TechSpot

XP Security 2012 leading to netbt.sys issues

By 952SF
Dec 8, 2011
  1. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Well you know what they say> "If it ain't broke, don't fix it!" Obviously the updater is working and you are not getting the 'missing' reg entry.

    Let's do one more thing to make sure this file is right:

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2


    For 64bit: http://jpshortstuff.247fixes.com/SystemLook_x64.exe
    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      
      :filefind
      netbt.sys
      
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
    =============================
    Are there any unresolved problems remaining?
     
  2. 952SF

    952SF TS Rookie Topic Starter Posts: 34

    I tend to agree "if it aint broke...", and I wouldn't have known about the wuauserv thing - who knows, it may have never been there.

    SystemLook Log:
    SystemLook 30.07.11 by jpshortstuff
    Log created at 22:30 on 29/12/2011 by Advanced Tree Health
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "netbt.sys"
    C:\i386\netbt.sys --a---- 162816 bytes [03:02 28/07/2006] [10:00 10/08/2004] 0C80E410CD2F47134407EE7DD19CC86B
    C:\WINDOWS\$NtServicePackUninstall$\netbt.sys -----c- 162816 bytes [02:11 14/09/2008] [10:00 10/08/2004] 0C80E410CD2F47134407EE7DD19CC86B
    C:\WINDOWS\ServicePackFiles\i386\netbt.sys ------- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D
    C:\WINDOWS\system32\dllcache\netbt.sys --a---- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D
    C:\WINDOWS\system32\drivers\netbt.sys --a---- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D

    -= EOF =-
     
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Let's go head and run this:

    Please download Farbar Service Scanner
    • Check Include all files option
    • Press the Scan button
    • Log named FSS.txt will be created in the same directory as the tool
    • Please paste the log into your next reply
    -------------------------
    New Holiday Notice! I will not be working on the threads Sat. Dec. 31 or Sunday Jan. 1 I will begin with the oldest threads first on Monday. I will do my best to get you finished or as far along as I can before that. Please do not send a PM during those days.
     
  4. 952SF

    952SF TS Rookie Topic Starter Posts: 34

    Hope you have/had a good New Years.

    Thanks.

    FSS.txt

    Farbar Service Scanner
    Ran by (administrator) on 30-12-2011 at 21:19:19
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Yahoo IP is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Security Center:
    ============

    Windows Update:
    ===========

    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit

    Extra List:
    =======
    Gpc(6) IPSec(4) NetBT(5) NwlnkIpx(9) NwlnkNb(10) PSched(7) Tcpip(3)
    0x0C000000040000000100000002000000030000000B0000000C00000005000000080000000600000007000000090000000A000000

    **** End of log ****
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Well there is is-big as life: C:\WINDOWS\system32\wuauserv.dll => MD5 is legit

    I will ask Broni to have a look at it Monday- see if there is anything we need to do.
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...