Event ID - 4

Event Id4
SourceMicrosoft-Windows-WMI
DescriptionError %1 encountered when trying to load MOF %2 while recovering .MOF file marked with autorecover
Event Information According to Microsoft :

Cause :

This event is logged when error encountered when trying to load MOF while recovering.

Resolution :

Perform a manual compilation of MOF files.

The content of the WMI repository is stored in a binary format, but developers describe the content by using text files called "MOF files." MOF files are compiled and stored in the repository by using a command-line tool called mofcomp .

Try to manually compile each MOF file that is reported in the failure report during the autorecovery process. To manually compile a MOF file, open a command prompt and navigate to the directory where MOF files are stored by typing cd %SYSTEMROOT%\SYSTEM32\WBEM. Next, type mofcomp .

You must validate the MOF file listed and ensure it exists in the specified location. Ensure that the file system rights grant access to the MOF file for the SYSTEM account.

If a MOF file fails to recover, it could be because the file system is corrupt. In such a case, type chkdsk /f from a command prompt window to validate the consistency of the file system.

Note : If the problem MOF file is CIMWIN32.MOF, most WMI functionality will be impaired. This MOF file is critical for WMI to run properly because it contains all root/cimv2 WMI classes and most of the supported OS providers. If you determine that your file system is corrupted, you can try using a copy of the MOF file from a working system using the same OS version and service pack.

Verify :

To verify that the WMI repository is in a consistent state, at a command prompt window type winmgmt /verifyrepository . If the repository is consistent, the following message will be displayed: "WMI repository is consistent". Also, the ERRORLEVEL environment variable will be set to zero (0), which you can check by typing echo %errorlevel% .
Reference LinksEvent ID 4 from Source Microsoft-Windows-WMI

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.