Windows 10 Event ID 10010 and 10016 Errors With DistributedCOM

Page 8 of 40 FirstFirst ... 67891018 ... LastLast

  1. Posts : 1
    Windows 10
       #71

    10010 Event ID Errors after Win7 to Win10 Upgrade


    Just updated from Win7 to Win10 and I have been doing battle with my Event Viewer. A little background, I uninstalled Symantec AV (before upgrade), IIS and Microsoft SQL (both after upgrading to Win 10) while troubleshooting and also changed the user account from a local user account to a Microsoft Live account during this upgrade.
    Currently, I am left with four 7031 Event ID Errors, followed by 291 10010 Event ID errors during restarts.

    The four Service Control Manager 7031 Errors are:
    The Sync Host_5457c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    The Sync Host_5457c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    The User Data Storage_5457c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    The User Data Access_5457c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    The 291 DistributedCOM 10010 Event ID Errors are the same:
    The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

    The key associated with the 10010 errors is WinInetBrokerServer and appears in my registry at the following locations:
    HKEY_CLASSES_ROOT\AppID\{F9717507-6651-4EDB-BFF7-AE615179BCCF}
    HKEY_CLASSES_ROOT\Wow6432Node\AppID\{F9717507-6651-4EDB-BFF7-AE615179BCCF}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F9717507-6651-4EDB-BFF7-AE615179BCCF}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\{F9717507-6651-4EDB-BFF7-AE615179BCCF}

    I have done a CHKDSK /r and an sfc /SCANNOW to no avail. I also went into dcomcnfg and everything is grayed-out for WinInetBrokerServer. So, I was wondering if I could/should use the PowerShell script to modify WinInetBrokerServer. I figured I'd post this for some sage advice before I do some real damage.
      My Computer


  2. Posts : 172
    10 Ent 64
       #72

    [QUOTE=lx07;523625]You had to change the ownership to Administrators (with an s) not Administrator (which is the built in administrator account and not the same thing).

    This powershell script will take ownership of the 2 keys for the 10016 RuntimeBroker error, grant authority to Administrators group and then change the ownership back to TrustedInstaller (which it what it should be).

    To do this open an elevated powershell window (right click and run as administrator). Then copy everything in the box below, paste it into the powershell window and press enter.

    You can select everything in the box by triple clicking, then ctrl + C to copy and ctrl + V to paste.
    Code:
    function enable-privilege
    {    param(
        ## The privilege to adjust. This set is taken from http://msdn.microsoft.com/en-us/library/bb530716(VS.85).aspx
         [ValidateSet(
        "SeAssignPrimaryTokenPrivilege", "SeAuditPrivilege", "SeBackupPrivilege", "SeChangeNotifyPrivilege", "SeCreateGlobalPrivilege",
        "SeCreatePagefilePrivilege", "SeCreatePermanentPrivilege", "SeCreateSymbolicLinkPrivilege", "SeCreateTokenPrivilege",
        "SeDebugPrivilege", "SeEnableDelegationPrivilege", "SeImpersonatePrivilege", "SeIncreaseBasePriorityPrivilege",
        "SeIncreaseQuotaPrivilege", "SeIncreaseWorkingSetPrivilege", "SeLoadDriverPrivilege", "SeLockMemoryPrivilege",
        "SeMachineAccountPrivilege", "SeManageVolumePrivilege", "SeProfileSingleProcessPrivilege", "SeRelabelPrivilege",
        "SeRemoteShutdownPrivilege", "SeRestorePrivilege", "SeSecurityPrivilege", "SeShutdownPrivilege", "SeSyncAgentPrivilege",
        "SeSystemEnvironmentPrivilege", "SeSystemProfilePrivilege", "SeSystemtimePrivilege", "SeTakeOwnershipPrivilege", "SeTcbPrivilege",
        "SeTimeZonePrivilege", "SeTrustedCredManAccessPrivilege", "SeUndockPrivilege", "SeUnsolicitedInputPrivilege")]
        $Privilege,
        ## The process on which to adjust the privilege. Defaults to the current process.
        $ProcessId = $pid,
        ## Switch to disable the privilege, rather than enable it.
        [Switch] $Disable
        )
        ## Taken from P/Invoke.NET with minor adjustments.
     $definition = @'
     using System;
     using System.Runtime.InteropServices;
      
     public class AdjPriv
     {
      [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
      internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall,
       ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen);
      
