A user reported that when she printed Microsoft Excel spreadsheets or QuickBooks invoices, no text would appear on the printouts. She had reported the same problem about a month ago. When I rebooted the system then, the problem went away, but this time rebooting didn't help. After I requested that she reboot the system, I was told the problem remained, so when I was able to get to the system to troubleshoot, I first checked to make sure the system had been rebooted rather than QuickBooks simply being restarted. It was then that I noticed a lot of other functionality was no longer available. E.g., when I tried to use the systeminfo command to find the last reboot time, I saw an error message instead of the time the system was last rebooted.
Microsoft Windows [Version 10.0.15063] (c) 2017 Microsoft Corporation. All rights reserved. C:\Users\Pam>systeminfo | find /i "Boot" Loading Operating System Information ...ERROR: Invalid class C:\Users\Pam>systeminfo Loading Operating System Information ...ERROR: Invalid class C:\Users\Pam>wmic os get lastbootuptime os - Alias not found. C:\Users\Pam>
When the systeminfo command didn't work, I then tried to get the time of last reboot using PowerShell, but that also didn't work.
Windows PowerShell Copyright (C) 2016 Microsoft Corporation. All rights reserved. PS C:\WINDOWS\system32> (GCIM Win32_OperatingSystem).LastBootUpTime GCIM : Invalid class At line:1 char:2 + (GCIM Win32_OperatingSystem).LastBootUpTime + ~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : MetadataError: (root\cimv2:Win32_OperatingSystem:String) [Get-CimInstance], CimException + FullyQualifiedErrorId : HRESULT 0x80041010,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand PS C:\WINDOWS\system32>
So I rebooted the system, but rebooting didn't alter the results when I tried to run the commands again. I thought that, perhaps, a recently installed update to Microsoft Windows might have caused the problem, so I tried checking on recently installed patches using PowerShell, but I again saw error messages rather than the expected list of recently installed Microsoft Windows updates.
PS C:\Users\Pam> Get-CimInstance -Class win32_quickfixengineering | Where-Object { $_.InstalledOn -gt (Get-Date).AddMonths(-1) } Get-CimInstance : Invalid class At line:1 char:1 + Get-CimInstance -Class win32_quickfixengineering | Where-Object { $_. ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : MetadataError: (root\cimv2:win32_quickfixengineering:String) [Get-CimInstance], CimExcep tion + FullyQualifiedErrorId : HRESULT 0x80041010,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand PS C:\Users\Pam>
When I logged off the user's account and logged into the domain administrator's account and then opened a command prompt window, I saw a result I'd never seen occur when opening a command prompt window on this or any other system. The window title was unusual; it was "Administrator: Microsoft Windows Server 2008 x64 DEBUG Build Environment", though the system was a Windows 10 system and the domain controller was not a Windows Server 2008 system, and the command prompt window also didn't open to the usual Windows directory and the text displayed was yellow on a black background, instead of white on a black background.
Setting SDK environment relative to C:\Program Files\Microsoft SDKs\Windows\v7.0. Targeting Windows Server 2008 x64 DEBUG C:\Program Files\Microsoft SDKs\Windows\v7.0>
When I attempted to run the systeminfo command, I got the same
"Loading Operating System Information ...ERROR: Invalid class" error message.
