XP Security 2012 leading to netbt.sys issues

By 952SF
Dec 8, 2011
  1. Bobbye

    Bobbye Helper on the Fringe Posts: 16,340   +36

    Well you know what they say> "If it ain't broke, don't fix it!" Obviously the updater is working and you are not getting the 'missing' reg entry.

    Let's do one more thing to make sure this file is right:

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    For 64bit:
    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
    Are there any unresolved problems remaining?
  2. 952SF

    952SF TS Rookie Topic Starter Posts: 34

    I tend to agree "if it aint broke...", and I wouldn't have known about the wuauserv thing - who knows, it may have never been there.

    SystemLook Log:
    SystemLook 30.07.11 by jpshortstuff
    Log created at 22:30 on 29/12/2011 by Advanced Tree Health
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "netbt.sys"
    C:\i386\netbt.sys --a---- 162816 bytes [03:02 28/07/2006] [10:00 10/08/2004] 0C80E410CD2F47134407EE7DD19CC86B
    C:\WINDOWS\$NtServicePackUninstall$\netbt.sys -----c- 162816 bytes [02:11 14/09/2008] [10:00 10/08/2004] 0C80E410CD2F47134407EE7DD19CC86B
    C:\WINDOWS\ServicePackFiles\i386\netbt.sys ------- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D
    C:\WINDOWS\system32\dllcache\netbt.sys --a---- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D
    C:\WINDOWS\system32\drivers\netbt.sys --a---- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D

    -= EOF =-
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,340   +36

    Let's go head and run this:

    Please download Farbar Service Scanner
    • Check Include all files option
    • Press the Scan button
    • Log named FSS.txt will be created in the same directory as the tool
    • Please paste the log into your next reply
    New Holiday Notice! I will not be working on the threads Sat. Dec. 31 or Sunday Jan. 1 I will begin with the oldest threads first on Monday. I will do my best to get you finished or as far along as I can before that. Please do not send a PM during those days.
  4. 952SF

    952SF TS Rookie Topic Starter Posts: 34

    Hope you have/had a good New Years.



    Farbar Service Scanner
    Ran by (administrator) on 30-12-2011 at 21:19:19
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal

    Internet Services:

    Connection Status:
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Yahoo IP is accessible.

    Windows Firewall:

    Firewall Disabled Policy:

    System Restore:

    System Restore Disabled Policy:

    Security Center:

    Windows Update:

    File Check:
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit

    Extra List:
    Gpc(6) IPSec(4) NetBT(5) NwlnkIpx(9) NwlnkNb(10) PSched(7) Tcpip(3)

    **** End of log ****
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,340   +36

    Well there is is-big as life: C:\WINDOWS\system32\wuauserv.dll => MD5 is legit

    I will ask Broni to have a look at it Monday- see if there is anything we need to do.

Similar Topics

Create an account or login to comment

You need to be a member in order to leave a comment
TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.