P
Phil C.
Hi. For the last week I've had intermittent complete lockup freezes of my
WinXp Pro Sp2 system, frozen cursor/display, frozen keyboard.
Finally, yesterday, I got a "Process Explorer" Message Box saying:
"Performance Counters on this system are corrupt. Run Exctrlst from the
Microsoft Windows Resource
Kit to repair them."
I googled Exctrlst, and finally found it and downloaded it and ran it, but
had no clue what to.
I checked the Event Log but there were no errors as to any specific counter
at all.
I then followed the instructions in this Windows IT Pro article
(http://www.windowsitpro.com/Article/ArticleID/40267/40267.html?Ad=1)
Even though this is not the error I had:
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
WinMgmt could not initialize the core parts.
This could be due to a badly installed version of WinMgmt, WinMgmt
repository upgrade failure, insufficient disk space or
insufficient memory.
To resolve this error and recreate any missing or corrupt registry entries,
perform the following steps:
Start a command-line session.
Unregister any WMI service (also known as WinMgmt) performance libraries by
typing
winmgmt /clearadap
Stop all running copies of the WMI service by typing
winmgmt /kill
Unregister the WMI service by typing
winmgmt /unregserver
Register the WMI service by typing
winmgmt /regserver
Register any WMI service performance libraries by typing
winmgmt /resyncperf
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
I then rebooted and got the following errors in my Event Viewer:
WMI ADAP was unable to create object Win32_PerfRawData_Outlook_Outlook for
Performance Library Outlook because no value was found
for property index 4356 in the 009 subkey
WMI ADAP was unable to create the object Win32_PerfRawData_Outlook_Outlook
for Performance Library Outlook because error 0x80041001
was returned
WMI ADAP was unable to load the PerfProc performance library because it
timed out on a call: collect
I then tried to follow some of the instructions in the KB Article
(http://support.microsoft.com/?kbid=300956)
"How to manually rebuild Performance Counter Library values"
1. Open a command prompt window.
2. At the command prompt, type cd %Systemroot%\System32, and then press
ENTER.
3. At the command prompt, type findstr drivername *.ini, and then press
ENTER.
After step 3, I got this:
"
axperf.ini:;//drivername: The name of the application found under the
axperf.ini:drivername=ASP
esentprf.ini:drivername=ESENT
infoctrs.ini:drivername=inetinfo
mqperf.ini:drivername=MSMQ
msdtcprf.ini:drivername=MSDTC
ntfsdrct.ini:drivername=ntfsdrv
OUTLPERF.INI:drivername=Outlook
perfci.ini:drivername=ContentIndex
perffilt.ini:drivername=ContentFilter
perfwci.ini:drivername=ISAPISearch
pschdprf.ini:drivername=PSched
rasctrs.ini:drivername=RemoteAccess
rsvp.ini:drivername=RSVP
smtpctrs.ini:drivername=SmtpSvc
tslabels.ini:drivername=TermService
w3ctrs.ini:drivername=W3SVC
"
I then tried to follow the other steps:
5. At the command prompt, type the following line, and then press ENTER:
lodctr inifile
where inifile is the name of the .ini file for the driver that you want to
reload.
For example, if you want to reload the ASP driver, the list that you noted
in step 4 shows that Axperf.ini is the .ini file for the
ASP driver (axperf.ini:drivername=ASP). Therefore, to reload the ASP driver,
type lodctr axperf.ini at the command prompt, and then
press ENTER.
6. Repeat step 5 for each .ini file in the list.
7. Restart your computer.
Since I had an Outlook error, I did lodctr OUTLPERF.INI
But the response said that Outlook was already loaded.
I then followed part of the earlier instructions:
"
4. Locate the following registry key to search for services that have a
Performance subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
5. Remove the following values from the Performance subkey (if they
exist): . FirstCounter
.. FirstHelp
.. LastCounter
.. LastHelp
You can also use the Exctrlst.exe tool to locate the performance counter
dynamic-link library files (DLLs) that are installed, and
then access the registry to remove the DWORD values. You now have a workable
performance registry that contains only system base
counters.