When I ran the netstat -a command at the prompt, I saw a
continuously scrolling list of entries like the following ones:
TCP 127.0.0.1:12344 www:51415 ESTABLISHED TCP 127.0.0.1:12344 www:51418 ESTABLISHED TCP 127.0.0.1:12344 www:51419 ESTABLISHED TCP 127.0.0.1:12344 www:51423 ESTABLISHED TCP 127.0.0.1:12344 www:51426 ESTABLISHED TCP 127.0.0.1:12344 www:51429 ESTABLISHED TCP 127.0.0.1:12344 www:51438 TIME_WAIT TCP 127.0.0.1:12344 www:51456 ESTABLISHED TCP 127.0.0.1:12344 www:51459 ESTABLISHED TCP 127.0.0.1:12344 www:51461 ESTABLISHED TCP 127.0.0.1:12344 www:51463 TIME_WAIT TCP 127.0.0.1:12344 www:51469 ESTABLISHED TCP 127.0.0.1:12344 www:51473 ESTABLISHED TCP 127.0.0.1:12344 www:51475 ESTABLISHED TCP 127.0.0.1:12344 www:51479 TIME_WAIT
I had to interrupt the output with Ctrl-C, since it appeared it would
continue indefinitely. When I used netstat -an, I saw the
following:
C:\Program Files\Microsoft SDKs\Windows\v7.0>netstat -an | more Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:80 0.0.0.0:0 LISTENING TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1801 0.0.0.0:0 LISTENING TCP 0.0.0.0:2103 0.0.0.0:0 LISTENING TCP 0.0.0.0:2105 0.0.0.0:0 LISTENING TCP 0.0.0.0:2107 0.0.0.0:0 LISTENING TCP 0.0.0.0:2215 0.0.0.0:0 LISTENING TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING TCP 0.0.0.0:6646 0.0.0.0:0 LISTENING TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING TCP 0.0.0.0:8733 0.0.0.0:0 LISTENING TCP 0.0.0.0:13000 0.0.0.0:0 LISTENING TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING TCP 0.0.0.0:49673 0.0.0.0:0 LISTENING TCP 0.0.0.0:49688 0.0.0.0:0 LISTENING TCP 0.0.0.0:49699 0.0.0.0:0 LISTENING TCP 127.0.0.1:12342 0.0.0.0:0 LISTENING TCP 127.0.0.1:12344 0.0.0.0:0 LISTENING TCP 127.0.0.1:12344 127.0.0.1:51521 ESTABLISHED TCP 127.0.0.1:12344 127.0.0.1:51522 TIME_WAIT TCP 127.0.0.1:12344 127.0.0.1:51563 TIME_WAIT TCP 127.0.0.1:12344 127.0.0.1:51611 ESTABLISHED TCP 127.0.0.1:12344 127.0.0.1:51865 ESTABLISHED TCP 127.0.0.1:12344 127.0.0.1:51943 TIME_WAIT TCP 127.0.0.1:12344 127.0.0.1:51973 ESTABLISHED TCP 127.0.0.1:12350 0.0.0.0:0 LISTENING TCP 127.0.0.1:51364 127.0.0.1:51365 ESTABLISHED TCP 127.0.0.1:51365 127.0.0.1:51364 ESTABLISHED TCP 127.0.0.1:51366 127.0.0.1:12344 TIME_WAIT TCP 127.0.0.1:51368 127.0.0.1:12344 TIME_WAIT TCP 127.0.0.1:51370 127.0.0.1:12344 TIME_WAIT TCP 127.0.0.1:51374 127.0.0.1:51375 ESTABLISHED TCP 127.0.0.1:51375 127.0.0.1:51374 ESTABLISHED TCP 127.0.0.1:51380 127.0.0.1:12344 TIME_WAIT TCP 127.0.0.1:51382 127.0.0.1:12344 TIME_WAIT TCP 127.0.0.1:51384 127.0.0.1:12344 TIME_WAIT -- More --
When I tried to determine what process was listening on port 80
and on other ports with code netstat -anb, I saw quite
a few "Cannot obtain ownership information" results.
