesses, it will be reduced to a plain user (filtered token), even if it is part of the Local Administrators group. 26711 07:16:44 (0) ** 26712 07:16:44 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 26713 07:16:44 (1) !! ERROR: Default trustee 'NT AUTHORITY\ANONYMOUS LOGON' has been REMOVED! 26714 07:16:44 (0) ** - REMOVED ACE: 26715 07:16:44 (0) ** ACEType: &h0 26716 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26717 07:16:44 (0) ** ACEFlags: &h0 26718 07:16:44 (0) ** ACEMask: &h3 26719 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26720 07:16:44 (0) ** DCOM_RIGHT_ACCESS_LOCAL 26721 07:16:44 (0) ** 26722 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26723 07:16:44 (0) ** Removing default security will cause some operations to fail! 26724 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26725 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26726 07:16:44 (0) ** 26727 07:16:44 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 26728 07:16:44 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED! 26729 07:16:44 (0) ** - REMOVED ACE: 26730 07:16:44 (0) ** ACEType: &h0 26731 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26732 07:16:44 (0) ** ACEFlags: &h0 26733 07:16:44 (0) ** ACEMask: &h7 26734 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26735 07:16:44 (0) ** DCOM_RIGHT_ACCESS_LOCAL 26736 07:16:44 (0) ** DCOM_RIGHT_ACCESS_REMOTE 26737 07:16:44 (0) ** 26738 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26739 07:16:44 (0) ** Removing default security will cause some operations to fail! 26740 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26741 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26742 07:16:44 (0) ** 26743 07:16:44 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED. 26744 07:16:44 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! 26745 07:16:44 (0) ** - REMOVED ACE: 26746 07:16:44 (0) ** ACEType: &h0 26747 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26748 07:16:44 (0) ** ACEFlags: &h0 26749 07:16:44 (0) ** ACEMask: &h7 26750 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26751 07:16:44 (0) ** DCOM_RIGHT_ACCESS_LOCAL 26752 07:16:44 (0) ** DCOM_RIGHT_ACCESS_REMOTE 26753 07:16:44 (0) ** 26754 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26755 07:16:44 (0) ** Removing default security will cause some operations to fail! 26756 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26757 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26758 07:16:44 (0) ** 26759 07:16:44 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 26760 07:16:44 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 26761 07:16:44 (0) ** - REMOVED ACE: 26762 07:16:44 (0) ** ACEType: &h0 26763 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26764 07:16:44 (0) ** ACEFlags: &h0 26765 07:16:44 (0) ** ACEMask: &h1F 26766 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26767 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26768 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26769 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26770 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26771 07:16:44 (0) ** 26772 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26773 07:16:44 (0) ** Removing default security will cause some operations to fail! 26774 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26775 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26776 07:16:44 (0) ** 26777 07:16:44 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 26778 07:16:44 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 26779 07:16:44 (0) ** - REMOVED ACE: 26780 07:16:44 (0) ** ACEType: &h0 26781 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26782 07:16:44 (0) ** ACEFlags: &h0 26783 07:16:44 (0) ** ACEMask: &h1F 26784 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26785 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26786 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26787 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26788 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26789 07:16:44 (0) ** 26790 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26791 07:16:44 (0) ** Removing default security will cause some operations to fail! 26792 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26793 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26794 07:16:44 (0) ** 26795 07:16:44 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. 26796 07:16:44 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 26797 07:16:44 (0) ** - REMOVED ACE: 26798 07:16:44 (0) ** ACEType: &h0 26799 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26800 07:16:44 (0) ** ACEFlags: &h0 26801 07:16:44 (0) ** ACEMask: &h1F 26802 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26803 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26804 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26805 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26806 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26807 07:16:44 (0) ** 26808 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26809 07:16:44 (0) ** Removing default security will cause some operations to fail! 26810 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26811 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26812 07:16:44 (0) ** 26813 07:16:44 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 26814 07:16:44 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 26815 07:16:44 (0) ** - REMOVED ACE: 26816 07:16:44 (0) ** ACEType: &h0 26817 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26818 07:16:44 (0) ** ACEFlags: &h0 26819 07:16:44 (0) ** ACEMask: &h1F 26820 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26821 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26822 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26823 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26824 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26825 07:16:44 (0) ** 26826 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26827 07:16:44 (0) ** Removing default security will cause some operations to fail! 26828 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26829 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26830 07:16:44 (0) ** 26831 07:16:44 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 26832 07:16:44 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED! 26833 07:16:44 (0) ** - REMOVED ACE: 26834 07:16:44 (0) ** ACEType: &h0 26835 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26836 07:16:44 (0) ** ACEFlags: &h0 26837 07:16:44 (0) ** ACEMask: &h1F 26838 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26839 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26840 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26841 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26842 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26843 07:16:44 (0) ** 26844 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26845 07:16:44 (0) ** Removing default security will cause some operations to fail! 26846 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26847 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26848 07:16:44 (0) ** 26849 07:16:44 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED. 26850 07:16:44 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! 26851 07:16:44 (0) ** - REMOVED ACE: 26852 07:16:44 (0) ** ACEType: &h0 26853 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26854 07:16:44 (0) ** ACEFlags: &h0 26855 07:16:44 (0) ** ACEMask: &hB 26856 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26857 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26858 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26859 07:16:44 (0) ** 26860 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26861 07:16:44 (0) ** Removing default security will cause some operations to fail! 26862 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26863 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26864 07:16:44 (0) ** 26865 07:16:44 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 26866 07:16:44 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 26867 07:16:44 (0) ** - REMOVED ACE: 26868 07:16:44 (0) ** ACEType: &h0 26869 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26870 07:16:44 (0) ** ACEFlags: &h0 26871 07:16:44 (0) ** ACEMask: &h1F 26872 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26873 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26874 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26875 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26876 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26877 07:16:44 (0) ** 26878 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26879 07:16:44 (0) ** Removing default security will cause some operations to fail! 26880 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26881 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26882 07:16:44 (0) ** 26883 07:16:44 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 26884 07:16:44 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 26885 07:16:44 (0) ** - REMOVED ACE: 26886 07:16:44 (0) ** ACEType: &h0 26887 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26888 07:16:44 (0) ** ACEFlags: &h0 26889 07:16:44 (0) ** ACEMask: &h1F 26890 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26891 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26892 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26893 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26894 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26895 07:16:44 (0) ** 26896 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26897 07:16:44 (0) ** Removing default security will cause some operations to fail! 26898 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26899 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26900 07:16:44 (0) ** 26901 07:16:44 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 26902 07:16:44 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 26903 07:16:44 (0) ** - REMOVED ACE: 26904 07:16:44 (0) ** ACEType: &h0 26905 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26906 07:16:44 (0) ** ACEFlags: &h0 26907 07:16:44 (0) ** ACEMask: &h1F 26908 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26909 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26910 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26911 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26912 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26913 07:16:44 (0) ** 26914 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26915 07:16:44 (0) ** Removing default security will cause some operations to fail! 26916 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26917 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26918 07:16:44 (0) ** 26919 07:16:44 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 26920 07:16:44 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED! 26921 07:16:44 (0) ** - REMOVED ACE: 26922 07:16:44 (0) ** ACEType: &h0 26923 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26924 07:16:44 (0) ** ACEFlags: &h0 26925 07:16:44 (0) ** ACEMask: &h1F 26926 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26927 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26928 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26929 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26930 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26931 07:16:44 (0) ** 26932 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26933 07:16:44 (0) ** Removing default security will cause some operations to fail! 26934 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26935 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26936 07:16:44 (0) ** 26937 07:16:44 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. 26938 07:16:44 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED! 26939 07:16:44 (0) ** - REMOVED ACE: 26940 07:16:44 (0) ** ACEType: &h0 26941 07:16:44 (0) ** ACCESS_ALLOWED_ACE_TYPE 26942 07:16:44 (0) ** ACEFlags: &h0 26943 07:16:44 (0) ** ACEMask: &h1F 26944 07:16:44 (0) ** DCOM_RIGHT_EXECUTE 26945 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_LOCAL 26946 07:16:44 (0) ** DCOM_RIGHT_LAUNCH_REMOTE 26947 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_LOCAL 26948 07:16:44 (0) ** DCOM_RIGHT_ACTIVATE_REMOTE 26949 07:16:44 (0) ** 26950 07:16:44 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 26951 07:16:44 (0) ** Removing default security will cause some operations to fail! 26952 07:16:44 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 26953 07:16:44 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 26954 07:16:44 (0) ** 26955 07:16:44 (0) ** 26956 07:16:44 (0) ** DCOM security warning(s) detected: .................................................................................. 0. 26957 07:16:44 (0) ** DCOM security error(s) detected: .................................................................................... 14. 26958 07:16:44 (0) ** WMI security warning(s) detected: ................................................................................... 0. 26959 07:16:44 (0) ** WMI security error(s) detected: ..................................................................................... 0. 26960 07:16:44 (0) ** 26961 07:16:44 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR! 26962 07:16:44 (0) ** Overall WMI security status: ........................................................................................ OK. 26963 07:16:44 (0) ** - Started at 'Root' -------------------------------------------------------------------------------------------------------------- 26964 07:16:44 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 1. 26965 07:16:44 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer". 26966 07:16:44 (0) ** 'select * from MSFT_SCMEventLogEvent' 26967 07:16:44 (0) ** 26968 07:16:44 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE. 26969 07:16:44 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: .................................................................... 4 NAMESPACE(S)! 26970 07:16:44 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTTPM. 26971 07:16:44 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTVOLUMEENCRYPTION. 26972 07:16:44 (0) ** - ROOT/CIMV2/TERMINALSERVICES. 26973 07:16:44 (0) ** - ROOT/SERVICEMODEL. 26974 07:16:44 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to 26975 07:16:44 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level. 26976 07:16:44 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRIVACY or PktPrivacy flags) 26977 07:16:44 (0) ** i.e. 'WMIC.EXE /NODE:"BDK-PC" /AUTHLEVEL:Pktprivacy /NAMESPACE:\\ROOT\SERVICEMODEL Class __SystemSecurity' 26978 07:16:44 (0) ** 26979 07:16:44 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK. 26980 07:16:44 (0) ** WMI CONNECTIONS: .................................................................................................... OK. 26981 07:16:44 (0) ** WMI GET operations: ................................................................................................. OK. 26982 07:16:44 (0) ** WMI MOF representations: ............................................................................................ OK. 26983 07:16:44 (0) ** WMI QUALIFIER access operations: .................................................................................... OK. 26984 07:16:44 (0) ** WMI ENUMERATION operations: ......................................................................................... OK. 26985 07:16:44 (0) ** WMI EXECQUERY operations: ........................................................................................... OK. 26986 07:16:44 (1) !! ERROR: WMI GET VALUE operation errors reported: ..................................................................... 1 ERROR(S)! 26987 07:16:44 (0) ** - Root/CIMV2, Instance: Win32_Service='WSCSVC', Property: Displayname='Centre de sécurité' (Expected default='Security Center'). 26988 07:16:44 (0) ** 26989 07:16:44 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED. 26990 07:16:44 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED. 26991 07:16:44 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED. 26992 07:16:44 (0) ** WMI static instances retrieved: ..................................................................................... 1736. 26993 07:16:44 (0) ** WMI dynamic instances retrieved: .................................................................................... 0. 26994 07:16:44 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 1. 26995 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 26996 07:16:44 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s): 26997 07:16:44 (0) ** DCOM: ............................................................................................................. 0. 26998 07:16:44 (0) ** WINMGMT: .......................................................................................................... 0. 26999 07:16:44 (0) ** WMIADAPTER: ....................................................................................................... 0. 27000 07:16:44 (0) ** 27001 07:16:44 (0) ** # of additional Event Log events AFTER WMIDiag execution: 27002 07:16:44 (0) ** DCOM: ............................................................................................................. 0. 27003 07:16:44 (0) ** WINMGMT: .......................................................................................................... 0. 27004 07:16:44 (0) ** WMIADAPTER: ....................................................................................................... 0. 27005 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 27006 07:16:44 (0) ** WMI Registry key setup: ............................................................................................. OK. 27007 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 27008 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 27009 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 27010 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 27011 07:16:44 (0) ** 27012 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 27013 07:16:44 (0) ** ------------------------------------------------------ WMI REPORT: END ----------------------------------------------------------- 27014 07:16:44 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 27015 07:16:44 (0) ** 27016 07:16:44 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\USERS\BDK\APPDATA\LOCAL\TEMP\WMIDIAG-V2.2_WIN7_.CLI.SP1.64_BDK-PC_2017.04.06_07.13.36.LOG' for details. 27017 07:16:44 (0) ** 27018 07:16:44 (0) ** WMIDiag v2.2 ended on jeudi 6 avril 2017 at 07:16 (W:91 E:25 S:1).