Вы участвуете в программе Windows Insider?
Не в сети
Сообщений: 105
Благодарностей: 0
Из: Russia Санкт-Петербург
Род занятий:

Хочу поделиться опытом по решению проблемы с Event Viewer. У меня он ни в какую не хотел запускаться, предлагал проверить, запущена ли служба. При попытке запуска службы вылетала ошибка "Error 4201 The instance name passed was not recognized as valid by a WMI". Покопавшись в забугорных форумах, нашёл решение проблемы. Возможно, кому-нибудь тоже пригодится... Вся петрушка происходит из-за переназначения прав доступа к диску С: или к каким-либо системным папкам. Проверьте свой Event Viewer, наверняка у кого-нибудь он тоже не работает.

Извините, что на английском, просто скопировал с зарубежного форума:

OK Ladies and Gentleman, here is what we have found;

Apparently, one of the Windows updates is causing corruption of the Access Control List (ACL's) in the registry. I had entire sections of my registry nodes that lost the ACL'S.

While I was researching the problem, I came across a website where someone had a similar problem with getting windows OS programs/services to run and they discovered that there was some registry corruption and missing ACL's.

There are two different options that I ended up doing to get the system back in operation.

It seems that running one or the other alone will not fix the problem, but doing both should get you back in service.

1. Make a backup of your registry (and a complete backup of the system wouldn't hurt either!)
2. Go to Microsoft's website and download a program called subinacl.exe from this site; http://www.microsoft.com/downloads/details.aspx?FamilyID=e8ba3e56-d8fe-4a91-93cf-ed6985e3927b&displaylang=en
3. Install the subinacl.exe (it downloads as an MSI file).
4. Copy the code below into a text file and then name the text file reset.cmd.
5. I copied the command file to my temp folder to run, but as you can see from the cmd file, it contains the path to the executable subinacl.exe.

@echo off

title Resetting ACLs...

cd /d "%ProgramFiles%\Windows Resource Kits\Tools"


echo Resetting ACLs...

echo (this may take several minutes to complete)


echo ==========================================================================



subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f



subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f



subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f



echo System Drive...

subinacl /subdirectories %SystemDrive% /grant=administrators=f /grant=system=f



echo Windows Directory...

subinacl /subdirectories %windir%\*.* /grant=administrators=f /grant=system=f



echo ==========================================================================




echo Press any key to exit . . .

pause >NUL

3. As this command file runs it will show you the status of the reset and create a log that you can go back into and inspect for problems.

4. When this command file completes, you then need to open a command window (using Run As Administrator) and run the following command;

secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose >c:\temp\secedit_output.txt (the redirect of output echos the programs output to a text file, but secedit also creates a log file. The program will show you the location of the log file when it is done).

These two actions combined will reset the permissions on the registry nodes back to their default settings.

Reboot and check your Event Log service... at this point it should be running.

After effects of this process which happened to me, were that the Network List Service would not run... I still had network and internet access, however the Network icon in the task notification area had a Red X, and mouse over displayed a tooltip that said "Server Execution Failed". This was a result of resetting the ACL's.

The Network List Service (netprofm) would not run because it did not have permission to run.

In order to correct this issue, you must open the Component Services snap-in and drill down under Computers/My Computer/DCOM Config/netprofm (this is for Vista!) and right click the node, and select Properties.

Click on the Security tab and make certain the correct user names are listed and that they have the appropriate permissions. I have 4 users listed with the same permissions; (your mileage may vary )

1. Administrators - Perms; Local Launch, Local activation
2. Interactive
3. Local Service
4. System

Next, go to the Identity tab and ensure that The System account (services only) is the item that is checked. Make sure the changes you make get applied.

Restart your computer so the ACL's are refreshed.

Once you come back up from the reboot, things should be pretty much back to normal.

You may find a stray program here and there that may need to have it's permissions reset, but you should be operational.

I directed the Microsoft engineers to this forum (and Goggle search it) so they can see this is getting to be an issue for a lot of people. They in fact have a brand new case (same problem) that was just escalated to them and they are going to take an Image of that persons system first thing so they can determine what is causing this, and if necessary put out a hotfix or service pack to correct it.

In the meantime, if you run into anyone else going through this problem, at least there was one solution that worked for me...

I cannot guarantee that this will work for everyone and the issue may effect each machine differently, so just be aware that this is not the blue pill!

I think that because the Registry database is so critical to the operation of Windows, Microsoft engineers should have some sort of utility that can repair and/or reset the registry and file permissions easily should something happen...

I personally believe that this should be part of the base operating system and we should not have to shell out extra bucks to third party vendors for these type of utilities, particularly if the registry is prone to corruption either by Microsoft's own hands or by a third party application.

I am not knocking third party programmers as I am one myself, I am just saying that this is Microsoft's OS and they should provide these easily accessible tools to keep us running!

Good Luck!

#124526   | 12.11.07 13:20
Все права принадлежат © ms insider @thevista.ru, 2020
Сайт является источником уникальной информации о семействе операционных систем Windows и других продуктах Microsoft. Перепечатка материалов возможна только с разрешения редакции.
Работает на WMS 2.34 (Страница создана за 0.045 секунд (Общее время SQL: 0.017 секунд - SQL запросов: 53 - Среднее время SQL: 0.00032 секунд))