Recently Microsoft and HP responded to this harmless event log entry and they provided a workaround. You can find the response and the workaround here:
Kernel event ID 2 is logged when the MSFT_NetLbfoTeamNic class is called in Windows Server 2012 R2
Advisory: Microsoft - Hundreds or Thousands of Kernel Event ID:2 Error Messages Will Be Logged in the Event Viewer While Using HP Insight Management WBEM Provider with the NIC Teaming Feature Enabled on Microsoft Windows Server 2012 R2
Here a copy and past from the MS KB:
This problem is not caused by the third-party WMI provider. This problem is being tracked for consideration in a future version of Windows Server.
The Windows Server 2012 R2 MSFT_NetLbfoTeamNic WMI class uses the iNetCfg interface. The iNetCfg interface is associated with the NetCfgTrace kernel logging provider, which is automatically enabled by Windows. Trace data is automatically saved to the C:\Windows\inf\netcfgx.0.etl file. All WMI providers run under the context of the WMIPRVSE process, which in turn runs under the NETWORK SERVICE account. However, if a WMI provider calls theMSFT_NetLbfoTeamNic class, the NETWORK SERVICE account does not have authority to write trace data to this file.
If the scenario that's described in the "Symptoms" section triggers the kernel event ID 2 error, the error is harmless and can be safely ignored.
If you want to prevent this error from being logged, open an administrative command prompt, and then run the following commands:
Takeown /f c:\windows\inf
icacls c:\windows\inf /grant "NT AUTHORITY\NETWORK SERVICE":"(OI)(CI)(F)"
icacls c:\windows\inf\netcfgx.0.etl /grant "NT AUTHORITY\NETWORK SERVICE":F
icacls c:\windows\inf\netcfgx.1.etl /grant "NT AUTHORITY\NETWORK SERVICE":F
These commands grant the necessary file permissions to prevent the error logging in this scenario.
You may also want to reset the owner of C:\Windows\inf back to the NT SERVICE\TrustedInstaller account (the default setting). To do this, follow these steps:
- In Windows Explorer, navigate to C:\Windows , right-click the C:\Windows\INF directory, and then select Properties. On the Security tab, clickAdvanced.
- Next to Owner, click Change.
- Click Location, and then select the local computer (you may have to scroll up if you’ve joined a domain).
- In the Object name, enter NT SERVICE\TrustedInstaller, select Check Names, and then click OK.
Finally, run the icacls command to make sure that the NETWORK SERVICE account is set for inheritance, as in the following example: