fire wall. On one of the computers Sygate some times blocks the ntosknl.exe.
Why? Does this file need to access the network? If so why? Should I be
concerned? What does this ntosknl.exe file do?
--
Thanks
I appreciate the help.
info. about ntosknl.exe
3 posts
• Page 1 of 1
info. about ntosknl.exe
by Danny » Mon Oct 11, 2004 8:55 am
I am running Windows 2000 on four computers thru a hub with Sygate personal
--
Thanks
I appreciate the help.
--
Thanks
I appreciate the help.
- Danny
Re: info. about ntosknl.exe
by Pat [MSFT] » Tue Oct 12, 2004 3:11 am
That is the Windows Kernel. If you have installed a driver that makes
network calls, you will see this. Not sure if you should be concerned as it
depends on if you know what has been installed, what the request is and
where it is requesting to go. You could use NetMon to monitor the network
traffic and see what the issue is.
Pat
"Danny" <Danny@discussions.microsoft.com> wrote in message
news:458F744F-6B2D-4B78-B117-F7802B5A1EF5@microsoft.com...
network calls, you will see this. Not sure if you should be concerned as it
depends on if you know what has been installed, what the request is and
where it is requesting to go. You could use NetMon to monitor the network
traffic and see what the issue is.
Pat
"Danny" <Danny@discussions.microsoft.com> wrote in message
news:458F744F-6B2D-4B78-B117-F7802B5A1EF5@microsoft.com...
I am running Windows 2000 on four computers thru a hub with Sygate personal
fire wall. On one of the computers Sygate some times blocks the
ntosknl.exe.
Why? Does this file need to access the network? If so why? Should I be
concerned? What does this ntosknl.exe file do?
--
Thanks
I appreciate the help.
- Pat [MSFT]
Re: info. about ntosknl.exe
by Daniel Bucherer [MS] » Wed Oct 13, 2004 12:55 pm
Hi,
Pat [MSFT] wrote:
hmmmm - are you sure about this spelling?
Because if this is "ntosknl.exe" and not "ntoskrnl.exe", then this is NOT
the Kernel, but some program desperately trying to hide itself as the
kernel.
Also it is highly unlikely that the real kernel would EVER appear as a
process to Sygate Firewall.
I strongly think that this is either something malicious OR an internal
problem in the firewall. The first option seems the most reasonable
assumption. If you can, try to perform an offline virus scan on the system.
Cheers,
Daniel
Pat [MSFT] wrote:
That is the Windows Kernel. If you have installed a driver that makes
network calls, you will see this. Not sure if you should be
concerned as it depends on if you know what has been installed, what
the request is and where it is requesting to go. You could use
NetMon to monitor the network traffic and see what the issue is.
Pat
"Danny" <Danny@discussions.microsoft.com> wrote in message
news:458F744F-6B2D-4B78-B117-F7802B5A1EF5@microsoft.com...
I am running Windows 2000 on four computers thru a hub with Sygate
personal
fire wall. On one of the computers Sygate some times blocks the
ntosknl.exe.
hmmmm - are you sure about this spelling?
Because if this is "ntosknl.exe" and not "ntoskrnl.exe", then this is NOT
the Kernel, but some program desperately trying to hide itself as the
kernel.
Also it is highly unlikely that the real kernel would EVER appear as a
process to Sygate Firewall.
I strongly think that this is either something malicious OR an internal
problem in the firewall. The first option seems the most reasonable
assumption. If you can, try to perform an offline virus scan on the system.
Cheers,
Daniel
Why? Does this file need to access the network? If so why? Should I
be concerned? What does this ntosknl.exe file do?
--
Thanks
I appreciate the help.
- Daniel Bucherer [MS]
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 1 guest