C:\Program Files\Microsoft SDKs\Windows\v7.0>netstat -anb | more Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:80 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:135 0.0.0.0:0 LISTENING RpcSs [svchost.exe] TCP 0.0.0.0:445 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:1801 0.0.0.0:0 LISTENING [mqsvc.exe] TCP 0.0.0.0:2103 0.0.0.0:0 LISTENING [mqsvc.exe] TCP 0.0.0.0:2105 0.0.0.0:0 LISTENING [mqsvc.exe] TCP 0.0.0.0:2107 0.0.0.0:0 LISTENING [mqsvc.exe] TCP 0.0.0.0:2215 0.0.0.0:0 LISTENING [sshd.exe] TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TermService [svchost.exe] TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:6646 0.0.0.0:0 LISTENING [mcsvhost.exe] TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING DoSvc [svchost.exe] TCP 0.0.0.0:8733 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:13000 0.0.0.0:0 LISTENING [NOBuClient.exe] TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING EventLog [svchost.exe] TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING [spoolsv.exe] TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING Schedule [svchost.exe] TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING [lsass.exe] TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING SessionEnv [svchost.exe] TCP 0.0.0.0:49673 0.0.0.0:0 LISTENING [lsass.exe] TCP 0.0.0.0:49688 0.0.0.0:0 LISTENING [mqsvc.exe] TCP 0.0.0.0:49699 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 127.0.0.1:12342 0.0.0.0:0 LISTENING [LavasoftTcpService.exe] TCP 127.0.0.1:12344 0.0.0.0:0 LISTENING [LavasoftTcpService.exe] TCP 127.0.0.1:12344 127.0.0.1:52192 TIME_WAIT TCP 127.0.0.1:12344 127.0.0.1:52193 TIME_WAIT TCP 127.0.0.1:12350 0.0.0.0:0 LISTENING [LavasoftTcpService.exe] TCP 127.0.0.1:51364 127.0.0.1:51365 ESTABLISHED [firefox.exe] TCP 127.0.0.1:51365 127.0.0.1:51364 ESTABLISHED [firefox.exe] TCP 127.0.0.1:51374 127.0.0.1:51375 ESTABLISHED [firefox.exe] TCP 127.0.0.1:51375 127.0.0.1:51374 ESTABLISHED [firefox.exe] TCP 127.0.0.1:51431 127.0.0.1:51432 ESTABLISHED [firefox.exe] TCP 127.0.0.1:51432 127.0.0.1:51431 ESTABLISHED [firefox.exe] TCP 127.0.0.1:51543 127.0.0.1:51544 ESTABLISHED [firefox.exe] TCP 127.0.0.1:51544 127.0.0.1:51543 ESTABLISHED [firefox.exe] TCP 127.0.0.1:52185 127.0.0.1:12344 TIME_WAIT TCP 127.0.0.1:52187 127.0.0.1:12344 TIME_WAIT TCP 127.0.0.1:52189 127.0.0.1:12344 TIME_WAIT TCP 192.168.0.15:139 0.0.0.0:0 LISTENING Can not obtain ownership information TCP 192.168.0.15:49846 65.52.108.199:443 ESTABLISHED WpnService [svchost.exe] TCP 192.168.0.15:50934 209.85.201.125:5222 ESTABLISHED [googledrivesync.exe] TCP 192.168.0.15:50935 216.58.217.170:443 CLOSE_WAIT [googledrivesync.exe] TCP 192.168.0.15:50937 216.58.217.170:443 CLOSE_WAIT [googledrivesync.exe] -- More --
I saw similar results for another Windows 10 system in the same
domain in the same office, although on that system, when I opened a
command prompt window with administrator privileges I saw the normal
"Administrator: Command Prompt" title for the window and it opened, as
usual, to the C:\WINDOWS\system32 directory.
When I checked to see if the system was configured to use a proxy server for website access by querying the Windows registry with the Registry Editor regedit, I found the returned value was 0, which indicated that the system wasn't configured to use a proxy server.
C:\Program Files\Microsoft SDKs\Windows\v7.0>reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable REG_DWORD 0x0
C:\Program Files\Microsoft SDKs\Windows\v7.0>I then tried netstat -aon and saw that a process with
process identifier 4 was listening on port 80.
C:\Windows>netstat -aon Active Connections Proto Local Address Foreign Address State PID TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 448 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:1801 0.0.0.0:0 LISTENING 4156 TCP 0.0.0.0:2103 0.0.0.0:0 LISTENING 4156 TCP 0.0.0.0:2105 0.0.0.0:0 LISTENING 4156 TCP 0.0.0.0:2107 0.0.0.0:0 LISTENING 4156 TCP 0.0.0.0:2215 0.0.0.0:0 LISTENING 7172 TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 1036 TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:6646 0.0.0.0:0 LISTENING 4476 TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING 7980 TCP 0.0.0.0:8733 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:13000 0.0.0.0:0 LISTENING 12280 TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 676 TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 1408 TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 2768 TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 1788 TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 840 TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 3000 TCP 0.0.0.0:49673 0.0.0.0:0 LISTENING 840 TCP 0.0.0.0:49688 0.0.0.0:0 LISTENING 4156 TCP 0.0.0.0:49699 0.0.0.0:0 LISTENING 824 TCP 127.0.0.1:12342 0.0.0.0:0 LISTENING 3128 TCP 127.0.0.1:12344 0.0.0.0:0 LISTENING 3128 TCP 127.0.0.1:12344 127.0.0.1:52471 TIME_WAIT 0 TCP 127.0.0.1:12344 127.0.0.1:52602 TIME_WAIT 0 TCP 127.0.0.1:12344 127.0.0.1:52603 TIME_WAIT 0 TCP 127.0.0.1:12350 0.0.0.0:0 LISTENING 3128 TCP 127.0.0.1:51364 127.0.0.1:51365 ESTABLISHED 19368 TCP 127.0.0.1:51365 127.0.0.1:51364 ESTABLISHED 19368 TCP 127.0.0.1:51374 127.0.0.1:51375 ESTABLISHED 9828 TCP 127.0.0.1:51375 127.0.0.1:51374 ESTABLISHED 9828 TCP 127.0.0.1:51431 127.0.0.1:51432 ESTABLISHED 19204 TCP 127.0.0.1:51432 127.0.0.1:51431 ESTABLISHED 19204 TCP 127.0.0.1:51543 127.0.0.1:51544 ESTABLISHED 19544 TCP 127.0.0.1:51544 127.0.0.1:51543 ESTABLISHED 19544 TCP 127.0.0.1:52473 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52475 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52477 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52480 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52482 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52483 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52486 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52487 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52490 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52492 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52495 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52499 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52505 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52507 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52509 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52511 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52512 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52517 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52518 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52531 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52535 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52539 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52543 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52547 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52548 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52549 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52555 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52559 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52563 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52565 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52583 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52589 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52590 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52591 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52592 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52596 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52599 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52601 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52604 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52606 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52607 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52608 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52620 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52627 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52629 127.0.0.1:12344 TIME_WAIT 0 TCP 127.0.0.1:52631 127.0.0.1:12344 TIME_WAIT 0 TCP 192.168.0.15:139 0.0.0.0:0 LISTENING 4 TCP 192.168.0.15:49846 65.52.108.199:443 ESTABLISHED 3588 TCP 192.168.0.15:50934 209.85.201.125:5222 ESTABLISHED 16512 TCP 192.168.0.15:50935 216.58.217.170:443 CLOSE_WAIT 16512 TCP 192.168.0.15:50937 216.58.217.170:443 CLOSE_WAIT 16512 TCP 192.168.0.15:50938 216.58.217.170:443 CLOSE_WAIT 16512 TCP 192.168.0.15:52474 23.32.80.49:80 TIME_WAIT 0 TCP 192.168.0.15:52478 72.21.91.29:80 TIME_WAIT 0 TCP 192.168.0.15:52493 52.84.121.202:443 TIME_WAIT 0 TCP 192.168.0.15:52506 52.84.125.5:443 TIME_WAIT 0 TCP 192.168.0.15:52508 216.58.217.104:443 TIME_WAIT 0 TCP 192.168.0.15:52510 216.58.217.110:443 TIME_WAIT 0 TCP 192.168.0.15:52514 216.58.217.102:443 TIME_WAIT 0 TCP 192.168.0.15:52532 172.217.7.130:443 TIME_WAIT 0 TCP 192.168.0.15:52536 216.58.217.110:80 TIME_WAIT 0 TCP 192.168.0.15:52540 172.217.3.34:443 TIME_WAIT 0 TCP 192.168.0.15:52544 173.194.207.157:443 TIME_WAIT 0 TCP 192.168.0.15:52551 172.217.3.34:443 TIME_WAIT 0 TCP 192.168.0.15:52552 74.125.29.156:443 TIME_WAIT 0 TCP 192.168.0.15:52553 54.192.16.21:443 TIME_WAIT 0 TCP 192.168.0.15:52560 74.125.202.104:443 TIME_WAIT 0 TCP 192.168.0.15:52564 52.84.123.36:443 TIME_WAIT 0 TCP 192.168.0.15:52566 52.84.125.5:443 TIME_WAIT 0 TCP 192.168.0.15:52584 52.84.125.136:443 TIME_WAIT 0 TCP 192.168.0.15:52609 23.4.187.27:80 TIME_WAIT 0 TCP 192.168.0.15:52618 104.100.157.32:443 ESTABLISHED 2728 TCP 192.168.0.15:52619 104.100.157.32:443 ESTABLISHED 2728 TCP 192.168.0.15:52621 216.58.217.110:443 TIME_WAIT 0 TCP [::]:80 [::]:0 LISTENING 4 TCP [::]:135 [::]:0 LISTENING 448 TCP [::]:445 [::]:0 LISTENING 4 TCP [::]:1801 [::]:0 LISTENING 4156 TCP [::]:2103 [::]:0 LISTENING 4156 TCP [::]:2105 [::]:0 LISTENING 4156 TCP [::]:2107 [::]:0 LISTENING 4156 TCP [::]:2215 [::]:0 LISTENING 7172 TCP [::]:2869 [::]:0 LISTENING 4 TCP [::]:3389 [::]:0 LISTENING 1036 TCP [::]:5357 [::]:0 LISTENING 4 TCP [::]:7680 [::]:0 LISTENING 7980 TCP [::]:8733 [::]:0 LISTENING 4 TCP [::]:49664 [::]:0 LISTENING 676 TCP [::]:49665 [::]:0 LISTENING 1408 TCP [::]:49666 [::]:0 LISTENING 2768 TCP [::]:49667 [::]:0 LISTENING 1788 TCP [::]:49668 [::]:0 LISTENING 840 TCP [::]:49669 [::]:0 LISTENING 3000 TCP [::]:49673 [::]:0 LISTENING 840 TCP [::]:49688 [::]:0 LISTENING 4156 TCP [::]:49699 [::]:0 LISTENING 824 UDP 0.0.0.0:123 *:* 1100 UDP 0.0.0.0:3389 *:* 1036 UDP 0.0.0.0:3702 *:* 2816 UDP 0.0.0.0:3702 *:* 2816 UDP 0.0.0.0:5050 *:* 1500 UDP 0.0.0.0:5353 *:* 1192 UDP 0.0.0.0:5355 *:* 1192 UDP 0.0.0.0:6646 *:* 4476 UDP 0.0.0.0:52847 *:* 2768 UDP 0.0.0.0:60175 *:* 2816 UDP 127.0.0.1:1900 *:* 6792 UDP 127.0.0.1:50822 *:* 840 UDP 127.0.0.1:54749 *:* 1692 UDP 127.0.0.1:60612 *:* 7980 UDP 127.0.0.1:62720 *:* 6792 UDP 192.168.0.15:137 *:* 4 UDP 192.168.0.15:138 *:* 4 UDP 192.168.0.15:1900 *:* 6792 UDP 192.168.0.15:62719 *:* 6792 UDP [::]:123 *:* 1100 UDP [::]:3389 *:* 1036 UDP [::]:3702 *:* 2816 UDP [::]:3702 *:* 2816 UDP [::]:5353 *:* 1192 UDP [::]:5355 *:* 1192 UDP [::]:60176 *:* 2816 UDP [::1]:1900 *:* 6792 UDP [::1]:62718 *:* 6792 UDP [fe80::e90f:c172:eb14:f3a4%2]:1900 *:* 6792 UDP [fe80::e90f:c172:eb14:f3a4%2]:62717 *:* 6792 C:\Windows>
When I tried to use the tasklist command to associate an application name with PID 4, though, I saw an error message.
C:\Windows>tasklist /fi "PID eq 4" ERROR: Invalid class C:\Windows>
On the other Windows 10 system, I saw the image name listed as "System".
From the administrator account, I tried again to see when the last Windows updates were installed, but still saw error messages instead of information on installed patches.
PS C:\Users\Administrator> Get-CimInstance -class win32_quickfixengineering Get-CimInstance : Invalid class At line:1 char:1 + Get-CimInstance -class win32_quickfixengineering + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : MetadataError: (root\cimv2:win32_quickfixengineering:String) [Get-CimInstance], CimExcep tion + FullyQualifiedErrorId : HRESULT 0x80041010,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand PS C:\Users\Administrator> Get-Hotfix Get-Hotfix : Invalid class At line:1 char:1 + Get-Hotfix + ~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Get-HotFix], ManagementException + FullyQualifiedErrorId : System.Management.ManagementException,Microsoft.PowerShell.Commands.GetHotFixCommand PS C:\Users\Administrator>
However, on the other Windows 10 system in the office, when I used the
Get-Hotfix cmdlet, I saw the list of recently installed patches;
October 17 was the date for the most recently installed one with the
immediately prior installed patch being installed on October 11. The
Get-CimInstance -class win32_quickfixengineering also worked
and showed the same results.
I was able to view recent updates by typing update
in the Cortana "Ask me anything" window then selecting "View your Update
History" in the returned results. I saw recent application updates, but
no operating system update that I thought might create the problem I
was seeing.
I found that other PowerShell cmdlets weren't working, either. E.g., when I tried the Get-Disk cmdlet, instead of seeing information on the disk drives in and attached to the system, nothing was displayed.
PS C:\Users\Pam> Get-Disk
PS C:\Users\Pam>PowerShell 5.1 is installed on the system.
PS C:\Users\Pam> $psversiontable
Name Value
---- -----
PSVersion 5.1.15063.674
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.15063.674
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
PS C:\Users\Pam>
I then tried commands to
check the Windows
operating system version at a PowerShell prompt.
Though [System.Environment]::OSVersion.Version displayed the
operating system version,
(Get-WmiObject -class Win32_OperatingSystem).Caption displayed
an error message, though both worked fine on the other system in the office
running the same version and build of Microsoft Windows.
PS C:\Users\Pam> [System.Environment]::OSVersion.Version
Major Minor Build Revision
----- ----- ----- --------
10 0 15063 0
PS C:\Users\Pam> (Get-WmiObject -class Win32_OperatingSystem).Caption
Get-WmiObject : Invalid class "Win32_OperatingSystem"
At line:1 char:2
+ (Get-WmiObject -class Win32_OperatingSystem).Caption
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidType: (:) [Get-WmiObject], ManagementException
+ FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
PS C:\Users\Pam>Windows Management Instrumentation Command-line (WMIC) commands that worked without issues on the other system also failed to produce the expected output on this system.
C:\Users\Pam>wmic os os - Alias not found. C:\Users\Pam>
I thought there might be some corruption to Windows operating system files or one or more may have been deleted or altered, so I ran the Deployment Image Servicing and Management (DISM) tool and then the System File Checker (SFC) tool. To use those tools open a command prompt with administrator privileges then run the DISM command shown below first. DISM enumerates, installs, uninstalls, configures, and updates features and packages in Windows images. DISM uses Windows Update to provide the files that are needed to fix a corrupted Windows operating system.
C:\WINDOWS\system32>dism /online /cleanup-image /restorehealth Deployment Image Servicing and Management tool Version: 10.0.15063.0 Image Version: 10.0.15063.0 [==========================100.0%==========================] The restore operati on completed successfully. The operation completed successfully. C:\WINDOWS\system32>
After the DISM command completes, run the
System File Checker (SFC) command
shown below. The SFC utility checks for incorrect versions of all protected
operating system files and replaces any found to be corrupted or incorrect
with the correct version from the compressed %WinDir%\System32\dllcache
directory. You can see the value of the
environment variable %WinDir% on a particular system by typing
the command echo %WinDir% command at a command prompt. It is
usually the C:\Windows directory. In this case, SFC did not
find any problems, though I was expecting it to report an issue with one
or more files.
C:\WINDOWS\system32>sfc /scannow Beginning system scan. This process will take some time. Beginning verification phase of system scan. Verification 100% complete. Windows Resource Protection did not find any integrity violations. C:\WINDOWS\system32>
I thought there might be malware on the system creating the problem even though the system is scanned regularly by the antivirus software on the system, McAfee Total Protection. I also run an automatic nightly scan of the system with SUPERAntispyware, but it hasn't been reporting anything but tracking cookies. I also installed Malwarebytes Anti-Malware and checked the system with it, but it didn't report any malware infections. Nor did I see anything suspicious when I checked the programs that are automatically started at boot time with Microsoft's Autoruns for Windows.
I decided I would update Windows to the recently released
Fall Creators Update of Windows 10. I typed
update in the
Cortana
"Type here to search" field and then selected "Check for updates"
from the results list. At the Settings window, I clicked on
the Check for updates button which initiated an installation of
Windows 10, version 1709. After the update was installed and I rebooted
the system, all of the previously encountered problems were gone. I could
issue the systeminfo, WMIC and PowerShell command and get expected results.
I could also print normally from Microsoft Excel and the QuickBooks
accounting program.
Related articles: