After Installation of KillZA v2 - WMI stopped working
46 views
Skip to first unread message
steppe
Nov 26, 2012, 8:26:31 AM11/26/12
to fooli...@googlegroups.com
Hello,
i tried the new KillZA on my computer first before executing it on the notebook of my colleague. After execution WMI stopped working. After winmgmt /resetrepository it's working now.
Also we have a policy that users are not allowed to change their passwords. How does it influence KillZA v2? Because it cannot empty the user's password.
Any1 experienced the same ?
Greets
Stephan
i tried the new KillZA on my computer first before executing it on the notebook of my colleague. After execution WMI stopped working. After winmgmt /resetrepository it's working now.
Also we have a policy that users are not allowed to change their passwords. How does it influence KillZA v2? Because it cannot empty the user's password.
Any1 experienced the same ?
Greets
Stephan
Foolish Tech
Nov 26, 2012, 10:07:22 AM11/26/12
to fooli...@googlegroups.com
I'll have to run some experimentation on the WMI thing - I wouldn't think this to be an issue - obviously if it is, it is caused by another of my attempted repairs somehow, but I can always add WMI to the end of the repair operations... which to be honest be be a lot easier than tracking down the issue so that's probably where I'll go from here being that my time is very limited for the next few weeks.
Thanks,
redplanet
Jan 16, 2013, 5:13:35 PM1/16/13
to fooli...@googlegroups.com
ZeroAccess is commonly known to break the WMI. This very likely wasn't the tool that did it. -- You can use mofcomp to recompile it from scratch if winmgmt commands fail to fix it.
steppe
Jan 17, 2013, 5:05:02 AM1/17/13
to fooli...@googlegroups.com
Yes. I figured that out.
I used these directions:
Source: http://www.404techsupport.com/2012/11/wmi-commands-result-in-the-specified-module-could-not-be-found/
WMI
1. Log onto Windows 7 with an administrator account, click Start, type services.msc in the Start Search box and press Enter.
2. In the right pane of the Service console, locate and right-click Windows Management Instrumentation, and then select Stop to stop the service.
3. Start Windows Explorer, and then locate the %SystemRoot%\System32\Wbem\Repository folder.
4. Backup and delete all the files in the %SystemRoot%\System32\Wbem\Repository folder.
5. Restart the computer.
The files that were deleted will be re-created when the computer restarts.
Note: The Windows Management Instrumentation service starts automatically when you restart the computer.
If the issue persists, please re-register WMI DLL files and re-compile WMI mof files to check if the issue can be resolved. Here are the detailed steps:
1. Disable and stop the Windows Management Instrumentation service.
2. Right-click Command Prompt and select Run as Administrator.
3. In the Command Prompt, type cd %windir%\system32\wbem and press Enter.
4. Type for /f %s in ('dir /b *.dll') do regsvr32 /s %s and press Enter to re-register WMI DLL files.
5. After completed, type for /f %s in ('dir /b *.mof') do mofcomp %s and press Enter to re-compile WMI mof files.
6. After that, type the command wmiprvse /regserver and press Enter.
7. Start the Windows Management Instrumentation service and change the Startup Type back to Automatic.
I used these directions:
Source: http://www.404techsupport.com/2012/11/wmi-commands-result-in-the-specified-module-could-not-be-found/
WMI
1. Log onto Windows 7 with an administrator account, click Start, type services.msc in the Start Search box and press Enter.
2. In the right pane of the Service console, locate and right-click Windows Management Instrumentation, and then select Stop to stop the service.
3. Start Windows Explorer, and then locate the %SystemRoot%\System32\Wbem\Repository folder.
4. Backup and delete all the files in the %SystemRoot%\System32\Wbem\Repository folder.
5. Restart the computer.
The files that were deleted will be re-created when the computer restarts.
Note: The Windows Management Instrumentation service starts automatically when you restart the computer.
If the issue persists, please re-register WMI DLL files and re-compile WMI mof files to check if the issue can be resolved. Here are the detailed steps:
1. Disable and stop the Windows Management Instrumentation service.
2. Right-click Command Prompt and select Run as Administrator.
3. In the Command Prompt, type cd %windir%\system32\wbem and press Enter.
4. Type for /f %s in ('dir /b *.dll') do regsvr32 /s %s and press Enter to re-register WMI DLL files.
5. After completed, type for /f %s in ('dir /b *.mof') do mofcomp %s and press Enter to re-compile WMI mof files.
6. After that, type the command wmiprvse /regserver and press Enter.
7. Start the Windows Management Instrumentation service and change the Startup Type back to Automatic.
BubbaJoe
Jan 18, 2013, 1:06:42 PM1/18/13
to fooli...@googlegroups.com
Hmmm, done hundreds of 0A repairs and never seen it mess with WMI.
It's always been the same 8 services: BITS, BFE, IPHLPSVC, MPSSVC,SHAREDACCESS, WINDEFEND, wscsvc, WUAUSERV
It's always been the same 8 services: BITS, BFE, IPHLPSVC, MPSSVC,SHAREDACCESS, WINDEFEND, wscsvc, WUAUSERV
Reply all
Reply to author
Forward
0 new messages