Event Id | 4 |
Source | Microsoft-Windows-WMI |
Description | Error %1 encountered when trying to load MOF %2 while recovering .MOF file marked with autorecover |
Event Information | According to Microsoft : Cause : This event is logged when error encountered when trying to load MOF while recovering. Resolution : Perform a manual compilation of MOF files. The content of the WMI repository is stored in a binary format, but developers describe the content by using text files called "MOF files." MOF files are compiled and stored in the repository by using a command-line tool called mofcomp . Try to manually compile each MOF file that is reported in the failure report during the autorecovery process. To manually compile a MOF file, open a command prompt and navigate to the directory where MOF files are stored by typing cd %SYSTEMROOT%\SYSTEM32\WBEM. Next, type mofcomp You must validate the MOF file listed and ensure it exists in the specified location. Ensure that the file system rights grant access to the MOF file for the SYSTEM account. If a MOF file fails to recover, it could be because the file system is corrupt. In such a case, type chkdsk /f from a command prompt window to validate the consistency of the file system. Note : If the problem MOF file is CIMWIN32.MOF, most WMI functionality will be impaired. This MOF file is critical for WMI to run properly because it contains all root/cimv2 WMI classes and most of the supported OS providers. If you determine that your file system is corrupted, you can try using a copy of the MOF file from a working system using the same OS version and service pack. Verify : To verify that the WMI repository is in a consistent state, at a command prompt window type winmgmt /verifyrepository . If the repository is consistent, the following message will be displayed: "WMI repository is consistent". Also, the ERRORLEVEL environment variable will be set to zero (0), which you can check by typing echo %errorlevel% . |
Reference Links | Event ID 4 from Source Microsoft-Windows-WMI |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.