      [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
      internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
      [DllImport("advapi32.dll", SetLastError = true)]
      internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
      [StructLayout(LayoutKind.Sequential, Pack = 1)]
      internal struct TokPriv1Luid
      {
       public int Count;
       public long Luid;
       public int Attr;
      }
      
      internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
      internal const int SE_PRIVILEGE_DISABLED = 0x00000000;
      internal const int TOKEN_QUERY = 0x00000008;
      internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
      public static bool EnablePrivilege(long processHandle, string privilege, bool disable)
      {
       bool retVal;
       TokPriv1Luid tp;
       IntPtr hproc = new IntPtr(processHandle);
       IntPtr htok = IntPtr.Zero;
       retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
       tp.Count = 1;
       tp.Luid = 0;
       if(disable)
       {
        tp.Attr = SE_PRIVILEGE_DISABLED;
       }
       else
       {
        tp.Attr = SE_PRIVILEGE_ENABLED;
       }
       retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
       retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
       return retVal;
      }
     }
    '@
     $processHandle = (Get-Process -id $ProcessId).Handle
     $type = Add-Type $definition -PassThru
     $type[0]::EnablePrivilege($processHandle, $Privilege, $Disable)
    }
    #------------------------------------------------------------------------------------------------------------------------------------------------------
    function Takeown-Registry($key) 
    {    switch ($key.split('\')[0])
        {    "HKEY_CLASSES_ROOT" 
            {    $reg = [Microsoft.Win32.Registry]::ClassesRoot
                $key = $key.substring(18)
            }
            "HKEY_CURRENT_USER"
            {    $reg = [Microsoft.Win32.Registry]::CurrentUser
                $key = $key.substring(18)
            }
            "HKEY_LOCAL_MACHINE"
            {    $reg = [Microsoft.Win32.Registry]::LocalMachine
                $key = $key.substring(19)
            }
        }
    
        # take ownership
        $key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
        $owner = [Security.Principal.NTAccount]"Administrators"
        $acl = $key.GetAccessControl()
        $acl.SetOwner($owner)
        $key.SetAccessControl($acl)
    
        # set FullControl
        $acl = $key.GetAccessControl()
        $rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow")
        $acl.SetAccessRule($rule)
        $key.SetAccessControl($acl)
        
        # reset owner
        $owner = [Security.Principal.NTAccount]"NT SERVICE\TrustedInstaller"
        $acl = $key.GetAccessControl()
        $acl.SetOwner($owner)
        $key.SetAccessControl($acl)
    }
    #------------------------------------------------------------------------------------------------------------------------------------------------------
    # Grant authority to registry key
    
    Write-Host; Write-Host "Elevating privileges for this process" -f yellow; Write-Host
    
    do {$result = enable-privilege SeTakeOwnershipPrivilege } 
    until ($result -eq $true)
    do {$result = enable-privilege SeRestorePrivilege } 
    until ($result -eq $true)
    
    $key="HKEY_CLASSES_ROOT\AppID\{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}"
    Write-Host "Granting authority to $key"
    Takeown-Registry($key)
    
    $key="HKEY_CLASSES_ROOT\CLSID\{D63B10C5-BB46-4990-A94F-E40B9D520160}"
    Write-Host "Granting authority to $key"
    Takeown-Registry($key)
    
    Write-Host; Write-Host "Done"; Write-Host

    The result should look like this (it should say "Done") and you can then go to component services and update your DCOM permissions for RuntimeBroker if you like.

    Attachment 57135

    Note if you've changed some other keys then you'll have to edit the script or do it manually but the steps are the same - change owner to Administrators, grant authority to Administrators, change ownership back to TrustedInstaller. You can easily do it using the script above by running it and then when it has run change $key to whatever you want and run the Takeown-Registry function
    Code:
    $key="HKEY_CLASSES_ROOT\AppID\{<whatever>}"
    Takeown-Registry($key)
    [/QUOTE


    Thank you, thank you, this finally got rid of the 10016; next I hope to get rid of the 2 errors 1008 for Bits & Network since they come up together quite often.
    Last edited by csmdew; 26 Feb 2016 at 23:37.
      My Computer


  3. Posts : 20
    Windows 10
       #73

    fixed, then back to original error


    the above fix worked for about a day. Unfortunately, I now have multiple 10016 errors. They were, and continue to be related to Cortana and Immersive Shell. The changes I made were to Immersive Shell.
    thanks in advance
      My Computer


  4. Posts : 5
    windows 10
       #74

    Ugh. Tried fixing the problem as prescribed, and I think I made it worse.
      My Computer


  5. Posts : 1
    windows 10
       #75

    lx07 said:
    You had to change the ownership to Administrators (with an s) not Administrator (which is the built in administrator account and not the same thing).

    This powershell script will take ownership of the 2 keys for the 10016 RuntimeBroker error, grant authority to Administrators group and then change the ownership back to TrustedInstaller (which it what it should be).

    To do this open an elevated powershell window (right click and run as administrator). Then copy everything in the box below, paste it into the powershell window and press enter.

    You can select everything in the box by triple clicking, then ctrl + C to copy and ctrl + V to paste.
    Code:
    function enable-privilege
    {	param(
    	## The privilege to adjust. This set is taken from http://msdn.microsoft.com/en-us/library/bb530716(VS.85).aspx
     	[ValidateSet(
    	"SeAssignPrimaryTokenPrivilege", "SeAuditPrivilege", "SeBackupPrivilege", "SeChangeNotifyPrivilege", "SeCreateGlobalPrivilege",
    	"SeCreatePagefilePrivilege", "SeCreatePermanentPrivilege", "SeCreateSymbolicLinkPrivilege", "SeCreateTokenPrivilege",
    	"SeDebugPrivilege", "SeEnableDelegationPrivilege", "SeImpersonatePrivilege", "SeIncreaseBasePriorityPrivilege",
    	"SeIncreaseQuotaPrivilege", "SeIncreaseWorkingSetPrivilege", "SeLoadDriverPrivilege", "SeLockMemoryPrivilege",
    	"SeMachineAccountPrivilege", "SeManageVolumePrivilege", "SeProfileSingleProcessPrivilege", "SeRelabelPrivilege",
    	"SeRemoteShutdownPrivilege", "SeRestorePrivilege", "SeSecurityPrivilege", "SeShutdownPrivilege", "SeSyncAgentPrivilege",
    	"SeSystemEnvironmentPrivilege", "SeSystemProfilePrivilege", "SeSystemtimePrivilege", "SeTakeOwnershipPrivilege", "SeTcbPrivilege",
    	"SeTimeZonePrivilege", "SeTrustedCredManAccessPrivilege", "SeUndockPrivilege", "SeUnsolicitedInputPrivilege")]
    	$Privilege,
    	## The process on which to adjust the privilege. Defaults to the current process.
    	$ProcessId = $pid,
    	## Switch to disable the privilege, rather than enable it.
    	[Switch] $Disable
    	)
    	## Taken from P/Invoke.NET with minor adjustments.
     $definition = @'
     using System;
     using System.Runtime.InteropServices;
      
     public class AdjPriv
     {
      [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
      internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall,
       ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen);
      
      [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
      internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
      [DllImport("advapi32.dll", SetLastError = true)]
      internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
      [StructLayout(LayoutKind.Sequential, Pack = 1)]
      internal struct TokPriv1Luid
      {
       public int Count;
       public long Luid;
       public int Attr;
      }
      
      internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
      internal const int SE_PRIVILEGE_DISABLED = 0x00000000;
      internal const int TOKEN_QUERY = 0x00000008;
      internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
      public static bool EnablePrivilege(long processHandle, string privilege, bool disable)
      {
       bool retVal;
       TokPriv1Luid tp;
       IntPtr hproc = new IntPtr(processHandle);
       IntPtr htok = IntPtr.Zero;
       retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
       tp.Count = 1;
       tp.Luid = 0;
       if(disable)
       {
        tp.Attr = SE_PRIVILEGE_DISABLED;
       }
       else
       {
        tp.Attr = SE_PRIVILEGE_ENABLED;
       }
       retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
       retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
       return retVal;
      }
     }
    '@
     $processHandle = (Get-Process -id $ProcessId).Handle
     $type = Add-Type $definition -PassThru
     $type[0]::EnablePrivilege($processHandle, $Privilege, $Disable)
    }
    #------------------------------------------------------------------------------------------------------------------------------------------------------
    function Takeown-Registry($key) 
    {	switch ($key.split('\')[0])
    	{	"HKEY_CLASSES_ROOT" 
    		{	$reg = [Microsoft.Win32.Registry]::ClassesRoot
    			$key = $key.substring(18)
    		}
            "HKEY_CURRENT_USER"
    		{	$reg = [Microsoft.Win32.Registry]::CurrentUser
    			$key = $key.substring(18)
    		}
    		"HKEY_LOCAL_MACHINE"
    		{	$reg = [Microsoft.Win32.Registry]::LocalMachine
    			$key = $key.substring(19)
    		}
    	}
    
    	# take ownership
    	$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
    	$owner = [Security.Principal.NTAccount]"Administrators"
    	$acl = $key.GetAccessControl()
    	$acl.SetOwner($owner)
    	$key.SetAccessControl($acl)
    
    	# set FullControl
    	$acl = $key.GetAccessControl()
    	$rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow")
    	$acl.SetAccessRule($rule)
    	$key.SetAccessControl($acl)
    	
    	# reset owner
    	$owner = [Security.Principal.NTAccount]"NT SERVICE\TrustedInstaller"
    	$acl = $key.GetAccessControl()
    	$acl.SetOwner($owner)
    	$key.SetAccessControl($acl)
    }
    #------------------------------------------------------------------------------------------------------------------------------------------------------
    # Grant authority to registry key
    
    Write-Host; Write-Host "Elevating privileges for this process" -f yellow; Write-Host
    
    do {$result = enable-privilege SeTakeOwnershipPrivilege } 
    until ($result -eq $true)
    do {$result = enable-privilege SeRestorePrivilege } 
    until ($result -eq $true)
    
    $key="HKEY_CLASSES_ROOT\AppID\{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}"
    Write-Host "Granting authority to $key"
    Takeown-Registry($key)
    
    $key="HKEY_CLASSES_ROOT\CLSID\{D63B10C5-BB46-4990-A94F-E40B9D520160}"
    Write-Host "Granting authority to $key"
    Takeown-Registry($key)
    
    Write-Host; Write-Host "Done"; Write-Host

    The result should look like this (it should say "Done") and you can then go to component services and update your DCOM permissions for RuntimeBroker if you like.

    Attachment 57135

    Note if you've changed some other keys then you'll have to edit the script or do it manually but the steps are the same - change owner to Administrators, grant authority to Administrators, change ownership back to TrustedInstaller. You can easily do it using the script above by running it and then when it has run change $key to whatever you want and run the Takeown-Registry function
    Code:
    $key="HKEY_CLASSES_ROOT\AppID\{<whatever>}"
    Takeown-Registry($key)
    Hay there just had the same problem that everyone else was having. just copied and pasted the script in to the admin powershell window and it worked. However, is their anything that I need to look out for?
      My Computer


  6. Posts : 27
    10
       #76

    Is this script really safe to use?

    I am getting this error multiple times a day and not sure if its actually causing system problems....
      My Computer


  7. Posts : 5,478
    2004
       #77

    spluff said:
    Is this script really safe to use?

    I am getting this error multiple times a day and not sure if its actually causing system problems....
    Well, I wrote this script and ran it myself before posting it.

    My job is a computer programmer (not on windows platform but the concepts are the same) and I think it is safe.

    However, I would say that it probably doesn't matter if you get various errors in Event Viewer. I wrote this script so I could understand powershell a bit more and also resolve my slight OCD that I have with these errors.

    To be honest, you could run (or not run) the script and your system will work the same either way. You'll get less reported errors in Event Viewer though if that is interesting to you.

    Why not make a backup and then try it?
      My Computer


  8. Posts : 2,832
    Windows 10 Pro X64
       #78

    Hi,

    Lx07's script works fine. I tested it on several occasions so if the DCOM error keeps on popping up then either look at what you're doing wrong or fix the error manually as per Vaio 7's instructions given on the first page.

    This is pretty basic stuff and quite straightforward IMHO. No idea why MS has not fixed this yet, probably because it does no real harm so it's not high on their priority list.

    That said, as many others here, Lx07 is always very helpful and his postings are outstanding, again IMHO. Well done and keep up the good work.

    Cheers,
      My Computers


  9. Posts : 56,806
    Multi-boot Windows 10/11 - RTM, RP, Beta, and Insider
       #79

    fdegrove said:
    Hi,

    Lx07's script works fine. I tested it on several occasions so if the DCOM error keeps on popping up then either look at what you're doing wrong or fix the error manually as per Vaio 7's instructions given on the first page.

    This is pretty basic stuff and quite straightforward IMHO. No idea why MS has not fixed this yet, probably because it does no real harm so it's not high on their priority list.

    That said, as many others here, Lx07 is always very helpful and his postings are outstanding, again IMHO. Well done and keep up the good work.

    Cheers,
    The result should look like this (it should say "Done") and you can then go to component services and update your DCOM permissions for RuntimeBroker if you like.

    What permissions for runtimebroker would you change?
      My Computers


  10. Posts : 2,832
    Windows 10 Pro X64
       #80

    Hi,

    What permissions for runtimebroker would you change?
    In dcomcnfg it's the "Launch and Activation" permissions that need to be changed for whatever user the Eventlog is claiming is missing.
    If that particular user is not listed you'll need to add it first. Can be yourself, system or whatever inbuilt account Eventviewer is listing.

    The basic operation is invariably the same, whether Runtimebroker or Immersiveshell, whatever.

    Cheers,
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:21.
Find Us




Windows 10 Forums