The Readme.rtf file says
“This package contains Microsoft Bootvis v1.3.37, dated May 22, 2003.”
BootVis.exe / Properties / Version says
product Name :- PerfVis NT Performance Tool
Product Version:- 1, 0, 0, 1
Nowhere can I see in the properties anything that looks like v1.3.37
I decided last year that I would have to restore a disc image of how things were before I first rebuilt the repository, so I could get a better understanding of any damage that may have been done.
Since that decision I have been gathering knowledge and diagnostic tools with the assurance that no permanent damage will happen - even if Windows is destroyed I have a Boot CD that can restore the disc images.
I think it is time to restore.
The system is still sick even though Disc speed is now corrected, so further testing is of no value.
I ran the WMI Diagnosis Utility – Version 2.0
http://www.microsoft.com/downloads/details.aspx?familyid=d7ba3cd6-18d1-4d05-b11e-4c64192ae97d&displaylang=en
That was supposed to analyse but make no changes - but it did alter a date-stamp and may have altered the contents of a file.
I do not remember when I ran that tool, but perhaps that caused 4 off WinMgmt warnings
12/02/2010 22:14:29 to 22:23:15
“A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.”
I have recently noticed “issues” every start-up in log files within C:\WINDOWS\system32\wbem\Logs
FRAMEWORK.LOG :-
Shell Name Explorer.exe in Registry not found in process list. 02/17/2010 15:30:06.272 thread:1532 [d:\xpsp\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.959]
Unable to locate Shell Process, Impersonation failed. 02/17/2010 15:30:06.282 thread:1532 [d:\xpsp\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.971]
Login Warning - provider with that name already existed, overridden with latest provider login (root\cimv2:Win32_ComputerSystemWindowsProductActivationSetting) 02/17/2010 15:30:42.534 thread:2348 [d:\xpsp\admin\wmi\wbem\sdk\framedyn\wbemglue.cpp.2252]
Login Warning - provider with that name already existed, overridden with latest provider login (root\cimv2:Win32_ComputerSystemWindowsProductActivationSetting) 02/17/2010 19:00:48.877 thread:2668 [d:\xpsp\admin\wmi\wbem\sdk\framedyn\wbemglue.cpp.2252]
Login Warning - provider with that name already existed, overridden with latest provider login (root\cimv2:Win32_ComputerSystemWindowsProductActivationSetting) 02/18/2010 09:35:57.028 thread:2728 [d:\xpsp\admin\wmi\wbem\sdk\framedyn\wbemglue.cpp.2252]
Login Warning - provider with that name already existed, overridden with latest provider login (root\cimv2:Win32_ComputerSystemWindowsProductActivationSetting) 02/19/2010 07:33:06.713 thread:2712 [d:\xpsp\admin\wmi\wbem\sdk\framedyn\wbemglue.cpp.2252]
I am concerned that this starts with an Impersonation failure, whatever that may be,
and assume that HiPerfCooker_v1 “caused a security violation … not correctly impersonate”.
I have drive D:, but there is no d:\xpsp\admin\wmi.… - so what is that all about ?
WBEMMESS.LOG
NTEventLogEventConsumer=“SCM Event Log Consumer” with error code 80041033.
WMI will reload and retry.
(Fri Feb 19 07:33:49 2010.121775) : NT Event Log Consumer: could not retrieve sid, 0x80041002
(Fri Feb 19 07:33:49 2010.121775) : NT Event Log Consumer: could not retrieve sid, 0x80041002
(Fri Feb 19 07:33:49 2010.121785) : NT Event Log Consumer: could not retrieve sid, 0x80041002
(Fri Feb 19 07:33:49 2010.121795) : NT Event Log Consumer: could not retrieve sid, 0x80041002
(Fri Feb 19 07:33:49 2010.121805) : NT Event Log Consumer: could not retrieve sid, 0x80041002
(Fri Feb 19 07:33:49 2010.121815) : NT Event Log Consumer: could not retrieve sid, 0x80041002
(Fri Feb 19 07:33:49 2010.121825) : NT Event Log Consumer: could not retrieve sid, 0x80041002
(Fri Feb 19 07:33:49 2010.121835) : NT Event Log Consumer: could not retrieve sid, 0x80041002
(Fri Feb 19 07:33:49 2010.121845) : NT Event Log Consumer: could not retrieve sid, 0x80041002
WMIPROV.LOG
(Wed Feb 17 15:33:17 2010.296636) : WDM call returned error: 4200
(Wed Feb 17 19:04:25 2010.297978) : WDM call returned error: 4200
(Thu Feb 18 09:39:35 2010.301363) : WDM call returned error: 4200
(Fri Feb 19 07:36:53 2010.305869) : WDM call returned error: 4200
WBEMCORE.LOG
(Fri Feb 19 07:33:06 2010.79133) : GetUserDefaultLCID failed, restorting to system verion
(Fri Feb 19 07:33:09 2010.81697) : GetUserDefaultLCID failed, restorting to system verion
(Fri Feb 19 07:33:10 2010.83480) : GetUserDefaultLCID failed, restorting to system verion
(Fri Feb 19 07:48:42 2010.1015179) : GetUserDefaultLCID failed, restorting to system verion
(Fri Feb 19 07:48:42 2010.1015279) : GetUserDefaultLCID failed, restorting to system verion
(Fri Feb 19 07:48:42 2010.1015289) : GetUserDefaultLCID failed, restorting to system verion
Regards
Alan