Daniel Bucherer [MS]
Guest
|
 Posted:
Wed Oct 13, 2004 12:55 pm Post subject:
Re: info. about ntosknl.exe |
|
|
Hi,
Pat [MSFT] wrote:
| Quote: | That is the Windows Kernel. If you have installed a driver that makes
network calls, you will see this. Not sure if you should be
concerned as it depends on if you know what has been installed, what
the request is and where it is requesting to go. You could use
NetMon to monitor the network traffic and see what the issue is.
Pat
"Danny" <Danny@discussions.microsoft.com> wrote in message
news:458F744F-6B2D-4B78-B117-F7802B5A1EF5@microsoft.com...
I am running Windows 2000 on four computers thru a hub with Sygate
personal
fire wall. On one of the computers Sygate some times blocks the
ntosknl.exe.
|
hmmmm - are you sure about this spelling?
Because if this is "ntosknl.exe" and not "ntoskrnl.exe", then this is NOT
the Kernel, but some program desperately trying to hide itself as the
kernel.
Also it is highly unlikely that the real kernel would EVER appear as a
process to Sygate Firewall.
I strongly think that this is either something malicious OR an internal
problem in the firewall. The first option seems the most reasonable
assumption. If you can, try to perform an offline virus scan on the system.
Cheers,
Daniel
| Quote: | Why? Does this file need to access the network? If so why? Should I
be concerned? What does this ntosknl.exe file do?
--
Thanks
I appreciate the help. |
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in