Windows 10 Event ID 10010 and 10016 Errors With DistributedCOM

I found this fix for Chrome causing the 10016 error and it finally fixed it for me! Chrome even runs better now.

1. Run the following script using Powershell as administrator. Make sure you edit the Clsid and Appid values near the end of the script first. This should reset the ownership to "trusted installer"

function enable-privilege
{ param(
## The privilege to adjust. This set is taken from http://msdn.microsoft.com/en-us/libr...16(VS.85).aspx
[ValidateSet(
"SeAssignPrimaryTokenPrivilege", "SeAuditPrivilege", "SeBackupPrivilege", "SeChangeNotifyPrivilege", "SeCreateGlobalPrivilege",
"SeCreatePagefilePrivilege", "SeCreatePermanentPrivilege", "SeCreateSymbolicLinkPrivilege", "SeCreateTokenPrivilege",
"SeDebugPrivilege", "SeEnableDelegationPrivilege", "SeImpersonatePrivilege", "SeIncreaseBasePriorityPrivilege",
"SeIncreaseQuotaPrivilege", "SeIncreaseWorkingSetPrivilege", "SeLoadDriverPrivilege", "SeLockMemoryPrivilege",
"SeMachineAccountPrivilege", "SeManageVolumePrivilege", "SeProfileSingleProcessPrivilege", "SeRelabelPrivilege",
"SeRemoteShutdownPrivilege", "SeRestorePrivilege", "SeSecurityPrivilege", "SeShutdownPrivilege", "SeSyncAgentPrivilege",
"SeSystemEnvironmentPrivilege", "SeSystemProfilePrivilege", "SeSystemtimePrivilege", "SeTakeOwnershipPrivilege", "SeTcbPrivilege",
"SeTimeZonePrivilege", "SeTrustedCredManAccessPrivilege", "SeUndockPrivilege", "SeUnsolicitedInputPrivilege")]
$Privilege,
## The process on which to adjust the privilege. Defaults to the current process.
$ProcessId = $pid,
## Switch to disable the privilege, rather than enable it.
[Switch] $Disable
)
## Taken from P/Invoke.NET with minor adjustments.
$definition = @'
using System;
using System.Runtime.InteropServices;

public class AdjPriv
{
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall,
ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen);

[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]
internal struct TokPriv1Luid
{
public int Count;
public long Luid;
public int Attr;
}

internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
internal const int SE_PRIVILEGE_DISABLED = 0x00000000;
internal const int TOKEN_QUERY = 0x00000008;
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege, bool disable)
{
bool retVal;
TokPriv1Luid tp;
IntPtr hproc = new IntPtr(processHandle);
IntPtr htok = IntPtr.Zero;
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
tp.Count = 1;
tp.Luid = 0;
if(disable)
{
tp.Attr = SE_PRIVILEGE_DISABLED;
}
else
{
tp.Attr = SE_PRIVILEGE_ENABLED;
}
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
return retVal;
}
}
'@
$processHandle = (Get-Process -id $ProcessId).Handle
$type = Add-Type $definition -PassThru
$type[0]::EnablePrivilege($processHandle, $Privilege, $Disable)
}
#------------------------------------------------------------------------------------------------------------------------------------------------------
function Takeown-Registry($key)
{ switch ($key.split('\')[0])
{ "HKEY_CLASSES_ROOT"
{ $reg = [Microsoft.Win32.Registry]::ClassesRoot
$key = $key.substring(18)
}
"HKEY_CURRENT_USER"
{ $reg = [Microsoft.Win32.Registry]::CurrentUser
$key = $key.substring(18)
}
"HKEY_LOCAL_MACHINE"
{ $reg = [Microsoft.Win32.Registry]::LocalMachine
$key = $key.substring(19)
}
}

# take ownership
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
$owner = [Security.Principal.NTAccount]"Administrators"
$acl = $key.GetAccessControl()
$acl.SetOwner($owner)
$key.SetAccessControl($acl)

# set FullControl
$acl = $key.GetAccessControl()
$rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow")
$acl.SetAccessRule($rule)
$key.SetAccessControl($acl)