"
-->I went to HKLM\System\CurrentControlSet\Services and found the Outlook
key and deleted the
FirstHelp, LastCounter, and LastHelp subkeys from the registry. <--
I then ran "lodctr OUTLPERF.INI" again, and it worked and it seemed to
recreate the keys I just deleted.
!!!!!!!!!!!!!!@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
I rebooted, and everything seems ok so far, no more Event Viewer messages,
and no lockup YET, BUT I still
don't know if I fixed the system, and I wish I could have used EXCTRLST to
do it more EASILY????
DID I DO THIS PROCEDURE PROPERLY??????????????????
What A NIGHTMARE TO GO THROUGH!!!!!!!!!!!!
!!!!!!!!!!!!!!@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
I finally found the Exctrlst documentation:
(http://www.microsoft.com/technet/pr...Ref/1bec6fbb-7182-4332-b35c-9f22c3183d87.mspx)
One of the things they say is:
"Note
.. You cannot copy or export a list from Exctrlst. However, you can use the
query operation of Reg.exe, a command-line tool in
%windir%\system32, to list all services that have installed performance
counters on a system.
At the command prompt, type:
reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services /v
Performance /s > PerfServices.txt
This command creates a file called PerfServices.txt with the names of all
services that have Performance subkeys in the registry.
If you type: "reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
/v Performance /s > PerfServices.txt"
you will find that it bombs. If you remove the /s, I get a message saying
there are no performance keys found, which
is definitely not true.
IN ANY CASE, AFTER I GOT THE MESSAGE BOX ERROR AND RAN Exctrlst, I didn't
seem to notice that the perfomance counter for Outlook was
disable, but it is difficult because you have to click on each and every
entry in one of three categories and see if the
"Performance Counters Enabled" is checked or not.
Phil
Boston, MA
WinXp Pro Sp2 system, frozen cursor/display, frozen keyboard.
Finally, yesterday, I got a "Process Explorer" Message Box saying:
"Performance Counters on this system are corrupt. Run Exctrlst from the
Microsoft Windows Resource
Kit to repair them."
I googled Exctrlst, and finally found it and downloaded it and ran it, but
had no clue what to.
I checked the Event Log but there were no errors as to any specific counter
at all.
I then followed the instructions in this Windows IT Pro article
(http://www.windowsitpro.com/Article/ArticleID/40267/40267.html?Ad=1)
Even though this is not the error I had:
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
WinMgmt could not initialize the core parts.
This could be due to a badly installed version of WinMgmt, WinMgmt
repository upgrade failure, insufficient disk space or
insufficient memory.
To resolve this error and recreate any missing or corrupt registry entries,
perform the following steps:
Start a command-line session.
Unregister any WMI service (also known as WinMgmt) performance libraries by
typing
winmgmt /clearadap
Stop all running copies of the WMI service by typing
winmgmt /kill
Unregister the WMI service by typing
winmgmt /unregserver
Register the WMI service by typing
winmgmt /regserver
Register any WMI service performance libraries by typing
winmgmt /resyncperf
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
I then rebooted and got the following errors in my Event Viewer:
WMI ADAP was unable to create object Win32_PerfRawData_Outlook_Outlook for
Performance Library Outlook because no value was found
for property index 4356 in the 009 subkey
WMI ADAP was unable to create the object Win32_PerfRawData_Outlook_Outlook
for Performance Library Outlook because error 0x80041001
was returned
WMI ADAP was unable to load the PerfProc performance library because it
timed out on a call: collect
I then tried to follow some of the instructions in the KB Article
(http://support.microsoft.com/?kbid=300956)
"How to manually rebuild Performance Counter Library values"
1. Open a command prompt window.
2. At the command prompt, type cd %Systemroot%\System32, and then press
ENTER.
