TechSpot

XP Security 2012 leading to netbt.sys issues

Inactive
By 952SF
Dec 8, 2011
  1. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Well you know what they say> "If it ain't broke, don't fix it!" Obviously the updater is working and you are not getting the 'missing' reg entry.

    Let's do one more thing to make sure this file is right:

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2


    For 64bit: http://jpshortstuff.247fixes.com/SystemLook_x64.exe
    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      
      :filefind
      netbt.sys
      
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
    =============================
    Are there any unresolved problems remaining?
     
  2. 952SF

    952SF TS Rookie Topic Starter Posts: 34

    I tend to agree "if it aint broke...", and I wouldn't have known about the wuauserv thing - who knows, it may have never been there.

    SystemLook Log:
    SystemLook 30.07.11 by jpshortstuff
    Log created at 22:30 on 29/12/2011 by Advanced Tree Health
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "netbt.sys"
    C:\i386\netbt.sys --a---- 162816 bytes [03:02 28/07/2006] [10:00 10/08/2004] 0C80E410CD2F47134407EE7DD19CC86B
    C:\WINDOWS\$NtServicePackUninstall$\netbt.sys -----c- 162816 bytes [02:11 14/09/2008] [10:00 10/08/2004] 0C80E410CD2F47134407EE7DD19CC86B
    C:\WINDOWS\ServicePackFiles\i386\netbt.sys ------- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D
    C:\WINDOWS\system32\dllcache\netbt.sys --a---- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D
    C:\WINDOWS\system32\drivers\netbt.sys --a---- 162816 bytes [01:54 14/09/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D

    -= EOF =-
     
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Let's go head and run this:

    Please download Farbar Service Scanner
    • Check Include all files option
    • Press the Scan button
    • Log named FSS.txt will be created in the same directory as the tool
    • Please paste the log into your next reply
    -------------------------
    New Holiday Notice! I will not be working on the threads Sat. Dec. 31 or Sunday Jan. 1 I will begin with the oldest threads first on Monday. I will do my best to get you finished or as far along as I can before that. Please do not send a PM during those days.
     
  4. 952SF

    952SF TS Rookie Topic Starter Posts: 34

    Hope you have/had a good New Years.

    Thanks.

    FSS.txt

    Farbar Service Scanner
    Ran by (administrator) on 30-12-2011 at 21:19:19
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Yahoo IP is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Security Center:
    ============

    Windows Update:
    ===========

    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit

    Extra List:
    =======
    Gpc(6) IPSec(4) NetBT(5) NwlnkIpx(9) NwlnkNb(10) PSched(7) Tcpip(3)
    0x0C000000040000000100000002000000030000000B0000000C00000005000000080000000600000007000000090000000A000000

    **** End of log ****
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Well there is is-big as life: C:\WINDOWS\system32\wuauserv.dll => MD5 is legit

    I will ask Broni to have a look at it Monday- see if there is anything we need to do.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.