# reset owner
$owner = [Security.Principal.NTAccount]"NT SERVICE\TrustedInstaller"
$acl = $key.GetAccessControl()
$acl.SetOwner($owner)
$key.SetAccessControl($acl)
}
#------------------------------------------------------------------------------------------------------------------------------------------------------
# Grant authority to registry key

Write-Host; Write-Host "Elevating privileges for this process" -f yellow; Write-Host

do {$result = enable-privilege SeTakeOwnershipPrivilege }
until ($result -eq $true)
do {$result = enable-privilege SeRestorePrivilege }
until ($result -eq $true)

$key="HKEY_CLASSES_ROOT\AppID\{15C20B67-12E7-4BB6-92BB-7AFF07997402}"
Write-Host "Granting authority to $key"
Takeown-Registry($key)

$key="HKEY_CLASSES_ROOT\CLSID\{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}"
Write-Host "Granting authority to $key"
Takeown-Registry($key)

Write-Host; Write-Host "Done"; Write-Host

2. Open Regedit to this key: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\

Open your Event Viewer and click your 10016 error and click on

Detail Tab

Click the +System in friendly view & copy the GUID number

Go to your Regedit menu bar Edit / Find & search the GUID number

Set the enabled key to Zero 0

I do hope that script doesn't screw up something else unbeknown to you. Where did you get it from?

It works! And Chrome runs better!

Can't apply changes in Admin Registry Editor on the clsid to Administrators the system says access denied

T0mmy1977 said:

I found this fix for Chrome causing the 10016 error and it finally fixed it for me! Chrome even runs better now.

1. Run the following script using Powershell as administrator. Make sure you edit the Clsid and Appid values near the end of the script first. This should reset the ownership to "trusted installer"

function enable-privilege
{ param(
## The privilege to adjust. This set is taken from http://msdn.microsoft.com/en-us/libr...16(VS.85).aspx
[ValidateSet(
"SeAssignPrimaryTokenPrivilege", "SeAuditPrivilege", "SeBackupPrivilege", "SeChangeNotifyPrivilege", "SeCreateGlobalPrivilege",
"SeCreatePagefilePrivilege", "SeCreatePermanentPrivilege", "SeCreateSymbolicLinkPrivilege", "SeCreateTokenPrivilege",
"SeDebugPrivilege", "SeEnableDelegationPrivilege", "SeImpersonatePrivilege", "SeIncreaseBasePriorityPrivilege",
"SeIncreaseQuotaPrivilege", "SeIncreaseWorkingSetPrivilege", "SeLoadDriverPrivilege", "SeLockMemoryPrivilege",
"SeMachineAccountPrivilege", "SeManageVolumePrivilege", "SeProfileSingleProcessPrivilege", "SeRelabelPrivilege",
"SeRemoteShutdownPrivilege", "SeRestorePrivilege", "SeSecurityPrivilege", "SeShutdownPrivilege", "SeSyncAgentPrivilege",
"SeSystemEnvironmentPrivilege", "SeSystemProfilePrivilege", "SeSystemtimePrivilege", "SeTakeOwnershipPrivilege", "SeTcbPrivilege",
"SeTimeZonePrivilege", "SeTrustedCredManAccessPrivilege", "SeUndockPrivilege", "SeUnsolicitedInputPrivilege")]
$Privilege,
## The process on which to adjust the privilege. Defaults to the current process.
$ProcessId = $pid,
## Switch to disable the privilege, rather than enable it.
[Switch] $Disable
)
## Taken from P/Invoke.NET with minor adjustments.
$definition = @'
using System;
using System.Runtime.InteropServices;

public class AdjPriv
{
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall,
ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen);

[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]
internal struct TokPriv1Luid
{
public int Count;
public long Luid;
public int Attr;
}

internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
internal const int SE_PRIVILEGE_DISABLED = 0x00000000;
internal const int TOKEN_QUERY = 0x00000008;
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege, bool disable)
{
bool retVal;
TokPriv1Luid tp;
IntPtr hproc = new IntPtr(processHandle);
IntPtr htok = IntPtr.Zero;
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
tp.Count = 1;
tp.Luid = 0;
if(disable)
{
tp.Attr = SE_PRIVILEGE_DISABLED;
}
else
{
tp.Attr = SE_PRIVILEGE_ENABLED;
}
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
return retVal;
}
}
'@
$processHandle = (Get-Process -id $ProcessId).Handle
$type = Add-Type $definition -PassThru
$type[0]::EnablePrivilege($processHandle, $Privilege, $Disable)
}
#------------------------------------------------------------------------------------------------------------------------------------------------------
function Takeown-Registry($key)
{ switch ($key.split('\')[0])
{ "HKEY_CLASSES_ROOT"
{ $reg = [Microsoft.Win32.Registry]::ClassesRoot
$key = $key.substring(18)
}
"HKEY_CURRENT_USER"
{ $reg = [Microsoft.Win32.Registry]::CurrentUser
$key = $key.substring(18)
}
"HKEY_LOCAL_MACHINE"
{ $reg = [Microsoft.Win32.Registry]::LocalMachine
$key = $key.substring(19)
}
}

# take ownership
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
$owner = [Security.Principal.NTAccount]"Administrators"
$acl = $key.GetAccessControl()
$acl.SetOwner($owner)
$key.SetAccessControl($acl)

# set FullControl
$acl = $key.GetAccessControl()
$rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow")
$acl.SetAccessRule($rule)
$key.SetAccessControl($acl)

# reset owner
$owner = [Security.Principal.NTAccount]"NT SERVICE\TrustedInstaller"
$acl = $key.GetAccessControl()
$acl.SetOwner($owner)
$key.SetAccessControl($acl)
}
#------------------------------------------------------------------------------------------------------------------------------------------------------
# Grant authority to registry key

Write-Host; Write-Host "Elevating privileges for this process" -f yellow; Write-Host

do {$result = enable-privilege SeTakeOwnershipPrivilege }
until ($result -eq $true)
do {$result = enable-privilege SeRestorePrivilege }
until ($result -eq $true)

$key="HKEY_CLASSES_ROOT\AppID\{15C20B67-12E7-4BB6-92BB-7AFF07997402}"
Write-Host "Granting authority to $key"
Takeown-Registry($key)

$key="HKEY_CLASSES_ROOT\CLSID\{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}"
Write-Host "Granting authority to $key"
Takeown-Registry($key)

Write-Host; Write-Host "Done"; Write-Host

2. Open Regedit to this key: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\

Open your Event Viewer and click your 10016 error and click on

Detail Tab

Click the +System in friendly view & copy the GUID number

Go to your Regedit menu bar Edit / Find & search the GUID number

Set the enabled key to Zero 0

does it happen with windows 11 also? what does it improve, chrome seems to work properly

kd2 said:

Hello, i got the same error too:
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

I share my experience.

This error appeared after i disabled, via registry and via task scheduler with high privileges (since these services are protected) the Update Orchestrator Service and the Windows Update Medic Service.

I disable windows update as a whole since i do updates manually, do not want automatic updates.

To fix the dcom error, at least for now, i disabled the launch of the process 9BA05972-F6A8-11CF-A442-00A0C90A8F39 in the registry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}]
"CLSID"="{9BA05972-F6A8-11CF-A442-00A0C90A8F39}"
"Policy"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}]
"CLSID"="{9BA05972-F6A8-11CF-A442-00A0C90A8F39}"
"Policy"=dword:00000000

Il also tried to change the policy to 3 and seems i do not have the error too. Defult value is 1.

About the Protected Mode Elevation Dialog, refer to this article where is explained what 0, 1, 2 or 3 options do.

Will update in case the error will back in the next days, but this error is 100% related to Windows Update and related tasks.

Side note:
I also uninstalled IE11 after installed windows 10 since i use another browser, but of course some processes are still in the system since is integrated in the GUI. This is why you should not delete this key from the registry (is protected, so you need high privileges), it will broke file explorer, it pratically hangs the desktop gui till you reboot the pc, and it hangs again when you open file explorer at next boot too, so do not delete this key, just change the policy registry key (see above) to manage it.

Forget to add, since is related to shellwindows, you have to grant persmissions to all the dcom keys:

On dos prompt execute comexp.msc to open component services:

component services -> dcom config -> shellwindows -> properties -> security tab -> choose for every of the three options available "customize" and grant permission to everything.