3. At the command prompt, type findstr drivername *.ini, and then press
ENTER.
After step 3, I got this:
"
axperf.ini:;//drivername: The name of the application found under the
axperf.ini:drivername=ASP
esentprf.ini:drivername=ESENT
infoctrs.ini:drivername=inetinfo
mqperf.ini:drivername=MSMQ
msdtcprf.ini:drivername=MSDTC
ntfsdrct.ini:drivername=ntfsdrv
OUTLPERF.INI:drivername=Outlook
perfci.ini:drivername=ContentIndex
perffilt.ini:drivername=ContentFilter
perfwci.ini:drivername=ISAPISearch
pschdprf.ini:drivername=PSched
rasctrs.ini:drivername=RemoteAccess
rsvp.ini:drivername=RSVP
smtpctrs.ini:drivername=SmtpSvc
tslabels.ini:drivername=TermService
w3ctrs.ini:drivername=W3SVC
"
I then tried to follow the other steps:
5. At the command prompt, type the following line, and then press ENTER:
lodctr inifile
where inifile is the name of the .ini file for the driver that you want to
reload.
For example, if you want to reload the ASP driver, the list that you noted
in step 4 shows that Axperf.ini is the .ini file for the
ASP driver (axperf.ini:drivername=ASP). Therefore, to reload the ASP driver,
type lodctr axperf.ini at the command prompt, and then
press ENTER.
6. Repeat step 5 for each .ini file in the list.
7. Restart your computer.
Since I had an Outlook error, I did lodctr OUTLPERF.INI
But the response said that Outlook was already loaded.
I then followed part of the earlier instructions:
"
4. Locate the following registry key to search for services that have a
Performance subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
5. Remove the following values from the Performance subkey (if they
exist): . FirstCounter
.. FirstHelp
.. LastCounter
.. LastHelp
You can also use the Exctrlst.exe tool to locate the performance counter
dynamic-link library files (DLLs) that are installed, and
then access the registry to remove the DWORD values. You now have a workable
performance registry that contains only system base
counters.
"
-->I went to HKLM\System\CurrentControlSet\Services and found the Outlook
key and deleted the
FirstHelp, LastCounter, and LastHelp subkeys from the registry. <--
I then ran "lodctr OUTLPERF.INI" again, and it worked and it seemed to
recreate the keys I just deleted.
!!!!!!!!!!!!!!@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
I rebooted, and everything seems ok so far, no more Event Viewer messages,
and no lockup YET, BUT I still
don't know if I fixed the system, and I wish I could have used EXCTRLST to
do it more EASILY????
DID I DO THIS PROCEDURE PROPERLY??????????????????
What A NIGHTMARE TO GO THROUGH!!!!!!!!!!!!
!!!!!!!!!!!!!!@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
I finally found the Exctrlst documentation:
(http://www.microsoft.com/technet/pr...Ref/1bec6fbb-7182-4332-b35c-9f22c3183d87.mspx)
One of the things they say is:
"Note
.. You cannot copy or export a list from Exctrlst. However, you can use the
query operation of Reg.exe, a command-line tool in
%windir%\system32, to list all services that have installed performance
counters on a system.
At the command prompt, type:
reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services /v
Performance /s > PerfServices.txt
This command creates a file called PerfServices.txt with the names of all
services that have Performance subkeys in the registry.
If you type: "reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
/v Performance /s > PerfServices.txt"
you will find that it bombs. If you remove the /s, I get a message saying
there are no performance keys found, which
is definitely not true.
IN ANY CASE, AFTER I GOT THE MESSAGE BOX ERROR AND RAN Exctrlst, I didn't
seem to notice that the perfomance counter for Outlook was
disable, but it is difficult because you have to click on each and every
entry in one of three categories and see if the
"Performance Counters Enabled" is checked or not.
Phil
Boston, MA