NT Kernel?

Discussion in 'Software' started by Denise_M, Apr 18, 2006.

  1. Denise_M

    Denise_M MajorGeek

    Every since I installed Sygate firewall, I constantly receive a message that states

    I Googled NT Kernel and it's appears that NT Kernel involves Windows NT, and I have Windows XP.

    Why is a Windows NT program trying to access my pc?

    I use RegSeeker and PC onPoint at least once a week.

    What can I do, what settings can I change, so that ntoskrnl.exe will stop attemtping to access my pc?

    What setting(s) do I need to change to stop receiving the message. It pops up every few minutes even though I check the "do not show this message again" box and it's getting to be a pain.

    Denise
     
  2. Just Playin

    Just Playin MajorGeek

    ntoskrnl.exe is the core of the Windows NT, 2000 and XP operating systems. It is not something from outside attacking your PC. Go ahead and deny it internet access, it doesn't need the internet to function.
     
  3. Toni_1947

    Toni_1947 Command Sergeant Major

    More info:
    http://soho.sygate.com/alerts/XP_default_TCP445_open.htm

    Sygate Security Alert

    Windows XP default install with TCP 445 open
    Description:
    TCP/UPD port 445 (used for filesharing and is opened by ntoskrnl.exe) is open by default on a freshly installed XP box. The attack is serious since it work remotely and can make the CPU usage 100% in less than 20 Seconds.

    Impact:
    Remote DOS attacks with SYN Flag. Make CPU usage 100%

    Sygate Recommendations:
    Sygate SSE and SPF Security Agents will block all ports and protocols exposed to the internet by ntoskrnl.exe. DOS attacks aimed at port 445 including SYN floods are denied with no adverse affect to Windows XP.
    Thanks to www.safehack.com for the disclosure of this serious exploit.
     
  4. Denise_M

    Denise_M MajorGeek

    Thanks for the URL, Tony.

    Is there a setting in Sygate that I can change so that the window doesn't continue to open. Clicking on "do not show this window again" doesn't work.

    Denise
     
  5. Toni_1947

    Toni_1947 Command Sergeant Major

    I believe you would handle it like this:
    Next time you get the pop-up .. just make sure you place a check beside "always use this answer" and then click on "NO". You might get a small popup that it blocked it but it will go away on it's own quickly.

    ;)
     
  6. Denise_M

    Denise_M MajorGeek

    Hi Tony,

    The box that shows up for NT Kernel is different that the box that opens for other items. . . maybe because it's dangerous. For most things, I get a rectangular white box on my screen that explains the program that's trying to gain access to my pc, such as Microsoft for an update to SP2. The box for NT Kernel is blue and it automatically pops up near my system tray, and it looks like the white boxes that open when I click on any icon in my system tray. I don't click on anything for the blue NT Kernel box to open. Sygate opens it. All it says is:

    "An application named NT Kernel and System (file name ntoskrnl.exe) has been blocked from accessing the network."

    There is only 1 box to check . . . "do not show this window again" and I place a check mark (at least 100 times) in that box but it continues to pop up when NT Kernel is attempting to gain access. I've looked around some of the settings in Sygate but none seem to relate to this type of action by Sygate. If there is one, I'd like to disable the pop-up after I check the box to not show me this window again, but I don't want to disable Sygate from stopping dangerous file types from accessing my pc.

    Denise
     
  7. Mada_Milty

    Mada_Milty MajorGeek

    Please see this thread for a discussion on your problem.

    I get the same thing, but never bothered to fix it.
     
  8. Denise_M

    Denise_M MajorGeek

    Thanks for the info, Tony. I saw that box but I didn't want to check it because I don't want Sygate to not show me the rectanular white boxes that ask me if I want to allow a program access to my pc. If I get no more white boxes, then I'll uncheck the box because there are some that I want to have access and others that I don't want to have access. If just the blue box stops popping up, I'll let you know as it could help someone else.

    Denise
     
  9. Just Playin

    Just Playin MajorGeek

    Those pop-ups are asking you to allow your programs on your computer to gain access to the internet. Check that box and it will still ask you for permission whenever a program tries to access the internet for the first time. It just stops the pop-ups for the program after you make the decision to allow or deny it access.
     
  10. Denise_M

    Denise_M MajorGeek

    After turning off notifications as discussed in my last post, I've received no pop-up boxes, neither the usual white ones that ask for permission to access the network nor the blue box that tells me that "An application named NT Kernel and System (file name ntoskrnl.exe) has been blocked from accessing the network."

    Denise
     
  11. Just Playin

    Just Playin MajorGeek

    Don't worry. Turning off notifications doesn't disable the white permissions box. I have Sygate on my kids computer and it still get the pop-ups that ask me for permission whenever a new program tries to access the network.
     
  12. Denise_M

    Denise_M MajorGeek

    Yup, that's what happened. The white boxes are appearing but not as often, probably because it didn't need a yes or no answer from me because i'd already told it to allow or not allow, and the NT Kernel blue box no longer shows up. It was smooth sailing on the net today . . . Thanks!

    Denise
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds